Security expert seeks to make surveillance costly again
At the USENIX conference, Bruce Schneier urged the technical audience to make government eavesdropping more difficult
IDG News Service - The ongoing revelations of governmental electronic spying point to a problem larger than National Security Agency malfeasance, or even of security weaknesses. Rather the controversy arising from Edward Snowden's leaked documents suggest we face unresolved issues around data ownership, argued security expert Bruce Schneier.
"Fundamentally, this is a debate about data sharing, about surveillance as a business model, about the dichotomy of the societal benefits of big data versus the individual risks of personal data," Schneier told attendees of the Usenix LISA (Large Installation System Administration Conference), being held in Washington this week.
"We might not buy [it], but the basic NSA argument is 'You must give us your data because it is keeping you safe.'"
Schneier has been an outspoken critic of the NSA since Snowden, a former NSA contractor, first leaked documents showing the many ways in which the intelligence agency had tapped into the Internet and data centers to collect data en masse about people's activities.
"The NSA has turned the Internet into a giant surveillance platform," Schneier said via Skype.
But for most of his talk, Schneier urged the audience to think beyond the present controversy of the NSA, and think about ways we generate data, and the ways large companies make money from such information.
What the NSA leaks show is that "we have made surveillance too cheap. We have to make surveillance expensive again," Schneier said. "The goal should be to force the NSA , and all similar adversaries, to abandon wholesale collection in favor of targeted collection."
Such costs of making our personal data available are easy to ignore. Schneier admitted to using the Google service Waze, which collects travel data from all of its users to show alerts of traffic jams. Users of the service freely give up data about their locations in exchange for the potentially valuable knowledge of which roads to avoid.
The chief business model of the Internet has been surveillance, Schneier noted, though it's companies such as Google and Facebook that are collecting data on our activities, rather than secretive government agencies. Schneier noted that because the cost of computing and storage continues to plummet, it is easier for most people and organizations not only to create a lot of data but also to keep all of the data that is being generated.
This business model, however, makes it very relatively easy for the NSA, or any adequately government sponsored intelligence agency, to tap into such data sources.
"How do we design systems that benefit society as a whole, while protecting individuals? This is the problem we must solve," Schneier said.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts