bruce schneier

You are currently browsing articles tagged bruce schneier.

Sydney under the clouds: kick to embiggenMy week Monday 24 to Sunday 30 June 2013 was rather complicated, at least emotionally.

As will be explained tomorrow on Tuesday Thursday.

Nevertheless, I managed to create some media objects along the way. And here they are.

Podcasts

I’m very pleased to have launched my new podcast and website, Corrupted Nerds.

  • Corrupted Nerds: Conversations 1, a conversation with Eugene Kaspersky, founder and CEO of Kaspersky Lab. If we’re going to be accurate, then this was really published in the previous week. But I forgot. So sue me.
  • Corrupted Nerds: Extra 1, being Senator Brett Mason’s “corrupted nerds” speech in the Australian Senate from 21 August 2012, which inspired the title. This was published last week too.
  • Corrupted Nerds: Conversations 2, a chat with Sean Richmond, senior technology consultant from Sophos Australia and New Zealand, about personalised malware, defense in depth, and why advanced persistent threats (APTs) and cyberwar are over-hyped.

I have yet to arrange any funding for this podcast, so I’ll be seeking that soon — and I’d be more than happy to hear your suggestions.

Articles

Media Appearances

None.

Corporate Largesse

  • Since Saturday 8 June I’ve been using Vodafone’s new 4G network while in Sydney, and their existing 3G network while in the Blue Mountains, with a Samsung Galaxy S4 handset that they’ve loaned me. I’ll be writing about my experiences on Monday. [Update 2 July 2013: I've just posted my write-up of my experiences. Yeah, it's Tuesday.

The Week Ahead

The new financial year starts on Monday, so I daresay the morning will be full of administrivia. I'll then be heading down to Sydney, because...

On Tuesday morning I'm attending a discussion on data sovereignty and the cloud, hosted by data centre firm NEXTDC, along with financial services company Aon and law firm Baker & McKenzie. That will be followed at the same event by the launch of the University of New South Wales' report Data Sovereignty and the Cloud -- A Board and Executive Officers' Guide. I'll be reporting this for someone, but as yet I don't know who that will be.

I'll be in Sydney again later in the week, probably Thursday, for a medical appointment, but that's not confirmed yet. When it is, I'll arrange my writing and media production schedule around that. There's definitely stories to write for ZDNet Australia and CSO Online, plus an episode of Corrupted Nerds, and there'll certainly be things that pop up along the way.

And then the weekend is unplanned.

[Photo: Sydney under the clouds, photographed from the Rydges Camperdown hotel in Sydney on 25 June 2013.]

Screenshot of NYTimes.com: click for original storyOn 31 January The New York Times reported that it had been hacked by China, their networks penetrated for some four months. The Wall Street Journal and Washington Post too. So naturally I ended up writing about it.

For Crikey I wrote China not the only ones taking part in cyber spookery, which puts these attacks in the context of the online espionage and sabotage operations of recent years.

“Countless organisations have experienced the same scenario in recent years,” I wrote. “But it’s big news this time because journalists were the targets.” Cynical, perhaps, but I gather security über-expert Bruce Schneier said much the same thing, so I’m kinda chuffed.

And for CSO Online I wrote Chinese attacks show up useless infosec, again.

“Recent attacks on US newspapers are further proof that, despite making billions, the information security industry is pretty much screwed,” it begins. That one won’t make me any friends. So nothing new there.

I must admit, I found both stories fairly straightforward to write. I guess I’ve been writing about this stuff long enough to feel confident about it.

China has denied the accusations, of course.

As it happens, this week’s On the Media podcast from WNYC begins with a six-minute backgrounder on the hacks which is well worth the listen.

[Update 2.25pm: Comments on Twitter have persuaded me to emphasise that the question here is specifically about "personal safety" only, not lame and replaceable possessions, and my personal safety at that. As the second-last paragraph says, the risk profile might not be the same for everyone. These are the choices I've made with open eyes.]

