The Changelog The Changelog #490

Schneier on security for tomorrow’s software

This week we’re talking with Bruce Schneier — cryptographer, computer security professional, privacy specialist, and writer (of many books). He calls himself a “public-interest technologist”, a term he coined himself, and works at the intersection of security, technology, and people.

Bruce has been writing about security issues on his blog since 2004, his monthly newsletter has been going since 1998, he’s a fellow and lecturer at Harvard’s Kennedy School, a board member of the EFF, and the Chief of Security Architecture at Inrupt. Long story short, Bruce has credentials to back up his opinions and on today’s show we dig into the state of cyber-security, security and privacy best practices, his thoughts on Bitcoin (and other crypto-currencies), Tim Berners-Lee’s Solid project, and of course we asked Bruce to share his advice for today’s developers building the software systems of tomorrow.


Sign in or Join to comment or subscribe

2022-05-25T21:53:15Z ago

This is by far the most disturbing guest I’ve heard to date.
Schneier’s ideas about libertarian motivations (e.g. they want deregulation so they can poison the water supply) if not disingenuous are absolutely bizarre and baseless.

The idea that safety improvements only come from regulation is demonstrably false; and there are incalculable examples where policy makes products less safe, or makes the public less secure by limiting the availability of safe products.

Truly a scary individual.

Jerod Santo

Jerod Santo

Omaha, Nebraska

Jerod co-hosts The Changelog, crashes JS Party, and takes out the trash (his old code) once in awhile.

2022-06-01T14:31:19Z ago

The people who want you to mistrust government are the people who wanna poison your water supply, and don’t want anybody to stop them from doing it.

After listening back, I agree that this particular statement is incredibly cynical and untrue for large swaths of the population. I disagree with Bruce on this. Had I picked up on it in real-time I would’ve responded as such, but he’s a fast talker and I’m sometimes a slow processor. 😆

(It’s worth noting that he’s referring to “people who want you to mistrust government” not “people who mistrust government”, which is a much larger group for which it’s even more difficult to ascribe intent.)

When, where, and how to apply regulation is a thorny issue and it’s rare that we all agree on it. Bruce’s stance seems to be, “bad regulation is better than no regulation, but good regulation would be great.”

I understand why you think that is disturbing/scary.

My stance is more like, “no regulation is better than bad regulation, but good regulation would be great.”

2022-06-02T06:09:02Z ago

What a horrible take on bitcoin coming from such a privileged perspective. Of course Venmo works well for you. Venmo works great if you have a bank account and don’t have an oppressive government. What about the millions of people in the US without a bank account? What about refugees who have their life’s savings stolen by their government at the border? Sure would be nice if they could memorize their private key and keep their life’s savings. Saying anything has “absolutely no value” is almost always false. I’m not a bitcoiner, and I can recognize that it has problems, but come on.

2022-06-09T09:16:01Z ago

Regarding “You have to trust your government, you have no choice”.

That’s a pretty grim advice for people living in russia or China or any other authoritarian regime. So no wonder people there are interested in ways to save their money or hide it from the government.

0:00 / 0:00