News: 2017 Archives
In a keynote at the SecTor security conference, Bruce Schneier makes a case for more regulatory oversight for software and the Internet of Things
The time has come for the U.S. government and other governments around the world, to start regulating Internet of Things (IoT) security, according to Bruce Schneier, CTO of IBM's Resilient Systems.
Schneier delivered his message during a keynote address at the SecTor security conference here. He noted that today everything is basically a computer, whether it's a car, a watch, a phone or a television.
Bruce Schneier is a world-renowned cryptographer and security technologist whom the Economist has dubbed an "internet-security guru." Schneier has authored a dozen books since 1993, with his next book—Click Here to Kill Everybody: Peril and Promise in a Hyper-Connected World—due for release in September 2018, and set to tackle the burgeoning trends of cybercrime, corporate surveillance, and how to mitigate the catastrophic risks from unsecured devices.
Earlier this year, Schneier wrote a chilling article in New York Magazine detailing the pressing dangers of unsecured IoT devices and, more recently, consulted on bipartisan legislation that will ensure devices purchased by the U.S. government meet specific security standards.
On top of all that, Schneier frequently blogs on internet and security matters and runs a monthly newsletter, "Crypto-gram," that has amassed a following exceeding 250,000—so we thought he'd be perfect for an ExpressVPN cybersecurity Q+A.
"Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World" is a book meant to scare you, and it does a good job. The book is designed to get our attention and serve as a wake-up call on a number of issues that beg for more robust public discussion. Chief among these issues are mass surveillance from governments and the commercial world, and how this is affecting personal privacy and even public security. More importantly, I believe Bruce Schneier offers some excellent recommendations as to what we should all be talking about and doing when it comes to bringing these critical issues out of the shadows and into the light.
‘Surveillance Is the Business Model of the Internet,’ Berkman and Belfer Fellow Says
In the internet era, consumers seem increasingly resigned to giving up fundamental aspects of their privacy for convenience in using their phones and computers, and have grudgingly accepted that being monitored by corporations and even governments is just a fact of modern life.
In fact, internet users in the United States have fewer privacy protections than those in other countries. In April, Congress voted to allow internet service providers to collect and sell their customers' browsing data. By contrast, the European Union hit Google this summer with a $2.7 billion antitrust fine.
To assess the internet landscape, the Gazette interviewed cybersecurity expert Bruce Schneier, a fellow with the Berkman Klein Center for Internet & Society and the Belfer Center for Science and International Affairs at Harvard Kennedy School.
US Senators just introduced new legislation to regulate the purchase of Internet of Things (IoT) devices. Why did they do it, and what chance is there of success?
The Internet of Things Cybersecurity Improvement Act would set minimum security requirements for federal procurements of connected devices. These include the ability to patch code, a lack of hard-coded passwords, and freedom from known security vulnerabilities.
Under surveillance capitalism, we’ve lost control of our devices and our data – but there is a way back. Interview with Bruce Schneier by Agne Pix.
Agne Pix (AP): Does technology protect our privacy on the internet or is it a threat?
Bruce Schneier (BS): There are a lot of technologies that help preserve privacy and keep us and our data secure, like for example encryption. Technology can also remove privacy: you may think of cameras or listening devices and insecure internet connections. We are living in a world where we often interact with computers. They produce data about these interactions, which is data about ourselves and that is collected by corporations.
Dubbed a 'security guru' by The Economist, Bruce Schneier has authored several books, including NYT bestseller Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, as well as hundreds of articles and academic papers. In 2013, the American security technologist was invited to brief a US Congress group about the documents revealed by whistleblower Edward Snowden, and to explain 'what the NSA (National Security Agency) was doing'. In an email interview to Kim Arora , he spoke about the recent Wannacry ransomware attack, cybersecurity, and threats to privacy. Excerpts:
With the Wannacry ransomware attack, we saw how neglecting to install a security update in time led to massive losses worldwide.
In today’s episode, together with Bruce Schneier, we are talking about how to start and skyrocket your career in cybersecurity.
Paula: I’m here with Bruce Schneier. The most prominent person in security. Thank you so much for being with me.
Why sensationalized terrorism coverage makes us overreact to risk.
