Schneier on Security

Big Brother is watching and scheming and up to no good—and, writes security technologist Schneier (Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, 2015), it looks like he’s winning.

By way of an opening gambit, the author posits three scenarios in which hackers take over machines and computer systems, from printers to power plants, both to demonstrate their ability to do so and to show how the interdependence of the web can easily be put to work against us. In one of those scenarios, real-world to the core, Russian hackers came into a Ukrainian power plant through a malware backdoor, “then remotely took control of the center’s computers and turned the power off.” That’s not just a threat to life, but it also erodes trust in social and economic systems, the basis for civil society. In another scenario, which gives the book its title, a “bio-printer” is hacked to “print a killer virus”—and does. Given all this, why don’t the governments and corporations of the world band together to do a better job of cybersecurity? Because, Schneier answers, there are powerful forces that thrive on the “wicked problem” of cybersecurity and insecurity, for one thing; for another, “big companies with few competitors don’t have much incentive to improve the security of their products, because users have no alternative.” With due pessimism, the author argues that individuals must do their best to harden their own security even as governments battle against encryption, anonymity, and other security measures by claiming that the “Four Horsemen of the Internet Apocalypse—terrorists, drug dealers, pedophiles, and organized crime”—will be the ultimate beneficiaries of secure systems. On a larger level, Schneier proposes resilient systems that provide multiple defensive layers as well as reform of international laws and the establishment of protocols for enhanced protection against the real bad guys…