Slashdot Mirror
Ask Slashdot: Can Bruce Schneier Be Trusted?
An anonymous reader writes "Security guru Bruce Schneier is, among other things, a world renowned cryptography expert, author of several popular books, and a second-order internet meme. He is also an outspoken critic of the NSA, in particular the massive NSA surveillance programs disclosed over the summer by Edward Snowden. Schneier has been involved in reviewing the leaked documents and has put in effort to determine which cryptosystems should still be considered safe. I'm a big fan of Bruce Schneier, but just to play devil's advocate, let's say, hypothetically, that Schneier is actually in cahoots with the NSA. Who better to reinstate public trust in weakened cryptosystems? As an exercise in security that Schneier himself may find interesting, what methods are available for proving (or at least affirming) that we can trust Bruce Schneier?"
Seriously... Especially the Govt. (and clowns - clowns scare me...)
"I say we take off, nuke the site from orbit. It's the only way to be sure."
It's turtles all the way down.
I use two cyphers, just in case. In my case, I found ROT13 and XOR excellent for speed and obfuscation.
Obviously we burn him at the stake. If he burns he was innocent.
and has put in effort to determine which cryptosystems should still be considered safe.
Have someone(s) double check his work.
We should be doing that anyway, even for someone who is 100% trusted.
[Fuck Beta]
o0t!
... Anonymous Coward. There are some very suspicious posts he makes. And besides, he seems to never sleep.
now we need to go OSS in diesel cars
...not trusting and simply relying upon his evaluations and pointing out that you need to think for yourself.
Not a very positive trait for the NSA irrespective of their goals.
Loading...
It's fairly easy.
You can simply walk through http://www.schneierfacts.com/
He generally gives intelligent logical arguments towards any given subject and if something he said or did was believed to be wrong, the math and crypto communities would be free to point out any mistakes or errors in his words or algorithms and make their points publicly. So far, people seem to generally agree with everything he says and I guess so do I for the most part. That's just my opinion on him so far.
Can I even trust myself? I mean, how can I even conclusively prove that I'm not being used by the NSA to hide secrets from myself?
If you're talking about absolute trust, i.e. "I trust him" = "I trust him to do anything", you should probably have your head examined.
Phrase your questions better and you will get more useful answers.
If we can't trust old Bruce, we're all screwed. Though possibly we are anyway. But if he's an asset, he's pretty well disguised.
Have gnu, will travel.
I've got exactly what you need! Tinfoil hats are cheap. They are easy, to make too, it takes less than two minutes. Don't believe the MIT study that debunks the time honored tinfoil hat, it's a government conspiracy you know!
Don't worry, there are support groups for conspiracy theorists! Now I know like any number of other conspiracy theories those pesky facts might get in the way. However, learn from Joseph Goebbels and don't ever let logic, facts or reality get in your way. I know you look like a raving lunatic to any rational person, but not to worry, there is someone even crazier will soon show up to defend you, so cheer up!
Problem: Paranoia
Solution: None
Bruce Schnier may be the front-line spokesperson for the security community, but that should be completely separate from his body of work in cryptography. At the bottom line, he's doing mathematics, and mathematical proofs can be reproduced and confirmed -- or debated and disproven -- by anyone else in any country with sufficient background to understand them.
He is not some guru spouting unprovable wisdom from a mountaintop, he is a member of a scientific community, and if he is able to earn and keep the respect of that community, then that's a pretty good indication that he knows what he's talking about.
It's supposed to be completely automatic, but actually you have to press this button.
That's the best way to tell
Let the whitch hunt begin!
Just be sure to have enough matches!
Has Schneier given us bad advice? So far, so good it seems.
Has Schneier been a vocal critic of the NSA? Yes.
Has Schneier been on this file for a really long time? Yes.
Do you have any evidence that he's in cahoots with the cryptofascists? No.
So, all you have is a speculation to tear down the reputation of one of the good guys, a thought experiment, based on no evidence, but one that has real world consequences of spreading fear, uncertainty and doubt regarding someone who is fighting the good fight.
Therefore, I would humbly suggest that I could and do logically conclude that YOU are a tool of the NSA, not Schneier, and furthermore, I have more evidence than you do: Your suggestion to consider Schneier as less than reliable based on zero evidence.