“How do you think that tweeting your day plans affects your personal safety?” asked Ravneel Chand a short time ago. Overall, I reckon it actually increases my safety. Here’s why.

Background first. Here’s today’s “daily plan” tweet which, like those on pretty much every other day, is tweeted shortly before I settle down to work.

Thu plan: Bump out Waratah Cottage; 1032 train to Sydney; lunch (where?); errand Newtown/Enmore; write something; evening TBA.

Later in the morning I mentioned that I’d be catching a later train. And then, just as I left the house:

Mobile: Cab, shortly, to Wentworth Falls; 1132 train to Sydney Central; train to Town Hall station; 1335 walk to SEKRIT hotel and check in.

Clearly the fear being expressed is that by knowing my movements some bad person could more easily do me harm. But let’s do a proper risk assessment. You start one of those by enumerating the risks, and then you look at how this additional information might change those risks.

Read the rest of this entry »

All of the keynote sessions from the RSA Conference on information security are now online as video and audio. Here’s my personal suggestions for the ones to watch.

I didn’t see all of these keynotes. Sometimes there were 17 or 18 sessions running in parallel. I also skipped most of those that were obviously a vendor telling their story. Once I saw a couple of them, I was reminded that for so many IT folks the word “keynote” doesn’t mean something that provides insight any more, but is merely a synonym for “infomercial”.

It’s a shame that RSA hasn’t provided the media in an embeddable form. Or provided an obvious way to link to each keynote directly. Or given the keynote titles. Or told you which ones are panel discussions rather than single-person presentations.

But here’s what I reckon you should watch.

  • Wednesday’s panel led by James Lewis, “Cyberwar, Cybersecurity, and the Challenges Ahead”, with former NSA head Mike McConnell, former US Secretary of Homeland Secretary Michael Chertoff and security guru Bruce Schneier.
  • The Cryptographers Panel with Dickie George, Whitfield Diffie, Adi Shamir, Martin Hellman and Ronald Rivest. I didn’t see this one myself, but from the comments on Twitter it was a must-see tour through the history of cryptography and an informed look into the future.
  • The presentations by US Deputy Secretary of Defence William Lynn and the head of US Cyber Command General Keith Alexander. Lynn’s presentation was a little dry but set out US political views. Alexander was witty and expanded on Lynn’s comments into the practical realm.
  • Microsoft’s Scott Charney’s presentation of their “Collaborative Defence” strategy, important because this is the worldview that Microsoft is encouraging us to adopt.
  • Michio Kaku, physicist and best-selling author, on “The Next 20 Years: Interacting with Computers, Telecommunication and AI in the Future”. I didn’t see this one, but I’ve seen Kaku on The Colbert Report and he’s a damn good presenter.
  • Michael Capuzzo, author of The Murder Room, on forensic pathology. Again, I didn’t catch this one, but was told it was fascinating.
  • Bill Clinton’s “Embracing our Common Humanity”. My understanding — although I haven’t checked yet — is that this is essentially the same speech that he gave at Dreamforce in December. That said, he’s a persuasive speaker and it’s worth a listen.

That’s my personal selection, based on what I saw or what I heard about? What are your selections?

[Photo: James Lewis' keynote panel, "Cyberwar, Cybersecurity, and the Challenges Ahead". From left to right: former NSA head Mike McConnell; former US Secretary of Homeland Secretary Michael Chertoff; and security guru Bruce Schneier. Disclosure: I travelled to San Francisco to attend the RSA Conference as a guest of Microsoft.]

A weekly summary of what I’ve been doing elsewhere on the internets. This time I’m making up for the recent slow weeks with a whole bunch of material from the RSA Conference on information security.

Podcasts

  • Patch Monday episode 76, “The end of the open internet?” “I think the age of the deeply competitive internet is over,” says author and telecommunications lawyer, Tim Wu. “The next five years is going to be a story of the big four or big five.” This podcast contains the complete interview with the author of The Master Switch: The rise and fall of information empires, sections of which were quoted in the stories below.
  • The next episode of Patch Monday is all about the RSA Conference, cyberwar, and Microsoft’s call for what referring to as “collective defence”. I’ve already completed that episode, and you’ll be able to grab it late Monday morning Sydney time over at the Patch Monday podcast stream.

