News Tagged "Wired"
Page 1 of 1
Bruce Schneier on Privacy and the Data Free-for-All
Over the past two decades, few voices have shouted louder from the rooftops about global cybersecurity and digital privacy concerns than Bruce Schneier. He’s the CTO of Resilient Systems, a board member of the Electronic Frontier Foundation (EFF) and has authored 14 books—his latest, Data and Goliath, was published in March.
As Facebook and Google have infiltrated our every waking moment, Schneier warns that these data giants, if left unchecked, could compromise the very principles of a democratic society. Web companies collect metrics like age, gender and social interests (to serve up better advertisements), while cellular networks track everyone’s geolocation with homing devices we call smartphones. As we’ve seen, smartphones are also powerful proxy surveillance tools for nosy governments…
How to Sabotage Encryption Software (And Not Get Caught)
In the field of cryptography, a secretly planted “backdoor” that allows eavesdropping on communications is usually a subject of paranoia and dread. But that doesn’t mean cryptographers don’t appreciate the art of skilled cyphersabotage. Now one group of crypto experts has published an appraisal of different methods of weakening crypto systems, and the lesson is that some backdoors are clearly better than others—in stealth, deniability, and even in protecting the victims’ privacy from spies other than the backdoor’s creator.
In a paper titled “Surreptitiously Weakening Cryptographic Systems,” well-known cryptographer and author Bruce Schneier and researchers from the Universities of Wisconsin and Washington take the spy’s view to the problem of crypto design: What kind of built-in backdoor surveillance works best?…
Beyond Fear: Thinking Sensibly About Security in an Uncertain World (Review)
Does arming pilots make flying safer? Computer security guru Schneier applies his analytical skills to real-world threats like terrorists, hijackers, and counterfeiters. Beyond Fear may come across as the dry, meticulous prose of a scientist, but that’s actually Schneier’s strength. Are you at risk or just afraid? Only by cutting away emotional issues to examine the facts, he says, will we reduce our risks enough to stop being scared.
Random Acts of Cryptography
For encryption developers, a secure system is only as good as its pseudorandom number generator (PRNG). PRNGs produce unique keys that can lock and unlock encrypted data. But Bruce Schneier, president of Counterpane Systems, says that PRNGs lack security and portability.
PRNGs generate numbers based on a variety of factors, such as a user’s mouse movements, and store this data in an entropy pool, which is later tapped by security software to create an encryption key. PRNGs fail, insists Schneier, because hackers can intercept the entropy source and thus predict the output. His response is Yarrow, a new PRNG with an expanded source that creates a larger, less predictable pool. “We’ve added new randomness,” says Schneier of Yarrow’s unique entropy pool, “like radio noise, arrival times of network packets, and disk-drive latency. Even if the source is turned off,” he says, “it still works.”…
Twofish Heads to Washington
A team led by Applied Cryptography author Bruce Schneier has invented a new block encryption algorithm and submitted it for consideration as the next new federal government standard for data scrambling.
Twofish, the sequel to Schneier’s 5-year-old Blowfish block cypher, was submitted last week to the National Institute of Standards and Technology (NIST) for consideration as the Advanced Encryption Standard.
Twofish is designed to be flexible with respect to the necessary performance tradeoffs between the creation of a “secret key” and execution of the actual encryption. As such, it is well suited to large microprocessors, smart cards, and dedicated hardware…
Windows NT Security Under Fire
Listen to security expert and consultant Bruce Schneier and he’ll tell you that Windows NT’s security mechanism for running virtual private networks is so weak as to be unusable. Microsoft counters that the issues Schneier points out have mostly been addressed by software updates or are too theoretical to be of major concern.
Schneier, who runs a security consulting firm in Minneapolis, says his in-depth "cryptanalysis" of Microsoft’s implementation of the Point-to-Point Tunneling Protocol (PPTP) reveals fundamentally flawed security techniques that dramatically compromise the security of company information…
Common Sense Crypto
When Thomas Paine published Common Sense in 1776 – arguing that the American cause was not merely a revolt against unfair taxation, but a demand for independence – he had no idea that more than 200 years later, the struggle for freedom would be waged between privacy advocates and the national-security establishment. This time, the dispute is over not taxation without representation, but communication without government intervention.
One of today’s crypto revolutionaries is Bruce Schneier, the neatly dressed, ponytailed author of Applied Cryptography…
Sidebar photo of Bruce Schneier by Joe MacInnis.