OpenID24 items tagged “bruceschneier”
Intercepting Predator Video. Bruce Schneier’s take on the unencrypted Predator UAV story. A fascinating discussion of key management and the non-technical side of cryptography. 
24th December 2009, 9:26 pm
Whenever you build a security system that relies on detection and identification, you invite the bad guys to subvert the system so it detects and identifies someone else. [...] Build a detection system, and the bad guys try to frame someone else. Build a detection system to detect framing, and the bad guys try to frame someone else framing someone else. Build a detection system to detect framing of framing, and well, there’s no end, really.
— Bruce Schneier 17th October 2009, 4:55 pm
On the Anonymity of Home/Work Location Pairs. Most people can be uniquely identified by the rough location of their home combined with the rough location of their work. US Census data shows that 5% of people can be uniquely identified by this combination even at just census tract level (1,500 people). 
24th May 2009, 1:14 pm
Raising Octopus from Eggs (via) I love that forums like this exist. 17th January 2009, 2:59 pm
“Digital Manners Policies” is a marketing term. Let’s call this what it really is: Selective Device Jamming. It’s not polite, it’s dangerous. It won’t make anyone more secure—or more polite.
— Bruce Schneier 1st July 2008, 2:51 pm
Since 9/11, approximately three things have potentially improved airline security: reinforcing the cockpit doors, passengers realizing they have to fight back and—possibly—sky marshals. Everything else—all the security measures that affect privacy—is just security theater and a waste of effort.
— Bruce Schneier 29th January 2008, 12:14 pm
I don’t understand why the NSA was so insistent about including Dual_EC_DRBG in the standard. It makes no sense as a trap door: It’s public, and rather obvious. It makes no sense from an engineering perspective: It’s too slow for anyone to willingly use it. And it makes no sense from a backwards-compatibility perspective: Swapping one random-number generator for another is easy.
— Bruce Schneier 16th November 2007, 10:25 am
A school in the UK is using RFID chips in school uniforms to track attendance. So now it’s easy to cut class; just ask someone to carry your shirt around the building while you’re elsewhere.
— Bruce Schneier 24th October 2007, 8:36 pm
Global Hackers Create a New Online Crime Economy (via) Fascinating, detailed look at the evolution of the hacker service economy. Of particular interest: a web application that sells access to hacked machines to identity thieves on a timeshare basis. 17th October 2007, 9:46 pm
The Storm Worm. Bruce Schneier describes the Storm Worm, a fantastically advanced piece of malware that’s been spreading for nearly a year and is proving almost impossible to combat. Its effects are virtually invisible but infected machines are added to a multi-million machine botnet apparently controlled by anonymous Russian hackers. 6th October 2007, 12:25 am
Bruce Schneier interviews Kip Hawley. The head of the Transportation Security Administration in conversation with one of his most eloquent critics. 7th August 2007, 3:23 pm
The Psychology of Security. I haven’t even started on this yet, but I bet it’s worth reading. 9th February 2007, 1:27 am
Choosing Secure Passwords. Bruce Schneier describes the state of the art in password cracking software. 11th January 2007, 2:55 pm
Real-World Passwords. Random passwords phished from MySpace are surprisingly decent. 14th December 2006, 2:14 pm
BT acquires Counterpane Internet Security (via) They just bought Bruce Schneier. 25th October 2006, 10:57 am
Bruce Schneier Facts. “SSL is invulnerable to man-in-the-middle attacks. Unless that man is Bruce Schneier.” 17th August 2006, 2:19 pm
Schneier on Security: New Airline Security Rules. “I’m sure glad I’m not flying anywhere this week” says Bruce. Now I wish I wasn’t! 10th August 2006, 4:26 pm
Schneier on Security: Cryptanalysis of SHA-1. If you want to understand the “breaking” of SHA-1, this is the place to go. Surprisingly accessible. 19th February 2005, 3:12 pm
Schneier on Security: SHA-1 Broken. Whoa. 16th February 2005, 4:47 am
Bruce vs. Bruce (via) Schneier and Sterling discuss security and technology. 15th June 2004, 10:04 pm
Bruce Schneier: We are all security customers. How can the US get the best return on investment for homeland security? 4th May 2004, 6:34 pm
Slouching toward Big Brother (via) Security is a trade-off 30th January 2004, 7:18 pm
Blaster and the great blackout (via) Bruce Schneier writes for Salon.com 17th December 2003, 3:10 am
High security is low security
Via Crypto-Gram, a great piece from Bruce Tognazzini about how tough security measures can actively reduce the security of a system: [... 225 words]
