Bruce Schneier Leaves BT

Now news of his departure from the UK's leading ISP and one of the world's major telecommunications companies has been revealed by The Register. It yesterday published a leaked internal memo from Mark Hughes , CEO BT Security, to 'all people in BT Security.' It said simply, "I would like to announce that Bruce Schneier, BT’s security futurologist, is leaving the company after eight years." 

Both sides are publicly saying that Schneier's criticisms of the NSA (and to a lesser degree, GCHQ) have nothing to do with his departure. BT told The Register, "We have agreed to part ways as we felt our relationship had run its course and come to a natural end. It has nothing to do with his recent blogs."

Schneier said, "This has nothing to do with the NSA. No, they [BT] weren't happy with me, but they knew that I am an independent thinker and they didn't try to muzzle me in any way. It's just time."

Nevertheless, as BT's involvement with GCHQ has become more clear, his criticism of internet surveillance and work for EFF have become increasingly incompatible with working for the company. On 2 August 2013, the Guardian reported, "Some of the world's leading telecoms firms, including BT and Vodafone, are secretly collaborating with Britain's spy agency GCHQ, and are passing on details of their customers' phone calls, email messages and Facebook entries, documents leaked by the whistleblower Edward Snowden show."

An unrelated report titled The Internet Dark Age and published anonymously quotes a Schneier article in the Guardian as its starting point: “The NSA also attacks network devices directly: routers, switches, firewalls, etc. Most of these devices have surveillance capabilities already built in; the trick is to surreptitiously turn them on. This is an especially fruitful avenue of attack; routers are updated less frequently, tend not to have security software installed on them, and are generally ignored as a vulnerability.”

This report claims that BT gives the NSA and GCHQ access to every users' home network via the BT-supplied home network routers. It claims, "The Hack is based on the fact that a second secret/hidden network and second IP address is assigned to your modem. Under normal use, you cannot detect or see this from your LAN, but the attacker has direct access to your modem and LAN in your house from the Internet."

Infosecurity has invited BT to comment on this report, and will update this article with any response. Infosecurity also asked some technology experts to evaluate the accusations, and that evaluation is continuing. Some believe the report is true, some are doubtful, and yet others consider it valid, but with legitimate reasons for this to happen.

An Infosecurity email exchange with Schneier in October sought to understand the complexity of his position. His title had changed from CSTO (something he invented himself) to 'security futurologist.'  He explained that his position "was most decidedly not management (or actually in charge of anything).  Recently we decided that it wasn't really proper for me to have a 'C-O' title, and 'Security Futurologist' was pleasantly obscure."

Infosecurity also asked if there was any reason for his surveillance criticisms to focus almost entirely on NSA, with little on GCHQ and nothing on BT. "It would probably be stupid of me to criticize BT," he replied, "just as it would for any employee of any company to criticize that company.  Also, I generally stay out of other countries' politics, so it's not just the UK -- it's everywhere else on the planet."

The question now, free from BT employment, is whether we will see more direct criticism of the BT/GCHQ relationship. In September he wrote, "This is not the internet the world needs, or the internet its creators envisioned. We need to take it back. And by we, I mean the engineering community." Bruce Schneier is a leading figure in the engineering community.

What’s hot on Infosecurity Magazine?