Secrets and Lies: Digital Security in a Networked World

ClanBrandon Books
view more info on this item
click here for more details, find new or used items

Bruce Schneier

Our price £8.39 (£11.99)
New from £6.41
Used from £4.50

Pages: 448 (Paperback)

ISBN: 0471453803

Pub: John Wiley & Sons

Pub date: 2004-01-23

Amazon.co.uk Sales Rank: 99174
Check for 3rd party sellers (new/used)

Editorial Review:


At the moment, it seems that hardly a day passes without fresh news of some glaring Internet security breach; online banks, of all things, seem to be particularly vulnerable at the moment. All of which will come as no great surprise to network security cum cryptography guru, Bruce Schnier. His latest book, Secrets and Lies, paints a very gloomy overview of the true state of network security. Schnier, founder of Counterpane Internet Security, has some harsh words to say about the state of network security, though, to be fair, his criticisms are directed far and wide; not one scapegoat, (not even Microsoft) is singled out for special attention. Depressingly, the words "fundamentally flawed" crop up time and time again in this absorbing book.

Secrets and Lies is a thorough backgrounder in all aspects of network security, an extremely wide remit that stretches from passwords to encryption, passing through authentication and attack trees along the way. The book is divided in to three broad categories, The Landscape, which covers attacks, adversaries and the need for security; Technologies, which discusses cryptography, authentication, network security, secure hardware and security tricks; and concludes with Strategies, which looks at vulnerabilities, risk assessment, security policies and the future of security. Mercifully there's a dim light at the end of this tunnel and Schnier ultimately remains upbeat about maintaining computer security and details a way forward in his conclusion.

Although working in a necessarily techie environment, Schnier's book is surprisingly jargon-free and easy to understand, even if you're not au fait with the inner workings of TCP/IP--it's common-sense, practical style makes a potentially dense and arcane subject accessible by just about anybody. It's also bang up to date, which makes for a pleasant change. Secrets and Lies is never less than thought-provoking and should be essential reading for every network administrator in the land. Be afraid, be very afraid! --Roger Gann

Reader Reviews:


5/5 stars

An fantastic read (4/4 people found this helpful)

This book is without a doubt my favourite IT book. Its an excellent read for both those involved in security and those who are not. The book covers a broad range of topics, starting with some general, non IT security concepts. The book then details among many other things, PKIs, digital signitures, biometrics. The kind of common methods used to attack or eavesdrop on systems, such as buffer overflow vulnerabilities and man-in-the-middle techniques. All in all a great read, highly recommended.

4/5 stars

Good read for an average Internet user (4/4 people found this helpful)

The book is a nice and easy read for an average user of the Internet or a middle level manager looking for information on data security. However it cannot be used as an academic source, since lots of opinion is very biased and rarely supported by fact or trustworthy sources. Nevertheless it is quite amuzing how the author pinpoints the formet USSR in almost every chapter of the book.

5/5 stars

Info a-go-go (5/5 people found this helpful)

I've actually had to read this book for module on my university course (had the exam last week, think it went pretty well), and it's a shame that many people will likely avoid it for fear of it requiring in-depth technial knowledge of the internet, other networks and computers in general. Whilst a little knowledge of such things is needed, is only along the lines of what they are and what they are used for. The book has been written as a start-to-finish book, i.e. it's not meant for reading the different chapters at leisure - there is definite follow-on. It never reaches too steep a learning curve, but more impressive is the fact that it manages to cover as wide a range of sub-topics that "digital security" covers, as it does, whilst never feeling like it's skimped on any of those sub-topics. It helps that it's not meant to look at any particular sub-topic too closely - you find full details on how to build a firewall, for instance, or how to design a cryptographic algorithm. But it also provides a little background on topics of especial interest, such as the US and UK governments' usage of digital security (in particular cryptography and their citizens' right to privacy versus the need for evidence gathering). Most interesting of all, are the main important points that network administrators and users should really take note of (this includes people who use the internet). Most of them, I must admit, I kind of knew already (however reading them from one of the foremost security experts around helps keep them in my mind), but I still don't follow all of them as I should. I do follow them better than the average internet user, though, otherwise e-mail worms and trojans and those stupid hoax e-mails would not continue being so successful.
In short, if you use the internet regularly, or some kind of computer network at work, this really is a must read.

5/5 stars

And I thought I was paranoid! (3/4 people found this helpful)

This book is amazing. 'Cryptography' huh? That just sounds way to complicated for me. This book is brilliantly written and there's a laugh on nearly every page. This is a refreshing academic resource, where the author clearly knows a mammouth amount on the subject, but makes it available for everyone in a language we all understand. It's chock-full of interesting examples and explanations in plain English. Well done Bruce!

4/5 stars

Essential Reading for anyone interested in Security (4/4 people found this helpful)

I first tried reading the Authors other book, Applied Cryptography, but that was way too technical for my needs.
Then along comes this book, at just the right level. I encourage everyone to read this to get a basic appreciation of the issues and underlying principles. The only disappointment was there is very little material on Chip/Smart Cards; this is a fast-evolving area of study, and I hope there is another edition soon with a chapter on this topic.

Similar Products

Beyond Fear: Thinking Sensibly About Security in an Uncertain World

The Art of Deception: Controlling the Human Element of Security

Security Engineering: A Guide to Building Dependable Distributed Systems

The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers

The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage

Categories

Amazon.co.uk places this book into the following categories:

Books -> Special Features -> Search Inside!
Books -> Subjects -> Computing & Internet -> Certification -> Subjects -> Networking
Books -> Subjects -> Computing & Internet -> Digital Lifestyle -> Online Shopping -> Amazon
Books -> Subjects -> Computing & Internet -> General
Books -> Subjects -> Computing & Internet -> Networking & Security -> Network Topics -> General AAS
Books -> Subjects -> Computing & Internet -> Networking & Security -> Security -> Network Security
Books -> Subjects -> Computing & Internet -> Networking & Security -> Security -> General AAS
Books -> Subjects -> Computing & Internet -> Networking & Security -> General AAS
Books -> Subjects -> Computing & Internet -> General AAS
Books -> Refinements -> Language (feature_browse-bin) -> English
Books -> Refinements -> Format (binding_browse-bin) -> Paperback
Books -> Refinements -> Font Size (format_browse-bin) -> Regular Size

 

ClanBrandon Books | Prague airport transfer | Dreamweaver | Short Term Missions | English Teacher Jobs in the Czech Republic
Czech Republic | Operation Mobilisation | Czech Republic Map