Shoes for Industry. Shoes for the Dead.
Seriously. The mere act of trusting someone will eventually lead to that person betraying said trust. Trusting someone puts them in a position of power, and power corrupts. You can't trust anyone.
Seven puppies were harmed during the making of this post.
Hi,
read his papers check the hints within, its even possible for non crypt-math geeks to get a background understanding, because
there are many more out there. Work out differences in their argumentation, dont just think because there is a citation it can be trusted, check what`s
behind a citation.
Wikipedia is the best entry point for you.
Check Argumentation on a logical level, and question the argumentation, especially if it fits the known problems till know, when it remains true, you have a good chance that its really true.
It's a subjective measure, based on long experience with someone and someone's writings. It's much easier to assess trust from personal contacts, but even then you can get thoroughly disappointed - just think of some types of failed marriages as an example.
The question is why would you personally have to trust Bruce Schneier? I don't have to, in order to enjoy his books and blog posts and make up my own mind. Has he recently asked you to hand over the masterpassword for you computer?
Regarding business with his company, overall reputation and a realistic assessment of threat scenarios is more important than personal trust. If you believe the NSA is your main adversary and you contemplate whether you should put all of your trust into Bruce Schneier as your sole savior, you might want to revise your "requirements".
I guess people's paranoia with the NSA revelations have been difficult to swallow. Now everyone is slowly becoming suspicious of everyone else.
Anything is possible I suppose. To me, it was no surprise really. I do have to say that, having worked with individuals in the security community, the primary focus really is the safety of our way of life at the hands of those who would subvert it.
The problem comes when those of less character use the government apparatus for control, political or other purposes. It's the same reason police and military need to be kept separate - one enforces the rule of law, and one protects against enemies. When those lines are blurred, history has demonstrated repeatedly that individual rights suffer. The degree to which this happens is the degree of the moral compass of those at the helm of this extremely powerful surveillance apparatus.
I'm not sure how many true boy scouts are really left running the show up there, but I do know this: the more paranoid we get, the more we lose. All of this need not come to pass in this way. One of the most important things I learned in my time in this world was "trust, but verify" and it rings true today. You can still trust the message that Bruce Schneier has. We have to, for otherwise we will be consumed by our own paranoia. But to verify is probably the most important point. That's where openness and information sharing in the spirit of open source is paramount and what will lead us to the proper conclusion on this matter.
Agree/disagree with what he writes/says, but why do you have to trust him? Is he dating your daughter?
Fuck systemd. Fuck Redhat. Fuck Soylent, too. Wait, scratch the last one.
Well, you can always just trust the computer. The computer is your friend.
Well, if you XOR with a good random one-time pad, I don't think that anyone can break your encryption ever, not even with a quantum computer.
The ROT13 is just unnecessary fluff.
--PM
This question is stupid. It would not matter if he was the most honest, intelligent, and experienced security expert in existence, he would tell you the same thing, do not trust him.
Troll is not a replacement for I disagree.
Forget Schneier. The critical question is actually "Can we trust ourselves?" I'd argue not. Many of us post all manner of information about ourselves, our family, friends and work acquaintances on Facebook, LinkedIn, Twitter, Four Square and other sites. Our GPS-equipped phones know where we are, where we've been, and can probably predict where we're going and when. Short of unplugging, there's little we can do to assure that we're trustworthy electronic citizens.
As an exercise in security that Schneier himself may find interesting, what methods are available for proving (or at least affirming) that we can trust Bruce Schneier?
What's good for the goose is good for the gander.
"A person is smart. People are dumb, panicky dangerous animals and you know it." - K
He's really version 2.0 of a long term general intelligence project running on a supercomputer at Fort Meade.
Version 1.0 was called Henry Spencer and was developed in Canada.
(The original graphics version now used for videos of him started out as Max Headroom. This demonstrates yet again, it's much easier to improve on the presentation than the underlying system.)
There's two reasons to potentially not trust Bruce Schneier -- he's in cahoots with the NSA (and by "cahoots" I mean involved in a conspiracy to somehow impact you) or he's biased against the NSA, in which case his opinions are equally untrustworthy.
