- Paperback: 448 pages
- Publisher: Wiley; 1 edition (January 30, 2004)
- Language: English
- ISBN-10: 0471453803
- ISBN-13: 978-0471453802
- Product Dimensions: 6 x 1.2 x 9 inches
- Shipping Weight: 1.2 pounds (View shipping rates and policies)
- Average Customer Review: 158 customer reviews
- Amazon Best Sellers Rank: #65,448 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Secrets and Lies: Digital Security in a Networked World 1st Edition
Use the Amazon App to scan ISBNs and compare prices.
"Rebound" by Kwame Alexander
Don't miss best-selling author Kwame Alexander's "Rebound," a new companion novel to his Newbery Award-winner, "The Crossover,"" illustrated with striking graphic novel panels. Pre-order today
Frequently bought together
Customers who bought this item also bought
Customers who viewed this item also viewed
Whom can you trust? Try Bruce Schneier, whose rare gift for common sense makes his book Secrets and Lies: Digital Security in a Networked World both enlightening and practical. He's worked in cryptography and electronic security for years, and has reached the depressing conclusion that even the loveliest code and toughest hardware still will yield to attackers who exploit human weaknesses in the users. The book is neatly divided into three parts, covering the turn-of-the-century landscape of systems and threats, the technologies used to protect and intercept data, and strategies for proper implementation of security systems. Moving away from blind faith in prevention, Schneier advocates swift detection and response to an attack, while maintaining firewalls and other gateways to keep out the amateurs.
Newcomers to the world of Schneier will be surprised at how funny he can be, especially given a subject commonly perceived as quiet and dull. Whether he's analyzing the security issues of the rebels and the Death Star in Star Wars or poking fun at the giant software and e-commerce companies that consistently sacrifice security for sexier features, he's one of the few tech writers who can provoke laughter consistently. While moderately pessimistic on the future of systems vulnerability, he goes on to relieve the reader's tension by comparing our electronic world to the equally insecure paper world we've endured for centuries--a little smart-card fraud doesn't seem so bad after all. Despite his unfortunate (but brief) shill for his consulting company in the book's afterword, you can trust Schneier to dish the dirt in Secrets and Lies. --Rob Lightner --This text refers to the Hardcover edition.
“…The security technologies available are described in a user-friendly way without going into depth...” (Computer Bulletin, January 2005)
“…peppered with lively anecdotes and aphorisms, making it a really accessible read...” (The ISSG Magazine, Autumn, 2004)
“…fascinating read…peppered with lively anecdotes…” (The ISSG Magazine, October 2004)
"...make yourself better informed. Read this book." (CVu, The Journal of the ACCU, Vol 16(3), June 2004)
If you buy a new print edition of this book (or purchased one in the past), you can buy the Kindle edition for only $2.99 (Save 70%). Print edition purchase must be sold by Amazon. Learn more.
For thousands of qualifying books, your past, present, and future print-edition purchases now lets you buy the Kindle edition for $2.99 or less. (Textbooks available for $9.99 or less.)
Author interviews, book reviews, editors picks, and more. Read it now
Top customer reviews
There was a problem filtering reviews right now. Please try again later.
To be clear, I enjoyed the book. If you're interested in InfoSec, and you're an avid reader, it's definitely worth your time, but if you're looking for a great primer in the vein of most of other works by Schneier, then you should probably look elsewhere, because it simply isn't "relevant enough" to be a modern reference.
The author is very specific about the security domains without being too technical but instead focusing on the "philosophy" behind each caveat. In that regards he shows the many way crackers can harm our security and how far we have advanced in combating them. He has a sort of pessimistic view regarding this because as he claims the bad guys are already ahead of governments and other organizations because of their unwillingness to think of security as a process but rather as a product to be installed without proper metrics measurement and capacity planning.
"Secrets and Lies: Digital Security in a Networked World" is the perfect book to hand to new bosses or new employees coming in the door who have not been exposed to cyber security in their past lives. It is also the perfect book for seasoned security practitioners who want an overview of the key issues facing our community today. Schneier wrote it more than a decade ago, but its ideas still resonate. He talks about the idea that “security is a process, not a product.” With that one line, Schneier captures the essence of what our cyber security community should be about. He explains that even though we have advanced technology designed to specifically find cyber break-ins, people are the still the weakest link. He describes how cyber risk is not a special category. It is just another risk to the business. He highlights the ludicrous idea that software vendors have no liability or selling buggy code, and he was one of the first thought leaders to characterize the adversary as something more than just a hacker. He makes the case for things that the cyber security community still needs in order to make the Internet more secure, things like strengthening confidentiality, integrity, and availability (CIA); improving Internet privacy and Internet anonymity; and challenging the idea that security practitioners must make the Sophie’s Choice between better security or more privacy in terms of government surveillance. Finally, he anticipates the need for a Bitcoin-like capability long before Bitcoin became popular. The content within Secrets and Lies is a good introduction to the cyber security community, and Schneier tells the story well. Because of that, Secrets and Lies is candidate for the cyber security canon, and you should have read it by now.
That being said, there are some nits I have to pick. The material is very ad hoc, backed up by mainly by personal (though extensive) experience and casual reading. A useful knowledge base, but limited as a source of primary information.
This is aggravated by Schneier's use of non-technical examples and analogies in many of his arguments. The arguments themselves are very strong, but when he cites this historical example or that financial practice, he often gets his facts wrong. I don't suppose this has a big effect on his credibility, but it must have some.
It's also a little disappointing that Schneier didn't bother to get into the general history of the Engima/Ultra business -- a prime example of his basic theme, that the smallest failure of the security process is vulnerable to machines with infinite patience.
Finally, I'm very, very disappointed that Scheier fails to challenge -- and sometimes even supports -- the social conservative attitude towards hacking and reverse engineering. He points out the futility of trying to encrypt DVDs -- but barely touches on the DMCA. He speaks of general software hacking as a basically benign activity -- but he strongly supports criminal punishment even for the most non-invasive electronic "trespass". This is a point of view utterly at odds with his ideas of security considered in a complete social context.