Monday, 12 November 2018 05:20

Book review: Bruce Schneier's Click Here to Kill Everybody


World-renowned security technologist Bruce Schneier may not have intended it, but he has provided the answer to those who are demanding that industry provide governments with a means to break encryption.

In his latest book, Click Here to Kill Everybody, Schneier, in his characteristic under-stated manner, points out that there is absolutely no need for anyone to create panic about encryption for three simple reasons.

For one, metadata cannot be encrypted – and that very metadata tells an investigator much more about a message than the actual content; when third parties are used for data storage and processing, that data cannot be encrypted; and since every device is becoming a little computer and therefore a surveillance device, law enforcement has a myriad more new data streams that will not be encrypted to look for evidence of this or that.

But this incidental, valuable material is not the centrepoint of his book; rather Schneier's focus is the growing world of Internet-connected devices — he calls the network with all its new connected little computers the Internet+ — the problems that they pose, and how the dangers they create can be nullified.

As usual, his tone is sober, pragmatic and with the aim of imparting information – though he freely admits that the title is clickbait! The title, incidentally, reminded me of Stephen Gaghan's 2005 film Syriana, which had as its theme the fact that events in one part of the world could have an unintended fallout in an entirely different region.

Click Here was written in a hurry. But then it had to be, because if it had been published six months later, it would have probably been out of date, so fast is the growth of the Internet of Things, which is giving both individuals and nation-states the means to craft attacks that increasingly threaten the status quo.

Schneier points out that the update process, which is meant to keep software safe, cannot work because of inherent limitations. Neither government nor industry is overly bothered about this, as the insecure environment serves the interests of both. And, he explains, despite all the apparent advances in technology, it is still very hard to secure computing devices.

He outlines the common perception about technology and the reality, before proposing some answers in the second section of the book. Avoiding any hype about so-called cyber war, Schneier nevertheless does warn that things are ramping up to the point where incidents in the online world will have very real impacts on essential services.

In the end, it would have to be government that provides the answer, argues Schneier. And, he says, the threshold for government regulation will be when online attacks result in deaths. We haven't yet seen incidents of that magnitude.

Schneier does not indulge in rosy predictions; apart from detailing what should happen, he also hypothesises what will actually take place. There is hope, he assures his readers, but not before much ground is traversed.

The book contains one error. Schneier claims that a Windows exploit known as ETERNALBLUE, created by the NSA, was stolen by the Russians and then leaked on the Web. This is incorrect; a group known as the Shadow Brokers released the exploit and to this day there is no indication of who/what/where the group hails from.

Another shortcoming is the constant references to material from previous chapters – this would work with an online text using hyperlinks, but with hard copy it is often an irritant.

The book can be read and understood by anyone who has a decent command of English; it is meant for the average reader who is curious about the implications of having a refrigerator (or any other common device) that now is suddenly connected to the Internet. There are nearly 80 pages of notes, which makes referencing more detail easy.

The book is on sale for US$27.95 and should be available at all major online booksellers.


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments