Goodreads helps you keep track of books you want to read.
Start by marking “Secrets and Lies: Digital Security in a Networked World” as Want to Read:
Secrets and Lies: Digital Security in a Networked World
Enlarge cover
Rate this book
Clear rating
Open Preview

Secrets and Lies: Digital Security in a Networked World

3.92  ·  Rating details ·  1,432 Ratings  ·  56 Reviews
Viruses. Identity Theft. Corporate Espionage. National secrets compromised. Can anyone promise security in our digital world?

The man who introduced cryptography to the boardroom says no. But in this fascinating read, he shows us how to come closer by developing security measures in terms of context, tools, and strategy. Security is a process, not a product – one that syste
Paperback, Second Edition, 401 pages
Published January 30th 2004 by John Wiley & Sons (first published 2000)
More Details... edit details

Friend Reviews

To see what your friends thought of this book, please sign up.

Reader Q&A

To ask other readers questions about Secrets and Lies, please sign up.

Be the first to ask a question about Secrets and Lies

Community Reviews

(showing 1-30)
Rating details
Sort: Default
Ed Holden
Mar 17, 2012 rated it liked it
I've wanted to read a Bruce Schneier book for a long time and this particular one was well rated. I might have confused it with the similarly named Liars and Outliers, which came out much more recently. What I didn't realize when I bought Secrets and Lies it is that Schneier published it in 2000, so it's both an insightful look at computer security practices and a trip down foggy memory lane.

Most of the advice in this book is still perfectly valid, like the importance of intrusion detection in a
Apr 28, 2014 rated it it was amazing
The INFOSEC book by the INFOSEC guy. Also pretty accessible to people outside the field, so if you've got even a passing interest in all this computer security stuff, this is the place to start.
Raj Makaram
Aug 10, 2016 rated it really liked it
If you want a “crash course” on digital security this is the book. The author Schneier is well-respected security consultant, cryptographer and the author of Applied Cryptography - one of the most respected books on the subject. If you are a professional who knows the limitation of technology, but need solution then this book will interest you. For those who are still to realize this fact – Schneier opens this book by acknowledging the he was wrong when he said earlier, that cryptography is The ...more
Peter House
Sep 12, 2017 rated it really liked it
This book came to me well recommended and after making my through it, I understand why. The author takes the reader through the sweeping expanse of digital security with aplomb. Rich with fascinating stories, candid observations, and good technical detail Secrets and Lies is a fairly exhaustive introduction to security.

At the end (not really a spoiler here), the author confesses to have had to pause writing the book because of a certain level of hopelessness and it shows through at times. As the
Jul 27, 2011 rated it really liked it
I'm a technology end-user, deluged with acceleratingly frequent news reports of large corporations getting hacked, have recently been using my internet banking passcode generator, and occasionally placing basic htaccess security on my websites.

Thus, increasingly aware that security isn't to be left solely to experts who run the banking systems and data storage and transfer facilities- even casual users need an understanding of the premises on which they're built, and are responsible for correct
Rick Howard
Jun 09, 2012 rated it really liked it
Read full review at my blog:
See Cyber Security Canon Candidate List:

"Secrets and Lies: Digital Security in a Networked World" is the perfect book to hand to new bosses or new employees coming in the door who have not been exposed to cyber security in their past lives. It is also the perfect book for seasoned security practitioners who want an overview of the key issues facing our community today. Schneier wrote it
Jonathan Katz
Jun 27, 2007 rated it really liked it
time to update my review given that i am now finished!

