Essays and Op Eds
Bruce Schneier has written for many major publications, including The New York Times, The Wall Street Journal, The Guardian, Forbes, Wired, Nature, The Bulletin of the Atomic Scientists, The Sydney Morning Herald, The Boston Globe, The Los Angeles Times, The San Francisco Chronicle, The Washington Post, and The Japan Times.
For translations of these essays, see the Content by Language page.
By Category
2009
November 2009 • Information Security
Schneier-Ranum Face-Off: Is Antivirus Dead?
November 2009 • New Internationalist
Beyond Security Theater
November 4, 2009 • MPR NewsQ
"Zero Tolerance" Really Means Zero Discretion
November 3, 2009 • Dark Reading
Fighting The Fear Factor
October 15, 2009 • The Guardian
Why Framing Your Enemies Is Now Virtually Child's Play
September 28, 2009 • Threatpost
The Difficulty of Un-Authentication
September 9, 2009 • The Guardian
The Battle Is On Against Facebook and Co to Regain Control of Our Files
September 2009 • Information Security
Is Perfect Access Control Possible?
August 19, 2009 • The Japan Times
Offhand but On Record
August 10, 2009 • Dark Reading
Lockpicking and the Internet
August 10, 2009 • Threatpost
The Value of Self-Enforcing Protocols
August 5, 2009 • The Guardian, The Age, The Sydney Morning Herald
People Understand Risks – But Do Security Staff Understand People?
July 31, 2009 • MPR News Q
Technology Shouldn't Give Big Brother a Head Start
July 15, 2009 • Wired News
Protect Your Laptop Data From Everyone, Even Yourself
July 15, 2009 • The Guardian
Facebook Should Compete on Privacy, Not Hide It Away
July 13, 2009 • MPR News Q, ITWire
So-called Cyberattack Was Overblown
July/August 2009 • IEEE Security & Privacy
Security, Group Size, and the Human Brain
June 24, 2009 • New York Daily News
Clear Common Sense for Takeoff: How the TSA Can Make Airport Security Work for Passengers Again
June 24, 2009 • The Guardian and Gulf Times
Raising the Cost of Paperwork Errors Will Improve Accuracy
June 18, 2009 • Wired News
How Science Fiction Writers Can Help, or Hurt, Homeland Security
June 4, 2009 • The Guardian and The Japan Times
Be Careful When You Come to Put Your Trust in the Clouds
May 29, 2009 • NYTimes.com
Coordinate, But Distribute Responsibility
May 14, 2009 • The Guardian
We Shouldn't Poison Our Minds with Fear of Bioterrorism
May 2009 • Information Security
Should We Have an Expectation of Online Privacy?
April 28, 2009 • The Wall Street Journal
Do You Know Where Your Data Are?
April 23, 2009 • The Guardian and Gulf Times
How the Great Conficker Panic Hacked into Human Credulity
April 2, 2009 • The Guardian
An Enterprising Criminal Has Spotted a Gap in the Market
March 31, 2009 • The Wall Street Journal
Who Should Be in Charge of Cybersecurity?
March 26, 2009 • Wired News
It's Time to Drop the "Expectation of Privacy" Test
March 12, 2009 • The Guardian
Blaming The User Is Easy – But It's Better to Bypass Them Altogether
March 12, 2009 • The Wall Street Journal
The Kindness of Strangers
February 26, 2009 • BBC News
Privacy in the Age of Persistence
February 26, 2009 • Wired News
How Perverse Incentives Drive Bad Security Decisions
February 19, 2009 • The Guardian
The Secret Question Is: Why Do IT Systems Use Insecure Passwords?
February 16, 2009 • The Wall Street Journal
Thwarting an Internal Hacker
January 29, 2009 • The Guardian, The Hindu, Brisbane Times, The Sydney Morning Herald
Terrorists May Use Google Earth, But Fear Is No Reason to Ban It
January 27, 2009 • The Wall Street Journal
How to Ensure Police Database Accuracy
Jan/Feb 2009 • IEEE Security & Privacy
Architecture of Privacy
Jan 2009 • Information Security
State Data Breach Notification Laws: Have They Helped?
