Catalogue

COVID-19: Updates on library services and operations.

UofT Libraries is getting a new library services platform in January 2021.
Learn more about the change.

Secrets and lies [electronic resource] : digital security in a networked world /
Bruce Schneier.
imprint
New York : John Wiley, 2000.
description
xv, 412 p. ; 24 cm.
ISBN
0471253111 (alk. paper)
format(s)
Book
More Details
imprint
New York : John Wiley, 2000.
isbn
0471253111 (alk. paper)
restrictions
Licensed for access by U. of T. users.
general note
"Wiley Computer Publishing."
catalogue key
12313271
A Look Inside
About the Author
Author Affiliation
Bruce Schneier is CTO and cofounder of Counterpane Internet Security, Inc.
Excerpts
Flap Copy
Welcome to the businessworld.com. It's digital: Information is more readily accessible than ever. It's inescapably connected: businesses are increasingly --if not totally--dependent on digital communications. But our passion for technology has a price: increased exposure to security threats. Companies around the world need to understand the risks associated with doing business electronically. The answer starts here. Information security expert Bruce Schneier explains what everyone in business needs to know about security in order to survive and be competitive. Pragmatic, interesting, and humorous, Schneier exposes the digital world and the realities of our networked society. He examines the entire system, from the reasons for technical insecurities to the minds behind malicious attacks. You'll be guided through the security war zone, and learn how to understand and arm yourself against the threats of our connected world. There are no quick fixes for digital security. And with the number of security vulnerabilities, breaches, and digital disasters increasing over time, it's vital that you learn how to manage the vulnerabilities and protect your data in this networked world. You need to understand who the attackers are, what they want, and how to deal with the threats they represent. In Secrets and Lies, you'll learn about security technologies and product capabilities, as well as their limitations. And you'll find out how to respond given the landscape of your system and the limitations of your business. With its accessible style, this practical guide covers: The digital threats and attacks that you must understand The security products and processes currently available The limitations of technology The steps involved in product testing to discover security flaws The technologies to watch for over the next couple of years Risk assessment in your company The implementation of security policies and countermeasures Secrets and Lies offers the expert guidance you'll need to make the right choices about securing your digital self.
Flap Copy
Welcome to the businessworld.com. It's digital: Information is more readily accessible than ever. It's inescapably connected: businesses are increasingly --if not totally--dependent on digital communications. But our passion for technology has a price: increased exposure to security threats. Companies around the world need to understand the risks associated with doing business electronically. The answer starts here. Information security expert Bruce Schneier explains what everyone in business needs to know about security in order to survive and be competitive. Pragmatic, interesting, and humorous, Schneier exposes the digital world and the realities of our networked society. He examines the entire system, from the reasons for technical insecurities to the minds behind malicious attacks. You'll be guided through the security war zone, and learn how to understand and arm yourself against the threats of our connected world. There are no quick fixes for digital security. And with the number of security vulnerabilities, breaches, and digital disasters increasing over time, it's vital that you learn how to manage the vulnerabilities and protect your data in this networked world. You need to understand who the attackers are, what they want, and how to deal with the threats they represent. In Secrets and Lies, you'll learn about security technologies and product capabilities, as well as their limitations. And you'll find out how to respond given the landscape of your system and the limitations of your business. With its accessible style, this practical guide covers: * The digital threats and attacks that you must understand * The security products and processes currently available * The limitations of technology * The steps involved in product testing to discover security flaws * The technologies to watch for over the next couple of years * Risk assessment in your company * The implementation of security policies and countermeasures Secrets and Lies offers the expert guidance you'll need to make the right choices about securing your digital self.