For most Americans, terrorism is only ever experienced through a television screen or front page of a newspaper. Despite generating massive headlines, terrorism kills a shockingly small number of Americans every year, especially when compared to a problem like gun violence. In terms of the public's attention, terrorism takes up a lot more space than its death toll warrants.
But for cable news networks, terrorism coverage is big business.
Security expert Bruce Schneier says we're creating an Internet that senses, thinks, and acts, which is is the classic definition of a robot. "I contend that we're building a world-sized robot without even realizing it," he said recently at the Open Source Leadership Summit (OSLS).
In his talk, Schneier explained this idea of a world-sized robot, created out of the Internet, that has no single consciousness, no single goal, and no single creator. You can think of it, he says, as an Internet that affects the world in a direct physical manner.
WikiLeaks may have exposed the CIA's ability to hack into phones, televisions, cars—pretty much everything, but according to internationally renowned security technologist and author Bruce Schneier, it isn't the intelligence agencies you should be worried about. He's more concerned that these technologies have been around for decades. Bruce is sharing three things to be concerned about with Kristina Guerrero.
Does latest data dump mean people should throw out their smartphones?
Metro spoke to cybersecurity expert Bruce Schneier about the latest revelations from Wikileaks about U.S. government spying and what they mean to regular people. The leaked documents, which appear to be from the Central Intelligence Agency, describes software tools that the agency uses to hack into cellphones, computers and internet-connected televisions.
Metro: Do these revelations from Wikileaks surprise you at all?
Mike Mimoso talks to Bruce Schneier, CTO of IBM Resilient, at RSA 2017 about the early days of the conference, his campaign for IoT regulation, and how the technical community needs to get involved with policy.
We couldn’t put together a list of cyber security blogs and not include Schneier on Security. The author, Bruce Schneier, is an internationally renowned security technologist, and his blog reaches over 250,000 people.
His research, analysis, and comment on all things security make the site worth regular visits for anyone looking to learn and stay on top of the latest goings on within the industry.
At RSA 2017, Bruce Schneier spoke with Network World on the increasing importance of technologists' presence in education and policy-making.
Security expert Schneier is realistic about the dangers posed by putting software in all types of appliances
Schneier, present at the RSA Conference, said that until now everyone had this "special right" to code the world as they saw fit. "My guess is we're going to lose that right because it's too dangerous to give it to a bunch of techies," he added, according to The Register.
His words came after accepting an observation made by Marc Andreessen six years ago that software was eating the world. "As everything turns into a computer, computer security becomes everything security," Schneier said, to give his previous statement some context.
A connected world is great but dangerous
As he likened the Internet to a giant robot, one capable of affecting the physical world just as it affects the virtual one, the threat becomes much more real.
Bruce Schneier on Tuesday called on technologists to get involved with policy, insisting that as the Internet of things continues to unfold, the knowledge security experts have will become more applicable.
Schneier, CTO of IBM Resilient, stressed in a talk here at the RSA Conference that the need has become more pressing in the wake of Mirai; the threats associated with IoT insecurity are more palpable than ever.
"It's one thing for Reddit to be DDoSed, its another thing for your home thermostat to be DDoSed in the winter," Schneier said.
Schneier posted a list of guidelines that have been written for securing the internet of things last week on his blog.
Open source has won, but victory may be fleeting
The Open Source Leadership Summit began on Tuesday amid roads closed by a landslide: held in The Resort at Squaw Creek near Lake Tahoe, California, it was not easily accessible to attendees traveling Highway 80 from the San Francisco Bay Area.
During his opening keynote, Jim Zemlin, executive director of the Linux Foundation, made light of the mudslides that brought traffic to a crawl near Donner Pass on Monday evening. The trip at least was less arduous than it was last year, he said.
Zemlin's remarks amounted to an open-source victory lap.
According to the IT security expert Bruce Schneier, the consequences of unrestricted connectivity in the Internet of Things could be devastating. In the interview, he calls for greater security for the Internet of Things (IoT).
"The era of fun and games is over," said Bruce Schneier at the Telekom Security Congress in Frankfurt in November 2016. The American expert for IoT security and cryptography is Chief Technology Officer (CTO) of IBM Resilient.
Photo of Bruce Schneier by Per Ervland.
Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.