Secrets and Lies: Digital Security in a Networked World and over one million other books are available for Amazon Kindle. Learn more
  • List Price: $17.95
  • Save: $3.49 (19%)
FREE Shipping on orders over $35.
Only 11 left in stock (more on the way).
Ships from and sold by
Gift-wrap available.
FREE Shipping on orders over $35.
Used: Good | Details
Sold by RentU
Condition: Used: Good
Comment: Fast shipping from Amazon! Qualifies for Prime Shipping and FREE standard shipping for orders over $35. Overnight, 2 day and International shipping available! Excellent Customer Service.. May not include supplements such as CD, access code or DVD.
Access codes and supplements are not guaranteed with used items.
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Secrets and Lies: Digital Security in a Networked World Paperback – January 30, 2004

ISBN-13: 072-3812595563 ISBN-10: 0471453803 Edition: 1st

Buy New
Price: $14.46
42 New from $2.09 98 Used from $0.01
Amazon Price New from Used from
"Please retry"
"Please retry"
$2.09 $0.01
Free Two-Day Shipping for College Students with Amazon Student Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student

Frequently Bought Together

Secrets and Lies: Digital Security in a Networked World + Liars and Outliers: Enabling the Trust that Society Needs to Thrive + Beyond Fear: Thinking Sensibly About Security in an Uncertain World.
Price for all three: $48.23

Buy the selected items together
If you buy a new print edition of this book (or purchased one in the past), you can buy the Kindle edition for only $2.99 (Save 71%). Print edition purchase must be sold by Amazon. Learn more.

Shop the New Digital Design Bookstore
Check out the Digital Design Bookstore, a new hub for photographers, art directors, illustrators, web developers, and other creative individuals to find highly rated and highly relevant career resources. Shop books on web development and graphic design, or check out blog posts by authors and thought-leaders in the design industry. Shop now

Product Details

  • Paperback: 448 pages
  • Publisher: Wiley; 1 edition (January 30, 2004)
  • Language: English
  • ISBN-10: 0471453803
  • ISBN-13: 978-0471253112
  • Product Dimensions: 6 x 1.2 x 9 inches
  • Shipping Weight: 1.2 pounds (View shipping rates and policies)
  • Average Customer Review: 4.3 out of 5 stars  See all reviews (140 customer reviews)
  • Amazon Best Sellers Rank: #94,198 in Books (See Top 100 in Books)

Editorial Reviews Review

Whom can you trust? Try Bruce Schneier, whose rare gift for common sense makes his book Secrets and Lies: Digital Security in a Networked World both enlightening and practical. He's worked in cryptography and electronic security for years, and has reached the depressing conclusion that even the loveliest code and toughest hardware still will yield to attackers who exploit human weaknesses in the users. The book is neatly divided into three parts, covering the turn-of-the-century landscape of systems and threats, the technologies used to protect and intercept data, and strategies for proper implementation of security systems. Moving away from blind faith in prevention, Schneier advocates swift detection and response to an attack, while maintaining firewalls and other gateways to keep out the amateurs.

Newcomers to the world of Schneier will be surprised at how funny he can be, especially given a subject commonly perceived as quiet and dull. Whether he's analyzing the security issues of the rebels and the Death Star in Star Wars or poking fun at the giant software and e-commerce companies that consistently sacrifice security for sexier features, he's one of the few tech writers who can provoke laughter consistently. While moderately pessimistic on the future of systems vulnerability, he goes on to relieve the reader's tension by comparing our electronic world to the equally insecure paper world we've endured for centuries--a little smart-card fraud doesn't seem so bad after all. Despite his unfortunate (but brief) shill for his consulting company in the book's afterword, you can trust Schneier to dish the dirt in Secrets and Lies. --Rob Lightner --This text refers to an out of print or unavailable edition of this title.


“…The security technologies available are described in a user-friendly way without going into depth...” (Computer Bulletin, January 2005)

“…peppered with lively anecdotes and aphorisms, making it a really accessible read...” (The ISSG Magazine, Autumn, 2004)

“…fascinating read…peppered with lively anecdotes…” (The ISSG Magazine, October 2004)

"...make yourself better informed. Read this book." (CVu, The Journal of the ACCU, Vol 16(3), June 2004)

More About the Author

Bruce Schneier is the go-to security expert for business leaders and policy makers. His breakthrough book Applied Cryptography (1994, 1998) explained how the arcane science of secret codes actually works, and was described by Wired as "the book the National Security Agency wanted never to be published." His business-oriented bestseller Secrets and Lies (2000) was called by Fortune "[a] jewel box of little surprises you can actually use." Best known as a refreshingly candid and lucid security critic and commentator, he has appeared in numerous media outlets, including The New York Times, USA Today, Newsweek, and The Wall Street Journal, as well as on NPR, CNN, and the major networks. He has also testified on security before the United States Congress.