Flap Copy
Welcome to the businessworld.com. Its digital: Information is more readily accessible than ever. Its inescapably connected: businesses are increasingly --if not totally--dependent on digital communications. But our passion for technology has a price: increased exposure to security threats. Companies around the world need to understand the risks associated with doing business electronically. The answer starts here. Information security expert Bruce Schneier explains what everyone in business needs to know about security in order to survive and be competitive. Pragmatic, interesting, and humorous, Schneier exposes the digital world and the realities of our networked society. He examines the entire system, from the reasons for technical insecurities to the minds behind malicious attacks. Youll be guided through the security war zone, and learn how to understand and arm yourself against the threats of our connected world. There are no quick fixes for digital security. And with the number of security vulnerabilities, breaches, and digital disasters increasing over time, its vital that you learn how to manage the vulnerabilities and protect your data in this networked world. You need to understand who the attackers are, what they want, and how to deal with the threats they represent. In Secrets and Lies, youll learn about security technologies and product capabilities, as well as their limitations. And youll find out how to respond given the landscape of your system and the limitations of your business. With its accessible style, this practical guide covers: The digital threats and attacks that you must understand The security products and processes currently available The limitations of technology The steps involved in product testing to discover security flaws The technologies to watch for over the next couple of years Risk assessment in your company The implementation of security policies and countermeasures Secrets and Lies offers the expert guidance youll need to make the right choices about securing your digital self.
Full Text Reviews
Appeared in Choice on 2001-01-03:
Readers need only to pick up this book and read the introduction and they will be hooked. Secrets and Lies is a careful assessment of the state of digital security, which, simply stated, is not very promising. The book presents security consultant and engineer Schneier's perspective as a respected scientist and mathematician who knows the theoretical state of the art. His book is composed of 25 chapters, organized into three parts: "Landscape," "Technologies," and "Strategies." "Landscape," the first part, describes the attackers, what they want, and what we need to do to deal with them. "Technologies" (part 2) describes the various security technologies and the limitations of each. The final part, "Strategies," takes the requirements from part 1, the abilities and the limitations of the technology from part 2, and describes methods for developing strategies for warding off attacks to digital software of all types. The resources section at the end is invaluable. General readers; upper-division undergraduates through professionals. J. Beidler; University of Scranton
Reviews
Review Quotes
"...this book is of value to anyone whose business depends on safe use of email, the Web, or other networked communications" and "belongs in every managers library." -- Business Week "Schneier...peppers the book with lively anecdotes and aphorisms, making it unusually accessible." -- Los Angeles Times Schneier "offers a primer in practical computer security aimed at those shopping, communicating or doing business online--almost everyone, in other words." -- The Economist Schneier is "one of the foremost experts on computer security" and his 1995 Wiley book Applied Cryptography is "the landmark text on the security hazards of the Internet." -- Time Out New York Schneier "gives the state of the art on corporate security." -- thestandard.com Schneier "wrote the book on applied cryptography" -- Information Security Secrets & Lies is "a written, well researched exploration of digital security as a system." -- slashdot.com "Although Schneiers style is lively and spiced with unusual vocabulary (try looking up banausic and flagitious in your Funk and Wagnalls), no one is going to pick up this book for the sake of a a good read. They want the information contained therein." -- eWEEK.com "In Secrets and Lies the things that actually go wrong are explained by lots of concrete examples, some stunning." -- New Scientist "Schneiers book is an excellent read.... He understands the issues and the issues behind the issues." --Bill Machrone Review Anne Fisher calls Secrets and Lies "a jewel box of little surprises you can actually use" and refers to the book as "a startlingly lively treatise." -- Fortune , November 27, 2000, p. 304 "Secrets and Lies should begin to dispel the fog of deception and special pleading around security, and its fun.." -- New Scientist , 2nd September 2000