It doesn't matter why someone's opinion isn't neutral -- its just as invalid to blindly trust it if that opinion matches yours or not. In fact, its probably worse to blindly trust it if it happens to match yours because you already have a bias.
. . .all others we track.
The BT security directorate will obviously administer the test at Martelsham/BT Labs/Disatral Park - in the time honored suffolk fashion by throwing him into the lake at the labs if he sinks we can trust him if not hes a witch :-)
though Bruce's lack of a proper martleman beard will probably count against him.
No one will be nuts.
Now that tinfoil hats are in fashion the answer is quite simple. If he proves a weakness then the crypto system is crap. If he doesn't then regardless of his motives the system still can't be trusted.
Here is where we can even add a layer of lead to our tinfoil hats. What is to say that the NSA doesn't have working quantum computers? Thus almost any system that is susceptible to any sort of quantum math such as factoring is quite simply dead as far as the NSA is concerned.
This last is an important consideration. Because most of us have no data that the NSA could be even slightly interested in. Let's say a forum discussing shoe repair techniques. So in that case all we are concerned with would be that our cryptographic system will protect password hashes, CC encryption, and keep SSH server access secure. So most of the old systems are probably still quite nice.
But there is an edge case where the NSA couldn't give a crap but a large politically connected corporation would like to have a peek into your systems and then the NSA might give them access. So if you were say a huge conglomerate bidding on a massive infrastructure project, those who were bidding against you might be given access to your data due to "national interests". A simple reason why organizations like the NSA might want to help large corporations is that then those corporations will lobby on the NSA's behalf in times like the present. Can you imagine how many senators/congressmen are in districts where GE is a large employer? In that light it would be stupid for the NSA not to hand them interesting data.
Even here in Canada I could see our spy bunch giving stolen data from Canadian companies that weren't politically connected to those that are politically connected.
make it to the front page of Slashdot?
If the focus is on the message, the messenger is irrelevant. The message should be scrutinized (which sounds like "Trust, but verify").
Why does someone who won't give a username get to the front page?
Why not? I have his SHA256 hash, right here, on this USB stick.
But wait! Am I sure I spelled "Schneierer" correctly?!?
"Flyin' in just a sweet place,
Never been known to fail..."
There is something else. Bruce Schneier is a public figure in the cryptography area. Scientist need to fight for money and a large part of it comes from reputation and fame. If Bruce said something that appear wrong to security researchers, they would speak up, just to be "the one that knows better".
You can't verify everything independently. Yes it should be possible to prove a cryptographic system is secure with math, but most don't have the know how, and those that do don't have the time. So you do have to trust someone somewhere down the line.
Which leaves you with needed to make some choices about trust. First you have the transitive property, you can use the personal opinions of people you already do trust to help reach trust judgements about others.
Next you got to go with experience, has this person proven dependable before? After than you have to move to agenda analysis.
We might say that Bruce's lively hood depends on him being perceived as a reliable expert. He would at least appear to have more to lose by knowing misleading people and eventually being exposed than he has to gain doing otherwise. We can also say we are not aware have having been deceived by Bruce before; at least to the degree what he is saying makes sense and the risk to me is low enough to not feel the need to go into deep analysis of the software and protocols on my own; I'll take Bruce at his word if he says something is broken, it probably is.
Conversely we think we have been knowingly deceived by the government intelligence agencies over and over again and have pretty solid evidence of that. With that in mind my default position is distrust anything they have to say. If they say something is secure, I must assume its not unless I can get some degree of independent verification. If they something is broken I have to assume that may be the case or they may be trying to steer me and others away from something that is useful. Again needs to be checked out independently.
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
Put Schneier in a ring with Bruce Wayne, Bruce Willis, and Bruce Lee. See who survives.
https://app.box.com/WitthoftResume Code: https://github.com/cellocgw
Thanks for pointing out my Diverse Double-Compiling (DDC) paper!
My page on Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) has more details, including detailed material so you can duplicate the experiments and re-verify the proofs. Note that you do not have to take my word for it.
You have to trust some things. But you can work to independently verify those things, to determine if they're trustworthy. I don't always agree with Bruce Schneier, but after watching what's he's done for years, I've determined that he's quite trustworthy. This is the same way we decide if we should trust anyone or any thing. In short: "trust, but verify".
