Secrets and Lies: Digital Security in a
Networked World by Bruce Schneier
Great Educational And Easy Read
Whom can you trust? Try Bruce Schneier, whose rare gift for common
sense makes his book Secrets and Lies: Digital Security in a Networked
World both enlightening and practical. Hes worked in cryptography and
electronic security for years, and has reached the depressing conclusion
that even the loveliest code and toughest hardware still will yield to
attackers who exploit human weaknesses in the users. The book is neatly
divided into three parts, covering the turn-of-the-century landscape of
systems and threats, the technologies used to protect and intercept data,
and strategies for proper implementation of security systems. Moving
away from blind faith in prevention, Schneier advocates swift detection
and response to an attack, while maintaining firewalls and other gateways
to keep out the amateurs. Newcomers to the world of Schneier will be
surprised at how funny he can be, especially given a subject commonly
perceived as quiet and dull. Whether hes analyzing the security issues of
the rebels and the Death Star in Star Wars or poking fun at the giant

software and e-commerce companies that consistently sacrifice security
for sexier features, hes one of the few tech writers who can provoke
laughter consistently. While moderately pessimistic on the future of
systems vulnerability, he goes on to relieve the readers tension by
comparing our electronic world to the equally insecure paper world weve
endured for centuries--a little smart-card fraud doesnt seem so bad after
all. Despite his unfortunate (but brief) shill for his consulting company in
the books afterword, you can trust Schneier to dish the dirt in Secrets and
Lies. --Rob Lightner
Personal Review: Secrets and Lies: Digital Security in a
Networked World by Bruce Schneier
I bought this title as a bundle with "Applied Cryptography" and "Practical
Cryptography". I still need to read those 2 titles, but I have read "Secrets
and Lies" (SL) cover to cover. My approach to reading this was that SL
was that I would read the theory behind the security to start my studies on
security, hacking, and cryptography. And this is just what this book is: an
description of security. It is sort of like reading a book on math that
describes the beauty of math, but does not list the math or have any
problems for the reader to do. The reader learns the history, types of math,
and interesting facts on how math can solve problems, but for further study
is going to have to get a book with math problems. So the reader shouldn't
expect this book to be a tech manual.
I really like this book because it shows how to think about security. The
whole book is on this subject, but an example would be when he describes
security in layers. He states that prevention attacks will fail, because you
can't defend against every attack. So you need an instant alert that tells
when you are under an attack. The sooner you know about the attack the
faster you can respond. So that is prevention, detection, and response.
A weakness in prevention is people pick wrong passwords, freely give
information, and don't understand the security measures. So no matter
how strong you security is it is only as strong as the weakest link. Strong
encryption may do well against brut force attacks, but attackers cheat.
They find ways of getting around the encryption.
An example is an encrypted telephone. It would take a lot of knowledge,
but if a Denial of Service attack was done on the encrypted line so the
phone didn't work the "people" are going to use a regular line which can be
eavesdropped on.
The book has thousands of ideas. Many much profound that is. Now that I
read it, in the future I will reread sections to see what I have learned in my
self-study.
For More 5 Star Customer Reviews and Lowest Price:
Secrets and Lies: Digital Security in a Networked World by Bruce Schneier 5 Star
Customer Reviews and Lowest Price!