"...make yourself better informed. Read this book." ( CVu, The Journal of the ACCU , Vol 16(3), June 2004) Stephen Manes writes, "...Bruce Schneier minces no words in describing the many ways computer systems can be compromised". ( Forbes ) "...this book isnt just for techies. Schneier peppers the book with lively anecdotes and aphorisms, making it unusually accessible." ( LA Times ) "Schneiers book is an excellent read.... He understands the issues and the issues behind the issues." (Bill Machrone) "Secrets and Lies should begin to dispel the fog of deception and special pleading around security, and its fun.." ( New Scientist , 2nd September 2000) "Bruce Schneiers book is a common-sense, practical guide..."(Computing, 22nd March 2001) "As a thoughtful read, prior to planning or reviewing your businesss security strategy, you could not do better...." (Unixnt, February 2001) "...worth a read..." (The Journal, November 2000) "...essential reading for security practitioners..." (Computer Bulletin - Book of the Month, January 2001) "...provides a timely debunking of myths...an invaluable reference point" (Computer Business Review, November 2000) "not only is it entertaining, but it is likely to end up on the reference shelf of thousan ds of CIOs worldwide." (Information Age, December 2000) "...a good read..." "The book is interesting [and] educational..." (E-business, Jan 2001) "...a pragmatic, stimulating and rather readable guide..." (The Bookseller, 17th November 2000) "This book is a must for any business person with a stake in e-commerce." (EuroBusiness, December 2000) "...a jewel box of little surprises you can actually use" "...a startlingly lively treatise..." (Fortune, 27th November 2000) "A thoroughly practical and accessible guide..." (Webspace, November 2000) "[Its] written like a thriller (and a good one at that)..." (Managing Information Strategies, November 2000) "Anyone who does business online should buy this book and read it carefully." (QSDG, December 2000) "The book is an impressive how to think like a hacker." (Supply Management, 16th November 2000) "Schneier writes with a pleasingly readable style." (MacFormat, December 2000) "Setting himself apart, Schneier navigates rough terrain without being overly technical or sensational..." (Computer Weekly, 26th October 2000) "...a very practical guide..." (Webspace, October 2000) "A thoroughly practical and accessible guide to achieving security" (Webspace, August 2001) "...if you havent read Secrets and Lies yet, you should. If you have but its been a while, take it along for your next plane ride..." (Technology and Society, 7 February 2003)
"...make yourself better informed. Read this book." (CVu, The Journal of the ACCU, Vol 16(3), June 2004) Stephen Manes writes, "...Bruce Schneier minces no words in describing the many ways computer systems can be compromised". (Forbes) "...this book isn2t just for techies. Schneier peppers the book with lively anecdotes and aphorisms, making it unusually accessible." (LA Times) "Schneier2s book is an excellent read.... He understands the issues and the issues behind the issues." (Bill Machrone) "Secrets and Lies should begin to dispel the fog of deception and special pleading around security, and it2s fun.." (New Scientist, 2nd September 2000) "Bruce Schneier2s book is a common-sense, practical guide..."(Computing, 22nd March 2001) "As a thoughtful read, prior to planning or reviewing your business2s security strategy, you could not do better...." (Unixnt, February 2001) "...worth a read..." (The Journal, November 2000) "...essential reading for security practitioners..." (Computer Bulletin - Book of the Month, January 2001) "...provides a timely debunking of myths...an invaluable reference point" (Computer Business Review, November 2000) "not only is it entertaining, but it is likely to end up on the reference shelf of thousan ds of CIOs worldwide." (Information Age, December 2000) "...a good read..." "The book is interesting [and] educational..." (E-business, Jan 2001) "...a pragmatic, stimulating and rather readable guide..." (The Bookseller, 17th November 2000) "This book is a must for any business person with a stake in e-commerce." (EuroBusiness, December 2000) "...a jewel box of little surprises you can actually use" "...a startlingly lively treatise..." (Fortune, 27th November 2000) "A thoroughly practical and accessible guide..." (Webspace, November 2000) "[It2s] written like a thriller (and a good one at that)..." (Managing Information Strategies, November 2000) "Anyone who does business online should buy this book and read it carefully." (QSDG, December 2000) "The book is an impressive 2how to think2 like a hacker." (Supply Management, 16th November 2000) "Schneier writes with a pleasingly readable style." (MacFormat, December 2000) "Setting himself apart, Schneier navigates rough terrain without being overly technical or sensational..." (Computer Weekly, 26th October 2000) "...a very practical guide..." (Webspace, October 2000) "A thoroughly practical and accessible guide to achieving security" (Webspace, August 2001) "...if you haven2t read Secrets and Lies yet, you should. If you have but it2s been a while, take it along for your next plane ride..." (Technology and Society, 7 February 2003)
"...make yourself better informed. Read this book." ( CVu, The Journal of the ACCU, Vol 16(3), June 2004) TECHNOLOGY YOU By Stephen H. Wildstrom THE SECRETS LIES OF CYBER-SECURITY A computer virus shuts down your corporate e-mail for a day. Hackers deface your Web site with pornography. The need to share data with customers and vendors exposes critical corporate information to online theft. With your business ever more dependent on safe use of the Internet, security savvy has become as important as understanding marketing or finance. Such savvy, however, has been hard for non-techie executives to acquire. Books and articles on security generally came in two equally useless varieties: incomprehensible or sensationalized. Remember all those books on how the Y2K bug would end civilization as we knew it? Now, Bruce Schneier, a highly