News: 2015 Archives

The Security Reading Room: The Best Information Security Books of 2015

  • Ben Rothke
  • RSA Conference Blog
  • December 23, 2015

Excerpt

Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World: Bruce Schneier could have justifiably written an angry diatribe full of vitriol against President Obama, his administration, and the NSA for their wholesale spying on innocent Americans and violations of myriad laws and the Constitution. Instead, he has written a thoroughly convincing and brilliant book about big data, mass surveillance and the ensuing privacy dangers.

Read More →

Audio: Bruce Schneier on the Golden Age of Surveillance

  • Mo Lotman
  • The Technoskeptic
  • December 22, 2015

Internet security expert, privacy advocate, and author Bruce Schneier speaks with the Technoskeptic about the public-private surveillance partnership that monitors everything we do, and what needs to happen in order to restore our privacy.

Listen to the Audio on TheTechnoskeptic.com

Read More →

Cyberattack Prediction: Hackers Will Target a US Election Next Year

  • Stephen Lawson
  • CSO
  • December 18, 2015

A major cyberattack next year will target a U.S. election, security expert Bruce Schneier predicts.

The attack won't hit the voting system and may not involve the presidential election, but the temptation for hackers is too great, even in state and local races, said Schneier, a computer security pioneer and longtime commentator.

"There are going to be hacks that affect politics in the United States," Schneier said.

Read More →

Video: Bruce Schneier Receives the Business Leader in Cybersecurity Award from Boston Global Forum

  • Boston Global Forum
  • December 13, 2015

Bruce Schneier was honored as the Business Leader in Cybersecurity by the Boston Global Forum, for dedicating his career to the betterment of technology security and privacy.

Mr. Schneier attended and sent his acceptance speech remotely via online conference.

Watch the Video on BostonGlobalForum.org

Read More →

Holiday Gift Guide: Good Reads Worth the Investment

  • Scott Neufeld
  • Vancouver Sun
  • December 4, 2015

Excerpt

Data and Goliath
by Bruce Schneier
W. W. Norton & Company

From the moment you wake up, you start generating data. Your phone tracks your movements. Your purchases signal whether you’re sick or pregnant or going on vacation.

Read More →

Datenschutz in Rücklage

  • Hansueli Schöchli
  • Neue Zürcher Zeitung
  • December 12, 2015

Hansueli Schöchli reviewed the German edition of Data and Goliath for Neue Zürcher Zeitung.

Read the Review on NZZ.ch

Read More →

Video: Making Your Mark as a CISO: Ask Bruce, Episode Four

  • ResilienTV
  • November 20, 2015

Being a CISO is often a tenuous, highly political job—and for security matters, the buck stops with you. In this interview, Bruce Schneier offers strategies for making your mark on your organization.

Watch the Video on ResilientSystems.com

Read More →

Rolling Back Mass Surveillance

  • Kaydee
  • Engineering Ethics Blog
  • November 16, 2015

Bruce Schneier is a man worth listening to. In 1993, just as the Internet was gaining speed, he wrote one of the earliest books on applying cryptography to network communications, and has since become a well-known security specialist and author of about a dozen books on Internet security and related matters. So when someone like Schneier says we're in big trouble and we need to do something fast to keep it from getting worse, we should at least pay attention.

The trouble is mass surveillance.

Read More →

Video: Today’s Trends in Cyber Resilience: Ask Bruce, Episode Three

  • ResilienTV
  • November 2, 2015

"Cyber resilience" has emerged as the standard cybersecurity teams are striving for. Resilient Systems CTO and security expert Bruce Schneier explains what's driving cyber resilience, and offers steps and strategies for improving cyberattack preparedness and resilience.

Watch the Video on ResilientSystems.com

Read More →

Video: A Conversation with Bruce Schneier

  • CyberSeed 2015
  • October 29, 2015

Bruce Schneier spoke at CyberSeed 2015: Emerging Cybersecurity Trends in Cloud, IoT and Mobility.

Watch the Video on YouTube

Read More →

Video: Incident Response and the Rise of Organizational Doxing: Ask Bruce, Episode Two

  • ResilienTV
  • October 13, 2015

In the wake of the cyberattacks on Sony and Ashley Madison, it's clear that organizational doxing—the act of hacking into a business and releasing private information like executive and employee emails or salary information —is a rising threat for businesses.

Resilient Systems CTO and security expert Bruce Schneier explores the trend and how security teams can prepare for a doxing attack.

Watch the Video on ResilientSystems.com

Read More →

Video: Automation in Incident Response: Ask Bruce, Episode One

  • ResilienTV
  • October 8, 2015

Resilient Systems CTO and security expert Bruce Schneier explores how security pros can intelligently leverage automation to empower incident response teams to mitigate cyberattacks faster and more effectively.

Watch the Video on ResilientSystems.com

Read More →

Data Privacy, One of These Days

  • Hiawatha Bray
  • BetaBoston
  • October 7, 2015

For some odd reason, data privacy maven Bruce Schneier is an optimist. It's odd because, according to Schneier, there's practically no such thing as data privacy. Just about everything we do these days is under some form of electronic surveillance, with governments and corporations eager to record and analyze our every action.

But when Schneier holds forth on Friday at Harvard University, as part of the ongoing HUBweek festivities, he'll reassure his listeners that the cause is not lost, that our online privacy will someday be ensured.

Read More →

Video: Adam Ruins Security

  • Adam Ruins Everything
  • October 5, 2015

Bruce Schneier appeared on an episode of truTV's "Adam Ruins Everything."

Watch the Trailer on YouTube

Read More →

Q&A with Bruce Schneier: What if Your Law Firm Is the Next Ashley Madison?

  • Robert Hilson and David Austin
  • Logikcull Blog
  • September 16, 2015

If the subject is security, chances are Bruce Schneier has an opinion on it, and that opinion has been published somewhere—on his blog, in the New York Times, on the BBC,  in the Guardian, in Wired, in one of his 13 books. You get the point. On security, Schneier is among the most well-known and most prolific authorities in the world. Since coming to prominence in the mid-90s through his writings on cryptography, he has testified on the floor of Congress, served on several government committees, coined the term 'security theater' in the wake of 9/11, and hooked a global following of some quarter-million readers through his website and newsletter alone.

Read More →

Audio: How Big Brother Snuck Up On Us

  • Jane Karowski
  • The Social Network Station
  • September 7, 2015

Listen to the Audio on TheSocialNetworkStation.com

Show Recap

The episode in brief:

  • Bruce Schneier talks about privacy and security
  • His new book Data and Goliath
  • The hidden battles to collect your data and control your world
  • The nonsense of data vs. metadata
  • Why privacy is not a changeable social norm
  • The harm ubiquitous mass surveillance does to our society
  • TheSocialNetworkStation.com/shows/the-social-network-show/

Astute regular listeners may have observed that Dr. J is becoming more and more intrigued with the related issues of privacy and security. These apply to online and mobile phone technology. Both are thoroughly involved in communicating with your social networks.

Read More →

Data and Goliath by Bruce Schneier (Book Review)

  • Martin Casserly
  • Living with the Future
  • September 5, 2015

Excerpt

Data and Goliath is a fascinating exploration of this post-Snowden world we live in. It shows how the back-doors that technology companies were forced to implement for the NSA, have actually become weapons for other agencies and hackers to use. We're taken through the murky world of international espionage, and shown how we have all become collateral damage in this digital arms race. Schneier also explains that even when we try to protect ourselves by leaving Facebook or Gmail, the fact that our friends and relatives still use them means we're caught up in this global informational dragnet.

Read More →

Audio: Security and Privacy with Bruce Schneier

  • Software Engineering Daily
  • September 3, 2015

“What we learn again and again is that security is less about what you think of, and more about what you didn’t think of.”

Questions

  • In Data and Goliath, what are the motives of different goliaths?
  • Why is the Ashley Madison case a watershed moment in security?
  • Do you still feel we should break up the NSA?
  • Will Google and Amazon become military contractors?
  • How can we defend ourselves from DOS attacks from refrigerators?
  • When we put processors in refrigerators, and cars, and thermostats, are we increasing the attack surface, and our vulnerabilities faster than we are improving our utility?

Listen to the Audio on SoftwareEngineeringDaily.com

Read More →

Internet das Coisas Poderá Criar Caos Em Segurança Digital, Diz Especialista

  • Yuri Gonzaga
  • Folha de S.Paulo
  • August 25, 2015

Um hacker pode invadir uma smarTV, uma geladeira com internet ou outro tipo de produto da chamada "internet das coisas" e, uma vez com acesso, roubar informações de um computador ou de um celular que estiverem conectados à mesma rede. E, por causa da propagação desse tipo de aparelho, nossa segurança digital pode ficar (ainda) mais vulnerável a criminosos.

