Product Description

Presenting invaluable advice from the worlds most famous computer security expert, this intensely readable collection features some of the most insightful and informative coverage of the strengths and weaknesses of computer security and the price people pay -- figuratively and literally -- when security fails. Discussing the issues surrounding things such as airplanes, passports, voting machines, ID cards, cameras, passwords, Internet banking, sporting events, computers, and castles, this book is a must-read for anyone who values security at any level -- business, technical, or personal.

Product Details

• Amazon Sales Rank: #95609 in Books
• Published on: 2008-09-29
• Original language: English
• Number of items: 1
• Binding: Hardcover
• 336 pages

Review
"...the timing of the release...could hardly be bettered...it's certainly convenient to have [Schneier's columns] collected in one place." (ZDNet.co.uk, October 22nd 2008) "His conclusions are insightful and often provocative...A fascination read." (.Net, January 2008) "...refreshing common-sense approach...indispensable for anyone in the security industry and a thought-provoking read for anyone else." (Information Age, November 2008) "...an easy book to dip into...thought provoking, showing clear logic and real world examples...a highly accessible introduction to "security thinking"." (PC Pro, March 2009) "Thought provoking and refreshingly honest, this is a fascinating reading...rivetingread throughout...A compelling digest" (Linux Format, April 2009)

From the Inside Flap

You take off your shoes in the airport. You scan the supermarket's "preferred customer" card to get the sale price. You claw your way through tamper-resistant packaging for a couple of aspirin. You accept all these inconveniences in the name of security.

But are you any safer?

Bruce Schneier, arguably the world's foremost authority on computer security, has explored security issues ranging from protecting your password to illegal wiretapping. This collection of Schneier's best op-ed pieces, columns, and blog posts goes beyond technology, offering his insight into everything from the risk of identity theft (vastly overrated) to the long-range security threat of unchecked presidential power and the surprisingly simple way to tamper-proof elections. You'll discover:

• Why data mining will never protect us from terrorists

• How your stone-age brain affects what you fear and what security measures you accept

• Why computer security is fundamentally an economic problem

• Whether you can really trust a Trusted Traveler

• If sacrificing your privacy has made you more secure

• Why refusing driver's licenses to illegal immigrants actually reduces security

• The industry power struggle over controlling your computer

• Why we overestimate some risks and underestimate others

• Why national ID cards won't make us safer, only poorer

• . . . and much more

This book will challenge your illusions of security at every level. Think it's okay to give up your privacy if you're doing nothing wrong? What happens when "wrong" gets redefined? How much power over your personal life are you willing to concede to the person you least want to see as president? What's the acceptable trade-off between security and convenience?

In this ruthless, comprehensive, and thought-provoking analysis, Schneier shows us what we should be worrying about and how to get our national fingers off the panic button.

From the Back Cover

"One of the world's foremost security experts."
— Wired

"A security guru."
— The Economist

"Security sage and notorious cynic."
— CNET

Are you really safer than before 9/11?

We've sacrificed our privacy, convenience, and sometimes even our dignity to feel safer. But has it bought us security, or merely an illusion?

Bruce Schneier, world-renowned security technologist, recognizes that the ultimate security risk is people. In this compendium of articles and blog postings, the bestselling author of Secrets and Lies explains why many security practices are in fact security risks, and how we can truly become safer — not only online, but also on airplanes, at work, at school, and in our daily lives. In a world grown increasingly paranoid, Schneier makes a compelling case for common sense.

Customer Reviews

Best of the best from one of the best minds in security
There is a perception in both the private and government sector, that security, both physical and digital, is something you can buy. Witness the mammoth growth of airport security products following 9/11, and the sheer number of vendors at security conferences. With that, government officials and corporate executives often think you can simply buy products and magically get instant security by flipping on the switch. The reality is that security is not something you can buy; it is something you must 'get'.

Perhaps no one in the world gets security like author Bruce Schneier does. Schneier is a person who I am proud to have as a colleague [Schneier and I are both employed by the same parent company, but work in different divisions, in different parts of the country]. Schneier on Security is a collection of the best articles that Bruce has written from June 2002 to June 2008, mainly from his Crypto-Gram Newsletter, his blog, and other newspapers and magazine. The book is divided into 12 sections, covering nearly the entire range of security issues from terrorism, aviation, elections, economics, psychology, the business of security and much more.

Two of the terms Schneier uses extensively throughout the book are intelligence and economics. From an intelligence perspective, he feels that Washington has spent far too much on hardware and other trendy security devices that create a sense of security theater. The security theater gives an aura and show of security, but in reality, has little real effect.

The lack of intelligence is most manifest with airports, which are a perfect example of misguided security. Schneier notes that current trends in US airport security requires that people remove their shoes, due to a one-time incident with shoe-based explosive. Such an approach completely misses the point. Also, Schneier notes that the attempt to create a no-fly list, by feeding a limited set of characteristics into a computer, which is somehow expected to divine a person's terrorist leaning, is farcical.