Customer Reviews

In my view, the book is very well written but is not an easy read.
If you think you know enough about security already, read this book, and it will disprove you.
David Doty
This is an excellent information security book that everyone working in this field should read.
Amazon Customer

Most Helpful Customer Reviews

127 of 134 people found the following review helpful By Richard Bejtlich on October 29, 2000
Format: Hardcover
I am an Air Force officer and technical resource for a 50-person military intrusion detection operation. I've seen Bruce speak twice and he never fails to impress. "Secrets and Lies" is no different. This book is not designed to teach readers about the latest security technologies. It was not written to promote specific products, although Bruce explains how the book's themes caused him to revamp his Counterpane firm. What the book does is teach security professionals how to think about their craft. I would recommend it to everyone in the field from day one, but its deeper meanings would probably not be evident until a year's work on the front lines.
Some of the ideas aren't new. For example, I've heard members of the L0pht petition for a software Underwriter's Lab for years, and others have encouraged liability laws for software vendors. Bruce builds on these ideas and weaves them into his own prescription for dealing with complex and inherently insecure systems. This is the type of book that gives a professional the vocabulary and framework to organize his understanding of the security process. "Secrets and Lies" creates the "little voice" that warns against a vendor's promises to solve all your problems with a $30,000 box-of-wonders.
Of particular interest to me, after training in economics, is Bruce's insistence that "the buying public has no way to differentiate real security from bad security." It logicially follows that the market cannot address this problem, since "perfect information" does not exist. Therefore, outside organizations (perhaps an FDA for software?) should get involved, but not by outlawing reverse engineering and security tools.
I give five stars to books that make the complex simple, that reveal and enhance technical details, or that change the way I look at the world. This book fits two, and possibly three of those categories. Bravo, Bruce.
6 Comments Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
85 of 91 people found the following review helpful By J. G. Heiser on September 17, 2000
Format: Hardcover Verified Purchase
Written by one of my favorite industry commentators, this is an introductory text on information security that should be useful to just about everyone. I highly recommend this book for the following audiences:
· Beginning security specialists
· IS and other business managers who make decisions about systems deployment
· Experienced security practitioners who want to improve their thinking and analysis skills
· Those studying for security certification, such as the CISSP
· Software and Internet product planning and marketing staff (and not just security software)
Schneier, who is recognized for his contributions to cryptography, has recently found religion. As recounted in a recent interview in "Information Security" magazine, he realized that humans were destroying the purity of his mathematical approach. Instead of retreating into academia, he tackled this issue head-on, some of the result of which is this landmark book. He recommends reading it cover to cover, and I agree with him-it takes all 400 pages to paint the complete story, and if you don't approach it linearly, you run the risk of missing the subtleties of the author's message. Skimming this book could easily trap a reader into equating vulnerability with risk. The world is full of risk, and while Schneier takes obvious delight in deconstructing the vulnerabilities of automated systems, it is important to understand that historical manual systems are quite vulnerable too, and humans deal with the risk quite nicely. Read the whole book.
The chapters that I found most significant included:
· (6 & 7) Cryptography: It is no surprise that he was written a terrific introduction to the concepts and building blocks (primitives and protocols) of encryption.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
41 of 42 people found the following review helpful By A Customer on September 6, 2000
Format: Hardcover
_Secrets and Lies_ is a necessary book for everyone who wonders about privacy and security on the Internet--that is to say, everyone. Schneier discusses the threats in cyberspace, the technologies to combat them, and (most importantly) the strategies that make those technologies work. It's not surprising that the technical information is solid. What might be surprising to some, though, is how lucid and funny Schneier's writing is. He doesn't talk down to readers, but you don't have to be a complete techie to understand what he's saying.
Schneier's discussion of where things are and where they're going is fascinating and informative. I was especially interested by the legal stuff--many of the laws designed to enhance security and privacy actually damage it. Read this book, make your boss read it, make your IT manager read it, and send a copy to your congresscritter. It might just help make the Net safer.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
18 of 20 people found the following review helpful By Ryan L. Russell on August 21, 2000
Format: Hardcover
If you're a fan of Bruce Schneier, whether it be his live presentations, his books, or Crypto-Gram, then you'll love this book. Bruce has shifted his focus away somewhat from the deep technical details that he has in "Applied Cryptography." In this book, he delves more into the hows and whys of security, and focuses heavily on the trade-offs that reality forces security people to make. This book is a must-read for anyone responsible for making security decisions.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
16 of 18 people found the following review helpful By Robert Halloran on August 31, 2000
Format: Hardcover
Bruce has rightfully earned his reputation by explaining the technology of security. In this book he goes past that by explaining that security is a system, a process, and does it in his typical style that makes it completely understandable and actually a fun read. If you're responsible for security matters, you may not like seeing various 'social engineering' hacks exposed, but it's information that you and everyone using a computer these days needs to be aware of. Once again, Bruce brings a straightforward style to bear and makes sometimes difficult subject matter clear to the reader.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Most Recent Customer Reviews