J.M. Porup ✅ @toholdaquill@octodon.social
contributing security reporter, @ArsTechnicaUK. Assembly @BKCHarvard. Once a programmer. Yeah, I'm that @LonelyPlanet Colombia guy. Views my own. Assume breach.
/end live tooting of Bruce Schneier's keynote @ #sectorca #sector2017
Technology moves faster than law, and that's a new thing. How do we make law that is adaptive and agile in the same way software is? Schneier asks #sectorca #sector2017
Generation gap between those who understand the problem and those who don't. FBI's myopic focus on one aspect of the technology a good example, Schneier tells #sectorca #sector2017
Free software does not come with any liability, but once a company sells it, it does, Schneier tells #sectorca #sector2017
libertarian ethos in Silicon Valley worked because it didn't matter, it was email, facebook, websites. But now it's physical things, and the government isn't going to stand by any more, Schneier tells #sectorca #sector2017
What can we do today in security to prepare for the robotic future? Schneier asks #sectorca #sector2017
EU is big enough that GDPR can move the needle, because software is write once deploy everywhere, Schneier tells #sectorca #sector2017
you can't cut someone's hair for money without a license, yet you can write software that determines who gets let out on parole with no license at all. My guess is some level of software engineer that's going to require licensing, Schneier tells #sectorca #sector2017
Most policymakers don't understand technology, and that's a problem, Schneier tells #sectorca #sector2017
As technologists, we need to get involved in policy, Schneier tells #sectorca #sector2017
When the internet starts killing people, the government will get involved. The choice is now between smart government involvement and stupid government involvement, Schneier tells #sectorca #sector2017
20th century shows that new technology produces new regulatory agencies, we should follow that model, Schneier tells #sectorca #sector2017
We need some way to capture the idea that everything is becoming a computer first, and whatever else (car, etc) second. We need some new regulatory agency that will deal with this, Schneier tells #sectorca #sector2017
Need more government regulation best solution to security of cyber-physical systems, but old regulatory regimes won't work, because everything is software now, no longer siloed into types of tech--cars, planes, medical, etc, Schneier tells #sectorca #sector2017
Security is a moving target, old way of "secure it right the first time" no longer works, Schneier tells #sectorca #sector2017
5 truisms
1) on the internet attack is easier than defense
2) most software is poorly written and insecure
3) vulns in one thing affect another
4) don't need to be an expert to use stolen NSA attack tools
5) DMCA makes security research hard.
Schneier tells #sectorca #sector2017
Five truisms that affect the security arms race on the internet, Schneier tells #sectorca #sector2017
Market can't fix IoT security mess, because in most cases neither the buyer nor seller care, Schneier tells #sectorca #sector2017
Most IoT devices don't have a security patching mechanism, upgrade path is to throw it away and buy a new one, Schneier tells #sectorca #sector2017
We are creating an internet of things that senses, thinks, and acts, the classical definition of a robot, Schneier tells #sectorca #sector2017