respected security expert, has stepped into the breach with Secrets Lies: Digital Security in a Networked World (John Wiley Sons, $29.99). The book is of value to anyone whose business depends on safe use of e-mail, the Web, or other networked communications. If that''s not yet everybody, it soon will be. Schneier brings strong credentials to the job. His book Applied Cryptography is a classic in the field, and he is one of t he creators of the Twofish algorithm, a finalist in the U.S. government''s competition for the Advanced Encryption Standard. Schneier serves as chief technology officer of Counterpane Internet Security (www.counterpane.com), which manages computer security for corporations. Although this is a book for the general reader, it''s not always easy going. But Secrets Lies requires no prior knowledge of computer or security technology and should be accessible to anyone who is willing to put in a little effort. For example, Schneier explains encryption, essentially a mathematical process, without resorting to a single equation. While Schneier is not an elegant writer, he has a nice ability to use analogies to make the obscure understandable. The book has two main thrusts. First is Schneier''s mantra: "Security is a process, not a product." Anyone who promises you a hacker-proof system or offers to provide "unbreakable" encryption is selling you snake oil. There is simply no way to wave a magic wand over a system to make it -and keep it- secure. Second, Schneier says, getting security right is hard, and small mistakes can be deadly. Risk Management. Schneier backs his opinions with real-world examples. For instance, Hollywood was terrified of piracy and worked hard on a scheme to encrypt digital videodisks so that only authorized players could read the disks. The encryption would have been hard to break, but hackers didn''t have to do it. A design flaw made it easy to steal the decryption keys from the software players supplied with PC''s. Similarly, most e-commerce sites use a technology called SSL to protect transaction data from online snoopers. SSL works fine, but some e-tailers left customers'' credit card information in files where hackers could swipe it. The last third of the book is most valuable to managers. In it, Schneier discusses the process by which people should assess security vulnerabilities and decide what to do about them. His central point: Computer security is basically risk management. Banks and credit-card companies can tolerate a considerable amount of credit risk and fraud because they know how to anticipate losses and price their services accordingly. That''s good, since zero tolerance would put them out of business. Similarly, seeking perfect security would make a system useless because anything worth doing carries some risk. Unfortunately, the art of computer security has not progressed to the point where Underwriters Labs can certify that a firewall can protect you against attack for two hours, as can be done for safes and fire doors. But with the crude tools that are available, managers have to decide what they are trying to protect and how much they are willing to spend, both in cost and convenience, to defend it. This is a business issue, not a technical one, and executives can no longer leave such decisions to techies. That''s why Secrets and Lies belongs in every manager''s library. ( Business Week, September 18, 2000) As an editor at a computer publication in the early 1990s, I hired a freelance security expert to evaluate anti-virus software. After extensive testing he faxed the results; unfortunately, the fax went to one of my publication''s direct competitors. His gaffe demonstrated why we will never see fail-safe computer security: human error. That premise emerged as a central theme of a new book written by the same freelancer, now a leading security expert. " Secrets and Lies: Digital Security in a Networked World" (John Wiley Sons, 2000, $29.99), by Bruce Schneier, is a compelling brief on the industry''s most obsessive anxiety. It''s not a story for the faint of heart. Schneier''s scary world makes the Wild West--to which the Internet is often compared--look like kindergarten. (For every gory detail on computer crime, check out " Tangled Web," by Richard Power; Que, 2000, $25.) " Secrets and Lies" is well-timed on the heels of an apparently unstoppable wave of security foul-ups, hacks and government surveillance revelations. The best-known attacks--such as the breach of Microsoft''s corporate network revealed last week, disruptions of Yahoo, EBay and other top Web sites early this year, and the "Love Bug" virus, which infected millions of computers--made headlines. Paranoids have delighted in recent revelations about "Echelon," the government''s once super-secret system for monitoring worldwide voice and data communications, and the FBI''s "Carnivore" technology, which sniffs millions of supposedly private e-mail messages. A burgeoning underground of Internet vandals, network nihilists, data thieves and those who probe vulnerabilities as an intellectual exercise begs a scorecard to distinguish "hackers" from "crackers," "white hats" from "black hats." "Script kiddies"--wannabes who use turnkey hacking tools they find posted on the Web--may be emerging as the biggest threat. Schneier explains the reasons for this grim scenario in simple truths: * In the hacking wars, technology favors offense over defense. * Complexity is the enemy of security, and the Internet is the mother of all complex systems. * Software is buggy. Experts