one thing that slightly annoyed me while i was reading the book was that it did not appear that schneier was offering any solutions to the problems that he was presenting in information security. but, after a certain point, that is when i realized: there really are no clear-cut solutions. as schneier emphasizes throughout the book, security is a process, not a solution. there is no generally algorithm for applying a security process; it reall
Dec 04, 2011 rated it really liked it
Slightly dated, but still a very good book that gives a reader who is uninitiated/unfamiliar with information security a clear idea about what information security actually is, how it affects us all (as a generation of humans connected by internet), how to protect information systems and tactics criminals use to break those systems (from malware to social engineering). The book is written in language the average person can understand and really provides an eye opening look at the role cryptology ...more
Apr 11, 2013 rated it it was amazing
Secrets and Lies is a non-technical , non-mathematical book that deals with the "social" , & practical day-to-day aspects of hacking and security breach and violations. The book explains the hows and whys of hackings and its consequences. It explains the different types of cyber crimes i.e. identity thefts, ATM thefts, etc. and explores the causes of each in a different viewpoint than just code flaws or weak algorithms. It focuses specially on the Social Engineering aspect, the fallibility o ...more
Apr 08, 2013 rated it really liked it  ·  review of another edition
An excellent overview of what digital security is all about. Many people equate it with firewalls and encryption, based on poor news stories among other things, but that's only a small facet of what real security is. This book covers security from a much larger perspective.

What most surprised me, while reading this in 2013, is how prescient this book turned out to be. Originally written between 1998 and 2000, it anticipated the numerous challenges our industry has faced since then. It feels very
Nick Black
The second star is solely due to Schneier sending me this book in a nice signed hardback edition -- at 24, such things are a fine trouser-rouse. That having been said...sorry mang, but I certainly wouldn't have paid for it. I kind of imagine him with a blissful look on his face, eyes tightly drawn, visions of Counterpane Security profits dancing in his head as he builds towards an eruptive....well, you'll have to read Secrets and Lies yourself. But don't take my animadversion for it, or else y ...more
Jun 16, 2010 rated it it was amazing
Shelves: computer-science
So far, I believe this book is the best resource to motivate readers to learn computer security. Written like those non-fictions (instead of textbooks), this book is appropriate to be read by anyone who would like to know about computer security.