Essa é a visão de Bruce Schneier, considerado por alguns o maior especialista em segurança na internet no mundo, que vem ao Brasil nesta semana para falar durante um evento de tecnologia, o Mind the Sec.

"Não há um motivo para que uma geladeira conectada não sirva de porta para um outro dispositivo, seja seu celular ou seu computador", disse em entrevista à Folha.

Read More →

"A Lot of Attacks from Western Countries Go through China," Says Bruce Schneier

  • Graeme Burton
  • Computing
  • August 20, 2015

The attack on Sony Pictures over the film The Interview was perpetrated by North Korea, according to security expert Bruce Schneier.

The former chief technology officer of BT Managed Security Solutions, now CTO at Resilient Systems, had expressed scepticism at the time of the attack that the secretive dictatorship had been behind the attack, motivated by the theme of the film: two hapless American agents who were supposed to assassinate the country's leader, Kim Jong-un.

But in a video keynote speech at LinuxCon 2015, Schneier claimed that he had changed his mind. "Many of us, including myself, were skeptical for several months.

Read More →

​Bruce Schneier: The Cyberwar Arms Race Is On

Security expert says we're in a cyberwar arms race, and with the Sony attack, North Korea has already taken the first shot at the United States.

  • Steven J. Vaughan-Nichols
  • ZDNet
  • August 20, 2015

LinuxCon is about Linux, cloud, and containers, but it's also about security. In the past year, programmers have been reminded that merely being "open-source" doesn't mean that your code is safe. Assuming you're secure is a mistake. Because, as security maven Bruce Schneier explained to the LinuxCon audience via Google Hangouts, we're in a cyber-arms race.

Read More →

Bruce Schneier: "We're in Early Years of a Cyber Arms Race"

  • Neil McAllister
  • The Register
  • August 19, 2015

Security guru Bruce Schneier says there's a kind of cold war now being waged in cyberspace, only the trouble is we don't always know who we're waging it against.

Schneier appeared onscreen via Google Hangouts at the LinuxCon/CloudOpen/ContainerCon conference in Seattle on Tuesday to warn attendees that the modern security landscape is becoming increasingly complex and dangerous.

"We know, on the internet today, that attackers have the advantage," Schneier said. "A sufficiently funded, skilled, motivated adversary will get in.

Read More →

Video: Private Thoughts – Bruce Schneier on the Ephemeral, Privacy, and Data

  • Bruce Schneier
  • Restore the Fourth
  • August 18, 2015

Private Thoughts sat down with Bruce Schneier at the Electronic Frontier Foundation’s 25th anniversary party in July. Schneier is an internationally renowned security technologist and author of 13 books. He discussed the effects of the loss of ephemeral communication and the ease of data collection and storage.

Watch the Video on RestoreTheFourthSF.com

Read More →

The New America: Little Privacy, Big Terror

  • David Cole
  • The New York Review
  • August 13, 2015

Excerpt

In Data and Goliath, Bruce Schneier, a security technologist and fellow at Harvard Law School, explores what it means to have entered the age of mass surveillance. Our data are collected in the first instance by private corporations, but are increasingly exploited, as Edward Snowden has shown, by government intelligence agencies. The NSA didn't have to build from scratch a vast database on billions of innocent citizens the world over, Schneier explains, because private corporations had already done so. All the NSA needed was access.

Read More →

Bruce Schneier on Security Metrics that Matter

  • David Spark
  • Tenable Blog
  • August 10, 2015

"I like to measure the performance of the team," said Bruce Schneier (@schneierblog), CTO of Resilient Systems, Inc., in our conversation at the 2015 Black Hat Conference in Las Vegas. "I like to see metrics about people, about process, about technology. There isn't one metric that works since it's such a complicated and moving target... Right now companies have to use the data that they have to figure out if their teams are effective."

Schneier feels that certain metrics, such as blocked attacks, don't really provide a gauge of how secure you are.

Read More →

Video: Bruce Schneier on Jeep Hack and Encryption

  • Boom Bust
  • August 7, 2015

Boom Bust correspondent Bianca Facchinei sits down with Bruce Schneier – chief technology officer at Resilient Systems, Inc. and fellow at the Berkman Center for Internet and Society at Harvard Law School – at the Black Hat conference in Las Vegas. Bruce gives us his take on the infamous 2014 Jeep Cherokee hack and tells us how government surveillance impacts social movements.

Watch the Video on YouTube

Read More →

Video: How Vulnerable are Airlines to Hackers?

  • Bloomberg Business
  • August 7, 2015

Resilient Systems CTO Bruce Schneier discusses the vulnerability of airlines to hackers with Bloomberg's Emily Chang at the Def Con hacking convention in Las Vegas.

Watch the Video on Bloomberg.com

Read More →

Bruce Schneier: "Hacking Team is a Dangerous Company"

The American security guru fears that the diffusion of the software could be used by criminal groups

  • Stefania Maurizi
  • L'Espresso
  • July 29, 2015

This interview also appeared in Italian.

You wrote in your blog: "I don't think the company is going to survive". However, at least in Italy and in the US Hacking Team has powerful sponsors...Will they survive?
«It remains to be seen. We know from the leaked documents that they have sold their products to the most repressive governments in the world...and overcharged them whenever possible.

Read More →

Bruce Schneier: It’s Time to Start Prioritizing IT Security

Cyberattacks are getting more frequent, sophisticated and successful. Can organizations adapt security choices to cope better?

  • Daniel Dern
  • Work Intelligent.ly
  • July 24, 2015

Nobody would disagree that IT security is necessary.

At minimum, it's needed to satisfy relevant government and industry compliance regulations, along with your insurance company, investors, suppliers, customers and other business partners. At most, it also protects your data and systems from much-dreaded cyberattacks.

The hard part lies in the details.

Read More →

Bruce Schneier: Get Ready for More "Organizational Doxing"

  • Chad Hemenway
  • Cyber Risk Network
  • July 21, 2015

Bruce Schneier has been writing about security issues on his blog, his blog, Schneier on Security, since 2004, and in a monthly newsletter since 1998. He writes books, articles, and academic papers. Currently, he is the Chief Technology Officer of Resilient Systems, a fellow at Harvard's Berkman Center, and a board member of Electronic Frontier Foundation.

What do you see as the greatest cyber risks today?

I don't like ranking risks, and I worry that concentrating on the 'greatest' risk obscures all of the other risks. Basically, the big cyber risks are what everyone is talking about.

Read More →

Infosec Influencers: An Interview with Bruce Schneier

  • David Bisson
  • Tripwire
  • July 16, 2015

This week, as part of our new 'Infosec Influencer' series, I had the pleasure of sitting down with Bruce Schneier, an internationally renowned security technologist and one of The State of Security's Top Influencers in Security You Should Be Following in 2015. He has written 12 books, including Liars and Outliers: Enabling the Trust Society Needs to Thrive, not to mention published hundreds of articles and essays. His blog has is read by over 250,000 people, and he is regularly quoted by the press. Additionally, he regularly testifies before Congress and is an advisory board member for EFF and EPIC, among other organizations.

Read More →

Is iPhone Banking Safe? An Expert Answers

  • Tom Gerencer
  • Money Nation
  • July 15, 2015

iPhone and mobile banking can feel like setting foot in the jungle: You don't know what's in there, but you suspect a lot of it's not good. We hear a lot of terms thrown around when it comes to iPhone banking security: 128 bit encryption, two factor authentication, security dongles—and a lot of scary anecdotes about millions of credit card account numbers being stolen from this or that company. Getting to the bottom of whether iPhone banking is safe can be confusing at best. So is iPhone banking safe?

Read More →

Bruce Schneier: IT Teams Need Cyberattack Response Planning More Than Prevention

  • Libby Clark
  • Linux.com
  • July 14, 2015

Corporate and government IT teams have been rushing to prevent the kind of large-scale cyberattack experienced recently by Sony Pictures, Blue Cross, Anthem, Target, Home Depot and the U.S. Department of the Interior, among others. In each of these cases, hackers from locations around the globe were able to gain access to computer networks housing sensitive information, accounts, and personal data, such as the social security and credit card numbers of consumers and employees. The consequences of such security breaches can be devastating.

Read More →

Bruce Schneier: David Cameron's Proposed Encryption Ban Would 'Destroy the Internet'

  • Rob Price
  • Business Insider
  • July 6, 2015

A highly respected cryptographer and security expert is warning that David Cameron's proposed ban on strong encryption threatens to "destroy the internet."