suggest that every 1,000 lines of computer programming code contains between five and 15 mistakes, some of which inevitably open security holes. Consider that Windows 2000 shipped with some 63,000 known bugs and incompatibilities. * People are often foolish. Early this month the National Institute of Standards and Technology adopted an encryption algorithm (a mathematical formula used to scramble digital data) that it said would take more than 149 trillion years to crack. Then again, if you use your name or the word "password" as a decoding key--typical among lazy computer users--a neophyte hacker would need about five minutes. Any security scheme can and will be subverted. Little wonder that software licensing agreements specifically disclaim responsibility for the product working as advertised. It''s not hard to imagine why security software developers would be short on confidence--their products are nearly always developed in a vacuum. "A common joke from my college physics class was to ''assume a spherical cow of uniform density,'' " Schneier writes. "We could only make calculations on idealized systems; the real world was much too complicated for the theory. Digital system security is the same way"--probably reliable in the lab, always vulnerable in the wild. Part of the problem is that co
"...make yourself better informed. Read this book." ( CVu, The Journal of the ACCU , Vol 16(3), June 2004) TECHNOLOGY YOU By Stephen H. Wildstrom THE SECRETS LIES OF CYBER-SECURITY A computer virus shuts down your corporate e-mail for a day. Hackers deface your Web site with pornography. The need to share data with customers and vendors exposes critical corporate information to online theft. With your business ever more dependent on safe use of the Internet, security savvy has become as important as understanding marketing or finance. Such savvy, however, has been hard for non-techie executives to acquire. Books and articles on security generally came in two equally useless varieties: incomprehensible or sensationalized. Remember all those books on how the Y2K bug would end civilization as we knew it? Now, Bruce Schneier, a highly respected security expert, has stepped into the breach with Secrets Lies: Digital Security in a Networked World (John Wiley Sons, $29.99). The book is of value to anyone whose business depends on safe use of e-mail, the Web, or other networked communications. If thats not yet everybody, it soon will be. Schneier brings strong credentials to the job. His book Applied Cryptography is a classic in the field, and he is one of t he creators of the Twofish algorithm, a finalist in the U.S. governments competition for the Advanced Encryption Standard. Schneier serves as chief technology officer of Counterpane Internet Security (www.counterpane.com), which manages computer security for corporations. Although this is a book for the general reader, its not always easy going. But Secrets Lies requires no prior knowledge of computer or security technology and should be accessible to anyone who is willing to put in a little effort. For example, Schneier explains encryption, essentially a mathematical process, without resorting to a single equation. While Schneier is not an elegant writer, he has a nice ability to use analogies to make the obscure understandable. The book has two main thrusts. First is Schneiers mantra: "Security is a process, not a product." Anyone who promises you a hacker-proof system or offers to provide "unbreakable" encryption is selling you snake oil. There is simply no way to wave a magic wand over a system to make it -and keep it- secure. Second, Schneier says, getting security right is hard, and small mistakes can be deadly. Risk Management. Schneier backs his opinions with real-world examples. For instance, Hollywood was terrified of piracy and worked hard on a scheme to encrypt digital videodisks so that only authorized players could read the disks. The encryption would have been hard to break, but hackers didnt have to do it. A design flaw made it easy to steal the decryption keys from the software players supplied with PCs. Similarly, most e-commerce sites use a technology called SSL to protect transaction data from online snoopers. SSL works fine, but some e-tailers left customers credit card information in files where hackers could swipe it. The last third of the book is most valuable to managers. In it, Schneier discusses the process by which people should assess security vulnerabilities and decide what to do about them. His central point: Computer security is basically risk management. Banks and credit-card companies can tolerate a considerable amount of credit risk and fraud because they know how to anticipate losses and price their services accordingly. Thats good, since zero tolerance would put them out of business. Similarly, seeking perfect security would make a system useless because anything worth doing carries some risk. Unfortunately, the art of computer security has not progressed to the point where Underwriters Labs can certify that a firewall can protect you against attack for two hours, as can be done for safes and fire doors. But with the crude tools that are available, managers have to decide what they are trying to protect and how much they are willing to spend, both in cost and convenience, to defend it. This is a business issue, not a technical one, and executives can no longer leave such decisions to techies. Thats why Secrets and Lies belongs in every managers library. ( Business Week , September 18, 2000) As an editor