January 9, 2009 • The Wall Street Journal
Why Technology Won't Prevent Identity Theft
January 8, 2009 • The Guardian
Tigers Use Scent, Birds Use Calls -- Biometrics Are Just Animal Instinct
2008
December 9, 2008 • The Wall Street Journal
How to Prevent Digital Snooping
December 4, 2008 • The Guardian and The Hindu
When You Lose a Piece of Kit, the Real Loss Is The Data It Contains
November 21, 2008 • The Wall Street Journal
Why Obama Should Keep His BlackBerry -- But Won't
November 19, 2008 • Wired News
America's Next Top Hash Function Begins
November 13, 2008 • The Guardian and The Hindu
Passwords Are Not Broken, but How We Choose them Sure Is
November 3, 2008
CRB Checking
October 23, 2008 • The Guardian
Time to Show Bottle and Tackle the Real Issues
October 16, 2008 • Wired News
Quantum Cryptography: As Awesome As It Is Pointless
October 2, 2008 • The Guardian
Why Society Should Pay the True Costs of Security
October 1, 2008 • Wired News
The Seven Habits of Highly Ineffective Terrorists
October 2008 • Information Security Magazine
Does Risk Management Make Sense?
September 18, 2008 • Wired News
Airport Pasta-Sauce Interdiction Considered Harmful
September 4, 2008 • The Guardian
A Fetishistic Approach to Security Is a Perverse Way to Keep Us Safe
September 4, 2008 • Wired News
How to Create the Perfect Fake Identity
September 2, 2008 • CSO Magazine
Security ROI: Fact or Fiction?
September 2008 • IEEE Spectrum
Here Comes Here Comes Everybody
August 28, 2008 • Los Angeles Times
The TSA's Useless Photo ID Rules
August 21, 2008 • Wired News
Boston Court's Meddling With "Full Disclosure" Is Unwelcome
August 10, 2008 • Security Watch
The Problem Is Information Insecurity
August 7, 2008 • Wired News
Memo to Next President: How to Get Cybersecurity Right
August 7, 2008 • The Guardian
Why Being Open about Security Makes Us All Safer in the Long Run
Jul/Aug 2008 • IEEE Security and Privacy
How the Human Brain Buys Security
July 23, 2008 • Wired News
Lesson From the DNS Bug: Patching Isn't Enough
July 17, 2008 • The Guardian
Software Makers Should Take Responsibility
July 10, 2008 • Wired News
How a Classic Man-in-the-Middle Attack Saved Colombian Hostages
July 2008 • Information Security Magazine
Chinese Cyberattacks: Myth or Menace?
June 30, 2008 • Wired News
I've Seen the Future, and It Has a Kill Switch
June 26, 2008 • The Guardian
CCTV Doesn't Keep Us Safe, Yet the Cameras Are Everywhere
June 19, 2008 • Discovery Technology
The Truth About Chinese Hackers
June 12, 2008 • Wired News
The Pros and Cons of Lifelock
June 4, 2008 • The Guardian
Are Photographers Really a Threat?
May 29, 2008 • Wired News
Why Do We Accept Signatures by Fax?
May 26, 2008 • CIO
How to Sell Security
May 15, 2008 • Wired News
Our Data, Ourselves
May 15, 2008 • The Guardian
Crossing Borders with Laptops and PDAs
May 1, 2008 • Wired News
America's Dilemma: Close Security Holes, or Exploit Them Ourselves
May 2008 • Information Security Magazine
The Ethics of Vulnerability Research
April 17, 2008 • Wired News
Prediction: RSA Conference Will Shrink Like a Punctured Balloon
April 4, 2008 • ComputerWeekly
Secret Questions Blow a Hole in Security
April 3, 2008 • Wired News
The Difference Between Feeling and Reality in Security
March 20, 2008 • Wired News
Inside the Twisted Mind of the Security Professional
March 13, 2008 • Nature
Census of Cyberspace Censoring
March 6, 2008 • Wired News
The Myth of the "Transparent Society"
March 2008 • Information Security Magazine
Consolidation: Plague or Progress
February 23, 2008 • Minneapolis Star Tribune
Security at What Cost?