Last week, the British Prime Minister told Parliament that he wants to "ensure that terrorists do not have a safe space in which to communicate."

Strong encryption refers to the act of scrambling data in such a way that it cannot be understood by anyone without the correct key or password — even law enforcement with a warrant, or the software manufacturer itself. It's used in some of the most popular tech products in the world, including the iPhone, WhatsApp messenger, and Facebook.

But amid heightened terror fears, Cameron says "we must look at all the new media being produced and ensure that, in every case, we are able, in extremis and on the signature of a warrant, to get to the bottom of what is going on."

The Prime Minister first indicated that he would try and clamp down on secure communications that could not be decrypted by law enforcement even with a warrant back in January, in the aftermath of the Charlie Hebdo shootings in Paris. His comments sparked an immediate flurry of condemnation from privacy and security activists, but his recent statements show he's not backing down.

Read More →

What’s to Be Done about Data? Q&A with Bruce Schneier

  • Straight Talk
  • July 6, 2015

Bruce Schneier has been called a "security guru" by the Economist. He has written 13 books and hundreds of articles, and his influential newsletter Crypto-Gram and his blog Schneier on Security have over 250,000 readers. He has testified before the U.S. Congress, is a frequent guest on television and radio, and has served on several U.S.

Read More →

I Read “Data and Goliath” Because of Barbara Fister

  • Joshua Kim
  • Inside Higher Ed
  • July 6, 2015

I'm interested how we choose the books we read. Here is my request to you. Please keep track of, and share with our IHE community, how you select your books.

For one of the recent books that I read I can definitely share my book selection process.

Read More →

This Security Expert Reckons Mass Surveillance Doesn't Stop Terror Attacks

  • Felix Macherez
  • Vice
  • June 26, 2015

This interview originally appeared in French on VICE France.

Today's terrorist attack in the Rhône-Alpes region of France, involving the decapitation of a man, has been met with widespread horror and condemnation. So have those in Tunisia, killing 28, and another in Kuwait killing 25. These horrific events are sure to fuel discussion about how to stop this kind of atrocity happening again.

Following January's Charlie Hebdo attacks in Paris, the French government decided to expedite a new surveillance law.

Read More →

Terrifying Action Movie Plots About… Encryption

  • Amy X. Wang
  • Slate
  • June 16, 2015

Imagine this: It's the morning of Election Day, 2020. Americans across the country cast secure, encrypted votes from their smartphones and laptops, electronically choosing their president for the first time in history. Turnout reaches record highs. Live results online show that it's a close race between the two leading candidates.

Read More →

Library Journal Review of Data & Goliath

  • Candice Kail
  • Library Journal
  • June 15, 2015

Starred Review

Schneier, a fellow at Harvard’s Berkman Center for Internet and Society, has written an exceptionally readable yet thoroughly chilling book about the dangers of the ubiquitous mass surveillance we face thanks to modern life. While the author focuses on the United States, the rest of the world is largely capable of nearly the same levels of surveillance thanks to the openness of the Internet and the availability of cell phones. Schneier describes the types of data being collected about us, stemming from our interactions, activities, purchases, and where we go. As he competently explains, this “metadata” provides those collecting it with the entire framework of our existence: who we converse with and the duration of the conversation, the things we read (especially electronically), and what we buy.

Read More →

20 Top Security Influencers

  • Jessica Vartabedian
  • eSecurity Planet
  • June 11, 2015

Excerpt

With so much going on in the enterprise security space, it can be hard to keep up with the flow of information and to know where to turn for actionable advice. This list of security experts, selected by eSecurityPlanet, is a good place to start.

All are active bloggers and even more active as Twitter users. These thought leaders have a variety of backgrounds, numerous years of experience and unique viewpoints.

Read More →

Audio: Cybersecurity: Are We Ever Safe From Hackers?

  • BBC
  • June 8, 2015

The number of cyber attacks happening every year is on the rise. We speak to Bruce Schneier, chief technology officer at the IT company Resilient Systems and a fellow at Harvard's Berkman Center for the Internet and Society, about why it can take months before a company or organisation even realises it is under attack, and why so many are unprepared. Also, Wil van Gemert, deputy director of operations at Europol, tells us what European law enforcers are doing about it. He says it is now possible to buy "malware," or malicious software meaning that anyone can become a cyber criminal.

Read More →

Review: Data and Goliath by Bruce Schneier

  • Christy Quinn
  • Strife
  • June 5, 2015

Bruce Schneier, Data and Goliath: The Hidden Battles to Capture Your Data and Control Your World. New York, NY: W.W. Norton., 2015. Pp. 400.

Read More →

Surveillance, Bulk Data Collection and Intelligence: an Interview with Bruce Schneier

  • Christy Quinn
  • Strife
  • June 5, 2015

Bruce Schneier is an internationally renowned security technologist and the author of 13 books—including 'Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World'—as well as hundreds of articles, essays, and academic papers. Schneier is a fellow at the Berkman Center for Internet and Society at Harvard Law School, a program fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the Chief Technology Officer at Resilient Systems, Inc. You can follow him on Twitter @schneierblog

Christy Quinn: As of Tuesday, President Obama has just signed the USA Freedom Act into law, banning the NSA's bulk collection of telephony metadata. Do you think this marks the acceptance amongst security officials and policymakers in the US that there need to be limits to metadata collection?

Bruce Scheier: It's certainly a watershed moment, because it's the first time the US government has placed limitations on the NSA's metadata collection. The limitations are minimal, and won't have much actual effect on the surveillance of Americans by the NSA.

Read More →

We Stand on the Brink of Global Cyber War, Warns Encryption Guru

Schneier: Sony hack "high skill, high focused"

  • John Leyden
  • The Register
  • June 4, 2015

We are in the early years of a cyber war arms race, security guru Bruce Schneier warned delegates at the Infosecurity Europe exhibition on Wednesday.

Schneier, CTO of Resilient Systems, said the much publicised Stuxnet attacks on Iran by the US and Israel in 2010, Iran's attack on Saudi Aramco, China's apparent role in hacking GitHub, and the North Korean assault on Sony Pictures last year are all examples of the phenomenon.

"These nations are building up for cyber war and now we're all in the blast radius," he warned, while speaking in London.

Most of these attacks — including Stuxnet and the assault on GitHub — inflict collateral damage, Schneier told El Reg, adding that cyber attacks are likely to become mainstream aspect of many conflicts.

Read More →

We Are in Early Years of International Cyber War Arms Race, Says Security Expert Bruce Schneier

Countries are not attacking each other but striking at the IT infrastructure of enterprises in rival states, says security pundit Bruce Schneier

  • Warwick Ashford
  • ComputerWeekly
  • June 4, 2015

Cyber attacks—such as that on Sony Pictures in 2014—suggest the world is in the early stages of a cyber war arms race.

So said Bruce Schneier, chief technology officer of Resilient Systems: "We are in the early years of a cyber war arms race. 

"There is a lot of nation state rhetoric, and we are seeing a lot of nation state attacks against non nation states," he told Infosecurity Europe 2015 in London.

Schneier cited North Korea's attack on Sony Pictures, China's attack on Github and Iran's attack on Saudi Aramco as examples.

Read More →

Video: Expert: TSA Airport Security Is "A Lot of Theater"

  • CNN
  • June 2, 2015

The "smart bad guys" figure out how to get around TSA, says security technologist and Harvard Law School fellow Bruce Schneier.

Watch the Video on CNN.com

Read More →

EPIC Lifetime Achievement Award

  • EPIC
  • June 1, 2015

Bruce Schneier received a Lifetime Achievement Award at the Electronic Privacy Information Center's Champions of Freedom Event.

Read More →

Bruce Schneier on Privacy and the Data Free-for-All

  • Caleb Garling
  • Wired
  • May 26, 2015

Over the past two decades, few voices have shouted louder from the rooftops about global cybersecurity and digital privacy concerns than Bruce Schneier. He's the CTO of Resilient Systems, a board member of the Electronic Frontier Foundation (EFF) and has authored 14 books—his latest, Data and Goliath, was published in March.

As Facebook and Google have infiltrated our every waking moment, Schneier warns that these data giants, if left unchecked, could compromise the very principles of a democratic society. Web companies collect metrics like age, gender and social interests (to serve up better advertisements), while cellular networks track everyone's geolocation with homing devices we call smartphones.