Articles

Corporate Largesse

  • My trip to San Francisco for the RSA Conference was paid for by Microsoft.

Elsewhere

Most of my day-to-day observations are on my high-volume Twitter stream, and random photos and other observations turn up on my Posterous stream. The photos also appear on Flickr, where I eventually add geolocation data and tags.

[Photo: Cincinnati nerdcore act Dual Core performing at the Electronic Frontiers Foundation’s 21st birthday party in San Francisco on 16 February 2011.]

Stilgherrian’s links for 16 August 2009 through 26 August 2009:

  • Academic Earth: “Video lectures from the world’s top scholars”, it says. Provided they’re American. The universities included so far are Berkeley, Harvard, MIT, Princeton, Stanford, UCLA and Yale.
  • [Air-L] Trivial tweeting: Another viewpoint on the “Twitter is pointless babble” rubbish, this time from Cornelius Puschmann, PhD, in the Department of English Language and Linguistics at the University of Düsseldorf.
  • Power of Information | UK Cabinet Office: The February 2009 report from the UK government’s taskforce on Government 2.0.
  • My #blogpostfriday post | Scripting News: Dave Winer is worried about the cloud. “We pour so much passion into dynamic web apps hosted by companies we know very little about. We do it without retaining a copy of our data. We have no idea how much it costs them to keep hosting what we create, so even if they’re public companies, it’s very hard to form an opinion of how likely they are to continue hosting our work.”
  • 8129.0 – Business Use of Information Technology, 2007-08 | Australian Bureau of Statistics: Detailed indicators on the incidence of use of information technology in Australian business, as collected by the 2007-08 Business Characteristics Survey (BCS).
  • The Work of Art in the Age of Mechanical Reproduction | Wikipedia: Someone — I forget who — told me to read this 1935 essay by German cultural critic Walter Benjamin. It’s been influential in the fields of cultural studies and media theory. It was produced, Benjamin wrote, in the effort to describe a theory of art that would be “useful for the formulation of revolutionary demands in the politics of art&”. “In the absence of any traditional, ritualistic value, art in the age of mechanical reproduction would inherently be based on the practice of politics. It is the most frequently cited of Benjamin’s essays”, says Wikipedia. Sounds like I should indeed read it.
  • How Tim O’Reilly Aims to Change Government | ReadWriteWeb: Tim O’Reilly posits “government as platform”, where the government would supply raw digital data and other forms of support for private sector innovators to build on top of. That’s the writer’s version. Does this fit with the Rudd government’s idea of the government as an enabler, as outlined in their Digital Economy Future Directions paper?
  • CHART OF THE DAY: Smartphone Sales To Beat PC Sales By 2011 | Silican Valley Insider: This is based on worldwide sales figures, and it makes sense. The Third World could really use a low-power, rugged smartphone at a sensible price, rather than a laptop or even a netbook to lug around.
  • News Corp pushing to create an online news consortium | latimes.com: By “consortium” they mean “cartel”, right? “Chief Digital Officer Jonathan Miller has positioned News Corp as a logical leader in the effort to start collecting fees from online readers because of its success with the Wall Street Journal Online, which boasts more than 1 million paying subscribers. He is believed to have met with major news publishers including New York Times Co, Washington Post Co, Hearst Corp and Tribune Co, publisher of the Los Angeles Times.”
  • Us Now : watch the film: “In a world in which information is like air, what happens to power?” This entire film can be watched online.
  • Morons with mobiles sour the tweet life | theage.com.au: Jacqui Bunting writes some of the dumbest words about Twitter which have ever been written. Note to editors: Anyone who starts from the premise that Twitter is meant to be a “commentary on life” needs to be taken out the back and slapped around a bit. It’s 2009. Please catch up.
  • The Conversation | Now That I Have Your Attention: The creator of Father Ted and The IT Crowd, Graham Linehan, also has a few words on Pear Analytics’ cod research on Twitter. He makes the point that for the first time we’re truly having a global conversation.
  • Pointless babble | The New Adventures of Stephen Fry: The redoubtable Stephen Fry rips into that Pear Analytics research on Twitter, with more brevity and wit than I did the other day. Well said, Sir!
  • Top 100 Aussie Web Startups – August 09 | TechNation Australia: The latest league table of Australian web businesses, for those who like to have winners and losers in clearly-defined categories.
  • Benjamin Franklin’s daily schedule | Flickr: Proof that you don’t need the Getting Things Done (GTD) methodology to be boringly anal-retentive about your scheduling.
  • Bruce Schneier: Facebook should compete on privacy, not hide it away | The Guardian: Another thought-provoking essay by Bruce Schneier.
  • Hype Cycle Book | Gartner: Mastering the Hype Cycle is the book explaining Gartner’s regular Hype Cycle reports.
  • How It All Ends | YouTube: A follow-up to the video The Most Terrifying Video You’ll Ever See, which presented a risk analysis showing that we cannot afford to ignore the potential risk of climate change, even if it all turns out to be wrong. This version skips over the main argument and addresses the potential objections.
  • Climate change cage match | Crikey: A delightful comment from a Crikey reader, Stephen Morris, who likens the tactics of climate change denialist Tamas Calderwood to the mating habits of the Satin Bowerbird, which is totally obsessed by the colour blue. “It will actively search through a wide variety of brightly coloured objects that might suitably decorate its bower, but the only colour that interests it and it wants to collect are those coloured blue. Tamas in his scientific objectivity (and unfortunately often his logic) is very Satin bowerbird like. It doesn’t matter what large amounts of available data says about global warming, the only titbits of data of interest to Tamas, are those that can be seen to indicate cooling. Once a data set loses its blueness (or coolness), it seems interest in it is lost and other blue data sets are sought.”
  • Senator Lundy describes her Public Sphere initiative | Net Traveller: A ten minute video in which Senator Kate Lundy describes her Public Sphere initiative, made for students at ANU studying Information Technology in Electronic Commerce COMP3410.
  • AP contradiction: Move forward but restore | Pursuing the Complete Community Connection: Steve Buttry points out the problem with Associated Press’ content protection plan: How can you “move forward” and “restore the past” at the same time?

