Английская Википедия:Bruce Schneier

Материал из Онлайн справочника
Перейти к навигацииПерейти к поиску

Шаблон:Self-published Шаблон:Use mdy dates Шаблон:Short description Шаблон:Infobox scientist

Bruce Schneier (Шаблон:IPAc-en; born January 15, 1963) is an American cryptographer, computer security professional, privacy specialist, and writer. Schneier is a Lecturer in Public Policy at the Harvard Kennedy School[1] and a Fellow at the Berkman Klein Center for Internet & Society as of November, 2013.[2] He is a board member of the Electronic Frontier Foundation, Access Now, and The Tor Project; and an advisory board member of Electronic Privacy Information Center and VerifiedVoting.org. He is the author of several books on general security topics, computer security and cryptography and is a squid enthusiast.[3]

In 2015, Schneier received the EPIC Lifetime Achievement Award from Electronic Privacy Information Center.[4]

Early life

Bruce Schneier is the son of Martin Schneier, a Brooklyn Supreme Court judge. He grew up in the Flatbush neighborhood of Brooklyn, New York, attending P.S. 139 and Hunter College High School.[5]

After receiving a physics bachelor's degree from the University of Rochester in 1984,[6] he went to American University in Washington, D.C., and got his master's degree in computer science in 1988.[7] He was awarded an honorary Ph.D from the University of Westminster in London, England, in November 2011. The award was made by the Department of Electronics and Computer Science in recognition of Schneier's 'hard work and contribution to industry and public life'.

Schneier was a founder and chief technology officer of Counterpane Internet Security (now BT Managed Security Solutions). He worked for IBM once they acquired Resilient Systems where Schneier was CTO[8][9][10] until he left at the end of June 2019.[11]

Writings on computer security and general security

In 1991, Schneier was laid off from his job and started writing for computer magazines. Later he decided to write a book on applied cryptography "since no such book existed". He took his articles, wrote a proposal to John Wiley and they bought the proposal.[12]

In 1994, Schneier published Applied Cryptography, which details the design, use, and implementation of cryptographic algorithms.

Шаблон:Quote

In 2010 he published Cryptography Engineering, which is focused more on how to use cryptography in real systems and less on its internal design. He has also written books on security for a broader audience. In 2000, Schneier published Secrets and Lies: Digital Security in a Networked World; in 2003, Beyond Fear: Thinking Sensibly About Security in an Uncertain World; in 2012, Liars and Outliers: Enabling the Trust that Society Needs to Thrive; and in 2015, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World.[13]

Schneier writes a freely available monthly Internet newsletter on computer and other security issues, Crypto-Gram, as well as a security weblog, Schneier on Security.[14] The blog focuses on the latest threats, and his own thoughts. The weblog started out as a way to publish essays before they appeared in Crypto-Gram, making it possible for others to comment on them while the stories were still current, but over time the newsletter became a monthly email version of the blog, re-edited and re-organized.[15]Шаблон:Citation needed Schneier is frequently quoted in the press on computer and other security issues, pointing out flaws in security and cryptographic implementations ranging from biometrics to airline security after the September 11 attacks.[16]

Viewpoints

Blockchain

Schneier warns about misplaced trust in blockchain[17] and the lack of use cases, calling blockchain a solution in search of a problem.[18]

Шаблон:Poemquote

He goes on to say that cryptocurrencies are useless and are only used by speculators looking for quick riches.

Cryptography

To Schneier, peer review and expert analysis are important for the security of cryptographic systems.[19] Mathematical cryptography is usually not the weakest link in a security chain; effective security requires that cryptography be combined with other things.[20]

The term Schneier's law was coined by Cory Doctorow in a 2004 speech.[21] The law is phrased as:

Шаблон:Quote

He attributes this to Bruce Schneier, who wrote in 1998: "Anyone, from the most clueless amateur to the best cryptographer, can create an algorithm that he himself can't break. It's not even hard. What is hard is creating an algorithm that no one else can break, even after years of analysis."[22]

Similar sentiments had been expressed by others before. In The Codebreakers, David Kahn states: "Few false ideas have more firmly gripped the minds of so many intelligent men than the one that, if they just tried, they could invent a cipher that no one could break", and in "A Few Words On Secret Writing", in July 1841, Edgar Allan Poe had stated: "Few persons can be made to believe that it is not quite an easy thing to invent a method of secret writing which shall baffle investigation. Yet it may be roundly asserted that human ingenuity cannot concoct a cipher which human ingenuity cannot resolve."[23]

Schneier also coined the term "kid sister cryptography", writing in the Preface to Applied Cryptography[24] that:

Шаблон:Quote

Digital rights management

Schneier is critical of digital rights management (DRM) and has said that it allows a vendor to increase lock-in.[25] Proper implementation of control-based security for the user via trusted computing is very difficult, and security is not the same thing as control.[25]

Schneier insists that "owning your data is a different way of thinking about data."[26]

Full disclosure

Schneier is a proponent of full disclosure, i.e. making security issues public.