Read More →

Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, by Bruce Schneier

Paul Bernal clicks with a maverick thinker who shows how business and governments are building a global surveillance network and how we can fight back

  • Paul Bernal
  • Times Higher Education
  • May 21, 2015

Investigating surveillance—whether corporate or governmental—can be a demoralising process. Those performing that surveillance, from the US' National Security Agency and the UK's Government Communications Headquarters (GCHQ) to Google and Facebook, are giants so overwhelmingly powerful that it seems too daunting to even contemplate taking them on. Their agendas may be even more terrifying: as Bruce Schneier observes, "The endgame of this isn't pretty: it's a global surveillance network where all countries collude to surveil everyone on the entire planet." What's more, he adds, the governments and the corporations are both in the same game: "It's a powerful feedback loop: the business model supports the government effort, and the government effort justifies the business model."

And yet, as the title of this book suggests, these giants are not invincible. Goliath was brought down to size—and here, Schneier attempts to set out how the new Goliaths might suffer a similar fate.

Read More →

Audio: Spy-wear?

  • BBC Tech Tent
  • May 15, 2015

Dr Chris Brauer from Goldsmiths, University of London, on how big brands want to sell us things via wearable devices. Bruce Schneier, security and privacy expert and author of the book "Data and Goliath", warns of the threat of companies and governments misusing data about us. Emily Bell, from the Tow Centre for Digital Journalism, on Verizon's buyout of AOL, and Facebook's instant articles. And Zoe Kleinman spends a night alone in a house full of robots.

Read More →

Audio: Stuxnet, Sexism, CEOs and Surveillance

  • Cybersecurity Initiative
  • May 14, 2015

New America's Peter Singer and Passcode's Sara Sorcher chat with Bruce Schneier, prolific author and chief technology officer at Resilient Systems, about the challenges of publicly blaming countries for cyberattacks—and whose job it should be to defend private companies against sophisticated nation-state attacks. They also hear from Nate Fick, the CEO of Endgame, a venture-backed security intelligence software company, about how he's leveraging cybersecurity solutions once produced just for the government into the private sector.

Wired's Kim Zetter, author of Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon, joins the panel discussion to talk about how the cyber operation on Iran's nuclear facilities launched a new era of warfare; the vulnerability of US critical infrastructure to Stuxnet-like weapons; and the gender diversity issues bedeviling the cybersecurity industry.

Listen to the Audio on NewAmerica.org

Read More →

Book Review: Data and Goliath, by Bruce Schneier

  • Paul Baccas
  • Virus Bulletin
  • May 11, 2015

This book has been difficult to review. It has proved tricky not because I didn't enjoy the book or because it was boring or badly written, but because it was so pertinent. Every time I went to write about it, a news story would emerge referencing the subject and I would find that my opinions of the news were influenced by the book and my opinions of the book were influenced by the news. This is an important topic and everyone should make up their own minds based on a decent knowledge and understanding of the issues.

Read More →

Book Review: Data and Goliath—You Don’t Have Any Secrets Anymore

  • John Scott G
  • Publishers Newswire
  • May 8, 2015

Privacy is becoming an antiquated concept. In “Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World” (ISBN: 9780393244816), security expert Bruce Schneier leads you through a labyrinth of surveillance that should scare the hell out of you.

Welcome to the NSA! We want to thank you for helping us with our collection of data about your work and personal habits. By using the computer, phone, public transportation, private vehicle, credit cards, library, banking systems, online shopping, or retail shopping, you are contributing to our data files.

Read More →

Audio: Data and Goliath: The Hidden Battles to Capture Your Data and Control Your World

  • Financial Sense Newshour
  • May 8, 2015

Cris Sheridan welcomes Bruce Schneier, Chief Technology Officer at Resilient Systems and author of Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World. Bruce writes "we are living in the golden age of surveillance" where almost everything we do is now being tracked and used without our knowledge. Bruce speaks with Cris about how much data we produce, the way corporations are using it, the problems associated with ubiquitous surveillance, and why this is a defining issue of our time.

Listen to the Audio on YouTube.com

Read More →

Audio: Schneier v. Baker Puts Mayweather v. Pacquiao in the Shade

  • Steptoe Cyberlaw Podcast
  • May 5, 2015

Episode 65 would be ugly if it weren't so much fun. Our guest is Bruce Schneier, cryptographer, computer science and privacy guru, and author of the best-selling Data and Goliath—a book I annotated every few pages of with the words, "Bruce, you can't possibly really believe this." And that's pretty much how the interview goes, as Bruce and I mix it up over hackbacks, whether everyone but government should be allowed to use Big Data tools, Edward Snowden, whether "mass surveillance" has value in fighting terrorism, and whether damaging cyberattacks are really infrequent and hard to attribute. We disagree mightily—and with civility.

Listen to the Audio on SteptoeCyberblog.com

Read More →

Review: ‘Data and Goliath’ Delves into Brave New World of Big Data, Hacking and Cyber Crime

  • Frank Cloutier
  • The Post and Courier
  • May 3, 2015

DATA AND GOLIATH. By Bruce Schneier. Norton. 365 pages. $27.95.

Read More →

Bruce Schneier's Data and Goliath—Solution or Part of the Problem?

  • Andrew Orlowski
  • The Register
  • May 3, 2015

Think of some of the ways the Enlightenment helped advance the human individual. The ability to shape your identity. The ability to own and control your stuff. Economic autonomy.

Read More →

"Against an Adequately Skilled, Adequately Funded Adversary, Our Defenses Don't Work"

Cryptologist Bruce Schneier tells RSA conference that focus should be on dealing with fallout of cyberattacks

  • Karlin Lillington
  • The Irish Times
  • April 30, 2015

Last year's massive cyberattack on Sony—presumed to have been a nation state attack orchestrated by North Korea—presents many of the most pressing issues of catastrophic risk, says well known cryptologist and author Bruce Schneier, chief security officer at security company Resilient. In a talk at the RSA security conference in San Francisco, Schneier considered the timeline of the attack, and the response to it. During the event, hackers penetrated Sony's network, stole data, and then embarrassed the company by slowly releasing private emails from executives, salary details, copies of unreleased films, and other sensitive information. The hack, which occurred over several weeks in November and December 2014, is believed to have been done in response to the studio's release of the Seth Rogen comedy The Interview, with a plot that revolves around a plan to assassinate North Korean leader Kim Jong-un.

Read More →

Identifying Perpetrators of Cyberattacks "Getting Tougher"

  • TradeArabia
  • April 29, 2015

Cybersecurity is becoming increasingly challenging as identifying attackers by their weaponry is difficult to their invisible nature wherein attacks can be launched by a group of hacktivist or sponsored by a nation, according to an expert.

Bruce Schneier, a leading voice on cybersecurity, said a majority of organisations and individuals use the same run-of-the-mill 'warlike weaponry' at a time when the attackers are largely unknown, cybercrime is becoming more difficult to combat.

While the IT security industry knows how to deal with high volume, low-focus attacks, security professionals must be resilient and ensure better management of incident responses in order for organisations to thrive even in the face of a cyberattack, he said.

During his keynote presentation at the third Gulf Information Security Expo and Conference (Gisec) held in Dubai recently, Schneier explained that organisations must create crisis management strategies that would allow them to respond quickly and effectively, while those responsible for the attacks are still being identified.

Read More →

Audio: Schneier on Security Resilience

Insights from Security Leader at GISEC Event in Dubai

  • Geetha Nandikotkur
  • InfoRisk Today
  • April 29, 2015

Listen to the Audio on InfoRiskToday.in

In developing markets such as Asia and the Middle East, how can security practitioners best prepare themselves to tackle the rapidly-changing threat landscape? Resilience is the key, says security leader Bruce Schneier.

The way to think about security is a combination of protection, detection and response, says Schneier, a fellow at the Berkman Center for Internet and Society at the Harvard Law School, USA. While there is a lot of prevention and detection technology, response is the missing piece, he says.

Read More →

Video: Schneier: Incident Response Management Key to Surviving a Data Breach

  • SearchSecurity
  • April 27, 2015

SAN FRANCISCO—Between Target, Home Depot, Sony Pictures and many others, 2014 was undeniably the year of the data breach, and companies are finally realizing the likelihood that they could be next.

"Last year was being called the 'year of the breach,'" said Bruce Schneier, CTO of Resilient Systems, formerly Co3 Systems. "Now, you and I know every year [has] been the year of the breach. But last year there were a bunch of really high-profile breaches where the companies involved did a terrible job of responding, that they were actually in chaos and it looked that way."

In this interview, recorded at the 2015 RSA Conference, SearchSecurity editorial director Robert Richardson sat down with Schneier to discuss Resilient Systems' contribution to improving enterprise incident response management in the coming year.

Read More →

Book Review: Data and Goliath (Bruce Schneier)

  • Carey Parker
  • Firewalls Don't Stop Dragons
  • April 25, 2015

I finally got around to finishing Bruce Schneier's latest bestseller: Data and Goliath. I've read a few of Bruce's books over the years (and own most of the rest, waiting patiently to be read). I've watched Bruce on many TV news segments, lectures, interviews, and web videos. I follow his blog and Twitter posts.