February 21, 2008 • Wired News
When the Internet Is My Hard Drive, Should I Trust Third Parties?
February 7, 2008 • Detroit Free Press
Driver's Licenses for Immigrants: Denying Licenses Makes Us Less Safe
February 7, 2008 • Wired News
With iPhone, "Security" Is Code for "Control"
January 24, 2008 • Wired News
What Our Top Spy Doesn't Get: Security and Privacy Aren't Opposites
January 10, 2008 • Wired News
Steal This Wi-Fi
2007
December 13, 2007 • Wired News
Why "Anonymous" Data Sometimes Isn't
December 2007 • Information Security Magazine
Caution: Turbulence Ahead
Nov/Dec 2007 • IEEE Security and Privacy
The Death of the Security Industry
November 29, 2007 • Wired News
How Does Bruce Schneier Protect His Laptop Data? With His Fists — and PGP
November 15, 2007 • Wired News
Did NSA Put a Secret Backdoor in New Encryption Standard?
November 2007 • Information Security Magazine
Cyberwar: Myth or Reality?
November 1, 2007 • Wired News
How We Won the War on Thai Chili Sauce
October 18, 2007 • Wired News
Economics, Not Apathy, Exposes Chemical Plants To Danger
October 5, 2007 • OutlookBusiness
Paying the Cost of Insecure Software [PDF]
October 4, 2007 • Wired News
Gathering "Storm" Superworm Poses Grave Threat to PC Nets
September 20, 2007 • Wired News
Lesson From Tor Hack: Anonymity and Privacy Aren't the Same
September 6, 2007 • Wired News
NBA Ref Scandal Warns of Single Points of Failure
September 2007 • Information Security Magazine
Home Users: A Public Health Problem?
August 23, 2007 • Wired News
Time to Close Gaps in Emergency Communications
August 9, 2007 • Wired News
E-Voting Certification Gets Security Completely Backward
August 3, 2007
Interview with Kip Hawley
July 26, 2007 • Wired News
Disaster Planning Is Critical, but Pick a Reasonable Disaster
July 12, 2007 • Wired News
The Evolutionary Brain Glitch That Makes Terrorism Fail
June 28, 2007 • Wired News
Strong Laws, Smart Tech Can Stop Abusive "Data Reuse"
June 14, 2007 • Wired News
Portrait of the Modern Terrorist as an Idiot
May 31, 2007 • Wired News
Don't Look a Leopard in the Eye, and Other Security Advice
May 17, 2007 • Wired News
Virginia Tech Lesson: Rare Risks Breed Irrational Responses
May 8, 2007 • Testimony before the Senate Judiciary Committee
Will REAL ID Actually Make Us Safer?
May 6, 2007 • IEEE Computers and Security
Nonsecurity Considerations in Security Decisions
May 3, 2007 • Wired News
Do We Really Need a Security Industry?
May 2007 • Communications of the ACM
Psychology of Security
May 2007 • Information Security Magazine
Is Big Brother a Big Deal?
April 19, 2007 • Wired News
How Security Companies Sucker Us With Lemons
April 5, 2007 • Wired News
Vigilantism Is a Poor Response to Cyberattack
March 26, 2007 • Forbes
How to Not Catch Terrorists
March 22, 2007 • Wired News
Why the Human Brain Is a Poor Judge of Risk
March 8, 2007 • Wired News
The Problem With Copycat Cops
March 4, 2007 • The Bulletin of the Atomic Scientists
Real-ID: Costs and Benefits
March 2007 • Information Security Magazine
Is Penetration Testing Worth It?