Here are the web links I’ve found for 10 August 2008, posted automatically with cheese and onions.

Diagram of The Long Tail, showing that you only need the top 1000 true fans to reach your financial target

“A creator, such as an artist, musician, photographer, craftsperson, performer, animator, designer, videomaker, or author — in other words, anyone producing works of art — needs to acquire only 1,000 True Fans to make a living.”

So says Kevin Kelly, founder of Wired magazine, in his latest essay 1000 True Fans.

It’s worth reading the full essay to completely grok what he’s on about. But in brief, a “true fan” is someone who’ll purchase anything and everything you produce.

They will drive 200 miles to see you sing. They will buy the super deluxe re-issued hi-res box set of your stuff even though they have the low-res version. They have a Google Alert set for your name. They bookmark the eBay page where your out-of-print editions show up. They come to your openings. They have you sign their copies. They buy the t-shirt, and the mug, and the hat. They can’t wait till you issue your next work. They are true fans…

Kelly’s point is that the Internet allows you to find and stay in touch with True Fans cheaply and easily — globally. He gives some useful numbers to help think it through, and opoints to some examples which are already working.

Read the rest of this entry »

Summer’s over, so time to burrow indoors and catch up on reading, yeah? Here’s a few things to kick off your weekend.

I should also post a link to Bruce Schneier’s magnificent essay The Psychology of Security. A fantastic read. For similar material, check out his keynote speech at LinuxConf Australia last week.

11 February 2008 by Stilgherrian | No comments

« Older entries