Enjoy fast, free delivery, exclusive deals, and award-winning movies & TV shows with Prime
Try Prime and start saving today with fast, free delivery

Kindle
$17.00

Available instantly

Hardcover
$18.11 - $21.86

Paperback
$7.90 - $12.50

$12.50 with 55 percent savings

List Price: $28.00

Get Fast, Free Shipping with Amazon Prime FREE Returns

to get FREE delivery Saturday, November 16. Order within 2 hrs 15 mins

Or Non members get FREE delivery Tuesday, November 19 on orders shipped by Amazon over $35

Select delivery location

Only 1 left in stock - order soon.

$$12.50 () Includes selected options. Includes initial monthly payment and selected options. Details

Ships from

Amazon

Ships from

Amazon

Sold by

miracleverse

Sold by

miracleverse

Returns

Returnable until Jan 31, 2025

Returns

Returnable until Jan 31, 2025

For the 2024 holiday season, eligible items purchased between November 1 and December 31, 2024 can be returned until January 31, 2025.

Read full return policy

Payment

Secure transaction

Payment

Secure transaction

We work hard to protect your security and privacy. Our payment security system encrypts your information during transmission. We don’t share your credit card details with third-party sellers, and we don’t sell your information to others. Learn more

Details

Add a gift receipt for easy returns

$7.90

Get Fast, Free Shipping with Amazon Prime FREE Returns

Used book that is clean, average condition without any missing pages. Used book that is clean, average condition without any missing pages. See less

to get FREE delivery Saturday, November 16. Order within 4 hrs 30 mins

Or Non members get FREE delivery Tuesday, November 19 on orders shipped by Amazon over $35

Select delivery location

Only 1 left in stock - order soon.

$$12.50 () Includes selected options. Includes initial monthly payment and selected options. Details

Access codes and supplements are not guaranteed with used items.

Enhancements you chose aren't available for this seller. Details

${cardName} not available for the seller you chose

${cardName} unavailable for quantities greater than ${maxQuantity}.

Sold by Shakespeare Book House and Fulfilled by Amazon.

Other sellers on Amazon

New & Used (63) from $6.00 & FREE Shipping

Image Unavailable

Image not available for
Color:

To view this video download Flash Player

Follow the author

Bruce Schneier

Follow

Secrets and Lies: Digital Security in a Networked World 1st Edition

by Bruce Schneier (Author)

4.5 287 ratings

See all formats and editions

{"desktop_buybox_group_1":[{"displayPrice":"$12.50","priceAmount":12.50,"currencySymbol":"$","integerValue":"12","decimalSeparator":".","fractionalValue":"50","symbolPosition":"left","hasSpace":false,"showFractionalPartIfEmpty":true,"offerListingId":"Y2qfw1L3TIV1DsHaRuiq2UY0GKxxoKgh0PD4NuboXadGjQ96xC5FQh6Nf3IRH7eIVB2kTdSsbdoWjguzhk%2FOhrwK4mgoKiW17cK3P53lxDwPYpVUacxdzLAicsEexO9S1eaWbli01Bjn4R1L5VdzcxrqA0ey%2FG48iNd2K%2BCW5cMd2xk%2FX7WzPeTzA3wcCTrR","locale":"en-US","buyingOptionType":"NEW","aapiBuyingOptionIndex":0}, {"displayPrice":"$7.90","priceAmount":7.90,"currencySymbol":"$","integerValue":"7","decimalSeparator":".","fractionalValue":"90","symbolPosition":"left","hasSpace":false,"showFractionalPartIfEmpty":true,"offerListingId":"Y2qfw1L3TIV1DsHaRuiq2UY0GKxxoKghx5IGLk3ZdOsi7g0in19odDglqo5OkLt1gAplYzfJEWO2cjj%2BeCQBkGVE2HMHe50D9c%2FvAaT%2FGwyFA8peAlyytksKSCSokUCeK9A23RQZqSx5Jug%2B3cAYk%2BMIFtHcYn6sdmSw%2BCfoKQ6rfiv4pqEyMNcG%2FlZ4ygXk","locale":"en-US","buyingOptionType":"USED","aapiBuyingOptionIndex":1}]}

Purchase options and add-ons

Bestselling author Bruce Schneier offers his expert guidance on achieving security on a network
Internationally recognized computer security expert Bruce Schneier offers a practical, straightforward guide to achieving security throughout computer networks. Schneier uses his extensive field experience with his own clients to dispel the myths that often mislead IT managers as they try to build secure systems. This practical guide provides readers with a better understanding of why protecting information is harder in the digital world, what they need to know to protect digital information, how to assess business and corporate security needs, and much more.
* Walks the reader through the real choices they have now for digital security and how to pick and choose the right one to meet their business needs
* Explains what cryptography can and can't do in achieving digital security

ISBN-10

0471453803
ISBN-13

978-0471453802
Edition

1st
Publisher

Wiley
Publication date

January 30, 2004
Language

English
Dimensions

6 x 1.19 x 9 inches
Print length

432 pages
See all details

This item: Secrets and Lies: Digital Security in a Networked World

$12.50

Get it as soon as Tuesday, Nov 19

Only 1 left in stock - order soon.

