Bruce Schneier is a renowned security technologist and the author of several books, including Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, which investigates the scope of government and corporate surveillance.
Add questions for Schneier below:
- What piqued your interest in security? What does it mean to you?
- How do you define privacy and security and which one do you think we really need?
- Many believed the internet was going to devolve power, but it’s concentrated powers in the hands of giant tech companies and leaders. Nonetheless, can we ever achieve this vision of the internet?
- In your early book(s) you present the idea of personal ‘webs of trust’ as a sort of peer-to-peer networks. The social media giants seem to have toyed with this idea somewhat but created echo-chambers. What consequences and challenges do you foresee in making these personal ‘webs of trust’ work for the greater good?
- When looking at countries such as China, Russia, Iran and Turkey all setting out to centralize their version of the internet, are we heading towards the future of the “splinternet“?
- We’ve seen in Iran how apps such as Telegram can easily be banned when the government wants to silence protests. How can citizens from these countries arm themselves with the best tools needed to circumvent government control?
- Two emerging technologies are creating concerns in the crypto-space: quantum computer and IoT. What do you think of them?
- Is privacy the cost of an increasingly hyper-connected world?
- Since the recent revelations in data misuse from Cambridge Analytica and Facebook, has the demand for privacy risen in any significant way? Because it’s easy for us working in this space to be biased towards why it’s important, but on a macro level, what does privacy mean to the “public”? It seems people are better at protecting themselves in the real world – alarms, locks, etc. – than online.
- Equipping ourselves with encryption tools is obviously not enough to defend ourselves against intrusive surveillance. What can we do politically to reduce this impact?
- Can you explain more about the relationship between big tech and the government when it comes to surveillance. How intertwined is it?
- What advice do you have for someone looking to ensure their online activity and personal information are secure and private?
- You’ve said in previous talks that “we can trust the crypto-algorithms” and that NSA’s surveillance capabilities are mainly about intercepting plaintext, malware implants and hacking. How do you reconcile this when Snowden never had access to the above Top Secret (SCI/ECI) information about which algorithms the NSA can actually crack? Can we really trust the commonly used ciphers like RSA and AES against NSA/GCHQ’s in-house cryptanalysis? If not what can be done to defend against possible breaks in the algorithms?
- You stressed the social trust model underpinning the PGP encryption program in your 1994 book titled Applied Cryptography. That model and the associated key swapping parties are not discussed much these days. Do we need to revisit social trust in relation to encrypted communications?