or do 'guru's seem to only come out with comments supporting the company agenda?

I.e. if this 'guru' actually came out with something controvesial about Phorms data encoding

scheme then great but this is just a BT face spewing (content free) PR guff.

If you'd read anything he has had to say on the matter, he has made it pretty clear that he won't comment on the whole Phorm thing due to it being a conflict of interests since BT bought his company (Counterpane) last year. He has had plenty to say about similiar companies in the USA.

For those with any interest in the whole field of security (computer or otherwise), his opinions are usually rational and well balanced and he is a well known critic of what has come to be called 'security theater' (his term, hence the Merkin spelling).

If anything, I feel sorry for the guy, whose hands are obviously tied and who therefore cannot openly criticise the [allegedly] clearly dodgy goings-on with Phorm and BT whilst at the same time being one of the few people most suited to casting aspersions upon them from a professional point of view.

I expected better of Bruce "Chuck Norris comes to me for security advice" Schneier. I mean, he's got a point about it becoming ubiquitous and ID cards being an interim technology, before our AI overlords will be able to track and recognise us anywhere, but he hasn't really said anything new or interesting there.

Mine's the tinfoil lined one with the hoodie, with gloves and a Wavebubble in the pocket.

Bruce Schneier is a legend in the security community, from long before BT Counterpane even existed. He's been an outspoken critic of security theatre - "movie plot threats" as he describes them - since the fallout from 9/11, and usually offers realistic alternatives and clear explanations.

Basically, if he says something about security, you're well advised to listen...

WTF? Did you even read the article? What part of it makes you think he supports BT's data retention / intrusion?

I see someone's been at the Twat-O-Tron.

I think it may be you. Bruce Schneier is an extremely well-known and respected cryptographer - no need to put the sneering quotes around guru there, as he wrote the book (Applied Cryptography) and is well-respected internationally for his research and practical work.

The fact that Phorm isn't in his area (after all, he's a cryptographer, not an advertising guy) doesn't mean he's trying to cover up by talking about an important subject which does happen to be in his area. Alleging that he's a "BT face spewing (content free) PR guff" proclaims lamentable ignorance of Scheier's many valued contributions and the regard in which he is held by his peers. A moment of Googling would have revealed to you some amazing facts about this great man:

* Bruce Schneier once factored a prime number.

* Bruce Schneier's secure handshake is so strong, you won't be able to exchange keys with anyone else for days.

* Bruce Schneier's tears can burn holes through an OpenBSD firewall. Lucky for us, Bruce Schneier never cries.

* Bruce Schneier writes his books and essays by generating random alphanumeric text of an appropriate length and then decrypting it.

* SSL is invulnerable to man-in-the-middle attacks. Unless that man is Bruce Schneier.

And many, many more.

Counterpane is a crypto/computer security consultancy which Schneier set up. BT bought it in 2006 (allegedly for at least US$20 million, which says something about Bruce Schneier's value in the industry) to expand their US-based security consultancy.

As a final point, it's always best to have an idea what you're on about before pouring your vitriol out all over the internets - it rusts the tubes, you see.

"... Schneier ... challenged the view that privacy and security are at loggerheads, suggesting the real debate is between liberty and control."

Didn't most of us recognise this from the outset?

He has no special knowledge of Phorm so has no strong reason TO comment. Also because he is a BT executive anything he said would have special weight (politically, in the blog-sphere and even legally!) So there is a reason to NOT comment.

http://www.schneier.com/blog/archives/2008/09/bt_phorm_and_me.html

P.S. He has NOT come out in support, he has not come out at all.

That is all.

This isn't news, it's a central theme which has run through his essays for the last 5 years.

You don't need to bother buying his latest book : it's all in his blog.

Shame on the Reguster for regurgitating this guff as news

the last paragraph. That is the interesting one. In total, the death of privacy is spelled out for us. What should we do? How do you tell the cop, we're better off without the camera? If that's the right thing to do?

... this just in from the Department of Stating the Bleeding Obvious...

As an executive employee of BT, Schneier I guess has to follow a certain 'protocol' on what he can and can't say about BT.

Reading his blog and what he said, or did not say about Phorm (between the lines) I am quite satisfied that if he was allowed to do so, I doubt that Phorm / Webwise would get his support.

Articles already written years previously by him already show his viewpoints. He is the man!

... if they live in a future where it's seen as normal to track everybody. If someone in the future goes around saying maybe it's a good idea not to be tracked then they obviously have got something to hide.

In this instance the three are not really separable, how does this cretin think your privacy can be maintained whilst at the same time your identity is being constantly checked and verified with a view to control.