- David A. Wheeler (see my Secure Programming HOWTO)
I think misinformation in mathematics can be easily detected. Not only is math universal, it's also impossible to launch satellites or go to the moon without it. We would've noticed AND corrected any deliberate diversion of the sciences.
Custom electronics and digital signage for your business: www.evcircuits.com
Simple. Encrypt twice. Use one cipher he loves and one he hates. It is unlikely both are compromised in any usable way when combined. Also be sure to encrypt lots of content from /dev/random to make sorting legitimate content from garbage difficult. Bonus: split your important content into chunks such as rar files, strip out the header so knowing the mimetype isn't possible and encode the different sections using various ciphers. They will need to have compromised all the ciphers to put it back together and without a header knowing the reassembly order will be more difficult.
You know he's designed several ciphers, right? Blowfish, Twofish, perhaps you've heard of them? Twofish was an AES finalist. If that doesn't give him credentials, what does?
No secret last longer than 6 years, 5 years on average. Planning on it could save one from some, um, uncomfortable outcomes. If one is looking at Crypto, look at those who are successful. The Banking Industry. Why? How many Bankers have gone to jail, damn few. Also, who's making the money in Banking? That's who Crypto as superior. If one plans on being ratted out, then one can move forward with more confidence, by not creating an naive enviornment.
Reminds me of a scene from Andromeda when Tyr was advising a prince:
Tyr: Trust no one
Prince: Can I trust you?
Tyr (incredulous): No!
It's been awhile since Bruce really has said anything that hadn't already been thought through, discussed, and agreed on by a large part of the industry. Bruce leads from the middle of the pack these days - so who cares if the NSA has compromised him?
Why should you trust anyone at Slashdot to give a trustworthy answer about Bruce Schneier's trustworthiness?
From TFA: "The Texas legislature adjourned in June, and it will not reconvene until 2015."
Now that's my sort of holiday! Yee-haw!
Slashdot - News for Nerds, Stuff that Matters, in ISO-8859-1 Has just realised that beta makes this signature redundant
His whole set of ideals and processes is about not having to trust an individual person to make you secure. What he publishes is open, as are the software and techniques he espouses. The point is that if he's not trustworthy there should be people out there that will spot it. Personally, I'm not qualified but I do have some level of trust that there are plenty of people who are and who do check. If not, we're all screwed but there's no point in going down that path.
The problem with quotes on the internet, is that nobody bothers to check their veracity. -- Abraham Lincoln
Quite possibly, but a lot of what would have sounded like paranoia last winter no longer does.
Slashdot is not a game, Slashdot is not a game. Crap, I just lost points.
Well, you *can* trust anyone. But should you? Usually we use past behavior as a judge of whether it is likely the person is being deceptive, especially where proof is impossible or too expensive. Sadly, past behavior is no guarantee of future behavior. Anyone can be compromised. So we make a guess and balance cost of verification against cost of deception. After all, I can't prove the Africa exists. But I am choosing to trust that it does.
This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
They really are out to get you.
"Bruce Schneier intercepts all your internal monologues by a man-in-the-middle attack."
^Seems legit to me
Mod me down, I shall become more off-topic than you could possibly imagine.
He isn't licensed by the NSA to do crypto work. You wouldn't trust an unlicensed lawyer, or an unlicensed doctor, now would you (well, you might, but not for very long)? Better play it safe and keep your child porn and assassination plots securely in a DES container, potential criminal.
I have competed with Bruce's companies (Counterpane, BT), met Bruce several times in professional settings. I've never worked with him personally, but I have plenty of other colleagues who have.
I trust Bruce.
-Red
This is a rediculous post. Bruce Schneier can be trusted as much as anyone can be "trusted" until he shows otherwise. What a waste of bandwidth.
Python: 'And then suddenly you have a language which says "we're all stuck with whatever the whiniest coder wants".'
He gives explanations and evidence for the things he advises (where they are not obvious). Sure, you need to be a security expert yourself to evaluate his advice, but if it were bad, most of the world's security experts would either need to be silenced or need to be in on it. That would be rather unlikely. It makes it also extremely hard for him to do anything _for_ the NSA, in the hypothetical case that he was working for them.
