This website does readability filtering of other pages. All styles, scripts, forms and ads are stripped. If you want your website excluded or have other feedback, use this form.

Schneier on Security: Essays Tagged MIT Technology Review

Schneier on Security

Essays > Essays by Tag >

Essays Tagged “MIT Technology Review”

Page 1 of 1

Botnets of Things

The relentless push to add connectivity to home gadgets is creating dangerous side effects that figure to get even worse.

  • Bruce Schneier
  • MIT Technology Review
  • March/April 2017

Botnets have existed for at least a decade. As early as 2000, hackers were breaking into computers over the Internet and controlling them en masse from centralized systems. Among other things, the hackers used the combined computing power of these botnets to launch distributed denial-of-service attacks, which flood websites with traffic to take them down.

But now the problem is getting worse, thanks to a flood of cheap webcams, digital video recorders, and other gadgets in the "Internet of things." Because these devices typically have little or no security, hackers can take them over with little effort.

Read More →

Security vs. Surveillance

  • Bruce Schneier
  • Don't Panic: Making Progress on the 'Going Dark' Debate
  • February 1, 2016

Both the "going dark" metaphor of FBI Director James Comey and the contrasting "golden age of surveillance" metaphor of privacy law professor Peter Swire focus on the value of data to law enforcement. As framed in the media, encryption debates are about whether law enforcement should have surreptitious access to data, or whether companies should be allowed to provide strong encryption to their customers.

It's a myopic framing that focuses only on one threat—criminals, including domestic terrorists—and the demands of law enforcement and national intelligence. This obscures the most important aspects of the encryption issue: the security it provides against a much wider variety of threats.

Read More →

How an Overreaction to Terrorism Can Hurt Cybersecurity

  • Bruce Schneier
  • MIT Technology Review
  • January 25, 2016

Many technological security failures of today can be traced to failures of encryption. In 2014 and 2015, unnamed hackers—probably the Chinese government—stole 21.5 million personal files of U.S. government employees and others. They wouldn't have obtained this data if it had been encrypted.

Read More →

Antivirus Companies Should Be More Open About Their Government Malware Discoveries

Antivirus companies had tracked the sophisticated—and likely U.S.-backed—Regin malware for years. But they kept what they learned to themselves.

  • Bruce Schneier
  • MIT Technology Review
  • December 5, 2014

Last week we learned about a striking piece of malware called Regin that has been infecting computer networks worldwide since 2008. It's more sophisticated than any known criminal malware, and everyone believes a government is behind it. No country has taken credit for Regin, but there's substantial evidence that it was built and operated by the United States.

This isn't the first government malware discovered.

Read More →

Danger Lurks in Growing New Internet Nationalism

Cyber-espionage is old news. What's new is the rhetoric, which is reaching a fever pitch right now.

  • Bruce Schneier
  • MIT Technology Review
  • March 11, 2013

For technology that was supposed to ignore borders, bring the world closer together, and sidestep the influence of national governments, the Internet is fostering an awful lot of nationalism right now. We've started to see increased concern about the country of origin of IT products and services; U.S. companies are worried about hardware from China; European companies are worried about cloud services in the U.S; no one is sure whether to trust hardware and software from Israel; Russia and China might each be building their own operating systems out of concern about using foreign ones.

I see this as an effect of all the cyberwar saber-rattling that's going on right now.

Read More →

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.