Goodreads helps you keep track of books you want to read.
Start by marking “Secrets and Lies: Digital Security in a Networked World” as Want to Read:
Secrets and Lies: Digital Security in a Networked World
Enlarge cover
Rate this book
Clear rating
Open Preview

Secrets and Lies: Digital Security in a Networked World

3.92  ·  Rating Details  ·  1,253 Ratings  ·  50 Reviews
Bestselling author Bruce Schneier offers his expert guidance on achieving security on a network
Internationally recognized computer security expert Bruce Schneier offers a practical, straightforward guide to achieving security throughout computer networks. Schneier uses his extensive field experience with his own clients to dispel the myths that often mislead IT managers a
ebook, 448 pages
Published March 25th 2011 by Wiley (first published 2000)
More Details... edit details

Friend Reviews

To see what your friends thought of this book, please sign up.

Reader Q&A

To ask other readers questions about Secrets and Lies, please sign up.

Be the first to ask a question about Secrets and Lies

This book is not yet featured on Listopia. Add this book to your favorite list »

Community Reviews

(showing 1-30 of 3,000)
filter  |  sort: default (?)  |  Rating Details
Raj Makaram
Aug 14, 2016 Raj Makaram rated it really liked it  ·  review of another edition
If you want a “crash course” on digital security this is the book. The author Schneier is well-respected security consultant, cryptographer and the author of Applied Cryptography - one of the most respected books on the subject. If you are a professional who knows the limitation of technology, but need solution then this book will interest you. For those who are still to realize this fact – Schneier opens this book by acknowledging the he was wrong when he said earlier, that cryptography is The ...more
Apr 28, 2014 Alis rated it it was amazing  ·  review of another edition
The INFOSEC book by the INFOSEC guy. Also pretty accessible to people outside the field, so if you've got even a passing interest in all this computer security stuff, this is the place to start.
Rick Howard
Read full review at my blog:
See Cyber Security Canon Candidate List:

"Secrets and Lies: Digital Security in a Networked World" is the perfect book to hand to new bosses or new employees coming in the door who have not been exposed to cyber security in their past lives. It is also the perfect book for seasoned security practitioners who want an overview of the key issues facing our community today. Schneier wrote it
Ed Holden
I've wanted to read a Bruce Schneier book for a long time and this particular one was well rated. I might have confused it with the similarly named Liars and Outliers, which came out much more recently. What I didn't realize when I bought Secrets and Lies it is that Schneier published it in 2000, so it's both an insightful look at computer security practices and a trip down foggy memory lane.

Most of the advice in this book is still perfectly valid, like the importance of intrusion detection in a
Jul 27, 2011 Xing rated it really liked it  ·  review of another edition
I'm a technology end-user, deluged with acceleratingly frequent news reports of large corporations getting hacked, have recently been using my internet banking passcode generator, and occasionally placing basic htaccess security on my websites.

Thus, increasingly aware that security isn't to be left solely to experts who run the banking systems and data storage and transfer facilities- even casual users need an understanding of the premises on which they're built, and are responsible for correct
Dec 04, 2011 Marie rated it really liked it  ·  review of another edition
Slightly dated, but still a very good book that gives a reader who is uninitiated/unfamiliar with information security a clear idea about what information security actually is, how it affects us all (as a generation of humans connected by internet), how to protect information systems and tactics criminals use to break those systems (from malware to social engineering). The book is written in language the average person can understand and really provides an eye opening look at the role cryptology ...more
Jonathan Katz
Jul 14, 2007 Jonathan Katz rated it really liked it  ·  review of another edition
time to update my review given that i am now finished!

one thing that slightly annoyed me while i was reading the book was that it did not appear that schneier was offering any solutions to the problems that he was presenting in information security. but, after a certain point, that is when i realized: there really are no clear-cut solutions. as schneier emphasizes throughout the book, security is a process, not a solution. there is no generally algorithm for applying a security process; it reall
Apr 11, 2013 Zeeshan rated it it was amazing  ·  review of another edition
Secrets and Lies is a non-technical , non-mathematical book that deals with the "social" , & practical day-to-day aspects of hacking and security breach and violations. The book explains the hows and whys of hackings and its consequences. It explains the different types of cyber crimes i.e. identity thefts, ATM thefts, etc. and explores the causes of each in a different viewpoint than just code flaws or weak algorithms. It focuses specially on the Social Engineering aspect, the fallibility o ...more
Dec 04, 2013 Aku rated it really liked it
An excellent overview of what digital security is all about. Many people equate it with firewalls and encryption, based on poor news stories among other things, but that's only a small facet of what real security is. This book covers security from a much larger perspective.