Hence the correct answer is that there is no need for him to be trusted, and in fact if you are reduced to trusting him, then you are doing it wrong.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
The math.
If you're into cryptography, you can do the math. You don't have to take Bruce's word for it.
I do not fail; I succeed at finding out what does not work.
"If Ghandi wasn't such a nice guy, he could have like totally messed up India. Just a thought experiment, but still...you can't just trust a guy because he's got a perfect record of being trustworthy, you know? Seriously, trust me on this."
You are welcome on my lawn.
To make the claim that linux has been never been intentionally weakened in security, you need to know that every single security vulnerability in Linux (to take one example) was due to carelessness, not intended action.
Certainly - some classes of backdoor are trivially obvious 'if(sourceip==NSA)' - but others can be subtle logic errors.
You mean like this attempt in 2003?
Personally, I'm not longer all that impressed by the IOCCC. Don't get me wrong, some of the code submitted there shows utterly insane levels of skill. However, the above is an excellent example of a good submission for the Underhanded C Contest, which is an excellent teaching tool for discovering exploits as well as for learning about subtle bugs that may drive you utterly mad trying to find.
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
Since Bruce Schneier himself said that you can't trust US-based cryptography companies, because such companies can be compelled by law to cooperate with the CIA... doesn't it also mean that NO US Person who is under the jurisdiction of the NSA can be trusted w.r.t. crypto advice? Is there a law of some kind in the US that muzzles US crypto researchers and forces them not to disclose certain facts that could harm the NSA's ability to operate? I'm just curious.
cpghost at Cordula's Web.
I am sitting next (or at least across) from Bruce right now. He is definitely interested (and humoured) in this conversation. As he notes, he's written a book on it. I'd say that a conversation about Bruce's trustworthiness is definitely worthwhile. One should have it about everybody. Of course, it means we should also have it about the people who are most interested in trying to attack Bruce's trustworthiness.
Oh, and a Bruce Schneier connection: In 2006 Bruce wrote a summary of my ACSAC paper on diverse double-compiling (DDC). Bruce's article is simply titled Countering "Trusting Trust".
Bruce completely understood the approach. He explained it very well in his blog, and he also did a nice job explaining its larger ramifications. His conclusions are still true: the "trusting trust" attack has actually gotten easier over time, because compilers have gotten increasingly complex, giving attackers more places to hide their attacks. Here's how you can use a simpler compiler -- that you can trust more -- to act as a watchdog on the more sophisticated and more complex compiler.
- David A. Wheeler (see my Secure Programming HOWTO)
But how, exactly, were going to use those alternative compilers? If you just use an alternative compiler executable, maybe the original executable was okay and the alternative was subverted - so now you have introduced corruption into the compiler executable you cared about. Just using a different compiler in the obvious way simply moves the problem somewhere else, it doesn't actually solve anything. In DDC, you have to subvert both compiler executables, which is significantly harder.
Ken Thompson's trusting trust paper didn't describe how to solve the problem. The only proposed approach is to rewrite everything yourself, which is impractical.
- David A. Wheeler (see my Secure Programming HOWTO)
I believe Schneier is honest and credible, my only beef with him is that, like too many in the IT industry in general, with superior talents and skills and intelligence, he is somewhat gullible or less than informed of the underlying agendas of they who rule. (An example: his taking seriously the TSA stuff --- when obviously it has nothing to do with keeping Americans safe, just at the American intelligence establishment has never had anything to do with national security, simply garnering financial intelligence for their super-rich founders, and command and control of the populace by various and sundry means.
Clearly, the only way we can be sure is to disassemble Bruce Schneier. Glove up.
--- Generation X: The first generation to have SIG lines inferior to their parents... ---
True, but irrelevant. His reputation on the 'net doesn't depends on his skill and experience as a cryptographer - but on his position as a columnist and pundit saying things that they (the netizens) agree with. His reputation (and ability) as a scientist have nothing to do with his ability and trustworthiness as a pundit. (Or at least they shouldn't to any thoughtful and intelligent person.)
One of the early projects that Schneier lead, precipitated by the Y2K date crisis, was a security evaluation of old COBOL system (code-named "ZEBRA") that was still being used by a certain un-named U.S. Government agency.