Read More →

Video: Cloud Computing Trade-Offs

  • David Spark
  • Tenable Blog
  • April 24, 2015

"As a business or as an individual you have to make a choice. Should I do this thing—whatever it is—on my computer and on my network or on a cloud computer on a cloud network," asked Bruce Schneier (@schneierblog), CTO of Resilient Systems, Inc., in our conversation at the 2015 RSA Conference in San Francisco.

Whatever you choose, you're going to be making a trade-off. Schneier recommends you first look at who your adversaries are.

Read More →

RSAC—Schneier Details Ways to Survive Catastrophic Attack

  • Dan Raywood
  • IT Security Guru
  • April 24, 2015

Catastrophic issues in security can occur, but there are ways to recover.

Speaking at RSA Conference in San Francisco, Bruce Schneier, CTO of Resilient Systems, highlighted the Sony Pictures attack as being an interesting case as it brings catastrophic risk uses to the fore, and not catastrophic as in a life ending sense, but in company terms.

He highlighted seven ways in which a catastrophic incident could be dealt with. Firstly he recommended keeping it internal to "incapsulate the catastrophic risk", secondly consider that attackers on two axes of skills and focus and with someone who is low skilled but has a high focus would use a basic APT, but in the case of Sony this was low skills and low targets.

Read More →

What Bruce Schneier Learned from the Sony Breach

  • Sean Michael Kerner
  • eSecurity Planet
  • April 22, 2015

After spending a lot of time thinking about the massive breach of Sony, security luminary Bruce Schneier came to a scary – but not really surprising – conclusion.

"The lesson is that we are all vulnerable. North Korea could have done it to anyone," said Scheier during a packed session at the RSA conference in San Francisco.

While the IT security industry knows how to deal with high volume, low-focus attacks, Schneier said, security professionals have trouble handling highly skilled and focused attackers, commonly referred to as advanced persistent threats (APTs).

Read More →

Audio: What Does It Take To Feel Secure?

  • TED Radio Hour (NPR)
  • April 17, 2015

Computer security expert Bruce Schneier says there's a big difference between feeling secure and actually being secure. He explains why we worry about unlikely dangers while ignoring more probable risks.

Listen to the Audio on NPR.org

Transcript

GUY RAZ, HOST:

It's the TED Radio Hour from NPR. I'm Guy Raz. And on the show today, we're exploring ideas about Maslow's hierarchy of human needs, and ranked at number two, security - the second step on the pyramid.

Read More →

What Do You Use to Get Stuff Done?

  • The Setup
  • April 14, 2015

Who are you, and what do you do?

I'm Bruce Schneier, security technologist. Basically, I think and work in the intersection of security, technology, and people. Most people think of me as a cryptographer, but these days I do more policy than anything else: security policy, privacy policy, the NSA and surveillance. I suppose that's the natural evolution of things.

Read More →

Audio: The Hidden Struggles to Control Your Data

  • Late Night Live (Australian Broadcasting Corporation)
  • April 14, 2015

Just how much of your life is being watched and tracked? Who has access to all this information and what are they doing with it?

Bruce Schneier, fellow at Harvard Law School, author of Data and Goliath, points out the danger is not only from corporations and governments, but also cybercriminals, when these institutions lose your details.

Listen to the Audio on ABC.net.au

Read More →

Schneier on “Really Bad” IoT Security: ‘It’s Going to Come Crashing Down’

  • Tim Greene
  • Network World
  • April 13, 2015

Security expert Bruce Schneier has looked at and written about difficulties the Internet of Things presents - such as the fact that the "things" are by and large insecure and enable unwanted surveillance—and concludes that it's a problem that's going to get worse before it gets better.

After a recent briefing with him at Resilient Systems headquarters in Cambridge, Mass., where he is CTO, he answered a few questions about the IoT and what corporate security executives ought to be doing about it right now. Here's a transcript of the exchange.

What should enterprises worry about when it comes to the Internet of things?

Everything.

Read More →

Video: Schneier: Turn Data Over to Those With Greatest Data Security Knowledge

  • Boom Bust
  • April 8, 2015

Erin Ade sits down with Bruce Schneier – security expert, author, and fellow at the Berkman Center for Internet and Society at Harvard Law School. Bruce tells us that a cloud service is safer than running your own data center when you are entrusting your data to a provider who understands security better than you do. And for most people this is definitely the case. Bruce also talks to Erin about state actors weakening security standards and about the security of various open source encryption options.

Read More →

Review of Data and Goliath

  • Bayard Kohlhepp
  • Computing Reviews
  • April 8, 2015

The Internet birthed unprecedented freedom of communication, interconnecting individuals from every corner of the globe and every walk of life. This free flow of information has the potential to establish a world of truly free and equal citizens, yet many politicians want to turn this technology inside out and use the Internet as a universal surveillance mechanism. This path would roll back centuries of civil rights and revive feudalism on a global scale. Sadly, this rush to oppression isn't restricted to some backwater dictator massaging his own ego.

Read More →

Ced Kurtz’s Techman Texts: Computer Surveillance Is a Trade-off

  • Ced Kurtz
  • Pittsburgh Post-Gazette
  • April 7, 2015

Bruce Schneier is a world-renowned cryptographer, computer security and privacy specialist, and author of numerous books on security. So when he speaks, TechMan tends to listen.

In his latest book, “Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World,” his point is well worth taking note of: Surveillance and data collections are a trade-off between individual value and group value. You give Google personal information in return for free search, free email, free maps and all the other free things Google provides.

Read More →

The Ends of Privacy

  • Jack Goldsmith
  • The New Rambler
  • April 6, 2015

"Over the past twenty years," complained Newsweek, the United States has become "one of the snoopiest and most data-conscious nations in the history of the world." Part of the problem is that "the average American trails data behind him like spoor through the length of his life." Another part of the problem is that the government and private firms "have been chasing down, storing, and putting to use every scrap of information they can find." These "vast reservoirs of personal information" are "poured into huge computers" and "swapped with mountains of other data from other sources" with "miraculous speed and capacity." As a result of these forces, "Americans have begun to surrender both the sense and the reality of their own right to privacy—and their reaction to their loss has been slow and piecemeal."

The Newsweek article—published in 1970, and entitled The Assault on Privacy—nicely captures the thesis of Bruce Schneier's new book, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World. That doesn't mean that Schneier's book isn't valuable—it is. It just means that there is something to be learned about Schneier's argument from the fact that it was made 45 years ago. (Disclosure: I gave Schneier comments on a draft of his book and he and I are teaching a class together on Internet power and governance.) 

Data and Goliath is an informed, well-written, accessible, and opinionated critique of "ubiquitous mass surveillance" by governments and corporations—how it happens, its costs, and what to do about it.

Read More →

Collecting Private Information

A computer-security expert weighs up the costs and benefits of collecting masses of personal data

  • The Economist
  • April 4, 2015

Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World. By Bruce Schneier.W.W. Norton; 383 pages; $27.95 and £17.99.

SOCIETY has more digital information than ever and can do new things with it. Google can identify flu outbreaks using search queries; America's National Security Agency (NSA) aspires to do the same to find terrorists.

Read More →

Review: Choking on Digital Exhaust

  • Martin Langfield
  • Reuters Breakingviews
  • April 2, 2015

Mass surveillance by governments and corporations is comparable to child labor or environmental pollution. That is the largely persuasive claim of security expert Bruce Schneier in his new book "Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World." Resistance is not futile, Schneier thinks, although it will be tricky to fight overreaching securocrats and snooping online advertisers without giving up at least some of the genuine advantages of Big Data.

Much of the problem lies in excessive expectations about what mass surveillance can achieve, writes Schneier, who is chief technology officer at security firm Resilient Systems and a fellow at Harvard Law School's Berkman Center for Internet and Society. It might seem that the combination of huge amounts of collected data and sophisticated data-mining could have prevented the 9/11 attacks or the Boston Marathon bombing.

Read More →

Fixing the Surveillance-Industrial Complex

  • Barbara Fister
  • Inside Higher Ed
  • April 1, 2015

A couple of weeks ago, I mentioned that I was reading Bruce Schneier's new book, Data and Goliath, just published by Norton. The subtitle (which, as is the custom these days, is more or less an elevator pitch for the book) provides a hint of what's inside: The Hidden Battles to Collect Your Data and Control Your World. What's missing from this descriptive subtitle is the best part: And Here's How We Can Fix It. Because unlike a lot of books that focus on big scary issues, this one has lots of concrete recommendations and encouragement to think that we can actually make change happen.