February 27, 2007 • Minneapolis Star Tribune
Privatizing the Police Puts Us at Greater Risk
February 22, 2007 • Wired News
Why Smart Cops Do Dumb Things
February 12, 2007 • Forbes
Why Vista's DRM Is Bad For You
February 8, 2007 • Wired News
An American Idol for Crypto Geeks
February 7, 2007
The Psychology of Security
January 25, 2007 • Wired News
In Praise of Security Theater
January 22, 2007 • Forbes
Solving Identity Theft
January 21, 2007 • New York Times, Mercury News
Life in the Fast Lane
January 19, 2007 • New York Daily News
Camera Phones vs. Crime: Now We're Talking
January 15, 2007 • Wired News
Secure Passwords Keep You Safer
January 11, 2007 • SF Chronicle, Arizona Daily Star
On Police Security Cameras: Wholesale Surveillance
January 8, 2007 • Forbes
They're Watching
January 2007 • Information Security
Does Secrecy Help Protect Personal Information?
January 2007 • ENISA Quarterly
Information Security and Externalities
January 2007 • CSO Online
Schneier: Full Disclosure of Security Vulnerabilities a 'Damned Good Idea'
2006
December 14, 2006 • Wired News
MySpace Passwords Aren't So Dumb
December 12, 2006 • Forbes
Why Spam Won't Go Away
November 30, 2006 • Wired News
My Data, Your Machine
November 16, 2006 • Wired News
Vote Early, Vote Often
November 13, 2006 • Forbes
Did Your Vote Get Counted?
November 2, 2006 • Wired News
The Boarding Pass Brouhaha
November 2006 • Information Security Magazine
Do Federal Security Regulations Help?
October 19, 2006 • Wired News
The Architecture of Security
October 18, 2006 • Forbes
Casual Conversation, R.I.P.
October 5, 2006 • Wired News
Why Everyone Must Be Screened
September 21, 2006 • Wired News
Lessons From the Facebook Riots
September 16, 2006 • Washington Post
The ID Chip You Don't Want in Your Passport
September 7, 2006 • Wired News
Quickest Patch Ever
September 2006 • Information Security Magazine
Is There Strategic Software?
August 24, 2006 • Wired News
Refuse to be Terrorized
August 13, 2006 • Minneapolis Star Tribune
Focus on Terrorists, Not Tactics
August 10, 2006 • Wired News
Drugs: Sports' Prisoner's Dilemma
July 27, 2006 • Wired News
How Bot Those Nets?
July 13, 2006 • Wired News
Google's Click-Fraud Crackdown
July 2006 • Information Security Magazine
Are Security Certifications Valuable?
June 29, 2006 • Wired News
It's the Economy, Stupid
June 15, 2006 • Wired News
The Scariest Terror Threat of All
June 1, 2006 • Wired News
Make Vendors Liable for Bugs
May 31, 2006 • Minneapolis Star Tribune
We're Giving Up Privacy and Getting Little in Return
May 18, 2006 • Wired News
The Eternal Value of Privacy
May 4, 2006 • Wired News
Everyone Wants to "Own" Your PC
April 20, 2006 • Wired News
The Anti-ID-Theft Bill That Isn't
April 6, 2006 • Wired News
Why VOIP Needs Crypto
April 2006 • Information Security Magazine
Is User Education Working?
March 23, 2006 • Wired News
Let Computers Screen Air Baggage
March 9, 2006 • Wired News
Why Data Mining Won't Stop Terror
March 5, 2006 • Minneapolis Star Tribune
Your Vanishing Privacy
February 23, 2006 • Wired News
U.S. Ports Raise Proxy Problem
February 15, 2006 • Network World
Security in the Cloud (Feb 06)
February 9, 2006 • Wired News
Fighting Fat-Wallet Syndrome
January 26, 2006 • Wired News
Big Risks Come in Small Packages
January 12, 2006 • Wired News
Anonymity Won't Kill the Internet
2005
December 20, 2005 • Minneapolis Star Tribune
Unchecked Presidential Power
December 20, 2005 • Salon
Uncle Sam is Listening
December 15, 2005 • Wired News
Hold the Photons!
December 13, 2005 • Utility Automation & Engineering T&D
The Hackers are Coming!
