News: 2017 Archives
Book Review – Applied Cryptography Part I and II – Bruce Schneier
This book has been, without a doubt, crucial in aiding my understanding of cryptosystems and why things are the way they are, and how do these cryptic crypto algorithms even work. If you are interested in learning how to develop software that are ‘correct’ and secure, then this is a great book to understand what are the primitives of information security, what algorithms already exist and which ones to use in what scenario.
So the motivation to pursue a thorough understanding of cryptography and to gain the ability and knowledge required to make a secure cryptosystem came sometime after college ended, when I and Kunal were working on a terminal chat application that would support end-to-end encryption. At that time, I hardly knew what I had gotten myself into (which is similar to a lot of things in my life), as the application development part seemed very simple. We got done with the application part, terminal app and the backend, and then came the encryption part, and that is when the knowledge about existing techniques and understanding of basic crypto primitives fell short. And that is when I started reading about cryptography and stumbled upon this book…
Schneier: It's Time to Regulate IoT to Improve Cyber-Security
In a keynote at the SecTor security conference, Bruce Schneier makes a case for more regulatory oversight for software and the Internet of Things
The time has come for the U.S. government and other governments around the world, to start regulating Internet of Things (IoT) security, according to Bruce Schneier, CTO of IBM’s Resilient Systems.
Schneier delivered his message during a keynote address at the SecTor security conference here. He noted that today everything is basically a computer, whether it’s a car, a watch, a phone or a television. IoT today has several parts including sensors that collect data, computing power to figure out what to do with the collected data and then actuators that affect the real world…
An Interview with Bruce Schneier on the Internet of Things, Global Surveillance, and Cybersecurity
Bruce Schneier is a world-renowned cryptographer and security technologist whom the Economist has dubbed an “internet-security guru.” Schneier has authored a dozen books since 1993, with his next book—Click Here to Kill Everybody: Peril and Promise in a Hyper-Connected World—due for release in September 2018, and set to tackle the burgeoning trends of cybercrime, corporate surveillance, and how to mitigate the catastrophic risks from unsecured devices.
Earlier this year, Schneier wrote a chilling article in New York Magazine detailing the pressing dangers of unsecured IoT devices and, more recently, …
The Cybersecurity Canon: Data and Goliath
Executive Summary
“Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World” is a book meant to scare you, and it does a good job. The book is designed to get our attention and serve as a wake-up call on a number of issues that beg for more robust public discussion. Chief among these issues are mass surveillance from governments and the commercial world, and how this is affecting personal privacy and even public security. More importantly, I believe Bruce Schneier offers some excellent recommendations as to what we should all be talking about and doing when it comes to bringing these critical issues out of the shadows and into the light. Finally, this book offers some ideas that I believe can serve as the basis for the formulation of improved norms of responsible behavior, more effective government and industry policies and regulations, and perhaps more balanced national and international laws relevant to the digital age. As such, this book deserves a place of honor in the Cybersecurity Canon…
Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World by Bruce Schneier (Review)
We all surrender privacy in some form and fashion and allow companies to gather data so these enterprises can better serve us. Our cell phone provider needs to know where we are to route calls to the appropriate cell tower. As consumers and users, we allow the cell phone company to track and follow our moves because the convenience of being able to receive a call is greater than our perceived loss of privacy. For the last twenty years, Americans have accepted that the benefit of convenience outweighs the loss of privacy. Bruce Schneier makes a strong argument that this construct should no longer be the case. The book Data and Goliath has a compelling message that is a Red Thread of a question through the text: “Do you accept the surrender of your data for convenience?” The author is an authority in the field of cybersecurity—a renowned computer scientist and cryptographer. Schneier has been at the forefront of cybersecurity developments since the 1990s with an appetite to address current challenges and put them in perspective…
On Internet Privacy, Be Very Afraid
‘Surveillance Is the Business Model of the Internet,’ Berkman and Belfer Fellow Says
In the internet era, consumers seem increasingly resigned to giving up fundamental aspects of their privacy for convenience in using their phones and computers, and have grudgingly accepted that being monitored by corporations and even governments is just a fact of modern life.
In fact, internet users in the United States have fewer privacy protections than those in other countries. In April, Congress voted to allow internet service providers to collect and sell their customers’ browsing data. By contrast, the European Union hit Google this summer with a $2.7 billion antitrust fine…
Is It Time To Regulate the IoT?
US Senators just introduced new legislation to regulate the purchase of Internet of Things (IoT) devices. Why did they do it, and what chance is there of success?
