News Tagged "Network World"
Page 1 of 1
Video: Bruce Schneier and the Call for "Public Service Technologists"
At RSA 2017, Bruce Schneier spoke with Network World on the increasing importance of technologists’ presence in education and policy-making.
Schneier on “Really Bad” IoT Security: ‘It’s Going to Come Crashing Down’
Security expert Bruce Schneier has looked at and written about difficulties the Internet of Things presents – such as the fact that the "things" are by and large insecure and enable unwanted surveillance—and concludes that it’s a problem that’s going to get worse before it gets better.
After a recent briefing with him at Resilient Systems headquarters in Cambridge, Mass., where he is CTO, he answered a few questions about the IoT and what corporate security executives ought to be doing about it right now. Here’s a transcript of the exchange…
Are Apple iOS, OS X Flaws Really Backdoors for Spies?
Two recently-discovered flaws in Apple iOS and Mac OS X have security experts openly asking whether the software vulnerabilities represent backdoors inserted for purposes of cyber-espionage. There’s no clear answer so far, but it just shows that anxiety about state-sponsored surveillance is running high.
‘One line of code—was it an accident or enemy action? I don’t know, but it’s the kind of bug I’d put in,’ remarked Bruce Schneier, chief technology officer at Co3 Systems, about the flaw in Apple OS X SSL encryption that was revealed last week. Schneier, a cryptography expert, alluded to the …
Bruce Schneier’s Book: The Internet Has Created ‘the Largest Trust Gap’ in History
'Liars and Outliers' takes swings at NSA, U.S. government, Facebook, Microsoft and others
Technology, often made possible through networks, grants new powers to communicate and learn, to travel, to make decisions of critical importance, to make things, provide services, sell them and buy them. In a modern society, it’s all done against a backdrop of trust not only that the technology is reliable and secure, but that the people involved in every process, whether we meet them face-to-face or not, are trustworthy. That trust is largely created by societal pressures—ranging from codes of moral behavior and laws, plus worries about reputation, for example…
Stuxnet Cyberattack by US a "Destabilizing and Dangerous" Course of Action, Security Expert Bruce Schneier Says
Revelations by The New York Times that President Barack Obama in his role as commander in chief ordered the Stuxnet cyberattack against Iran’s uranium-enrichment facility two years ago in cahoots with Israel is generating controversy, with Washington in an uproar over national-security leaks. But the important question is whether this covert action of sabotage against Iran, the first known major cyberattack authorized by a U.S. president, is the right course for the country to take. Are secret cyberattacks helping the U.S. solve geopolitical problems or actually making things worse?…
13 Security Myths You'll Hear—But Should You Believe?
Security Myth No. 1: “More Security is Always Better.”
Bruce Schneier, security expert and author of several books, including his most recent, Liars and Outliers, explains why this security concept of “you can’t get enough” that’s often bandied about is off the mark to him. Schneier explains: “More security isn’t necessarily better. First security is always a trade-off, and sometimes additional security costs more than it’s worth. For example, it’s not worth spending $100,000 to protect a donut. Yes, the donut would be more secure, but it would make more sense to simply risk the donut.” He also notes that “additional security is subject to diminishing returns. That is, measures that reduce a particular crime—say, shoplifting—by 25% cost some amount of money; but additional measures to reduce it another 25% cost much more. There will always be a point where more security isn’t worth it. And as a corollary, absolute security is not achievable.” Sometimes security may even become a moral choice and being in compliance might be an immoral decision, as it could pertain to a totalitarian system, for example. “Security enforces compliance, and sometimes complying isn’t the right thing to do.”…
The Security Industry All-Stars
From Bruce Schneier to Moxie Marlinspike, these folks are the ones to listen to for security insight
Bruce Schneier, chief technology officer of BT managed security solutions
With his skill in cryptography and security acumen, Schneier would be welcome on any All-Stars Security team. But it’s his ability to write candidly about social and political forces, as well the psychological aspects of security, that increasingly make him a philosopher in a world of technicians. His next book? He says it’s about “trust” and how a society does or does not foster it.
Bruce Schneier Shares Security Ideas at Museum
"Security theater" lecture complements photography exhibit showcasing images of fear, safety and liberty in post-9/11 America
Bruce Schneier shared his ideas about the psychology of security, and the need for thinking sensibly about security, in his hometown last week when he gave a lecture at the Weisman Art Museum in the US.
Schneier’s lecture was scheduled in conjunction with an exhibition of photographer Paul Shambroom‘s images of power (Shambroom’s photographs capture scenes in industrial, business, community and military environments.) The association of Schneier’s lecture with the photography exhibit says a lot about how the security guru’s focus has evolved over the years from the bits and bytes of cryptography and computer security to include a more broad examination of personal safety, crime, corporate security and national security…
RSA '07: Bruce Schneier Casts Light on Psychology of Security
Security decisions often are much less rational than one would prefer, Schneier says
SAN FRANCISCO—One of the security industry’s most outspoken experts, Bruce Schneier, spoke at RSA Conference on the topic of how security decisions and perceptions are often driven by irrational and subconscious motives in human beings.
The CTO at BT Counterpane, who is known for his talent in cryptography as well as his critical observations about technology use, yesterday turned his attention to a different matter: an analysis of human behavior in the face of risk-management decisions.
In Schneier’s view, security managers need to be aware that they themselves, their business managers and their corporate user groups are likely to make critical security decisions based on barely acknowledged impressions of fear and irrational response, rather than a careful study of facts…
Beyond Fear into Reason
Bruce Schneier has been one of my heroes for many years, not least because of the clarity of his thought and the crispness of his writing. Readers of this column have seen references in the past to his free monthly Crypto-Gram newsletter, and I hope you have subscribed to that always-worthwhile publication.
In 2000, Schneier published a groundbreaking primer for non-nerds called Secrets & Lies in which he confronted many misunderstandings and outright myths about security in the digital realm. In 2003, he continued his educational efforts with …
Sidebar photo of Bruce Schneier by Joe MacInnis.