A collection of popular essays from security guru Bruce Schneier In his latest collection of essays, security expert Bruce Schneier tackles a range of cybersecurity, privacy, and real-world security issues ripped from the headlines. Essays cover the ever-expanding role of technology in national security, war, transportation, the Internet of Things, elections, and more. Throughout, he challenges the status quo with a call for leaders, voters, and consumers to make better security and privacy decisions and investments.
Bruce's writing has previously appeared in some of the world's best-known and most-respected publications, including The Atlantic, the Wall Street Journal, CNN, the New York Times, the Washington Post, Wired, and many others. And now you can enjoy his essays in one place-at your own speed and convenience.
* Timely security and privacy topics * The impact of security and privacy on our world * Perfect for fans of Bruce's blog and newsletter * Lower price than his previous essay collections The essays are written for anyone who cares about the future and implications of security and privacy for society.
John Wiley & Sons Inc
Country of Publication:
16 August 2019
Professional and scholarly
Introduction xi 1 Crime, Terrorism, Spying, and War 1 Cyberconflicts and National Security 1 Counterterrorism Mission Creep 4 Syrian Electronic Army Cyberattacks 7 The Limitations of Intelligence 8 Computer Network Exploitation vs Computer Network Attack 11 iPhone Encryption and the Return of the Crypto Wars 13 Attack Attribution and Cyber Conflict 16 Metal Detectors at Sports Stadiums 19 The Future of Ransomware 21 2 Travel and Security 25 Hacking Airplanes 25 Reassessing Airport Security 28 3 Internet of Things 31 Hacking Consumer Devices 31 Security Risks of Embedded Systems 32 Samsung Television Spies on Viewers 36 Volkswagen and Cheating Software 38 DMCA and the Internet of Things 41 Real-World Security and the Internet of Things 43 Lessons from the Dyn DDoS Attack 47 Regulation of the Internet of Things 50 Security and the Internet of Things 53 Botnets 69 IoT Cybersecurity: What's Plan B? 70 4 Security and Technology 73 The NSA's Cryptographic Capabilities 73 iPhone Fingerprint Authentication 76 The Future of Incident Response 78 Drone Self-Defense and the Law 81 Replacing Judgment with Algorithms 83 Class Breaks 87 5 Elections and Voting 89 Candidates Won't Hesitate to Use Manipulative Advertising to Score Votes 89 The Security of Our Election Systems 91 Election Security 93 Hacking and the 2016 Presidential Election 96 6 Privacy and Surveillance 99 Restoring Trust in Government and the Internet 99 The NSA is Commandeering the Internet 102 Conspiracy Theories and the NSA 104 How to Remain Secure against the NSA 106 Air Gaps 110 Why the NSA's Defense of Mass Data Collection Makes No Sense 114 Defending Against Crypto Backdoors 117 A Fraying of the Public/Private Surveillance Partnership 121 Surveillance as a Business Model 123 Finding People's Locations Based on Their Activities in Cyberspace 125 Surveillance by Algorithm 128 Metadata = Surveillance 132 Everyone Wants You to Have Security, But Not from Them 133 Why We Encrypt 136 Automatic Face Recognition and Surveillance 137 The Internet of Things that Talk about You behind Your Back 141 Security vs Surveillance 143 The Value of Encryption 145 Congress Removes FCC Privacy Protections on Your Internet Usage 148 Infrastructure Vulnerabilities Make Surveillance Easy 150 7 Business and Economics of Security 155 More on Feudal Security 155 The Public/Private Surveillance Partnership 158 Should Companies Do Most of Their Computing in the Cloud? 160 Security Economics of the Internet of Things 165 8 Human Aspects of Security 169 Human-Machine Trust Failures 169 Government Secrecy and the Generation Gap 171 Choosing Secure Passwords 173 The Human Side of Heartbleed 177 The Security of Data Deletion 179 Living in a Code Yellow World 180 Security Design: Stop Trying to Fix the User 182 Security Orchestration and Incident Response 184 9 Leaking, Hacking, Doxing, and Whistleblowing 189 Government Secrets and the Need for Whistleblowers 189 Protecting Against Leakers 193 Why the Government Should Help Leakers 195 Lessons from the Sony Hack 197 Reacting to the Sony Hack 200 Attack Attribution in Cyberspace 203 Organizational Doxing 205 The Security Risks of Third-Party Data 207 The Rise of Political Doxing 210 Data is a Toxic Asset 211 Credential Stealing as an Attack Vector 215 Someone is Learning How to Take Down the Internet 216 Who is Publishing NSA and CIA Secrets, and Why? 218 Who are the Shadow Brokers? 222 On the Equifax Data Breach 226 10 Security, Policy, Liberty, and Law 229 Our Newfound Fear of Risk 229 Take Back the Internet 232 The Battle for Power on the Internet 234 How the NSA Threatens National Security 241 Who Should Store NSA Surveillance Data? 244 Ephemeral Apps 247 Disclosing vs Hoarding Vulnerabilities 249 The Limits of Police Subterfuge 254 When Thinking Machines Break the Law 256 The Democratization of Cyberattack 258 Using Law against Technology 260 Decrypting an iPhone for the FBI 263 Lawful Hacking and Continuing Vulnerabilities 265 The NSA is Hoarding Vulnerabilities 267 WannaCry and Vulnerabilities 271 NSA Document Outlining Russian Attempts to Hack Voter Rolls 275 Warrant Protections against Police Searches of Our Data 277 References 281
Bruce Schneier is an internationally renowned security technologist, called a security guru by The Economist. He is the author of over one dozen books as well as hundreds of articles, essays, and academic papers. His influential newsletter Crypto-Gram and his blog Schneier on Security are read by over 250,000 people. He has testified before Congress, is a frequent guest on television and radio, has served on several government committees, and is regularly quoted in the press. Schneier is a fellow at the Berkman Klein Center for Internet & Society at Harvard University; a Lecturer in Public Policy at the Harvard Kennedy School; a board member of the Electronic Frontier Foundation, AccessNow, and the Tor Project; an Advisory Board Member of the Electronic Privacy Information Center and VerifiedVoting.org; and a special advisor to IBM Security.