News in the Category “Click Here to Kill Everybody”
FIX THE INTERNET BEFORE IT FIXES US — Technologist Bruce Schneier is out with his latest book and his most alarming title yet: "Click Here to Kill Everybody." In fact, it's one of the most ominous in the entire cybersecurity canon. Even in his introduction, Schneier admits to hyperbole, yet writes the title isn't without merit since "we're already living in a world where computer attacks can crash cars and disable power plants — both actions that can easily result in catastrophic deaths if done at scale."
So, OK, it's scary. In this outing, published last week, Schneier digs into the dangers posed by the rapid spread of internet connectivity into all our things. But since he doesn't think the marketing term "internet of things" is encompassing enough, he coined his own term: Internet+.
The great and memorable title of Bruce Schneier's latest book, Click Here to Kill Everybody, certainly caught the eye of those in my household—my children kept trying to touch the button on the front cover to 'kill everybody'! (Indeed, the book's attention-grabbing title may make me a little wary about reading it openly on the Tube or while going through airport security.)
Of course, the book is not really about how to kill everybody, but rather how, from an ethical standpoint on the part of tech, and a moral standpoint on the part of government, we appear to be sleep-walking into a scenario where something, whether by accident or design, could possibly 'click here' and kill everyone.
My advance reading copy wasn't quite ready for publishing, but as it stood the book was divided into three approximately equal sections:
- The first section describes the issues of computing, IOT, and an Internet of the future.
- The second section describes the things technologists and policy makers should consider in order to bring about the changes needed for the Internet of the future.
- Finally, as with Schneier's previous book, the third section contains copious notes.
In the introduction ('Everything is a Computer'), Bruce describes three situations: hacking a car; hacking the power supply; and hacking printers (conventional, 3D and bioprinters). For each of these he expands on the potential issues: death of multiple passengers; wide-scale human and economic damage; etc.
If I were still doing radio shows, I would happily welcome Bruce Schneier back as a guest. He's a security expert who I first spoke with when he revealed the uselessness of the TSA's screening procedures at airports, which he labelled "security theater." Since then, he's made multiple appearances with me.
Bruce has just published a new book, Click Here To Kill Everybody: Security and Survival in a Hyper-connected World, and asked me to review it.
As in his previous works, Bruce sees the holes that exist in the digital world and explains the risks of having so many more things connected as part of the Internet of Things, from thermostats to refrigerators to manufacturing equipment to your kid's dolls.
Pervasive connected devices mean we REALLY can't afford shitty internet policy
Bruce Schneier (previously) has spent literal decades as part of the vanguard of the movement to get policy makers to take internet security seriously: to actually try to make devices and services secure, and to resist the temptation to blow holes in their security in order to spy on "bad guys." In Click Here to Kill Everybody: Security and Survival in a Hyper-connected World, Schneier makes a desperate, impassioned plea for sensible action, painting a picture of a world balanced on the point of no return.
Click Here... describes a world where all the bad policy decisions of PCs and laptops and phones are starting to redound onto embedded systems in voting machines and pacemakers and cars and nuclear reactors. He calls this internet-plus-IoT system the "Internet+" and the case he makes for its importance is by turns inspiring and devastating.
That's because Schneier, more than the average policymaker or marketing blowhard, has a pretty good idea of what the actual benefits of these systems can be.
Big Brother is watching and scheming and up to no good—and, writes security technologist Schneier (Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, 2015), it looks like he's winning.
By way of an opening gambit, the author posits three scenarios in which hackers take over machines and computer systems, from printers to power plants, both to demonstrate their ability to do so and to show how the interdependence of the web can easily be put to work against us. In one of those scenarios, real-world to the core, Russian hackers came into a Ukrainian power plant through a malware backdoor, "then remotely took control of the center's computers and turned the power off." That's not just a threat to life, but it also erodes trust in social and economic systems, the basis for civil society. In another scenario, which gives the book its title, a "bio-printer" is hacked to "print a killer virus"—and does.
Click Here to Kill Everybody: Security and Survival in a Hyper-connected World Bruce Schneier W. W. Norton (2018)
Hardly a day now passes without reports of a massive breach of computer security and the theft or compromise of confidential data. That digital nightmare is about to get much worse, asserts security technologist Bruce Schneier in Click Here to Kill Everybody, his critique of government inertia on Internet security.
The burgeoning threat, writes Schneier, arises from the rapid expansion of online connectivity to billions of unsecured nodes.
The early architects of the internet did not want it to kill anybody. In cyber security expert Bruce Schneier's new book, David Clark, a professor at the Massachusetts Institute of Technology, recalls their philosophy: "It is not that we didn't think about security. We knew that there were untrustworthy people out there, and we thought we could exclude them".
Schneier describes how the internet, developed as a gated community, is now a battleground where these untrustworthy people cause great harm: harnessing computers to kill by crashing cars, disabling power plants and perhaps, soon enough, using bioprinters to cause epidemics.
Photo of Bruce Schneier by Per Ervland.
Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.