This is, above all, a refreshingly rational book. The subject matter is frightening, but Schneier doesn't use our anxiety to dramatize the importance of his subject or to threaten us with doom if we fail to take his advice.

Read More →

Data and Goliath, Book Review: A Handbook for the Information Age

  • Wendy M Grossman
  • ZDNet UK Book Reviews
  • March 31, 2015

Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World • By Bruce Schneier • Norton • 384 pages • ISBN 978-0-393-24481-6 • $27.95

We did not exactly know the trade-offs we would be making in 2015 when we first began using email or got our first mobile phones. If anyone had asked 15 years ago whether we wanted a device that enabled governments and corporations to monitor our whereabouts and access the details of our personal, business, and social lives at all times, it's pretty clear that almost everyone would have said 'no'.

Similarly, few of us would have argued for developing technology to give governments the ability to spy on all aspects of the lives of billions of people. That we have arrived here is a matter of billions of individual choices, made one by one in the interests of convenience and functionality.

Read More →

David and Goliath: What Do We Do about Surveillance?

From spyware designed to catch students misbehaving to police tracking rioters by phone, we are spied on as never before, reveals a book by Bruce Schneier

  • Douglas Heaven
  • New Scientist
  • March 30, 2015

"DEAR subscriber, you have been registered as a participant in a mass disturbance." This text was sent by the Ukrainian government last year to everyone with a cellphone known to have been near a protest in the capital, Kiev.

Just what you'd expect from an ex-Soviet country? Not so fast. In the US and Europe, police are also seeking information on phones linked to specific places and times—and always without a warrant.

Read More →

Bruce Schneier Talks Privacy, Politics, Books and More

  • Daniel Dern
  • The Fortinet Blog
  • March 30, 2015

As author of a dozen books plus hundreds of shorter works on security and privacy, security technologist Bruce Schneier, Chief Technology Officer of Resilient Systems, is one of the better known—and frequently quoted—experts in these areas. His "Schneier on Security" blog and Crypto-Gram monthly newsletter are read by an estimated quarter-million people. You can follow him on Twitter @schneierblog.

Schneier's most recent book—a New York Times bestseller—is "Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World", which, Schneier said in his blog, "is a book about surveillance, both government and corporate.

Read More →

The Essential Guide To Digital Life: Bruce Schneier’s Data And Goliath

  • Anabelle Bernard Fournier
  • The Cryptosphere
  • March 30, 2015

If you'd asked me a year ago, 'do you worry about government surveillance?', I would have said no. But today, my answer would be an empathic YES.

The scary part is that, like most Canadians, I hadn't worried about that kind of surveillance until the current debate around C-51. (If you don't know what that is, check it out here.) This terrifying bill would, among many other things, make it illegal to talk positively of terrorism on the internet.

Read More →

Audio: Bruce Schneier, Data and Goliath

  • Paul Harris Online
  • March 27, 2015

Bruce Schneier spoke with Paul Harris about his new book, Data and Goliath. Topics include:

  • Are we giving up too much information voluntarily in exchange for free services?
  • What are data brokers gathering about us, who are they selling it to?
  • Are private companies doing enough to shield our data from government?
  • How companies and law enforcement can use your cell phone to know where you’ll be tomorrow.
  • Whether the NSA can process the huge amounts of surveillance info it is gathering on all of us.
  • The war on terror as an excuse to get into anyone’s computer, and its chilling effect on free speech and thought.

Listen to the Audio on PaulHarrisOnline.Blogspot.com

Read More →

Wanted: Slingshots

  • Kristian Williams
  • Dissent NewsWire
  • March 24, 2015

Bruce Schneier has built a career explaining the principles of security in plain English, helping the uninitiated to think clearly and critically about managing risk, and exposing the nonsense peddled by government spokesmen and high-tech hucksters. He is at once a great popularizer and a great debunker.

Schneier's new book, Data and Goliath, examines the prevalence, mechanisms, uses, and dangers of mass surveillance.

This book scared the hell out of me.

Read More →

"We the People Have a Lot of Work to Do" Says Schneier in a Must-Read Book on Security and Privacy

  • Gil Press
  • Forbes
  • March 24, 2015

"The surveillance society snuck up on us," says Bruce Schneier in Data and Goliath: The Hidden Battles to Capture Your Data and Control Your World. It's a thought-provoking, absorbing, and comprehensive guide to our new big data world. Most important, it's a call for a serious discussion and urgent action to stop the harms caused by the mass collection and mining of data by governments and corporations. To paraphrase Schneier's position on anonymity—we either need to develop more robust techniques for preserving our freedom, or give up on the idea entirely.

Read More →

Review of Data and Goliath

  • Hiawatha Bray
  • The Boston Globe
  • March 24, 2015

During the Cold War, communist East Germany was perhaps the most spied-upon nation on earth, with one secret police informant for every 66 citizens.

Those were the good old days. In 21st-century America, we've got more informants than citizens, all of them digital. Our phones and computers incessantly rat us out, broadcasting our interests, friendships, and locations to governments and corporations alike, according to renowned cryptographer and Internet privacy advocate Bruce Schneier in his new book, "Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World."

Nobody planned it this way; hyper-surveillance just happened.

Read More →

All the Secret Ways You're Being Tracked That You Don't Even Realize

  • Zeeshan Aleem
  • Mic
  • March 23, 2015

Your cellphone emits a signal that tags your location every minute of every day. Your Google search log records your private anxieties and interests. Your text messages and social media accounts capture every detail of your social life. Your store purchases produce records of your spending habits.

Read More →

Audio: Metadata Retention and Privacy

  • 2ser Radio
  • March 23, 2014

Last week the proposed data retention bill passed through the House of Representatives, and is expected to pass through the Senate soon. These laws are set to allow warrantless access to phone calls, sms, social media and internet usage, in the name of tightening our national security.

Disputes and amendments to the bill have focused on confidentiality threats for journalists and whistleblowers, but what effect will data retention have on the average person?

Our host Sam Baran spoke to Bruce Schneier, who is a fellow at Harvard University's Berkman Center for Internet and Society and author of the book Data and Goliath about the ways governments and corporations are storing and using data.

Read More →

Expert Bruce Schneier: It’s Hard Not to Despair over the State of IT Security

  • Howard Solomon
  • IT World Canada
  • March 23, 2015

The more things change the more they stay the same, goes an old saying. That certainly seems to be true in IT security.

Despite decades of experience almost every day there's another story about a data breach, software vulnerability or new malware discovered.

So perhaps it's no surprise that the 15th anniversary edition of veteran security expert Bruce Schneier's book Secrets and Lies: Digital Security in a Networked World begins with a foreword that admits how little things have changed since the book first came out in 2000.

Read More →

Cyberattack Is Easier than Cyberdefence—Bruce Schneier

Cybersecurity guru Bruce Schneier to reveal lessons learned from the Sony hack scandal at the Gulf Information Security Expo and Conference (GISEC)

  • Arabian Gazette
  • March 22, 2015

Cybercriminal attacks around the world will continue to rise as long as personal data provides the ability to commit fraud, and intellectual property is worth stealing, leaving both individuals and organisations vulnerable to harmful computer and network intrusions.

According to cybersecurity guru Bruce Schneier, one of the keynote speakers at Gulf Information Security Expo and Conference (GISEC), a cyberattack is much easier to implement than it is to install impenetrable cyberdefences.

The 3rd edition of GISEC, the region's leading I.T. security platform, will take place from 26-28 April 2015 at Dubai World Trade Centre.

Read More →

Video: Data and Goliath

  • Sunrise on 7 (Australia)
  • March 21, 2015

With Australia’s data retention laws set to pass the Senate, world-leading online security expert Bruce Schneier explains the danger of metadata.

Note: this video may not be viewable outside Australia.

Watch the Video on YouTube

Read More →

Two Books Look at How Modern Technology Ruins Privacy

  • Emily Parker
  • Washington Post
  • March 20, 2015

Excerpt

"Even the East Germans couldn't follow everybody all the time," Bruce Schneier writes. "Now it's easy."

This may sound hyperbolic, but Schneier's lucid and compelling Data and Goliath is free of the hysteria that often accompanies discussions about surveillance. Yes, our current location, purchases, reading history, driving speed and Internet use are being tracked and recorded. But Schneier's book, which focuses mainly on the United States, is not a rant against the usual bad guys such as the U.S.