What most surprised me, while reading this in 2013, is how prescient this book turned out to be. Originally written between 1998 and 2000, it anticipated the numerous challenges our industry has faced since then. It feels very
Michael Shea
I would have rated this book higher, but I bogged down about 2/3 through and put the book down for about two years. I picked it up again this week and wondered why I did not keep going. Though I cannot remember much about what I read two years ago, the last part of the book is his revelation about thinking about security. When I read it now, I am like, "of course". But he "vocalizes" the thoughts in a clear way, stating the unstated.
Nick Black
The second star is solely due to Schneier sending me this book in a nice signed hardback edition -- at 24, such things are a fine trouser-rouse. That having been said...sorry mang, but I certainly wouldn't have paid for it. I kind of imagine him with a blissful look on his face, eyes tightly drawn, visions of Counterpane Security profits dancing in his head as he builds towards an eruptive....well, you'll have to read Secrets and Lies yourself. But don't take my animadversion for it, or else y ...more
Oct 19, 2014 Guimi rated it liked it  ·  review of another edition
I liked it.
It tries to keep a very difficult balance between being informing enough for anyone and interesting enough for experts.
It doesn't always succeed.
Also some parts are a little outdated.
Still is a good work, very well explained and narrated, with a lot of concepts from which you'll always learn, regardless of your technical level.
A classic in the field.
Jul 22, 2010 Nia rated it it was amazing  ·  review of another edition
Shelves: computer-science
So far, I believe this book is the best resource to motivate readers to learn computer security. Written like those non-fictions (instead of textbooks), this book is appropriate to be read by anyone who would like to know about computer security.

