Schneier on Security

“Nice to see you all again,” Bruce Schneier told the audience at his keynote for the in-person return of RSA Conference, taking off his trademark cap. “It’s kinda neat. Kinda a little scary.” Schneier is a security technologist, researcher, and lecturer at Harvard Kennedy School. He has a long list of publications, including books from as early as 1993 and as recent as 2019’s We Have Root, with a new one launching in January 2023. But he’s best known for his long-running newsletter Crypto-Gram and blog Schneier on Security. And his upcoming book is about hacking…

For the past couple of years, renowned technologist and researcher Bruce Schneier has been researching how societal systems can be hacked, specifically the rules of financial markets, laws, and the tax code. That led him to his latest examination of the potential unintended consequences of artificial intelligence on society: how AI systems themselves, which he refers to as “AIs,” could evolve such that they automatically – and inadvertently – actually abuse societal systems.

“It’s AIs as the hacker,” he says, rather than hackers hacking AI systems…

Security experts asked lawmakers for more action, today, during a Congressional hearing on IoT security. On their wishlist: consequences to manufacturers for delivering insecure products, a federally funded independent lab for pre-market cybersecurity testing, and an entirely new federal agency devoted to cybersecurity.

The hearing, “Understanding the Role of Connected Devices in Recent Attacks,” was held by the US House Committee on Energy and Commerce, with expert witnesses Dale Drew, senior vice president and chief security officer of Level 3 Communications; Dr. Kevin Fu, CEO of Virta Labs and associated professor of electrical engineering and computer science at the University of Michigan; and Bruce Schneier, fellow of the Berkman Klein Center at Harvard University…

Other articles about the IETF plenary session appeared in MIT Technology Review, Intellectual Property Watch, and The Economist, and Help Net Security.

As custodians of the Internet mull over the lessons that revelations about National Security Agency (NSA) surveillance offer about the insecurity of the Internet’s infrastructure, architects must find ways to make wholesale spying more expensive. So said noted cryptographer and security evangelist Bruce Schneier in a talk today about Internet hardening at the Internet Engineering Task Force (IETF) plenary session…

This article was linked from Slashdot.

Cryptologist and now, psychologist: Renowned security expert Bruce Schneier once again is turning security on its head—literally. Schneier will share his latest research and insight at the RSA conference next week on the interplay between psychology and security. (See Schneier On Schneier.)

Schneier says the goal of his talk at RSA is not to discuss security technologies or tactics, but to explain how people think, and feel, about security. “A lot of the time at RSA, we are just puzzled why people don’t secure their computers, and why they behave irrationally. Psychology has a way of explaining this,” he says. “If we in the [security] industry expect to build products, we need to understand our customers.”…

He’s eaten guinea pig in Peru, whale in Japan, and tried insects in Australia. But security guru—and part-time restaurant critic—Bruce Schneier mostly steers clear of chain restaurants, which he finds oppressively uniform.

When he’s not sampling exotic cuisine, Schneier is best known as the developer of the Blowfish and Twofish encryption algorithms and as the bestselling author of Applied Cryptography, which has been called the bible for hackers. He’s written other books that examine security and society, and he is a renowned security speaker, blogger, and columnist, as well as a popular media talking head who offers unique views on everything from encryption to post-9/11 security overkill…