Sold by miracleverse and ships from Amazon Fulfillment.

+

Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

$17.95

Get it as soon as Tuesday, Nov 19

In Stock

Ships from and sold by Amazon.com.

+

A Hacker's Mind: How the Powerful Bend Society's Rules, and How to Bend them Back

$23.42

Get it as soon as Tuesday, Nov 19

In Stock

Ships from and sold by Amazon.com.

Total price: $00

To see our price, add these items to your cart.

Try again!

Details

Added to Cart

Some of these items ship sooner than the others.

Show details Hide details

Choose items to buy together.

Editorial Reviews

Review

“…The security technologies available are described in a user-friendly way without going into depth...” (Computer Bulletin, January 2005)

“…peppered with lively anecdotes and aphorisms, making it a really accessible read...” (The ISSG Magazine, Autumn, 2004)

“…fascinating read…peppered with lively anecdotes…” (The ISSG Magazine, October 2004)

"...make yourself better informed. Read this book." (CVu, The Journal of the ACCU, Vol 16(3), June 2004)

From the Inside Flap

A primer in practical computer security aimed at those shopping, communicating, or doing business online - almost everyone, in other words.
-The Economist

Viruses. Identity theft. Corporate espionage. National secrets compromised. Can anyone promise security in our digital world?

The man who introduced cryptography to the boardroom says no. But in this fascinating read, he shows us how to come closer by developing security measures in terms of context, tools, and strategy. Security is a process, not a product - one that system administrators and corporate executives alike must understand to survive.

This book is of value to anyone whose business depends on safe use of e-mail, the Web, or other networked communications. If that's not yet everybody, it soon will be.
-Stephen H. Wildstrom, BusinessWeek

It's not often that a truly outstanding book is written for both technical users and management. Fortunately, Secrets and Lies pulls off this feat rather well.
-Dustin Puryear, Linux.com

Schneier . . . peppers the book with lively anecdotes and aphorisms, making it unusually accessible.
-Los Angeles Times

Product details

Publisher ‏ : ‎ Wiley; 1st edition (January 30, 2004)
Language ‏ : ‎ English
Paperback ‏ : ‎ 432 pages
ISBN-10 ‏ : ‎ 0471453803
ISBN-13 ‏ : ‎ 978-0471453802
Item Weight ‏ : ‎ 1.1 pounds
Dimensions ‏ : ‎ 6 x 1.19 x 9 inches

Best Sellers Rank: #872,928 in Books (See Top 100 in Books)
- #126 in Computer Networks
- #126 in CompTIA Certification Guides
- #251 in Computer Networking (Books)

Customer Reviews:
4.5 287 ratings

Brief content visible, double tap to read full content.

Full content visible, double tap to read brief content.

Videos

Help others learn more about this product by uploading a video!

Upload your video

About the author

Follow authors to get new release updates, plus improved recommendations.

Bruce Schneier

Brief content visible, double tap to read full content.

Full content visible, double tap to read brief content.

Bruce Schneier is an internationally renowned security technologist, called a "security guru" by The Economist. He is the author of 12 books -- including "Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World" -- as well as hundreds of articles, essays, and academic papers. His influential newsletter "Crypto-Gram" and blog "Schneier on Security" are read by over 250,000 people. Schneier is a fellow at the Berkman Center for Internet and Society at Harvard Law School, a program fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic Frontier Foundation, and an Advisory Board member of the Electronic Privacy Information Center. He is also the Chief Technology Officer of Resilient Systems, Inc.

Customer reviews

287 global ratings

How customer reviews and ratings work

Customers say

Customers find the book highly informative, thorough, and understandable. They describe it as a thoughtful read and say it's worth reading. Readers also mention it's a good introduction to the cyber security community and beneficial for IT and security managers.

AI-generated from the text of customer reviews

Select to learn more

Information quality Readability Security

19 customers mention "Information quality"19 positive0 negative

Customers find the book highly informative, thorough, and well-written. They say the author does a great job at making the subject understandable. Readers also appreciate the practical examples and real-world examples. They mention the book provides a broad spectrum of topics and issues involved in world-wide security.