The author tried to convince that computer security is a need instead of merely theory. He presented few examples of cases that worth reading. Those examples are firstly presented in human view, then he linked up to some relevant theories. He rarely put
School books are fun!!! Actually they are, when dealing with a topic you particularly like. Which I do in this case, so that wasn't a sarcastic statement. So there. Feel bad now?
Alright, now to be serious. I am currently taking this book for a Cyber Self Defense class. As one reviewer mentioned, it is outdated but the information in this book is still very useful. It covers a huge range of topics and is still considered required reading for any Info Security professional. This wasn't the
Dmitry Zvorykin
Mar 28, 2016 Dmitry Zvorykin rated it really liked it  ·  review of another edition
Alice, tell Bob you're not coming back. Азбука информационной безопасности для чайников. Отлично.
Aug 23, 2010 nullstream rated it really liked it  ·  review of another edition
This is a great overview of computer security from a literal legend in the area. Written for a non-tech audience, the material becomes easier to grasp with examples and situations people are already familiar with. Towards the end I found that the author almost intentionally used at least one '$10 word' per page and I wonder if that is intentional (like a book code). Regardless I finished this book regardless of dropping it in a muddy puddle. Highly recommended though you'll be stuck with dead-tr ...more
Nabil Saba
is fun & AMZEING TOO
Xiaofei Guo
Apr 03, 2015 Xiaofei Guo rated it it was amazing  ·  review of another edition
Shelves: security
This book discussed a variety of security and privacy concerns. All of them are still prominent in today's threat landscape. I am surprise to see that Bruce's insight more than 15 years ago still holds today. This book can be a good introduction book for Ross Anderson's security engineering.
Mar 15, 2010 Michael rated it really liked it  ·  review of another edition
Although some elements are a bit dated now, I found a style within Schneier's book that was one of the most approachable and "no nonsense" that I've ever experienced -- especially for a technical topic. Schneier places some sound logic and serious thinking behind questions concerning the basis for security how's and why's.
Eric Durant
Oct 25, 2013 Eric Durant rated it it was amazing  ·  review of another edition
I recommend reading the more recent Schneier books first, but this one remains amazingly relevant in 2013. The few examples that are dated often serve the probably unintended purpose of appreciating the constancy of the fundamentals. This will be required reading in my 2014 information security elective offering.
Tengku Zahasman
Although a bit outdated, many of its contents are still relevant today. It covers computer security in a very broad and general sense. It is quite obvious from the writings that the author is very passionate about cryptography. Just in case you're wondering, there's not many secrets and lies in this book.
Feb 08, 2009 Don rated it it was amazing  ·  review of another edition
Shelves: computer-science
Great common-sense approach to security. He has a very down to earth perspective on what can be a very complicated subject. My favorite tenet he constantly emphasizes is not to trust that an impenetrable front door will prevent attackers from finding a way to bypass the door to get a way in.
Feb 12, 2011 Dustin rated it really liked it  ·  review of another edition
This is a great, comprehensive book on information security. Sometimes I felt like it was a heavy read. But, Schneier uses effective stories to help it move along. I'm glad I read it; however, I wouldn't read it unless you want to really learn about info sec.
Josh Scholl
Jan 03, 2008 Josh Scholl rated it it was amazing  ·  review of another edition
An excellent book that explores the principles of digital security from a perspective that is easily accessible to an intelligent layperson and yet highly useful to an experienced IT Professional. I thoroughly recommend this book to anyone who owns a computer.
Feb 06, 2014 Pepsichka rated it really liked it  ·  review of another edition
Прекрасная книга про безопасность, пусть и немного устаревшая. Автор чётко структурирует информацию. Читать нужно медленно и вдумчиво, потому что в ней совсем нет воды.
Мне особенно была интересна глава про инфраструктуры открытых ключей.
Anthony Towry
Mar 17, 2013 Anthony Towry rated it it was ok  ·  review of another edition
Shelves: hacking
This book is seriously dated. That said, if you weren't there during the late 90's it might explain some things. I wouldn't recommend this for the salty dogs of the industry, but students or interns could benefit from a high-level wide-angle view.
May 15, 2012 Ian rated it really liked it  ·  review of another edition
Good use of language and phrases. Thought-provoking. One has to wonder how many times the word "detection" was used from a guy in the detection business though!
Overall, I was glad I read this book.
Mar 28, 2009 Matt rated it it was amazing  ·  review of another edition
"The starting point for anyone interested in computer security. The book is a classic and has many imitations. Schneier is brilliant and is still a leading luminary in the world of security."
Mar 28, 2008 Peter rated it it was amazing  ·  review of another edition
Written so that anyone can understand. Helped me understand the difficulty of ensuring digital security. Full of interesting stories that happened behind the scenes. I recommend everyone read it.
« previous 1 3 4 5 6 7 8 9 99 100 next »
There are no discussion topics on this book yet. Be the first to start one »
  • Practical Cryptography
  • Reversing: Secrets of Reverse Engineering
  • Security Engineering: A Guide to Building Dependable Distributed Systems
  • The Practice of Network Security Monitoring: Understanding Incident Detection and Response
  • Metasploit: The Penetration Tester's Guide
  • The Protocols (TCP/IP Illustrated, Volume 1)
  • Hacking the Xbox: An Introduction to Reverse Engineering
  • Crypto: How the Code Rebels Beat the Government--Saving Privacy in the Digital Age
  • Writing Secure Code
  • The Implementation (TCP/IP Illustrated, Volume 2)
  • The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage
  • Counter Hack Reloaded: A Step-By-Step Guide to Computer Attacks and Effective Defenses
  • Hacking: The Art of Exploitation
  • The Hacker Crackdown: Law and Disorder on the Electronic Frontier
  • The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers
  • Security Metrics: Replacing Fear, Uncertainty, and Doubt
  • Programming Perl
  • Things That Make Us Smart: Defending Human Attributes In The Age Of The Machine

Goodreads is hiring!

If you like books and love to build cool products, we may be looking for you.
Learn more »
Bruce Schneier is "one of the world's foremost security experts" (Wired) and the best-selling author of thirteen books. He speaks and writes regularly for major media venues, and his newsletter and blog reach more than 250,000 people worldwide. He is a Fellow at the Berkman Center for Internet and Society at Harvard Law School and the CTO of Resilient Systems, Inc.
More about Bruce Schneier...

Share This Book