Data and Goliath Book Placement
Notice the copy of Data and Goliath just behind the head of Maine Senator Angus King.
This demonstrates the importance of a vibrant color and a large font.
Page 2 of 15
Notice the copy of Data and Goliath just behind the head of Maine Senator Angus King.
This demonstrates the importance of a vibrant color and a large font.
Bart Gellman’s long-awaited (at least by me) book on Edward Snowden, Dark Mirror: Edward Snowden and the American Surveillance State, will finally be published in a couple of weeks. There is an adapted excerpt in the Atlantic.
It’s an interesting read, mostly about the government surveillance of him and other journalists. He speaks about an NSA program called FIRSTFRUITS that specifically spies on US journalists. (This isn’t news; we learned about this in 2006. But there are lots of new details.)
One paragraph in the excerpt struck me:
Years later Richard Ledgett, who oversaw the NSA’s media-leaks task force and went on to become the agency’s deputy director, told me matter-of-factly to assume that my defenses had been breached. “My take is, whatever you guys had was pretty immediately in the hands of any foreign intelligence service that wanted it,” he said, “whether it was Russians, Chinese, French, the Israelis, the Brits. Between you, Poitras, and Greenwald, pretty sure you guys can’t stand up to a full-fledged nation-state attempt to exploit your IT. To include not just remote stuff, but hands-on, sneak-into-your-house-at-night kind of stuff. That’s my guess.”
I remember thinking the same thing. It was the summer of 2013, and I was visiting Glenn Greenwald in Rio de Janeiro. This was just after Greenwald’s partner was detained in the UK trying to ferry some documents from Laura Poitras in Berlin back to Greenwald. It was an opsec disaster; they would have been much more secure if they’d emailed the encrypted files. In fact, I told them to do that, every single day. I wanted them to send encrypted random junk back and forth constantly, to hide when they were actually sharing real data.
As soon as I saw their house I realized exactly what Ledgett said. I remember standing outside the house, looking into the dense forest for TEMPEST receivers. I didn’t see any, which only told me they were well hidden. I guessed that black-bag teams from various countries had already been all over the house when they were out for dinner, and wondered what would have happened if teams from different countries bumped into each other. I assumed that all the countries Ledgett listed above—plus the US and a few more—had a full take of what Snowden gave the journalists. These journalists against those governments just wasn’t a fair fight.
I’m looking forward to reading Gellman’s book. I’m kind of surprised no one sent me an advance copy.
For years, Humble Bundle has been selling great books at a “pay what you can afford” model. This month, they’re featuring as many as nineteen cybersecurity books for as little as $1, including four of mine. These are digital copies, all DRM-free. Part of the money goes to support the EFF or Let’s Encrypt. (The default is 15%, and you can change that.) As an EFF board member, I know that we’ve received a substantial amount from this program in previous years.
I just published my third collection of essays: We Have Root. This book covers essays from 2013 to 2017. (The first two are Schneier on Security and Carry On.)
There is nothing in this book is that is not available for free on my website; but if you’d like these essays in an easy-to-carry paperback book format, you can order a signed copy here. External vendor links, including for ebook versions, here.
Ed Snowden has published a book of his memoirs: Permanent Record. I have not read it yet, but I want to point you all towards two pieces of writing about the book. The first is an excellent review of the book and Snowden in general by SF writer and essayist Jonathan Lethem, who helped make a short film about Snowden in 2014. The second is an essay looking back at the Snowden revelations and what they mean. Both are worth reading.
As to the book, there are lots of other reviews.
The US government has sued to seize Snowden’s royalties from book sales.
EDITED TO ADD (11/7): Interesting quote from the Guardian piece:
Snowden dishes on the shortcomings of our spy networks. According to him, the National Security Agency (NSA) is home to cutting-edge technology that is poorly safeguarded. In contrast, the CIA is weak on gadgetry and tech but zealous in protecting its secrets.
In Click Here to Kill Everybody, I promised clickable endnotes. They’re finally available.
My Applied Cryptography is on a list of books banned in Oregon prisons. It’s not me—and it’s not cryptography—it’s that the prisons ban books that teach people to code. The subtitle is “Algorithms, Protocols, and Source Code in C”—and that’s the reason.
My more recent Cryptography Engineering is a much better book for prisoners, anyway.
Click Here to Kill Everybody is finally available on Audible.com. I have ten download codes. Not having anything better to do with them, here they are:
Congratulations to the first ten people to try to use them.
EDITED TO ADD (12/30): All the codes are long gone.
My latest book is doing well. And I’ve been giving lots of talks and interviews about it. (I can recommend three interviews: the Cyberlaw podcast with Stewart Baker, the Lawfare podcast with Ben Wittes, and Le Show with Harry Shearer.) My book talk at Google is also available.
The Audible version was delayed for reasons that were never adequately explained to me, but it’s finally out.
I still have signed copies available. Be aware that this is both slower and more expensive than online bookstores.
Sidebar photo of Bruce Schneier by Joe MacInnis.