The Internet of Things Cybersecurity Improvement Act would set minimum security requirements for federal procurements of connected devices. These include the ability to patch code, a lack of hard-coded passwords, and freedom from known security vulnerabilities.
Bruce Schneier, security author, CTO at IBM Resilient and fellow at Harvard’s Berkman Klein Center for Internet & Society, is one of the people endorsing the bill. He will talk about the dangers of the IoT in his …
"Surveillance Is the Business Model of the Internet"
Under surveillance capitalism, we’ve lost control of our devices and our data – but there is a way back. Interview with Bruce Schneier by Agne Pix.
Agne Pix (AP): Does technology protect our privacy on the internet or is it a threat?
Bruce Schneier (BS): There are a lot of technologies that help preserve privacy and keep us and our data secure, like for example encryption. Technology can also remove privacy: you may think of cameras or listening devices and insecure internet connections. We are living in a world where we often interact with computers. They produce data about these interactions, which is data about ourselves and that is collected by corporations. Surveillance is the business model of the internet. So right now a lot of the technology that we use is harmful to our security and privacy…
Video: NSA Contractor Charged for Leak After Intercept Exposé Reveals Russian Cyberattack of 2016 Election
Watch the Video on DemocracyNow.org
A military intelligence contractor has been arrested and charged with leaking a top-secret NSA report to the media that reveals Russian military intelligence conducted a cyberattack on at least one U.S. voting software company just days before last November’s presidential election. The charges were announced after The Intercept published part of the NSA report on Monday. It is the first criminal leak case under President Trump. We speak with security technologists Bruce Schneier and Jake Williams, who is a former member of the NSA’s Tailored Access Operations hacking team…
"Surveillance Shouldn’t Be the Business Model of the Internet. We Can Change It"
Dubbed a ‘security guru’ by The Economist, Bruce Schneier has authored several books, including NYT bestseller Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, as well as hundreds of articles and academic papers. In 2013, the American security technologist was invited to brief a US Congress group about the documents revealed by whistleblower Edward Snowden, and to explain ‘what the NSA (National Security Agency) was doing’. In an email interview to Kim Arora , he spoke about the recent Wannacry ransomware attack, cybersecurity, and threats to privacy. …
Video: Cybersecurity Talk with Bruce Schneier: How to Start Your Career in Cybersecurity?
Watch the Video on CQUREAcademy.com
In today’s episode, together with Bruce Schneier, we are talking about how to start and skyrocket your career in cybersecurity.
Paula: I’m here with Bruce Schneier. The most prominent person in security. Thank you so much for being with me. I have a couple of questions.
Where to expect hacks?
You have delivered a presentation about IoT (Internet of things). IoT hacks it’a not a very surprising thing for IT security professionals like hotels and different devices but everybody’s wondering: what’s coming next?…
Video: This Is Your Brain on Terrorism
Why sensationalized terrorism coverage makes us overreact to risk.
For most Americans, terrorism is only ever experienced through a television screen or front page of a newspaper. Despite generating massive headlines, terrorism kills a shockingly small number of Americans every year, especially when compared to a problem like gun violence. In terms of the public’s attention, terrorism takes up a lot more space than its death toll warrants.
But for cable news networks, terrorism coverage is big business. Many Americans rely on cable news in the wake of high-profile tragedies, and news networks see ratings spikes…
Bruce Schneier on New Security Threats from the Internet of Things
Security expert Bruce Schneier says we’re creating an Internet that senses, thinks, and acts, which is is the classic definition of a robot. “I contend that we’re building a world-sized robot without even realizing it,” he said recently at the Open Source Leadership Summit (OSLS).
In his talk, Schneier explained this idea of a world-sized robot, created out of the Internet, that has no single consciousness, no single goal, and no single creator. You can think of it, he says, as an Internet that affects the world in a direct physical manner. This means Internet security becomes everything security…
Cybersecurity Expert on Latest Wikileaks: Nothing to See Here
Does latest data dump mean people should throw out their smartphones?
Metro spoke to cybersecurity expert Bruce Schneier about the latest revelations from Wikileaks about U.S. government spying and what they mean to regular people. The leaked documents, which appear to be from the Central Intelligence Agency, describes software tools that the agency uses to hack into cellphones, computers and internet-connected televisions.
Metro: Do these revelations from Wikileaks surprise you at all?
Schneier: Not in the least. What’s the news here? Computers are hackable, this isn’t news. It doesn’t change a thing.
M…
Video: Video Review of Data and Goliath
Scott Schober, author of Hacked Again, reviewed Bruce Schneier’s Data and Goliath.