"...Cryptography: It is no surprise that he was written a terrific introduction to the concepts and building blocks (primitives and protocols) of..." Read more

"...Lies: Digital Security in a Networked World" is the perfect book to hand to new bosses or new employees coming in the door who have not been..." Read more

"...Secrets and Lies is a well organized book with plenty of real world examples, problems and solutions...." Read more

"This is basically a good book. Very readable, usually very clear, very broad scope...." Read more

13 customers mention "Readability"13 positive0 negative

Customers find the book well-written, clear, and worth reading. They also say it provides a great overview of the world of information security.

"...a good introduction to the cyber security community, and Schneier tells the story well...." Read more

"...Secrets and Lies is a well organized book with plenty of real world examples, problems and solutions...." Read more

"This is basically a good book. Very readable, usually very clear, very broad scope...." Read more

"...This book is definitely worth reading." Read more

13 customers mention "Security"10 positive3 negative

Customers find the book great for those interested in security. They say it's a good introduction to the cyber security community. Readers also mention that the author takes complicated security techniques and explains them clearly.

"...of my favorite industry commentators, this is an introductory text on information security that should be useful to just about everyone...." Read more

"...It is also the perfect book for seasoned security practitioners who want an overview of the key issues facing our community today...." Read more

"This is an excellent information security book that everyone working in this field should read...." Read more

"...Kind of scary to see the lack of security that is actually out there to protect our information on the web. Be careful!" Read more

Sort by reviews type

Top reviews from the United States

There was a problem filtering reviews right now. Please try again later.

J. G. Heiser

Excellent intro infosec book that everyone should read

Reviewed in the United States on September 18, 2000

Verified Purchase

Written by one of my favorite industry commentators, this is an introductory text on information security that should be useful to just about everyone. I highly recommend this book for the following audiences:
· Beginning security specialists
· IS and other business managers who make decisions about systems deployment
· Experienced security practitioners who want to improve their thinking and analysis skills
· Those studying for security certification, such as the CISSP
· Software and Internet product planning and marketing staff (and not just security software)
Schneier, who is recognized for his contributions to cryptography, has recently found religion. As recounted in a recent interview in "Information Security" magazine, he realized that humans were destroying the purity of his mathematical approach. Instead of retreating into academia, he tackled this issue head-on, some of the result of which is this landmark book. He recommends reading it cover to cover, and I agree with him-it takes all 400 pages to paint the complete story, and if you don't approach it linearly, you run the risk of missing the subtleties of the author's message. Skimming this book could easily trap a reader into equating vulnerability with risk. The world is full of risk, and while Schneier takes obvious delight in deconstructing the vulnerabilities of automated systems, it is important to understand that historical manual systems are quite vulnerable too, and humans deal with the risk quite nicely. Read the whole book.
The chapters that I found most significant included:
· (6 & 7) Cryptography: It is no surprise that he was written a terrific introduction to the concepts and building blocks (primitives and protocols) of encryption. Even techno-agnostics will find great value in his discussion of the problems with proprietary algorithms.
· (9) Identification & Authentication: An excellent introduction to the problems of passwords and helpful discussion of the limitations of biometrics. He makes it clear why biometrics are NOT a magic cure for security problems.
· (12) Network Defenses: Schneier tells it like it is! The ugly truth about sexy security toys.
· (13) Software Reliability: Best description of stack overflow that I've ever seen for a lay audience.
· (22) Product Testing and Verification: After crypto, evaluating software for security flaws is Schneier's other specialty, and he's written an awesome chapter. The author makes it very clear why it is unrealistic to expect invulnerable software, he single-handedly conducts a totally balanced debate on the merits of full disclosure, and he finishes the chapter with sage advice on approaching security product reviews with healthy skepticism.
I'm often asked to recommend introductory texts on information security, and unfortunately there really aren't that many good books for a newbie. If more books existed, I would probably give Schneier's book a 4 instead of a 5, but for now, this is one of the best. As he explains in the Afterward, his `epiphany' occurred only 12 months before completing the text-this isn't much time to become an expert in security process. His background is somewhat removed from day to day operations, and perhaps this lack of administrative experience results in a few weak areas. I suggest that the reader exercise some critical thinking and consult additional authorities when reading the following chapters:
· (4) Adversaries: his concept of computer criminals is a bit weak, pretty much lumping all transgressors into the mutually exclusive categories of `spy' or `hacker'.
· (5) Security Needs: Sof of his terminology lacks precision (perhaps inevitable when addressing a general audience). I disagree that a spoofed message represents an integrity failure, and I don't characterize audit as a requirement, but as a control.
· (15) Certificates and Credentials: He totally ignores the concept that practice statements (policies on CA and especially certificate management) provide any arbitrary level of assurance-the more stringent the rules, the higher the assurance. He doesn't discuss time stamping and other forms of third-party witnessing that can greatly strengthen a digital signature.
· (16) Security Tricks: His vehement attack on key recovery is politically extreme. The government's ill-conceived desire for key escrow should not affect the responsibility a corporation has to protect its own data. Who hasn't used an encryption product and lost a key?
· (21) Attack Trees: This is a marvelously useful idea, but he leaves the impression that these can be used to create quantifiable risk models, and I don't believe that putting information security risk in dollar value terms is practical.
Despite its length, the book is a quick read, and the informal tone makes it very approachable. It is addressed at a completely different audience than "Applied Cryptography"--it isn't a technical book--it is more of a business book. (Technical specialists would be well advised to read more business texts like this.) My copy is already well marked with highlighting and notes-this text has a lot of meat in it, and many new and useful ideas. If you find this book helpful in your job and you want to do additional reading, two complementary texts on the human aspects of infosec that I recommend are "The Process of Network Security" by Thomas Wadlow, and "Fighting Computer Crime : A New Framework for Protecting Information" by Donn B. Parker (I've reviewed both here on Amazon).

