ACCU Home page ACCU Conference Page
Search Contact us ACCU at Flickr ACCU at GitHib ACCU at Google+ ACCU at Facebook ACCU at Linked-in ACCU at Twitter Skip Navigation

Search in Book Reviews

The ACCU passes on review copies of computer books to its members for them to review. The result is a large, high quality collection of book reviews by programmers, for programmers. Currently there are 1918 reviews in the database and more every month.
Search is a simple string search in either book title or book author. The full text search is a search of the text of the review.
    View all alphabetically
Title:
Secrets&Lies (revised)
Author:
Bruce Schneier
ISBN:
0-471-25311-1
Publisher:
Wiley
Pages:
414pp
Price:
£11-99
Reviewer:
Mark Easterbrook
Subject:
security
Appeared in:
16-6
We all live in an increasingly digital and networked world. We also live in a world that seems increasingly hostile, at both the personal level and the global level. Yet, so few of us really take security really seriously: maybe we all lock our doors and windows and install firewalls and virus scanners, but this is just basic stuff - when did you last perform a security audit on your house or your Internet connection?

This book examines the security of the digital networked world and the domains that interface and interact with it, including us, in a pragmatic, myth-busting, sometimes humorous, and often worry-inducing way. It is divided into three parts:

Part 1 - The Landscape - sets the scene, who are they, what do they want, why they want it, how might they get it, and why are they targeting you. If the answer is "I don't know", as it is often the case, you just have to guess and hope you are somewhere close.

Part 2 - Technologies - is the largest section and comprehensively covers the technology used in attack, defence, detection and alerting. The common theme here is that security is like a chain, and is only as strong as its weakest link.

Part 3 - Strategies - looks at the practical side of securing your part of the world. This takes a realistic look at threat and risk analysis and how sufficient defence strategy can be created. Not surprisingly, technology is only part of the problem, and only part of the answer - security is a human issue as much as it is a technical one.

When you have read this book, and I strongly urge that you do, there will be one of two outcomes: You will take security much more seriously, or you will sleep much less easily at night. Recommended.