Bruce Schneier

Bruce Schneier
Bruce Schneieris an American cryptographer, computer security and privacy specialist, and writer. He is the author of several books on general security topics, computer security and cryptography...
NationalityAmerican
ProfessionScientist
Date of Birth15 January 1963
CountryUnited States of America
thumbs thumbprints different
If someone steals your password, you can change it. But if someone steals your thumbprint, you can't get a new thumb. The failure modes are very different.
requirements maintaining dignity
Privacy is an inherent human right, and a requirement for maintaining the human condition with dignity and respect.
water people trying
Trying to make bits uncopyable is like trying to make water not wet. The sooner people accept this, and build business models that take this into account, the sooner people will start making money again.
security-systems people links
People often represent the weakest link in the security chain and are chronically responsible for the failure of security systems.
locks information rooms
Hardware is easy to protect: lock it in a room, chain it to a desk, or buy a spare. Information poses more of a problem. It can exist in more than one place; be transported halfway across the planet in seconds; and be stolen without your knowledge.
country media people
Terrorism isn't a crime against people or property. It's a crime against our minds, using the death of innocents and destruction of property to make us fearful. Terrorists use the media to magnify their actions and further spread fear. And when we react out of fear, when we change our policy to make our country less open, the terrorists succeed -- even if their attacks fail. But when we refuse to be terrorized, when we're indomitable in the face of terror, the terrorists fail -- even if their attacks succeed.
mistake thinking products
Don't make the mistake of thinking you're Facebook's customer, you're not – you're the product,
sharks years pigs
More people are killed every year by pigs than by sharks, which shows you how good we are at evaluating risk.
children eye individuality
For if we are observed in all matters, we are constantly under threat of correction, judgment, criticism, even plagiarism of our own uniqueness. We become children, fettered under watchful eyes, constantly fearful that-either now or in the uncertain future-patterns we leave behind will be brought back to implicate us, by whatever authority has now become focused upon our once-private and innocent acts. We lose our individuality, because everything we do is observable and recordable.
strong design together
The mantra of any good security engineer is: 'Security is a not a product, but a process.' It's more than designing strong cryptography into a system; it's designing the entire system such that all security measures, including cryptography, work together.
people security hacks
Amateurs hack systems, professionals hack people.
technology thinking problem
If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology.
largely measures naturally people response truly work
When people are scared, they need something done that will make them feel safe, even if it doesn't truly make them safer. Politicians naturally want to do something in response to crisis, even if that something doesn't make any sense. But unfortunately for politicians, the security measures that work are largely invisible.
You can't defend. You can't prevent. The only thing you can do is detect and respond.