💬 SenQuotes.com
 Quotes

Bruce Schneier Quotes

American cryptographer and author, Birth: 15-1-1963 Bruce Schneier Quotes
1.
If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology.
Bruce Schneier

If you assume that tech can eradicate your safety concerns, then you lack comprehension of the issues and the tools.
2.
There are two types of encryption: one that will prevent your sister from reading your diary and one that will prevent your government.
Bruce Schneier

3.
There are two kinds of cryptography in this world: cryptography that will stop your kid sister from reading your files, and cryptography that will stop major governments from reading your files.
Bruce Schneier

4.
Beware the Four Horsemen of the Information Apocalypse: terrorists, drug dealers, kidnappers, and child pornographers. Seems like you can scare any public into allowing the government to do anything with those four.
Bruce Schneier

5.
Amateurs hack systems, professionals hack people.
Bruce Schneier

Similar Authors: Rush Limbaugh Cassandra Clare Charles Spurgeon Deepak Chopra Stephen King George Bernard Shaw Winston Churchill Neil Gaiman Richelle Mead Jodi Picoult Francois de La Rochefoucauld Marianne Williamson Wayne Dyer Michel de Montaigne Victor Hugo
6.
The mantra of any good security engineer is: "Security is a not a product, but a process." It's more than designing strong cryptography into a system; it's designing the entire system such that all security measures, including cryptography, work together.
Bruce Schneier

7.
More people are killed every year by pigs than by sharks, which shows you how good we are at evaluating risk.
Bruce Schneier

8.
People often represent the weakest link in the security chain and are chronically responsible for the failure of security systems.
Bruce Schneier

Quote Topics by Bruce Schneier: People Government Technology Thinking Surveillance Terrorism Needs Reading Security Systems Country Information Cards Believe Data Worry Pigs Giving Liberty Important Computer Looks Asks Media Real Fundamentals Security Doe News Law Nsa
9.
Security is a process, not a product.
Bruce Schneier

10.
For if we are observed in all matters, we are constantly under threat of correction, judgment, criticism, even plagiarism of our own uniqueness. We become children, fettered under watchful eyes, constantly fearful that-either now or in the uncertain future-patterns we leave behind will be brought back to implicate us, by whatever authority has now become focused upon our once-private and innocent acts. We lose our individuality, because everything we do is observable and recordable.
Bruce Schneier

11.
If someone steals your password, you can change it. But if someone steals your thumbprint, you can't get a new thumb. The failure modes are very different.
Bruce Schneier

12.
History has taught us: never underestimate the amount of money, time, and effort someone will expend to thwart a security system. It's always better to assume the worst. Assume your adversaries are better than they are. Assume science and technology will soon be able to do things they cannot yet. Give yourself a margin for error. Give yourself more security than you need today. When the unexpected happens, you'll be glad you did.
Bruce Schneier

13.
I am regularly asked what the average Internet user can do to ensure his security. My first answer is usually 'Nothing; you're screwed'.
Bruce Schneier

14.
Don't make the mistake of thinking you're Facebook's customer, you're not - you're the product.
Bruce Schneier

15.
Hardware is easy to protect: lock it in a room, chain it to a desk, or buy a spare. Information poses more of a problem. It can exist in more than one place; be transported halfway across the planet in seconds; and be stolen without your knowledge.
Bruce Schneier

16.
Privacy is an inherent human right, and a requirement for maintaining the human condition with dignity and respect.
Bruce Schneier

17.
Anyone, from the most clueless amateur to the best cryptographer, can create an algorithm that he himself can't break.
Bruce Schneier

18.
It is insufficient to protect ourselves with laws; we need to protect ourselves with mathematics.
Bruce Schneier

19.
The whole notion of passwords is based on an oxymoron. The idea is to have a random string that is easy to remember. Unfortunately, if it's easy to remember, it's something nonrandom like 'Susan.' And if it's random, like 'r7U2*Qnp,' then it's not easy to remember.
Bruce Schneier

20.
Cryptography products may be declared illegal, but the information will never be
Bruce Schneier

21.
It is poor civic hygiene to install technologies that could someday facilitate a police state.
Bruce Schneier

22.
Terrorism isn't a crime against people or property. It's a crime against our minds, using the death of innocents and destruction of property to make us fearful. Terrorists use the media to magnify their actions and further spread fear. And when we react out of fear, when we change our policy to make our country less open, the terrorists succeed -- even if their attacks fail. But when we refuse to be terrorized, when we're indomitable in the face of terror, the terrorists fail -- even if their attacks succeed.
Bruce Schneier

