Beyond Fear: Thinking Sensibly about Security in an Uncertain World
I'm not really a statistician/mathematician/numerologist/whatever, but I'm pretty sure you can't just pick pieces of data from various different sources, and call it h ...more
The first couple of chapters and the last are the interesting bits, setting out a rough guide to thinking about risk, and ending with a more philos ...more
5-point system for assessing ANY security system, from home to national.
Interesting that we were actually at higher risk from a car accident when we went out to purchase duct tape at the recommendation of DHS than from a terrorist attack.
Explains why facial recognition systems and massive databases (too many false positives) and intensive checking of everything coming into the country (too expensive) a ...more
The bottom line: Bruce makes it clear that we should respond to real risks, and not perceived risks. Through this he challenges our responses to perceived risks, including our response post 9-11.
Never has security seemed more important. We almost long for the hackers of yester-year that really just wanted to see where they could go, and at their most malicious, would wip ...more
Bruce Schneier is perhaps the best example of why IT security professionals are "eating the lunch" of physical security managers in some corporations. He thinks creatively, he expresses himself logically, and he has cultivated the ear of people high on the corporate food chain. His latest book will be food for thought for security professionals.
Beyond Fear is organized into three sections: "Sensible Security," "How Security Works," a ...more
1) The introduction is in the 2nd person. Thankfully it stopped, but it was extremely annoying. Seriously. Don't do that.
2) No footnotes. This results in some odd statements that I would have really liked to be able to verify. What's worse, ...more
1. What assets are you trying to protect?
2. What are the risks to those assets?
3. How well does the security solution mitigate those risks?
4. What other risks does the security solution cause?
5. What trade-offs does the security solution require?
Found this on an old library list I made, so I checked it out. I was worried it would feel outdated since it was written shortly after 9/11. But it is still very relevant. Good primer on how to think about security. Thought provoki ...more
Schneiers analytical view is systematic and inexhaustible and while reading the book I noticed how my own ideas and concepts about what security is and how one can achieve it ended up w ...more
1. What assets are you trying to protect?
2. What are the risks against these assets?
3. How well does the security solution mitigate the risks?
4. What other r ...more
-No bibliography – some parts are impossible to verify without an extensive search
-Sometimes the author seemed to fall for classic stereotypes (e.g violence in Russia)
However, the book fits well (again?) with our current situation and gives good insights on how to decipher the prevalent security paradigm.
But you will find examples of how security works and how it can fail. The lack of statistics and such is not necessarily a weakness for the type of book it seems to be. It is make the public think about where they really want to go with security and does it in a readable way rather than to try to give empirical data showing ...more
Also, since it was written in 2003 much of the book talks about 9/11, of course. The author praises the conception of TSA and how much that will improve security, which is funny to read in ...more
Bruce talks about *how* to assess security threats and solutions, leaving the theory current and highly applicable, even if the content is a couple of years old. He does a good job alternating between theory and examples, which both clarifies what he's talking about and keeps the text from being too dry. And he uses his theory to discuss examples from as small as whether you should lock your house door to as large as whether the US should h ...more
Schneier analyzes the concept of security by breaking it down into five concrete questions that must be answered in any security situation (computer or otherwise). With clear exposition he draws on all aspects of life for his examples, with a somewhat heightened focus on terrorism.
Goodreads is hiring!
Learn more »