After appearing as the keynote speaker at Scholarship After Snowden, security expert and author Bruce Schneier had a conversation with CGCS about online security.
CGCS: Were the Snowden revelations novel? What in the documents uncovered information that was unknown to surveillance and security scholars and experts?
Bruce Schneier: On the one hand, there was no real surprise. Anyone who has followed the NSA has assumed that they did this. What was surprising is the sheer extensiveness of the surveillance programs, which probably should not have been a surprise, either. I guess just seeing it in actual detail made it more real, and therefore different.
What is the greatest misconception the general public has about security online, especially in this post-NSA revelations environment?
I think people believe that their data is more secure than it is. And I’m not thinking about criminals and hackers, I’m thinking about the “good guys.” Google knows when I stop thinking about it. Google knows what related things I’m thinking about. And Google knows that about everyone. Google knows what kind of porn everyone likes. This kind of thing is inherently creepy, and people don’t think about it.
We don’t think about it because it’s not salient. We don’t wake up in the morning and think “I’m going to carry a tracking device around with me today.” We just grab our cellphone. People don’t think about this data, who…