This mainframe software had not been maintained for some years, except by patching the binary image; no online version of the source code was available. It would be too hard to audit that way, so they decided to upload the original code (from paper), recompile, diff against the binaries, and eventually reconstruct accurate source code for the Y2K bugs and security issues.
Schneier's group decided to use OCR. The source code had been "line printed" on "greenbar" paper, where alternate lines have a light green background stripes for contrast. The problem was that OCR scanners of the day were designed only for black-and-white, and would get confused by the green stripes, and sometimes mis-scan some letters and numbers, making this source code unreliable. This required them to manually read and type in corrections, to about half the code!
Bruce Schneier is an outspoken critic of agencies like the DHS and the TSA, but he has been a consultant for the Government in the past. And as you can see from the above story, he was originally an early proponent of scanners, and only in more recent years has spoken out against them. So it is quite reasonable to ask if Bruce Schneier has ever changed his stripes.
Of course Bruce Schneier can't be trusted his criticism of the NSA obviously means he's in cahoots with the albino shape-shifting lizard Ilumaniti ..
Perhaps somebody controls his connection to the internet. Then they post things in his name, but prevents him from reading them. Or they alter something he publishes, but he is prevented from seeing the alteration.
People are all concerned about the NSA siphoning data off of the internet. But what happens when they can put/alter any data they want. Then they have total information control. And hell on earth begins....
If I were an enemy of the Slashdot community, I'd make posts suggesting that Slashdot editors can't see obvious FUD.
That that is is that that that that is not is not.
Paranoia strikes twice...
The only answer is to trust but verify.
It is moderately safe to expect that Bruce is not an NSA shill.
That does not eliminate the ability of a large organization to convince
or coerce any individual to have a view that they would like you to have.
Businesses, developers and others should look hard at Bruces comments
on an airgap in his most recent news letter. Legal organizations should
also take a hint here.
Paranoia does strike deep, just do not be buffaloed by the
quagmire out in the fields this spring.
Truth is stranger than fiction, but it is because Fiction is obliged to stick to possibilities; Truth isn't. Mark Twain.
This hypothetical post is hypothetical.
Discuss.
Kriston
You know he's designed several ciphers, right? Blowfish, Twofish, perhaps you've heard of them? Twofish was an AES finalist. If that doesn't give him credentials, what does?
Hm. A golden plaque from the NSA? ;)
"Someone needs to talk to the tree of liberty about its ghoulish drinking problem." by ohnocitizen
Schneier isn't even a credentialed cryptographer. He's the guy who wrote the popularized book that the establishment didn't want published. He's a popular writer, and a pundit.
Schneier is more then a "pundit". Before he wrote the "popular" stuff, he proved that he was heavy on the technical (http://www.amazon.com/Applied-Cryptography-Protocols-Algorithms-Source) for example, as well as the various algorithms he (co)-invented.
You, however, are an ignorant troll.
Those Bruce Schneier facts don't bode well for you.
Troll 2.0 Fear my asocial networking!
For a number of years it was a secret that programmable digital computers existed and worked. If it happens that (proper) quantum computers exist and work then don't reckon they'll be in any hurry to tell the likes of us. Everything could be being depicted now, real time, without access to any compromised routers, without needing to get secret court orders for the disclosure of keys, all that could be nothing but a smokescreen. No, don't trust Bruce Schneier, because no one has told him there are working quantum computers either.
Paul Beardsell
Finally we have an objective unit to measure paranoia, the Bruce.
The theoretical relationship between a truth function and the belief in the truth of the truth function has never previously been established.
My hypotheses is that each truth table has a paranoia variable located on the Z axis, measured in Bruce Units, which measures the belief in the reliability of the truth table. A positive Bruce value means you are paranoid and probably an idiot; a negative Bruce value means you are not paranoid and everybody else is an idiot.
I propose that the combination of a truth table and an array of associated Bruce values be called the Bruce Cube. Other proposed names such as the Nixon Cube and the Tom/Friedman Cube lead to the incorrect belief that the paranoia vector is associated exclusively with either the left or right spin. The name “Nixon-Friedman Cube” was just too damn long to use.
I'll leave it to other to work out the details of Bruce calculus. I'm too tired
.