Schneier on Security

Infosec veteran Bruce Schneier has said he’ll step down as a “special advisor” to IBM’s security business to, in part, focus his time on teaching the next generation of security pros.

Schneier said he also wanted to focus on work with nonprofit projects including Tor and the Electronic Frontier Foundation (EFF), where he is a board member.

The cryptographer, formerly BT’s chief security technology officer, has been writing about security since 1998 and has produced more than a dozen books, as well as hundreds of articles, essays and academic papers…

The Open Source Leadership Summit began on Tuesday amid roads closed by a landslide: held in The Resort at Squaw Creek near Lake Tahoe, California, it was not easily accessible to attendees traveling Highway 80 from the San Francisco Bay Area.

During his opening keynote, Jim Zemlin, executive director of the Linux Foundation, made light of the mudslides that brought traffic to a crawl near Donner Pass on Monday evening. The trip at least was less arduous than it was last year, he said.

Zemlin’s remarks amounted to an open-source victory lap. Some 99.4 per cent of the world’s high performance computing systems, 90 per cent of the world’s stock exchanges, and 64 per cent of mobile devices run on Linux, he said, adding that the foundation’s projects have created $14.5 billion worth of value, as measured in cost per line of code…

Government regulation of the Internet of Things will become inevitable as connected kit in arenas as varied as healthcare and power distribution becomes more commonplace, according to security guru Bruce Schneier.

“Governments are going to get involved regardless because the risks are too great. When people start dying and property starts getting destroyed, governments are going to have to do something,” Schneier said during a keynote speech at the Infosecurity Europe trade show in London.

The choice is between smart (well-informed) or stupid government regulations with the possibility of non-interference getting taken off the table…

Security guru Bruce Schneier has issued a stark warning to the RSA 2016 conference—get smart or face a whole world of trouble.

The level of interconnectedness of the world’s technology is increasing daily, he said, and is becoming a world-sized web—which he acknowledged was a horrible term—made up of sensors, distributed computers, cloud systems, mobile, and autonomous data processing units. And no one is quite sure where it is all heading.

“The world-sized web will change everything,” he said. “It will cause more real-world consequences, has fewer off switches, and gives more power to the powerful. It’s less being designed than created and it’s coming with no forethought or planning. And most people are unaware that it’s coming.”…

In 1999, when a fierce crypto war was raging between governments and developers, researchers undertook a global survey of available encryption products.

Now security guru Bruce Schneier and other experts have repeated the exercise, and it spells bad news for those demanding backdoors in today’s cryptography.

The latest study analyzed 865 hardware and software products incorporating encryption from 55 countries, with a third of them coming from the US. That’s up from 805 in 35 countries in 1999.

The goal of the survey is to catalogue available products and applications, rather than score or rate them. The team did not have the time to evaluate each system in depth. One thing the list does demonstrate, though, is the wide availability of software with builtin encryption, distributed from all corners of the globe…

Security guru Bruce Schneier says there’s a kind of cold war now being waged in cyberspace, only the trouble is we don’t always know who we’re waging it against.

Schneier appeared onscreen via Google Hangouts at the LinuxCon/CloudOpen/ContainerCon conference in Seattle on Tuesday to warn attendees that the modern security landscape is becoming increasingly complex and dangerous.

"We know, on the internet today, that attackers have the advantage," Schneier said. "A sufficiently funded, skilled, motivated adversary will get in. And we have to figure out how to deal with that."…

We are in the early years of a cyber war arms race, security guru Bruce Schneier warned delegates at the Infosecurity Europe exhibition on Wednesday.

Schneier, CTO of Resilient Systems, said the much publicised Stuxnet attacks on Iran by the US and Israel in 2010, Iran’s attack on Saudi Aramco, China’s apparent role in hacking GitHub, and the North Korean assault on Sony Pictures last year are all examples of the phenomenon.

“These nations are building up for cyber war and now we’re all in the blast radius,” he warned, while speaking in London…