Read More →

Verschlüsselungs-Experte Bruce Schneier "Dein Handy weiß alles über dich"

  • Hakan Tanriverdi
  • Süddeutsche.de
  • March 15, 2015

Sind Privatsphäre und Sicherheit wirklich ein Gegensatz? Bruce Schneier ist einer der bekanntesten Experten für Verschlüsselung. Er fordert, der Geheimdienst NSA solle zerschlagen werden.

Damit Bruce Schneier für einen kurzen Augenblick seine ruhige Art vergisst, reicht es aus, wie der Chef der zum Inlandsgeheimdienst gewandelten US-Bundespolizei FBI zu argumentieren. Etwa so: Haben Strafverfolgungsbehörden recht, wenn sie davor warnen, bald im Dunkeln zu tappen, weil sich Verbrecher immer stärker in den digitalen Raum verziehen?

Read More →

Audio: ALP Supports Amended Version of Govt's ISP Data Bill

  • Mark Colvin
  • PM (Australian Broadcasting Corporation)
  • March 17, 2015

Listen to the Audio on ABC.net.au

Transcript

MARK COLVIN: The ALP has agreed to support an amended version of the Government's bill to force Internet Service Providers to keep their customers' data for two years.

It'll let government agencies see what we've all been doing on the phone or online.

Bipartisan support means the bill is likely to pass.

The bodies expected to get access range from various police and customs agencies to the Competition watchdog, the ACCC.

Read More →

Security Guru Bruce Schneier: Your Privacy is Already Gone

In Data and Goliath, one of the world's foremost security experts piles on the evidence that privacy is dead -- and proposes a detailed plan to restore it

  • Roger A. Grimes
  • InfoWorld
  • March 17, 2015

You can't help but get a little depressed as you read Bruce Schneier's latest book, "Data and Goliath: The Hidden Battles to Capture Your Data and Control Your World." It confirms over and over how all our supposed guaranteed personal privacy, digital or otherwise, is nothing but a façade. Here are some examples from the book:

  • It doesn't take much metadata to specifically identify and track anyone.
  • "We kill people based on metadata."—General Michael Hayden, former director of the NSA and the CIA
  • The U.S. Post Office photographs (and keeps) the exterior back and front of every piece of mail sent in the United States, and this data is available to other agencies.
  • "... man who complained to a Target store that had sent baby-related coupons to his teenage daughter, only to find out later that Target was correct."
  • In 2011, a man forced Facebook to turn over all data it had on him.

Read More →

The Hard Questions

A mature democracy needs to carefully balance individual privacy, national security and business efficiency.

  • Richard Epstein
  • The Wall Street Journal
  • March 16, 2015

Excerpt

New technologies are always a mixed blessing, their potential for good carrying with it the risk of evil. The deep challenge for a democracy is to develop legal rules, social practices and institutional arrangements that, at some reasonable cost, separate good from bad behavior. The exponential improvement in computation and communication technologies over the past few decades has posed this challenge in an acute form. Both large bureaucracies and determined individuals can now collect and organize huge amounts of information—and all of it,, in one sense or another, is about all of us.

Read More →

Audio: Personal Data Collection and Your Technology Footprint

  • Radio New Zealand
  • March 16, 2015

How much do you know about what others might know about you, from your use of technology? How do you minimise your online footprint on things you'd rather keep private?

Bruce Schneier is a US technology and security expert, whose latest book is Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, talks to Kathryn Ryan about how much information is being gathered by governments and corporations through our use of phones and computers.

Listen to the Audio on RadioNZ.co.nz

Read More →

Looking at the Promise and Perils of the Emerging Big Data Sector

Book Review of Data and Goliath by Bruce Schneier

  • Jonathan A. Knee
  • The New York Times—DealBook
  • March 16, 2015

There is a certain predictability to media and technology finance. Any company looking for money is inevitably characterized as similar to whatever has recently garnered the highest valuations.

For instance, when all of the software as a service (referred to in tech jargon as SaaS) companies traded in the public markets at 10 times revenue, other businesses looked desperately for something in their operations that could be tied, however tenuously, to SaaS.

The trouble with this approach is that bubbles tend to burst, as the SaaS one did last year.

Read More →

Video: Part 2: Bruce Schneier on the Hidden Battles to Collect Your Data and Control Your World

  • Democracy Now!
  • March 13, 2015

Part 2 of our discussion with Bruce Schneier about about the golden age of surveillance and his new book, "Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World."

Watch the Video on DemocracyNow.org

See also: Part 1

Transcript

AMY GOODMAN: This is Democracy Now!, democracynow.org, The War and Peace Report. I'm Amy Goodman, with Juan González. Our guest is Bruce Schneier. He is a leading security technologist.

Read More →

Video: Data and Goliath: Bruce Schneier on the Hidden Battles to Collect Your Data and Control Your World

  • Democracy Now!
  • March 13, 2015

Leading security and privacy researcher Bruce Schneier talks about about the golden age of surveillance and his new book, "Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World." The book chronicles how governments and corporation have built an unprecedented surveillance state. While the leaks of Edward Snowden have shed light on the National Security Agency's surveillance practices, less attention has been paid to other forms of everyday surveillance—license plate readers, facial recognition software, GPS tracking, cellphone metadata and data mining.

Watch the Video on DemocracyNow.org

Transcript

JUAN GONZÁLEZ: We turn now to look at what our next guest calls the "golden age of surveillance." The leading security and privacy researcher Bruce Schneier is out with a new book, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World. The book chronicles how governments and corporations have build an unprecedented surveillance state.

Read More →

Computer Security Expert Bruce Schneier Is Here to Answer Questions

  • Annalee Newitz
  • Gizmodo
  • March 13, 2015

Bruce Schneier did a one-hour open question and answer session on Gizmodo.

Read the Q&A on Gizmodo.com

Read More →

Data and Goliath: Confronting the Surveillance Society

  • Steven Aftergood
  • Federation of American Scientists
  • March 11, 2015

Within a remarkably short period of time—less than two decades—all of us have become immersed in a sea of electronic data collection. Our purchases, communications, Internet searches, and even our movements all generate collectible traces that can be recorded, packaged, and sold or exploited.

Before we have had a chance to collectively think about what this phenomenal growth in data production and collection means, and to decide what to do about it, it threatens to become an irreversible feature of our lives.

In his new book Data and Goliath: The Hidden Battles to Capture Your Data and Control Your World (Norton, 2015), author and security technologist Bruce Schneier aims to forestall that outcome, and to help recover the possibility of personal privacy before it is lost or forgotten.

Read More →

Video: Interview: Online Security Expert Bruce Schneier

  • Lateline (Australian Broadcasting Corporation)
  • March 10, 2015

Watch the Video on ABC.net.au

Transcript

EMMA ALBERICI, PRESENTER: One of the world's leading experts in online security is Bruce Schneier. He's a fellow at Harvard University's Berkman Center for Internet and Society. His latest book, 'Data and Goliath', is about how governments and corporations are using and controlling our data.

I spoke to Bruce Schneier from Minneapolis.

Read More →

Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

  • Ben Rothke
  • Slashdot
  • March 9, 2015

In Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, author Bruce Schneier could have justifiably written an angry diatribe full of vitriol against President Obama, his administration, and the NSA for their wholesale spying on innocent Americans and violations of myriad laws and the Constitution. Instead, he has written a thoroughly convincing and brilliant book about big data, mass surveillance and the ensuing privacy dangers facing everyone.

A comment like what's the big deal? often indicates a naiveté about a serious significant underlying issue. The idea that if you have nothing to hide you have nothing to fear is a dangerously narrow concept on the value of privacy.

Read More →

A Way Forward: Bruce Schneier’s Data and Goliath Explains Where Our Privacy is Now, and How We Fix It

  • Cindy Cohn and Nadia Kayyali
  • EFF Deeplinks Blog
  • March 6, 2015

EFF is honored to have renowned security technologist Bruce Schneier as a member of our board and a collaborator for nearly 20 years. But even if we'd never met him, we'd still be incredibly excited about the release of his new book, Data and Goliath.

Schneier has been providing detailed analyses of cryptography, big data, NSA leaks, security flaws, and more for decades (when he's not terrifying NSA Director Mike Rogers with deceptively simple questions about security). What's exceptional about his writing and his is that he manages to be well-researched, in-depth, and accurate while remaining accessible to non-technical readers.

Read More →

Audio: Balancing Surveillance: Privacy and Security in the Digital Age

  • Bruce Schneier
  • Science Friday
  • March 6, 2015

The NSA, Facebook, and Google are constantly mining our personal information for surveillance and advertising purposes, among other goals. Is it possible to keep our data secure in the digital age? Bruce Schneier, a cybersecurity expert and author of Data and Goliath, says, “We need to examine our own fears and decide how much of our privacy we are really willing to sacrifice for convenience.” Read an excerpt from his book here.