The author tried to convince that computer security is a need instead of merely theory. He presented few examples of cases that worth reading. Those examples are firstly presented in human view, then he linked up to some relevant theories. He rarely put
School books are fun!!! Actually they are, when dealing with a topic you particularly like. Which I do in this case, so that wasn't a sarcastic statement. So there. Feel bad now?
Alright, now to be serious. I am currently taking this book for a Cyber Self Defense class. As one reviewer mentioned, it is outdated but the information in this book is still very useful. It covers a huge range of topics and is still considered required reading for any Info Security professional. This wasn't the
Jul 23, 2010 rated it really liked it
This is a great overview of computer security from a literal legend in the area. Written for a non-tech audience, the material becomes easier to grasp with examples and situations people are already familiar with. Towards the end I found that the author almost intentionally used at least one '$10 word' per page and I wonder if that is intentional (like a book code). Regardless I finished this book regardless of dropping it in a muddy puddle. Highly recommended though you'll be stuck with dead-tr ...more
Michael Shea
Jan 22, 2015 rated it liked it
I would have rated this book higher, but I bogged down about 2/3 through and put the book down for about two years. I picked it up again this week and wondered why I did not keep going. Though I cannot remember much about what I read two years ago, the last part of the book is his revelation about thinking about security. When I read it now, I am like, "of course". But he "vocalizes" the thoughts in a clear way, stating the unstated.
Mar 15, 2010 rated it really liked it
Although some elements are a bit dated now, I found a style within Schneier's book that was one of the most approachable and "no nonsense" that I've ever experienced -- especially for a technical topic. Schneier places some sound logic and serious thinking behind questions concerning the basis for security how's and why's.
Tengku Zahasman
May 26, 2012 rated it liked it
Although a bit outdated, many of its contents are still relevant today. It covers computer security in a very broad and general sense. It is quite obvious from the writings that the author is very passionate about cryptography. Just in case you're wondering, there's not many secrets and lies in this book.
Oct 07, 2014 rated it liked it
I liked it.
It tries to keep a very difficult balance between being informing enough for anyone and interesting enough for experts.
It doesn't always succeed.
Also some parts are a little outdated.
Still is a good work, very well explained and narrated, with a lot of concepts from which you'll always learn, regardless of your technical level.
A classic in the field.
Eric Durant
Sep 15, 2013 rated it it was amazing
I recommend reading the more recent Schneier books first, but this one remains amazingly relevant in 2013. The few examples that are dated often serve the probably unintended purpose of appreciating the constancy of the fundamentals. This will be required reading in my 2014 information security elective offering.
Oct 05, 2010 rated it really liked it
This is a great, comprehensive book on information security. Sometimes I felt like it was a heavy read. But, Schneier uses effective stories to help it move along. I'm glad I read it; however, I wouldn't read it unless you want to really learn about info sec.
Feb 08, 2009 rated it it was amazing
Shelves: computer-science
Great common-sense approach to security. He has a very down to earth perspective on what can be a very complicated subject. My favorite tenet he constantly emphasizes is not to trust that an impenetrable front door will prevent attackers from finding a way to bypass the door to get a way in.
Aug 02, 2013 rated it really liked it
Прекрасная книга про безопасность, пусть и немного устаревшая. Автор чётко структурирует информацию. Читать нужно медленно и вдумчиво, потому что в ней совсем нет воды.
Мне особенно была интересна глава про инфраструктуры открытых ключей.
Anthony Towry
Mar 17, 2013 rated it it was ok
Shelves: hacking
This book is seriously dated. That said, if you weren't there during the late 90's it might explain some things. I wouldn't recommend this for the salty dogs of the industry, but students or interns could benefit from a high-level wide-angle view.
Xiaofei Guo
Feb 22, 2015 rated it it was amazing
Shelves: security
This book discussed a variety of security and privacy concerns. All of them are still prominent in today's threat landscape. I am surprise to see that Bruce's insight more than 15 years ago still holds today. This book can be a good introduction book for Ross Anderson's security engineering.
May 15, 2012 rated it really liked it
Good use of language and phrases. Thought-provoking. One has to wonder how many times the word "detection" was used from a guy in the detection business though!
Overall, I was glad I read this book.
Josh Scholl
Jan 03, 2008 rated it it was amazing
An excellent book that explores the principles of digital security from a perspective that is easily accessible to an intelligent layperson and yet highly useful to an experienced IT Professional. I thoroughly recommend this book to anyone who owns a computer.
Tudor Ștefănescu
Jul 11, 2015 rated it really liked it
Recommended to Tudor by:
Very good introduction into digital security concepts, actors and politics.
Mar 28, 2009 rated it it was amazing
"The starting point for anyone interested in computer security. The book is a classic and has many imitations. Schneier is brilliant and is still a leading luminary in the world of security."
Eugene Seliverstov
Sep 12, 2013 rated it really liked it
Большая и методичная популярно-научная книга, с кучей Шнейерских баек, но в наше время её читать можно только как артефакт, слишком далёкий от современной цифровой безопасности (1999 год).
« previous 1 3 4 5 6 7 8 9 next »
There are no discussion topics on this book yet. Be the first to start one »
  • Practical Cryptography
  • Reversing: Secrets of Reverse Engineering
  • Security Engineering: A Guide to Building Dependable Distributed Systems
  • The Practice of Network Security Monitoring: Understanding Incident Detection and Response
  • Metasploit: The Penetration Tester's Guide
  • The Protocols (TCP/IP Illustrated, Volume 1)
  • Hacking the Xbox: An Introduction to Reverse Engineering
  • Crypto: How the Code Rebels Beat the Government Saving Privacy in the Digital Age
  • Writing Secure Code
  • The Implementation (TCP/IP Illustrated, Volume 2)
  • The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage
  • Counter Hack Reloaded: A Step-By-Step Guide to Computer Attacks and Effective Defenses
  • Hacking: The Art of Exploitation
  • The Hacker Crackdown: Law and Disorder on the Electronic Frontier
  • The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers
  • Security Metrics: Replacing Fear, Uncertainty, and Doubt
  • Programming Perl
  • Things That Make Us Smart: Defending Human Attributes In The Age Of The Machine

Goodreads is hiring!

If you like books and love to build cool products, we may be looking for you.
Learn more »
Bruce Schneier is "one of the world's foremost security experts" (Wired) and the best-selling author of thirteen books. He speaks and writes regularly for major media venues, and his newsletter and blog reach more than 250,000 people worldwide. He is a Fellow at the Berkman Center for Internet and Society at Harvard Law School and the CTO of Resilient Systems, Inc.
More about Bruce Schneier...