Schneier on Security

GrowthPolicy: I’d like to talk about your brilliant, and timely, new book, A Hacker’s Mind. In the book’s introduction, you write: “Security technologists look at the world differently than most people. When most people look at a system, they focus on how it works. When security technologists look at the same system, they … focus on how it can be made to fail.” Tell our readers what first made you interested in the psychology of security technologists and hackers? In other words, what is the origin story of this book?

Bruce Schneier: These threads have been percolating in my head for a while now. I started writing about the psychology of security around 2008. That quote is something I have been saying for decades. The notions of socio-technical systems and how they can be attacked are just as old…

GrowthPolicy. In a recent opinion piece in the New York Times, you write: “American democracy is an information system, in which the information isn’t bits and bytes but citizens’ beliefs. […] When you really need to worry is when insiders go bad. And that is precisely what is happening in the wake of the 2020 presidential election.” What advice would you offer policy makers seeking to safeguard future elections from disinformation campaigns undertaken by bad inside actors?

Bruce Schneier: We need to break up the tech monopolies. Companies like Amazon, Facebook, and Google wield enormous power in the market, and by extension in politics. Decentralization brings security, and the world would be much safer if there were twenty smaller Amazons and Facebooks and Googles than one of each. So we need both smaller companies and the ability to move, delete, combine, and reuse data from a variety of companies. Enforcing existing antitrust laws will make an enormous difference in how these companies affect society. And in areas where decentralization doesn’t make sense—when we have natural monopolies—we need to treat them like the utilities they are…