87 people found this helpful

Helpful

Rick Howard

You Should Have Read This By Now

Reviewed in the United States on May 5, 2014

Verified Purchase

See full review at my blog: Terebrate

"Secrets and Lies: Digital Security in a Networked World" is the perfect book to hand to new bosses or new employees coming in the door who have not been exposed to cyber security in their past lives. It is also the perfect book for seasoned security practitioners who want an overview of the key issues facing our community today. Schneier wrote it more than a decade ago, but its ideas still resonate. He talks about the idea that “security is a process, not a product.” With that one line, Schneier captures the essence of what our cyber security community should be about. He explains that even though we have advanced technology designed to specifically find cyber break-ins, people are the still the weakest link. He describes how cyber risk is not a special category. It is just another risk to the business. He highlights the ludicrous idea that software vendors have no liability or selling buggy code, and he was one of the first thought leaders to characterize the adversary as something more than just a hacker. He makes the case for things that the cyber security community still needs in order to make the Internet more secure, things like strengthening confidentiality, integrity, and availability (CIA); improving Internet privacy and Internet anonymity; and challenging the idea that security practitioners must make the Sophie’s Choice between better security or more privacy in terms of government surveillance. Finally, he anticipates the need for a Bitcoin-like capability long before Bitcoin became popular. The content within Secrets and Lies is a good introduction to the cyber security community, and Schneier tells the story well. Because of that, Secrets and Lies is candidate for the cyber security canon, and you should have read it by now.

3 people found this helpful

Helpful

John A. Kontogianis

Need to learn about cryptography and software implementations and the history of the technology

Reviewed in the United States on July 13, 2024

Verified Purchase

Read this book it s a must for all network professionals.

Helpful

Moe

An excellent, thoughtful read

Reviewed in the United States on March 26, 2013

Verified Purchase

This is an excellent information security book that everyone working in this field should read. Bruce Schneier doesn't go and market specific security products and he actually is against the blatant stance that many companies take towards security, in which they want to have total security but they don't want to see it working. Instead the criticizes how companies rush into buying security products just because they're shiny and trendy instead of thoughtfully thinking about security from the design and planning phase to all phases of production.

The author is very specific about the security domains without being too technical but instead focusing on the "philosophy" behind each caveat. In that regards he shows the many way crackers can harm our security and how far we have advanced in combating them. He has a sort of pessimistic view regarding this because as he claims the bad guys are already ahead of governments and other organizations because of their unwillingness to think of security as a process but rather as a product to be installed without proper metrics measurement and capacity planning.

Helpful

Ilya Grigorik

It's not a product, it's a process!

Reviewed in the United States on August 7, 2006

Verified Purchase

Bruce Schneier offers an excellent 'big picture' overview of the computer security field. From types of attacks, to algorithm security to security in the context of your data center, you get a full overview of the current practices and consequences arising from them. The author argues for security as a process, not a product; security is not something you can add to your product after the fact. Starting from the product specification, down to your last outsourced programmer, security has to permeate your organization for it to work. Building 'attack trees', relying on peer review and enforcing liability are all suggestions advanced by Bruce Schneier.

Secrets and Lies is a well organized book with plenty of real world examples, problems and solutions. Buy a copy for yourself, and many more for everybody else you know, we will all benefit in the end.

One person found this helpful

Helpful

Top reviews from other countries

Translate all reviews to English

Cliente Amazon

Fantastico

Reviewed in Italy on July 21, 2024

Verified Purchase

L’autore è il mio mito e il libro ti apre gli occhi sul mondo dopo e prima l’11/9. I love it

Translate review to English

Amazon Customer

Interesting

Reviewed in Canada on September 18, 2020

Verified Purchase

This writer obviously knows the subject and has a very good writing style. Even though the book is 20 years old , it is still very informative and very relevant for today. The writer was ahead of his time and changes in computer security have slowed in relation to the increase in the pace of computational capacity.