at a computer publication in the early 1990s, I hired a freelance security expert to evaluate anti-virus software. After extensive testing he faxed the results; unfortunately, the fax went to one of my publications direct competitors. His gaffe demonstrated why we will never see fail-safe computer security: human error. That premise emerged as a central theme of a new book written by the same freelancer, now a leading security expert. " Secrets and Lies: Digital Security in a Networked World " (John Wiley Sons, 2000, $29.99), by Bruce Schneier, is a compelling brief on the industrys most obsessive anxiety. Its not a story for the faint of heart. Schneiers scary world makes the Wild West--to which the Internet is often compared--look like kindergarten. (For every gory detail on computer crime, check out " Tangled Web ," by Richard Power; Que, 2000, $25.) " Secrets and Lies " is well-timed on the heels of an apparently unstoppable wave of security foul-ups, hacks and government surveillance revelations. The best-known attacks--such as the breach of Microsofts corporate network revealed last week, disruptions of Yahoo, EBay and other top Web sites early this year, and the "Love Bug" virus, which infected millions of computers--made headlines. Paranoids have delighted in recent revelations about "Echelon," the governments once super-secret system for monitoring worldwide voice and data communications, and the FBIs "Carnivore" technology, which sniffs millions of supposedly private e-mail messages. A burgeoning underground of Internet vandals, network nihilists, data thieves and those who probe vulnerabilities as an intellectual exercise begs a scorecard to distinguish "hackers" from "crackers," "white hats" from "black hats." "Script kiddies"--wannabes who use turnkey hacking tools they find posted on the Web--may be emerging as the biggest threat. Schneier explains the reasons for this grim scenario in simple truths: In the hacking wars, technology favors offense over defense. Complexity is the enemy of security, and the Internet is the mother of all complex systems. Software is buggy. Experts suggest that every 1,000 lines of computer programming code contains between five and 15 mistakes, some of which inevitably open security holes. Consider that Windows 2000 shipped with some 63,000 known bugs and incompatibilities. People are often foolish. Early this month the National Institute of Standards and Technology adopted an encryption algorithm (a mathematical formula used to scramble digital data) that it said would take more than 149 trillion years to crack. Then again, if you use your name or the word "password" as a decoding key--typical among lazy computer users--a neophyte hacker would need about five minutes. Any security scheme can and will be subverted. Little wonder that software licensing agreements specifically disclaim responsibility for the product working as advertised. Its not hard to imagine why security software developers would be short on confidence--their products are nearly always developed in a vacuum. "A common joke from my college physics class was to assume a spherical cow of uniform density, " Schneier writes. "We could only make calculations on idealized systems; the real world was much too complicated for the theory. Digital system security is the same way"--probably reliable in the lab, always vulnerable in the wild. Part of the problem is that conventional thinking about Internet security is drawn from the physical world, where some kinds of security are "good enough." "I
"...this book is of value to anyone whose business depends on safe use of email, the Web, or other networked communications" and "belongs in every manager's library." -- Business Week "Schneier...peppers the book with lively anecdotes and aphorisms, making it unusually accessible." -- Los Angeles Times Schneier "offers a primer in practical computer security aimed at those shopping, communicating or doing business online--almost everyone, in other words." -- The Economist Schneier is "one of the foremost experts on computer security" and his 1995 Wiley book Applied Cryptography is "the landmark text on the security hazards of the Internet." -- Time Out New York Schneier "gives the state of the art on corporate security." -- thestandard.com Schneier "wrote the book on applied cryptography" -- Information Security Secrets & Lies is "a written, well researched exploration of digital security as a system." -- slashdot.com "Although Schneier's style is lively and spiced with unusual vocabulary (try looking up banausic and flagitious in your Funk and Wagnalls), no one is going to pick up this book for the sake of a a good read. They want the information contained therein." -- eWEEK.com "In Secrets and Lies the things that actually go wrong are explained by lots of concrete examples, some stunning." -- New Scientist "Schneier's book is an excellent read.... He understands the issues and the issues behind the issues." --Bill Machrone Review Anne Fisher calls Secrets and Lies "a jewel box of little surprises you can actually use" and refers to the book as "a startlingly lively treatise." -- Fortune, November 27, 2000, p. 304 "Secrets and Lies should begin to dispel the fog of deception and special pleading around security, and it's fun.." -- New Scientist, 2nd September 2000
This item was reviewed in:
Choice, January 2001
SciTech Book News, June 2001
To find out how to look for other reviews, please see our guides to finding book reviews in the Sciences or Social Sciences and Humanities.