23.
Think of your existing power as the exponent in an equation that determines the value of information. The more power you have, the more additional power you derive from the new data.
Bruce Schneier

24.
The more technological a society is, the greater the security gap is.
Bruce Schneier

25.
Surveillance of power is one of the most important ways to ensure that power does not abuse its status. But, of course, power does not like to be watched.
Bruce Schneier

26.
The real targets of terrorism are the rest of us: the billions of us who are not killed but are terrorized because of the killing. The real point of terrorism is not the act itself, but our reaction to the act. And we're doing exactly what the terrorists want [...] Our politicians help the terrorists every time they use fear as a campaign tactic. The press helps every time it writes scare stories about the plot and the threat. And if we're terrified, and we share that fear, we help.
Bruce Schneier

27.
Surveillance is the business model of the Internet.
Bruce Schneier

28.
The user's going to pick dancing pigs over security every time.
Bruce Schneier

29.
Metadata equals surveillance; it's that simple.
Bruce Schneier

30.
The fundamental driver in computer security, in all of the computer industry, is economics. That requires a lot of re-education for us security geeks.
Bruce Schneier

31.
Choosing providers is not a choice between surveillance/not; it's just choosing which feudal lord gets to spy on you.
Bruce Schneier

32.
A colleague once told me that the world was full of bad security systems designed by people who read Applied Cryptography
Bruce Schneier

33.
There's an entire flight simulator hidden in every copy of Microsoft Excel 97.
Bruce Schneier

34.
The very definition of news is something that hardly ever happens. If an incident is in the news, we shouldn't worry about it. It's when something is so common that its no longer news - car crashes, domestic violence - that we should worry.
Bruce Schneier

35.
Despite fearful rhetoric to the contrary, terrorism is not a transcendent threat. A terrorist attack cannot possibly destroy our country's way of life; it's only our reaction to that attack that can do that kind of damage.
Bruce Schneier

36.
The question to ask when you look at security is not whether this makes us safer, but whether it's worth the trade-off.
Bruce Schneier

37.
If you ask amateurs to act as front-line security personnel, you shouldn't be surprised when you get amateur security.
Bruce Schneier

38.
Chaos is hard to create, even on the Internet. Here's an example. Go to Amazon.com. Buy a book without using SSL. Watch the total lack of chaos.
Bruce Schneier

39.
The more we expect technology to protect us from people in the same way it protects us from nature, the more we will sacrifice the very values of our society in futile attempts to achieve this security.
Bruce Schneier

40.
Something that looks like a protocol but does not accomplish a task is not a protocol—it’s a waste of time.
Bruce Schneier

41.
It's frustrating; terrorism is rare and largely ineffectual, yet we regularly magnify the effects of both their successes and failures by terrorizing ourselves.
Bruce Schneier

42.
Only amateurs attack machines; professionals target people.
Bruce Schneier

43.
Terrorists can only take my life. Only my government can take my freedom.
Bruce Schneier

44.
I tell people: if it's in the news, don't worry about it, because by definition, news is something that almost never happens.
Bruce Schneier

45.
Microsoft knows that reliable software is not cost effective. According to studies, 90% to 95% of all bugs are harmless. They're never discovered by users, and they don't affect performance. It's much cheaper to release buggy software and fix the 5% to 10% of bugs people find and complain about.
Bruce Schneier

46.
Why is it that we all - myself included - believe these stories? Why are we so quick to assume that the TSA is a bunch of jack-booted thugs, officious and arbitrary and drunk with power? It's because everything seems so arbitrary, because there's no accountability or transparency in the DHS.
Bruce Schneier

47.
Privacy is a fundamental human need.
Bruce Schneier

48.
And honestly, if anyone thinks they can get an accurate picture of anyplace on the planet by reading news reports, they're sadly mistaken.
Bruce Schneier

49.
Corporate and government surveillance aren't separate; they're an alliance of interests.
Bruce Schneier

50.
It doesn't matter how good the card is if the issuance process is flawed.
Bruce Schneier