Шаблон:Quote

Homeland security

Schneier has said that homeland security money should be spent on intelligence, investigation, and emergency response.[27] Defending against the broad threat of terrorism is generally better than focusing on specific potential terrorist plots.[27] According to Schneier, analysis of intelligence data is difficult but is one of the better ways to deal with global terrorism.[28] Human intelligence has advantages over automated and computerized analysis, and increasing the amount of intelligence data that is gathered does not help to improve the analysis process.[28] Agencies that were designed around fighting the Cold War may have a culture that inhibits the sharing of information; the practice of sharing information is more important and less of a security threat in itself when dealing with more decentralized and poorly funded adversaries such as al Qaeda.[29]

Regarding PETN—the explosive that has become terrorists' weapon of choice—Schneier has written that only swabs and dogs can detect it. He also believes that changes to airport security since 11 September 2001 have done more harm than good and he defeated Kip Hawley, former head of the Transportation Security Administration, in an Economist online debate by 87% to 13% regarding the issue.[30] He is widely credited with coining the term "security theater" to describe some such changes.

As a Fellow of Berkman Center for Internet & Society at Harvard University, Schneier is exploring the intersection of security, technology, and people, with an emphasis on power.[31]

Movie plot threat

"Movie-plot threat" is a term Schneier coined that refers to very specific and dramatic terrorist attack scenarios, reminiscent of the behavior of terrorists in movies, rather than what terrorists actually do in the real world.[32] Security measures created to protect against movie plot threats do not provide a higher level of real security, because such preparation only pays off if terrorists choose that one particular avenue of attack, which may not even be feasible. Real-world terrorists would also be likely to notice the highly specific security measures, and simply attack in some other way. The specificity of movie plot threats gives them power in the public imagination, however, so even extremely unrealistic security theater countermeasures may receive strong support from the public and legislators. Among many other examples of movie plot threats, Schneier described banning baby carriers from subways, for fear that they may contain explosives.[33] Starting in April 2006, Schneier has had an annual contest to create the most fantastic movie-plot threat.[34] In 2015, during the 8th and Шаблон:As of the last one, he mentioned that the contest may have run its course.[35]

System design

Schneier has criticized security approaches that try to prevent any malicious incursion, instead arguing that designing systems to fail well is more important.[36] The designer of a system should not underestimate the capabilities of an attacker, as technology may make it possible in the future to do things that are not possible at the present.[19] Under Kerckhoffs's Principle, the need for one or more parts of a cryptographic system to remain secret increases the fragility of the system; whether details about a system should be obscured depends upon the availability of persons who can make use of the information for beneficial uses versus the potential for attackers to misuse the information.[37]

Шаблон:Quote

Cryptographic algorithms

Schneier has been involved in the creation of many cryptographic algorithms.

Hash functions:

Stream ciphers:

Pseudo-random number generators:

Block ciphers:

Publications

Activism

Schneier is a board member of the Electronic Frontier Foundation.[38]

See also

References

Шаблон:Reflist

External links

Шаблон:Commons category Шаблон:Wikiquote

Шаблон:Authority control Шаблон:Portal bar

Партнерские ресурсы
Криптовалюты
Магазины
Хостинг
Разное

  1. Шаблон:Cite web
  2. Шаблон:Cite web
  3. Шаблон:Cite web
  4. Шаблон:Cite web
  5. Шаблон:Cite news
  6. Шаблон:Cite news
  7. Шаблон:Cite news
  8. Шаблон:Cite web
  9. Шаблон:Cite press release
  10. Шаблон:Cite web
  11. Шаблон:Cite web
  12. Шаблон:Cite news
  13. Шаблон:Cite web
  14. Шаблон:Cite web
  15. Шаблон:Cite web
  16. Шаблон:Cite journal
  17. Шаблон:Cite magazine
  18. Шаблон:Cite web
  19. 19,0 19,1 Шаблон:Cite web
  20. Шаблон:Cite web
  21. Шаблон:Cite web
  22. Шаблон:Cite web
  23. Шаблон:Cite web
  24. Шаблон:Cite book
  25. 25,0 25,1 Шаблон:Cite web
  26. Шаблон:Cite news
  27. 27,0 27,1 Шаблон:Cite magazine
  28. 28,0 28,1 Шаблон:Cite web
  29. Шаблон:Cite web
  30. "International terrorism: AQAP tries again: Good intelligence work still leaves questions over airport security", The Economist, dated 12 May 2012.
  31. Шаблон:Cite web
  32. Шаблон:Cite news
  33. Шаблон:Cite web
  34. Шаблон:Cite web
  35. Шаблон:Cite web
  36. Homeland Insecurity Шаблон:Webarchive, Atlantic Monthly, September 2002
  37. Шаблон:Cite web
  38. Шаблон:Cite web
Источник — http://wikihandbk.com/ruwiki/index.php?title=Английская_Википедия:Bruce_Schneier&oldid=13656945