News Tagged "Kirkus Reviews"
Page 1 of 1
A cybersecurity expert examines how the powerful game whatever system is put before them, leaving it to others to cover the cost.
Schneier, a professor at Harvard Kennedy School and author of such books as Data and Goliath and Click Here To Kill Everybody, regularly challenges his students to write down the first 100 digits of pi, a nearly impossible task—but not if they cheat, concerning which he admonishes, “Don’t get caught.” Not getting caught is the aim of the hackers who exploit the vulnerabilities of systems of all kinds. Consider right-wing venture capitalist Peter Thiel, who located a hack in the tax code: “Because he was one of the founders of PayPal, he was able to use a $2,000 investment to buy 1.7 million shares of the company at $0.001 per share, turning it into $5 billion—all forever tax free.” It was perfectly legal—and even if it weren’t, the wealthy usually go unpunished. The author, a fluid writer and tech communicator, reveals how the tax code lends itself to hacking, as when tech companies like Apple and Google avoid paying billions of dollars by transferring profits out of the U.S. to corporate-friendly nations such as Ireland, then offshoring the “disappeared” dollars to Bermuda, the Caymans, and other havens. Every system contains trap doors that can be breached to advantage. For example, Schneier cites “the Pudding Guy,” who hacked an airline miles program by buying low-cost pudding cups in a promotion that, for $3,150, netted him 1.2 million miles and “lifetime Gold frequent flier status.” Since it was all within the letter if not the spirit of the offer, “the company paid up.” The companies often do, because they’re gaming systems themselves. “Any rule can be hacked,” notes the author, be it a religious dietary restriction or a legislative procedure. With technology, “we can hack more, faster, better,” requiring diligent monitoring and a demand that everyone play by rules that have been hardened against tampering…
Big Brother is watching and scheming and up to no good—and, writes security technologist Schneier (Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, 2015), it looks like he’s winning.
By way of an opening gambit, the author posits three scenarios in which hackers take over machines and computer systems, from printers to power plants, both to demonstrate their ability to do so and to show how the interdependence of the web can easily be put to work against us. In one of those scenarios, real-world to the core, Russian hackers came into a Ukrainian power plant through a malware backdoor, “then remotely took control of the center’s computers and turned the power off.” That’s not just a threat to life, but it also erodes trust in social and economic systems, the basis for civil society. In another scenario, which gives the book its title, a “bio-printer” is hacked to “print a killer virus”—and does. Given all this, why don’t the governments and corporations of the world band together to do a better job of cybersecurity? Because, Schneier answers, there are powerful forces that thrive on the “wicked problem” of cybersecurity and insecurity, for one thing; for another, “big companies with few competitors don’t have much incentive to improve the security of their products, because users have no alternative.” With due pessimism, the author argues that individuals must do their best to harden their own security even as governments battle against encryption, anonymity, and other security measures by claiming that the “Four Horsemen of the Internet Apocalypse—terrorists, drug dealers, pedophiles, and organized crime”—will be the ultimate beneficiaries of secure systems. On a larger level, Schneier proposes resilient systems that provide multiple defensive layers as well as reform of international laws and the establishment of protocols for enhanced protection against the real bad guys…
A jeremiad suggesting our addiction to data may have made privacy obsolete.
Prolific technological writer Schneier (Fellow/Berkman Center for Internet and Society, Harvard Law School; Carry On: Sound Advice from Schneier on Security, 2013, etc.) clearly examines how technology has transformed every interaction, noting how our intimate communications are now “saved in ways we have no control over.” He suggests that most Americans remain unconcerned about the relationship between data and surveillance, due to the attraction of “free” products like Gmail. He focuses on the social costs of surveillance, which “puts us at risk of abuses by those in power—exacerbated by the fact that we are generating so much data and storing it indefinitely.” He also argues that this “pervasive mass surveillance” will inevitably chill progressive movements—e.g., gay rights and cannabis decriminalization. The problem is more sprawling than most realize: Edward Snowden’s revelations clarified “how much the NSA relies on US corporations to eavesdrop on the Internet,” and corporations are using such technologies for their own ends. Yet both the NSA and corporations are blithe about how they treat the fruits of this nonstop spying. “From the military’s perspective,” writes the author, “it’s not surveillance until a human being looks at the data.” Such strange pronouncements about the common good are hard to counter, since whistleblowers such as Snowden are prohibited from explaining their actions in court. Schneier argues that all this invasion of privacy is unlikely to succeed in its alleged goal: “Even highly accurate terrorism prediction systems will be so flooded with false alarms that they will be useless.” He concludes this grim catalog of privacy erosion with a set of prescriptions for governments, corporations and “the rest of us,” advocating a mix of legal framework, incentives for fairer business models and a more realistic understanding of the current moment’s potential for harm…
Sidebar photo of Bruce Schneier by Joe MacInnis.