The technology he is talking about, if certain people and organisations have their way , will be included in the CCTV systems in shopping malls as well as airports and stations. It will become all pervading under the guise of anti-terrorism and crime prevention. Your privacy will only be as good as the security on the combined nationwide RFID and CCTV systems. Start looking for a Spreading Chestnut Tree now.

...Science is not about man's control over nature, but about man's control over man; C.S. Lewis said that (or something reasonably close to it). It is therefore to be expected that jumps in science would go along with jumps in control.

As long as there is IT unemployment, there will be thousands of us willing to help build the gilded cage. (Theater is also profitable, as long as you have the right investors.)

Let's state some facts:

-In Applied Cryptography, Bruce states that there is something like "strong cryptography", which is NOT the One-Time Pad. He also states that NSA probably/maybe/possibly can break that strong thing. Not really clear reasoning

-Bruce hates and ridicules the One Time Pad, which would put quite a few people out of business.

-According to The Evil Encyclopedia, "Before Counterpane, he worked at the United States Department of Defense and then AT&T Bell Labs. " What exactly did he do at DoD and their favourite contractor Bell Labs ?

http://en.wikipedia.org/wiki/Bruce_schneier

-BT is in Bed with the UK Government. The UK Government is in Bed with the US govt and many other govts. Bruce got a lot of money from BT. Go on reasoning yourself.

Bruce would be much more credible by taking the money and quitting that cozy setup.

"Bruce Schneier writes his books and essays by generating random alphanumeric text of an appropriate length and then decrypting it."

I think some tabloid journalists try to imitate him, but they haven't got their algorithms quite right.

or have bt got him chained to a radiator?

"In Applied Cryptography, Bruce states that there is something like "strong cryptography", which is NOT the One-Time Pad. He also states that NSA probably/maybe/possibly can break that strong thing. Not really clear reasoning"

I thought the reasoning in Applied Cryptography was perfectly clear. He shows the algorithms, shows how to estimate their strength, and shows, given the assumed budget of the NSA, they could have the capability to break DES (the standard at that time).

I've never heard or seen Bruce hating or ridiculing the One Time Pad. He does describe it's shortcomings: basically, how do you distribute the pads? It is not a panacea, nothing is.

Go back and re-read Applied Cryptography, see if you can understand it this time. Then read Secrets and Lies to see Bruce's explanation of what he got wrong in Applied Crypto.

Hmmm... "Eventually it may get to the point where even airports don't do identity checks because they already know who individuals are..." Funnily enough, the last time I flew ncl<->lhr couple of weeks ago, nobody checked my id at either end, a printed online check-in sheet of paper seemed to suffice. I thought it was because once they dangle you by your ankles and shake you till everything falls out, they would not care who you actually were, but maybe he knows something we don't?

I just can't imagine a more pointless, bleak and morbidly depressing world than the one painted in this article. The "right to die" legal actions will soon start coming from those with nothing more wrong with them than a surfeit of reading articles like this.

"... these checks will happen in the background using RFID chips, you won't even know you are being checked."

That part scares the living bejeezus outta me.

Stop giving the .gov ideas, Bruce!! They didn't even know what RFID was - they figured it stood for "Really Frickin' Idiotic Democracy" because we're daring to complain about 'em!

I guess they will have to chip my hoodie.

I think it is helpful to put liberty and control as extreme positions of one scale.

The same polititian who asks for 10% more control has difficulty saying to his voters that he wants 10% less liberty, and for who. The more honest ones do this, and point out they only want it for criminals, terrorists, immigrants, homeless, patients, children and other non-voters.

Bruce Schneier's comments may well be obvious to some readers and depressing to others, but his reputation is such that when he says something, people pay attention. And if you, dear reader, don't know of that reputation then head on over to Google and start reading.

He is right, of course, surveillance is becoming increasingly pervasive and will be increasingly automated. It paints a bleak picture: do you want some faceless organisation to know where you are and what you are doing all day, every day? Nothing to hide? How would you feel if someone was following you everywhere with a clipboard and parked outside your house when you got home? At what point does that personal intrusion become acceptable because you can no longer see the guy taking notes?

Future generations /will/ judge us on how we handle the privacy issues either by tut tutting over the revolution because we didn't do anything until people had had enough or by the fact that we avoided a crisis by doing something about it soon enough. That seemed to me to be the point of the article.

Mine's the invisibility cloak.

D. Brin, _The Transparent Society: Will Technology Force Us to Choose Between Privacy and Freedom?_ , *1998*

With all due respect, it's been said before.