Just for Fun
While Secrets and Lies is good for a laugh or two, those seeking insight into securing your network should look elsewhere.
by Adam Hayes
8/28/2001 --
 |
|
|
| Title |
|
|
|
Secrets and Lies: Digital Security in a Networked World |
|
| Authors |
|
|
|
Bruce Schneier |
|
| Publisher |
|
|
|
John Wiley & Sons |
|
| Publication Date |
|
|
|
August 2000 |
|
| ISBN |
|
|
|
0-47-125-311-1 |
|
| Price |
|
|
|
$29.99 (U.S.) |
|
| Pros |
|
|
|
Plenty of interesting and funny anecdotes used to illustrate key points. |
|
| Cons |
|
|
|
This 400-page advertisement is almost completely devoid of any practical information. |
|
| Verdict |
|
|
|
If you are trying to increase your company's IT budget, or outsource your system security duties, buy it for your boss. |
|
|
|
|
|
|
|
|
|
|
|
|
|
Secrets and Lies: Digital Security in a Networked World is an interesting, enjoyable and occasionally thought-provoking book. It is not, however, a technical book, in that it will not teach you how system exploits work or how you can stop them. In all reality, there's probably nothing in here that anyone with even the slightest knowledge in computer security of any kind wouldn't already know. Although it does provide an outline of many of the issues those charged with running a computer network are forced to face, it stops well short of providing any real answers to these issues.
One thing the book does very well is explain the various security threats out there in a way that network novices can understand and appreciate. In doing so, it can allow business decision makers without a technical background understand what issues their IT staff are trying to secure their systems against. It's very accessible, which is rare for books on the topic of computer security. There are a lot of interesting and often funny asides throughout the book, which are used to illustrate the key points. For a reader with a technical background, these short anecdotes may be the sole redeeming feature. Of course, people with a technical background are not the target audience for this book.
The extensive repetition of many of the topics is a little off putting as well. By the end of the book, Schneier is often saying the same thing in the same way, rather than taking the opportunity to show the issue from another angle. He concludes that the best answer is to outsource your system security, and even goes so far as to say that the book explains the services his company provides. It's about this moment when you start to feel like you just read through a 400-page advertisement. This book falls well short of the standard he set for himself with Applied Cryptography, his classic cryptography book.
If you are looking for a source of in-depth technical information on the topic of system security, look elsewhere. This book takes more of a sensationalistic approach on the topic, much like the approach we're used to from the mainstream media. That isn't to say it is without any merit. I found it to be quite an enjoyable read, but that's more due to its entertainment value rather than to any technical information I found. If you have already acknowledged that system security is a serious issue which needs to be taken as such, then you can probably skip this book as that is the only real message it contains.
Have you read this book? Let us know what you think! Rate it below or enter our Forums.
Adam Hayes, MCP, Network+, is the head of the IT department for a medium-size company with a strong focus on e-commerce. When not working or sleeping, he's studying for the next certification. He can be reached at .
More articles by Adam Hayes:
|