Schneier therefore feels that the only way to effectively uncover terrorist plats is via intelligence and investigations, not via large-scale processing of everyone. Intelligence is an invaluable tool against terrorism, and the beauty of it is that it works regardless of what the terrorists are plotting. The bottom line according to Schneier in the book is that too much of the United State's counterterrorism security spending is not designed to protect us from the terrorists; but instead to protect public officials from criticism when another attack occurs.

Schneier also astutely notes that for the most part, security is not really so much of a technical issue, rather one of economics. A perfect example he gives is that of bulletproof vests. Since they are so effective, why doesn't everyone wear them all of the time? The reason people don't is that they do not think they are worth the cost. It is not worth the money or inconvenience, as the risk of being shot for most people is quite low. As a security consumer, people have made the calculation that not wearing a bulletproof vest is a good security trade-off. Schneier also notes that much of what is being proposed as national security is a bad security trade-off. It is not worth it and as consumers, the public is being ripped off.

Another recurring theme throughout the book is how the Bush administration has little by little eroded the Constitution, all in the name of fighting terrorism. Schneier notes that the brilliant framework the founding fathers created by creating divisions of power (executive, legislative, judicial) with checks and balances violates a basic unwritten rule, that the government should be granted only limited powers, and for limited purposes. Since there is a certainty that government powers will be abused.

Schneier observes that the USA PATRIOT is a perfect example of this abuse. The Constitution was designed and carefully outlines which powers each branch may exercise. While Schneier is best-known as a cryptographer and security expert, Schneier on Security also shows him to be a defender of the Constitution. In a number of essays in the book, he shows how unchecked presidential powers is bad not only for security, but for the preservation of democracy.

In chapter 8, on the topic of the economics of security, Schneier suggests a three-step program for improving computer and network security. He notes that none of them have anything to do with technology; they all have to do with businesses, economics, and people.

In chapter 9, on the psychology of security, Schneier writes that he tells people that if something is in the news, then they do not have to worry about it. He writes that the very definition of news is something that hardly ever happens. It's when something is not in the news, when it is so common that it is no longer news, drunk drivers killing people, domestic violence, deaths from diabetes, etc., that is when you should start worrying. And much of the terrorist threats that the Department of Homeland Security is spending tens of billions of dollars on, are those news threats, such as shoe bombers and liquid explosives that present very little real threat to the people of the US.

A fundamental theme of the book is that security is a trade-off. And far too many people have made the security trade-off without thinking if it is truly worth it. In essay after essay, Schenier challenges those assertions. Since 9/11, much has been given up in the name of terrorism, and that has been personal privacy and security. Schenier asks, has it been worth it?

Schneier on Security is an exceptionally important book that is overflowing with thought-provoking articles. Schneier gets above vague adages such as the war on terror and gets to the heart of the matter. His insight details what the real threats are, and what we should really be worrying about. The irony is that what Washington does is often the exact opposite of what should be done.

Much of the security carried out in the name of 9/11 has proven to be infective in the seven years since the attack. Schneier on Security is a manifesto of what should have been done, and what should be done. The book is eye-opening from the first page to the last. It lets you know that the next time you see grandma asked to take her shoes off by a TSA agent at the airport, why she is simply a bit player in the large security theater. And why spending tens of billions on a charade like that, makes that a tragedy of epic proportions.

A compilation of articles published by Bruce Schneier from 2002 through the summer of 2008.
Being a fan of Bruce Schneier's other books, I looked forward to his latest work "Schneier On Security", and certainly was not disappointed, although I found that I had read some sections of the book previously.

"Schneier On Security" consist of a compilation of articles published by Mr. Schneier from 2002 through the summer of 2008.

If you regularly read Crypto-Gram and Wired Magazine you will be familiar with some sections of this book. Articles published in other magazines and newspapers, and reprinted in this book, I had not previously read and enjoyed the opportunity to read them now.

As with all of Mr. Schneier's writings, the articles in the book are thought provoking yet at the same time easy to read.

The book is divided into 12 chapters, followed by a large list of web-sites providing additional information and references.

The chapters are:

Introduction
1 - Terrorism and Security
2 - National Security Policy
3 - Airline Travel
4 - Privacy and Surveillance
5 - ID Cards and Security
6 - Election Security
7 - Security and Disasters
8 - Economics of Security
9 - Psychology of Security
10 - Business of Security
11 - Cybercrime and Cyberwar
12 - Computer and Information Security
References
Index

Each chapter consists of a few previously published articles related to the chapter topic.

Well written, thought provoking, and an opportunity to get several of Mr. Schneier's articles collected into a single volume.

Highly Recommended.

Hardbound collection of Internet Essays
I got this book for free. I would not have paid money for it, since all of Bruce's essays and writings in this book or all over his website & blog. Bruce is very up-front about that. At the same time, though, I can't give Bruce a low rating because the content is very Bruce-- very good. If you want a "book formatted" version of Bruce's writings, here you go, but I would suggest picking up his _Beyond Fear_ book first, then subscribe to either his blog or mailing list (or both). If you want more Computer Security info, look to his _Secrets and Lies_ book first.