Audio: Bruce Schneier on IoT Regulation
Listen to the Audio on Threatpost.com
Mike Mimoso talks to Bruce Schneier, CTO of IBM Resilient, at RSA 2017 about the early days of the conference, his campaign for IoT regulation, and how the technical community needs to get involved with policy.
Cyber Security Blogs You Need to See
Excerpt
We couldn’t put together a list of cyber security blogs and not include Schneier on Security. The author, Bruce Schneier, is an internationally renowned security technologist, and his blog reaches over 250,000 people.
His research, analysis, and comment on all things security make the site worth regular visits for anyone looking to learn and stay on top of the latest goings on within the industry.
Video: Bruce Schneier and the Call for "Public Service Technologists"
At RSA 2017, Bruce Schneier spoke with Network World on the increasing importance of technologists’ presence in education and policy-making.
Bruce Schneier Says Government Involvement in Coding Is Coming
Security expert Schneier is realistic about the dangers posed by putting software in all types of appliances
Schneier, present at the RSA Conference, said that until now everyone had this “special right” to code the world as they saw fit. “My guess is we’re going to lose that right because it’s too dangerous to give it to a bunch of techies,” he added, according to The Register.
His words came after accepting an observation made by Marc Andreessen six years ago that software was eating the world. “As everything turns into a computer, computer security becomes everything security,” Schneier said, to give his previous statement some context.
A connected world is great but dangerous…
Schneier Brings Campaign for IoT Regulation to RSA
Bruce Schneier on Tuesday called on technologists to get involved with policy, insisting that as the Internet of things continues to unfold, the knowledge security experts have will become more applicable.
Schneier, CTO of IBM Resilient, stressed in a talk here at the RSA Conference that the need has become more pressing in the wake of Mirai; the threats associated with IoT insecurity are more palpable than ever.
“It’s one thing for Reddit to be DDoSed, its another thing for your home thermostat to be DDoSed in the winter,” Schneier said.
Schneier posted a list of guidelines that have been written for securing the internet of things …
Bruce Schneier: The US Government Is Coming for YOUR Code, Techies
Open source has won, but victory may be fleeting
The Open Source Leadership Summit began on Tuesday amid roads closed by a landslide: held in The Resort at Squaw Creek near Lake Tahoe, California, it was not easily accessible to attendees traveling Highway 80 from the San Francisco Bay Area.
During his opening keynote, Jim Zemlin, executive director of the Linux Foundation, made light of the mudslides that brought traffic to a crawl near Donner Pass on Monday evening. The trip at least was less arduous than it was last year, he said.
Zemlin’s remarks amounted to an open-source victory lap. Some 99.4 per cent of the world’s high performance computing systems, 90 per cent of the world’s stock exchanges, and 64 per cent of mobile devices run on Linux, he said, adding that the foundation’s projects have created $14.5 billion worth of value, as measured in cost per line of code…
Book Review: Data and Goliath by Bruce Schneier
How many times have you heard the “Nothing to Hide” argument? If you don’t have anything to hide, then you don’t need to worry about anyone watching you or collecting information about your thoughts and behaviors. Consider the impact to those that have nothing to hide. Depending on who is watching, people will curtail open discussion on many topics which stifle new thinking, innovation and even market disruption. Furthermore, it becomes easier to categorize and, therefore, discriminate against individuals. Privacy in our communications is much more important than most people think. And, a lack of information transparency in collection and use of data keeps this issue off the radar for most everyday people…
IoT Security: “The Market has Failed”
According to the IT security expert Bruce Schneier, the consequences of unrestricted connectivity in the Internet of Things could be devastating. In the interview, he calls for greater security for the Internet of Things (IoT).
“The era of fun and games is over,” said Bruce Schneier at the Telekom Security Congress in Frankfurt in November 2016. The American expert for IoT security and cryptography is Chief Technology Officer (CTO) of IBM Resilient. In his bestseller “Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World”, the security researcher describes how states and Internet firms spy on us. In the interview, the 53-year-old talks about the huge importance of security for and through the Internet of Things, about a failing market and about the need for state regulation…
Data and Goliath: The Hidden Battle to Collect Your Data and Control Your World (Review)
Reviewed by Annie Millar1
Summary: Data and Goliath:The Hidden Battles to Collect Your Data and Control Your World describes a world in which surveillance has become a part of our everyday life, a world we are currently living in. Schneier describes what we know as a result of Edward Snowden and his disclosure of confidential NSA information. He outlines three main concepts: the surveillance society we live in, the harms that arise from mass surveillance, and what we need to do to protect ourselves. This book review will focus on one of the two major surveillance parties in the world, the government…
Sidebar photo of Bruce Schneier by Joe MacInnis.