Last year saw the first inductions into the Security Bloggers Hall of Fame. Each year we will add another member to our Hall of Fame
Brian Krebs worked as a reporter for The Washington Post from 1995 to 2009, authoring more than 1,300 blog posts for the Security Fix blog, as well as hundreds of stories for washingtonpost.com and The Washington Post newspaper, including eight front-page stories in the dead-tree edition and a Post Magazine cover piece on botnet operators.
But you didn’t really want to read my résumé, did you? What most people want to know is how I got into computer security, and whether I have a technical background in the field.
The short answer is “by accident,” and “no,” respectively. I earned a Bachelor of Arts in International Studies from George Mason University in 1994, and at the time I wasn’t much interested in computers, although I had programmed a bit on an Apple II and spent quite a bit of time visiting online bulletin boards as a kid.
It wasn’t until 2001 — when my entire home network was overrun by a Chinese hacking group — that I became intensely interested in computer security. I had been monkeying with a default installation of Red Hat Linux (6.2) on an old Hewlett-Packard system, because for some reason I had it in my head that it would be fun to teach myself how to turn the spare computer into an oversized firewall [ah, the irony]. That is, until the Lion Worm came around and locked me out of my system. Twice.
After that incident, I decided to learn as much as I could about computer and Internet security, and read most everything on the subject that I could get my hands on at the time. It’s an obsession that hasn’t let up.
Much of my knowledge about computers and Internet security comes from having cultivated regular and direct access to some of the smartest and most clueful geeks on the planet. The rest I think probably comes from a willingness to take risks, make mistakes, and learn from them.
I am 40 years old, and live with my wife Jennifer in Northern Virginia. When I’m not at the computer, I most often spend my free time reading, writing, cooking, gardening, studying Russian and playing guitar. I also enjoy corresponding with readers, so shoot me a note and tell me what you think of the blog.
Bruce Schneier is an internationally renowned security technologist and author. Described by The Economist as a “security guru,” he is best known as a refreshingly candid and lucid security critic and commentator. When people want to know how security really works, they turn to Schneier.
His first bestseller, Applied Cryptography, explained how the arcane science of secret codes actually works, and was described by Wired as “the book the National Security Agency wanted never to be published.” His book on computer and network security, Secrets and Lies, was called by Fortune “[a] jewel box of little surprises you can actually use.” Beyond Fear tackles the problems of security from the small to the large: personal safety, crime, corporate security, national security. Schneier on Security, offers insight into everything from the risk of identity theft (vastly overrated) to the long-range security threat of unchecked presidential power. His latest book, Liars and Outliers, explains how societies use security to enable the trust that they need to survive.
Regularly quoted in the media — and subject of an Internet meme — he has testified on security before the United States Congress on several occasions and has written articles and op eds for many major publications, including The New York Times, The Guardian, Forbes, Wired, Nature, The Bulletin of the Atomic Scientists, The Sydney Morning Herald, The Boston Globe, The San Francisco Chronicle, and The Washington Post.
Schneier also publishes a free monthly newsletter, Crypto-Gram, and a blog, Schneier on Security, with a combined 250,000 readers. In more than ten years of regular publication, Crypto-Gram has become one of the most widely read forums for free-wheeling discussions, pointed critiques, and serious debate about security. As head curmudgeon at the table, Schneier explains, debunks, and draws lessons from security stories that make the news.