REVIEW - Secrets&Lies




Bruce Schneier




Wiley ()




Francis Glassborow


October 2000



If you are concerned about computer security... ...this book will provide you an extensive understanding

Perhaps the author's name seems familiar. It should because he is the author of one of the most authoritative books ever written on the subject of encryption, 'Applied Cryptography'. It was also responsible for what the author considers a serious mistake. One motive for this book is to correct that mistake.

However good the mathematics of cryptography may be there is much, much more to security than cryptography. Security is no stronger than the weakest link. A technically uncrackable encryption algorithm is completely nullified by such things as human weaknesses.

What do you do about the employee who keeps decrypted versions of vital documents on their hard-drives because it saves time? How do you cope with devices that allow remote copying of what is on your screen? Those are only a couple of aspects of security. There are many more.

This is not a book to browse. It is a book in which the author attempts to provide a complete picture of security in modern IT systems. Its purpose is not to provide solutions but to raise awareness of the deeper issues that need to be addressed.

Modern technology based societies make awareness of security an issue for all of us. When information can be stolen in bulk and searched at leisure, the implications of personal data in such things as your tax-return, your telephone account, and your bank statement become much more threatening. We live in a society that espouses the concept of personal privacy, yet actually providing such privacy is becoming progressively harder.

This book was originally planned for publication in 1998. The author actually gave up writing it before publication because he could see no way to do more than make the reader believe that pursuit of real computer security was a hopeless task. It was not until April 1999 that something happened that changed his mind and led to the rewrite which finished up as the book that I have on my desk.

If you are concerned about computer security (and you would be mad not to be) this book will provide you an extensive understanding of the broad band of issues as well as some ideas about how the risks can be managed.

If you only have time to read a single book on the subject, this is the one to read. I think you owe it to yourself to take the time to read this book.

Highly recommended to all.

Book cover image courtesy of Open Library.

Your Privacy

By clicking "Accept All Cookies" you agree ACCU can store cookies on your device and disclose information in accordance with our Privacy Policy and Cookie Policy.

By clicking "Share IP Address" you agree ACCU can forward your IP address to third-party sites to enhance the information presented on the site, and that these sites may store cookies on your device.