December 1, 2005 • Wired News
Airline Security a Waste of Cash
Nov/Dec 2005 • IEEE Security and Privacy
The Zotob Storm
November 21, 2005 • Minneapolis Star Tribune
The Erosion of Freedom
November 17, 2005 • Wired News
Real Story of the Rogue Rootkit
November 3, 2005 • Wired News
Fatal Flaw Weakens RFID Passports
October 20, 2005 • Wired News
Sue Companies, Not Coders
October 6, 2005 • Wired News
A Real Remedy for Phishers
Sep/Oct 2005 • IEEE Security and Privacy
University Networks and Data Security
September 22, 2005 • Wired News
A Sci-Fi Future Awaits the Court
September 11, 2005 • Minneapolis Star Tribune
Toward a Truly Safer Nation
September 8, 2005 • Wired News
Terrorists Don't Do Movie Plots
June 23, 2005 • New York Daily News
Make Businesses Pay in Credit Card Scam
June 2, 2005 • Queue
Attack Trends: 2004 and 2005
May 2005 • Communications of the ACM
Risks of Third-Party Data
April 2005 • Communications of the ACM
Two-Factor Authentication: Too Little, Too Late
February 14, 2005 • eWeek
Digital Information Rights Need Tech-Savvy Courts
February 9, 2005 • Computerworld
The Curse of the Secret Question
Jan/Feb 2005 • IEEE Security and Privacy
Authentication and Expiration
2004
December 9, 2004 • CNET News.com
Who says safe computing must remain a pipe dream?
November 30, 2004 • The Sydney Morning Herald
Airport Security and Metal Knives
November 29, 2004 • eWeek
Desktop Google Finds Holes
November 24, 2004 • Boston Globe
Profile: "hinky"
November 24, 2004 • OpenDemocracy
Why is it so hard to run an honest election?
October 31, 2004 • San Francisco Chronicle
Getting Out the Vote
October 28, 2004 • Computerworld
Information Security: How liable should vendors be?
October 26, 2004 • The Sydney Morning Herald
The Security of Checks and Balances
October 22, 2004 • UPI
Outside View: Security at the World Series
October 4, 2004 • The Baltimore Sun
Bigger Brother
October 4, 2004 • International Herald Tribune
Does Big Brother want to watch?
October 2004 • The Rake
Do Terror Alerts Work?
October 2004 • Communications of the ACM
The Non-Security of Secrecy
Sep/Oct 2004 • IEEE Security and Privacy
SIMS: Solution, or Part of the Problem?
September 27, 2004 • CNET News.com
Saluting the data encryption legacy
September 20, 2004 • Mercury News
Academics locked out by tight visa controls
September 19, 2004 • New Haven Register
City Cops' Plate Scanner is a License to Snoop
August 30, 2004 • eWeek
We Owe Much to DES
August 27, 2004 • Minneapolis Star Tribune
How Long Can the Country Stay Scared?
August 26, 2004 • The Sydney Morning Herald
Olympic Security
August 25, 2004 • Newsday
U.S. "No-Fly" List Curtails Liberties
August 24, 2004 • Boston Globe
An Easy Path for Terrorists
August 19, 2004 • Computerworld
Cryptanalysis of MD5 and SHA: Time for a New Standard
August 2, 2004 • The Sydney Morning Herald
BOB on Board
Jul/Aug 2004 • IEEE Security and Privacy
Customers, Passwords, and Web Sites
July 30, 2004 • The Sydney Morning Herald
Security, Houston-Style
July 6, 2004 • eWeek
US-VISIT Is No Bargain
July 2004 • Communications of the ACM
Insider Risks in Elections
June 24, 2004 • Minneapolis Star Tribune
Unchecked Police And Military Power Is A Security Threat
June 16, 2004 • News.com
CLEARly Muddying the Fight Against Terror
June 2, 2004 • Computerworld
The Witty Worm: A New Chapter in Malware
May/Jun 2004 • IEEE Security and Privacy
Security and Compliance
May 31, 2004 • Network World
Microsoft's Actions Speak Louder Than Words
May 10, 2004 • Newsday
Curb electronic surveillance abuses
May 4, 2004 • CNET News.com
We Are All Security Customers
April 27, 2004 • Counterpunch
Terrorist Threats and Political Gains
April 2004 • IEEE Computer
Hacking the Business Climate for Network Security
April 1, 2004 • Minneapolis Star Tribune
A National ID Card Wouldn't Make Us Safer
April 2004 • Communications of the ACM
Cyber Underwriters Lab?