Listen to the Audio on ScienceFriday.com

Read More →

Trying to Make Sense of the World of Ubiquitous Surveillance

Bruce Schneier's 'Data and Goliath' a lucid overview of how corporate and governmental surveillance works

  • Jacob Silverman
  • LA Times
  • March 5, 2015

Excerpt

On a recent trip overseas, I brushed up against these overlapping systems of control. In the international airport in Ho Chi Minh City, Vietnam, I saw devices set up that automatically took temperature readings of arriving passengers (the Ebola scare was ongoing). When I returned from my trip and entered customs at John F. Kennedy International Airport, security officers divided us into lines based on national background. I swiped my passport at a kiosk, received some sort of receipt, and was made to wait again.

Read More →

Bruce Schneier’s Important New Book

  • Jack Goldsmith
  • Lawfare
  • March 4, 2015

Bruce has just published Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, a book that will interest many Lawfare readers.  Data and Goliath is deeply informed and accessibly written analysis of mass surveillance by firms and the government.  Part One is a terrific tutorial on big data and data mining, in the public and private sectors (and the two sectors in conjunction).  Part Two explains the many reasons Bruce thinks we should worry about big data and data mining. 

Read More →

Audio: There is Actually One Thing You Can Do to Fight the Surveillance Machine

Stop feeling guilty about skimming the Terms of Service. Get mad instead.

  • Manoush Zomorodi
  • New Tech City
  • March 4, 2015

Reading this right now?

Congratulations. You're winning.

Yes, all of the usual corporate and government entities know you're here.

Read More →

Bruce Schneier's Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World (Book Review)

  • Cory Doctorow
  • Boing Boing
  • March 2, 2015

No one explains security, privacy, crypto and safety better than Bruce Schneier, and while he's been talking about this subject for decades, it's never been more relevant, as his new guide to the post-Snowden world Data and Goliath demonstrates.

It's been nearly two years since the Snowden revelations, and we're nowhere near figuring out what to make of his revelations, but now there's a book that collects all the most significant facts, implications and insights from the debates and packages them in a way that is accessible, smart, and important.

Since the first Snowden leaks, we've been buffeted by new revelations that made it hard -- even impossible -- to understand exactly what kind of spying was taking place, under whose oversight, and what effect it was having. Schneier starts with the nature of data and surveillance in the Internet age, the way that data use and abuse can empower us or harm us (both individually or as a society), patiently steps through a condensed (but still representative) account of the leaks, and then combines all this in a powerful argument that out-of-control, unaccountable, mass-scale surveillance has harmed us, and presents an existential threat to a good, safe and just society.

The world is not becoming less computerized, after all.

Read More →

Data and Goliath a Portrait of Big Data Abuses

  • Alex Woodie
  • Datanami
  • March 2, 2015

A new book by security expert Bruce Schneier is raising serious questions about the state of privacy in the big data age, and whether giving corporations and government access to the most intimate details of our lives in exchange for convenience and security is a tradeoff we should be making.

Since 9/11, Schneier has been an outspoken critic of the government's sometimes ham-handed approach to security. Take the airport security checkpoints, for example. Is the economic loss from asking everybody to wait in line and take off their belts and shoes (more than $10 billion per year in 2004 dollars) or the added deaths from people deciding to drive instead of fly (500 per year) worth the marginal increase in security we get from the checkpoints?

Read More →

Book Review

  • Joel Weise
  • ISSA Journal
  • March 2015

In my Open Forum article, “Privacy and Social Media,” February 2015, I mentioned Bruce Schneier's new book, Data and Goliath (W.W.Norton & Company). For those concerned with the arrival of the surveillance state, this is a must-read book, and one of the best assessments of our current state of affairs. Schneier delves into all of the areas that I find most disconcerting, including our general loss of privacy and anonymity and the omnipresence of corporate and government Big Brother in nearly all facets of our lives. Are we really surprised that most social media, online search engines, and other corporations are selling our data, while others are aggregating that data (think big data and analytics), disabling our ability to remain anonymous?

Read More →

Data and Goliath (Book Review)

  • Donna Seaman
  • Booklist
  • March 1, 2015

Security technologist, commentator, and popular author Schneier was one of the first to analyze the documentation of NSA surveillance practices leaked by Edward Snowden. What he discovered fueled his mission to zap our complacency regarding “ubiquitous mass surveillance.” In this mind-blowing exposé, backed by 130 pages of revelatory notes, Schneier reveals exactly how all the information generated by our smartphones and computers regarding our exact location, communications, financial and medical transactions, everything we read in digital form, and every Google search is captured, stored, and traded. He elucidates the difference between data and metadata (an email’s content is data; all records pertaining to the sender, recipient, and routing are metadata), and explains how metadata is used to track our activities, interests, and concerns. With meticulously researched details and high-velocity prose, he outs the federal government’s intrusive “data mining,” the immensely profitable big-data industry, and the hidden collusion between them.

Read More →

How to Sabotage Encryption Software (And Not Get Caught)

  • Andy Greenberg
  • Wired
  • February 27, 2015

In the field of cryptography, a secretly planted "backdoor" that allows eavesdropping on communications is usually a subject of paranoia and dread. But that doesn't mean cryptographers don't appreciate the art of skilled cyphersabotage. Now one group of crypto experts has published an appraisal of different methods of weakening crypto systems, and the lesson is that some backdoors are clearly better than others—in stealth, deniability, and even in protecting the victims' privacy from spies other than the backdoor's creator.

In a paper titled "Surreptitiously Weakening Cryptographic Systems," well-known cryptographer and author Bruce Schneier and researchers from the Universities of Wisconsin and Washington take the spy's view to the problem of crypto design: What kind of built-in backdoor surveillance works best?

Read More →

Big Data: The Revolution Is Digitized

  • Charles Seife
  • Nature
  • February 26, 2015

Excerpt

Neither Borgman nor Lohr truly grapples with the immensity of the big-data story. At its core, big data is not primarily a business or research revolution, but a social one. In the past decade, we have allowed machines to act as intermediaries in almost every aspect of our existence. When we communicate with friends, entertain ourselves, drive, exercise, go to the doctor, read a book—a computer transmitting data is there.

Read More →

Video: "Where's the Data Going?"

  • CTV News
  • February 9, 2015

CTV News spoke with Bruce Schneier about voice recognition in Samsung TVs, and sensors in consumer devices in general.

Watch the Video on CTVNews.ca

Read More →

Kirkus Review of Data and Goliath

  • Kirkus Reviews
  • January 22, 2015

A jeremiad suggesting our addiction to data may have made privacy obsolete.

Prolific technological writer Schneier (Fellow/Berkman Center for Internet and Society, Harvard Law School; Carry On: Sound Advice from Schneier on Security, 2013, etc.) clearly examines how technology has transformed every interaction, noting how our intimate communications are now "saved in ways we have no control over." He suggests that most Americans remain unconcerned about the relationship between data and surveillance, due to the attraction of "free" products like Gmail. He focuses on the social costs of surveillance, which "puts us at risk of abuses by those in power—exacerbated by the fact that we are generating so much data and storing it indefinitely." He also argues that this "pervasive mass surveillance" will inevitably chill progressive movements—e.g., gay rights and cannabis decriminalization. The problem is more sprawling than most realize: Edward Snowden's revelations clarified "how much the NSA relies on US corporations to eavesdrop on the Internet," and corporations are using such technologies for their own ends.

Read More →

Top Influencers in Security You Should Be Following in 2015

  • David Bisson
  • Tripwire
  • January 8, 2015

Excerpt

In December of 2011, Tripwire published a list of security's top 25 influencers. More than three years later, we are pleased to announce a new list for 2015—The Infosec Avengers!

For each influencer whom we have selected, we include their Twitter handle, blog URL and reasoning for selecting them. We also include their answer for what infosec-related superpower they would choose to have.

Read More →

Audio: Passwords

  • Science for the People
  • January 2, 2015

Security expert Bruce Schneier returns to Science for the People to talk about the use and misuse of passwords to safeguard our most important data.

Listen to the Audio on ScienceForThePeople.ca

Read More →

Once More Undo the Breach

  • Nathan Jaye
  • CFA Institute Magazine
  • January/February 2015

After the online breach of JPMorgan Chase, cybersecurity awareness is growing in the financial world. But what exactly is cybersecurity (and cybervulnerability)? What can or cannot be done to make sensitive information more secure?

A leading computer security and privacy expert, Bruce Schneier is one of the world's most recognizable voices on cybersecurity, author of the popular security blog Schneier on Security, board member of the Electronic Frontier Foundation, and CTO of Co3 Systems.

Read More →

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.