March 2004 • Wired Magazine
America's Flimsy Fortress
February 3, 2004 • San Francisco Chronicle
IDs and the illusion of security
February 2004 • Communications of the ACM
Risks of PKI: Electronic Commerce
Jan/Feb 2004 • IEEE Security and Privacy
Voting Security
January 30, 2004 • CNET News.com
Slouching Towards Big Brother
January 19, 2004 • Salon.com
Homeland Insecurity
January 14, 2004 • Newsday
Fingerprinting Visitors Won't Offer Security
January 2004 • Communications of the ACM
Risks of PKI: Secure E-Mail
2003
December 21, 2003 • Minneapolis Star Tribune
Better Get Used to Routine Loss of Personal Privacy
December 19, 2003 • Mercury News
Are You Sophisticated Enough to Recognize an Internet Scam?
December 16, 2003 • Salon.com
Blaster and the Great Blackout
December 9, 2003 • CNET News.com
Internet Worms and Critical Infrastructure
Nov/Dec 2003 • IEEE Security and Privacy
Airplane Hackers
November 11, 2003 • Financial Times Deutschland
Festung Amerika
November 2003 • Heise Security
Liability Changes Everything
October 21, 2003 • Newsday
Terror Profiles by Computers Are Ineffective
October 14, 2003 • UPI
Fixing intelligence
August 2003 • Communications of the ACM
Voting and Technology: Who Gets to Count Your Vote?
Jul/Aug 2003 • IEEE Security and Privacy
The Speed of Security
June 2003 • Wired Magazine
Walls Don't Work in Cyberspace
May/Jun 2003 • IEEE Security and Privacy
Guilty Until Proven Innocent?
Mar/Apr 2003 • IEEE Security and Privacy
Locks and Full Disclosure
March 7, 2003 • Mercury News
American Cyberspace: Can We Fend Off Attackers?
March 2, 2003 • SF Chronicle
Secrecy and Security
Jan/Feb 2003 • IEEE Security and Privacy
We Are All Security Consumers
2002
January 18, 2002 • CNET News.com
Trust, but Verify, Microsoft's Pledge
2002 • IEEE Computer Magazine
The Case for Outsourcing Security
2001
May 2001 • Security Engineering by Ross Anderson
Foreword
April 2001 • Salon.com
Body of Secrets by James Bamford (Review)
March 2001 • Communications of the ACM
Insurance and the Computer Industry
February 2001 • Information Security Magazine
The Insurance Takeover
2000
August 2000 • Information Security Magazine
The Fallacy of Trusted Client Software
April 2000 • Information Security Magazine
The Process of Security
1999
December 1999 • Information Security Magazine
1999 Crypto Year-in-Review
November 1999 • ZDNet
DVD Encryption Broken
November 1999 • Computerworld
Why Computers are Insecure
November 1999 • Information Security Magazine
A Plea for Simplicity
October 1999 • Communications of the ACM
Risks of Relying on Cryptography
September 1999 • Communications of the ACM
The Trojan Horse Race
September 1999 • Information Security Magazine
International Cryptography
August 1999 • ZDNet
Web-Based Encrypted E-Mail
August 1999 • ZDNet
NIST AES News
August 1999 • Communications of the ACM
Biometrics: Uses and Abuses
March 1999 • IEEE Security and Privacy
Cryptography: The Importance of Not Being Different
March 1999 • Information Security Magazine
Why the Worst Cryptography is in the Systems that Pass Initial Analysis
January 26, 1999 • ZDNet
Intel's Processor ID
1999 • Computer Security Journal
How to Evaluate Security Technology
1998
December 1998 • Information Security Magazine
1998 Crypto Year-in-Review
October 1998 • Information Security Magazine
Key Recovery
1998
Security Pitfalls in Cryptography
1998
Click here to bring down the Internet
1997
January 1997 • Communications of the ACM
Cryptography, Security, and the Future
1997
Why Cryptography is Harder than it Looks
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.
|