Summaries
Back Cover Copy
Praise for Sectrets and Lies "This is a business issue, not a technical one, and executives can no longer leave such decisions to techies. That's why Secrets and Lies belongs in every manager's library."-Business Week "Clear and passionate, this is the definitive book on Internet security from the leading thinker on the subject."-The Industry Standard "Startlingly lively....a jewel box of little surprises you can actually use."-Fortune "Secrets is a comprehensive, well-written work on a topic few business leaders can afford to neglect."-Business 2.0 "Instead of talking algorithms to geeky programmers, [Schneier] offers a primer in practical computer security aimed at those shopping, communicating or doing business online-almost everyone, in other words."-The Economist "Schneier...peppers the book with lively anecdotes and aphorisms, making it unusually accessible."-Los Angeles Times
Bowker Data Service Summary
This work offers practical advice on achieving security throughout computer networks and explains why protecting information is harder in the digital world.
Long Description
Praise for Sectrets and Lies "This is a business issue, not a technical one, and executives can no longer leave such decisions to techies. That's why Secrets and Lies belongs in every manager's library."-Business Week "Clear and passionate, this is the definitive book on Internet security from the leading thinker on the subject."-The Industry Standard "Startlingly lively....a jewel box of little surprises you can actually use."-Fortune "Secrets is a comprehensive, well-written work on a topic few business leaders can afford to neglect."-Business 2.0 "Instead of talking algorithms to geeky programmers, [Schneier] offers a primer in practical computer security aimed at those shopping, communicating or doing business online-almost everyone, in other words."-The Economist "Schneier...;peppers the book with lively anecdotes and aphorisms, making it unusually accessible."-Los Angeles Times
Long Description
Praise for Sectrets and Lies "This is a business issue, not a technical one, and executives can no longer leave such decisions to techies. Thats why Secrets and Lies belongs in every managers library."-Business Week "Clear and passionate, this is the definitive book on Internet security from the leading thinker on the subject."-The Industry Standard "Startlingly lively....a jewel box of little surprises you can actually use."-Fortune "Secrets is a comprehensive, well-written work on a topic few business leaders can afford to neglect."-Business 2.0 "Instead of talking algorithms to geeky programmers, [Schneier] offers a primer in practical computer security aimed at those shopping, communicating or doing business online-almost everyone, in other words."-The Economist "Schneier...peppers the book with lively anecdotes and aphorisms, making it unusually accessible."-Los Angeles Times
Main Description
Bestselling author Bruce Schneier offers his expert guidance on achieving security on a network Internationally recognized computer security expert Bruce Schneier offers a practical, straightforward guide to achieving security throughout computer networks. Schneier uses his extensive field experience with his own clients to dispel the myths that often mislead IT managers as they try to build secure systems. This practical guide provides readers with a better understanding of why protecting information is harder in the digital world, what they need to know to protect digital information, how to assess business and corporate security needs, and much more. Walks the reader through the real choices they have now for digital security and how to pick and choose the right one to meet their business needs Explains what cryptography can and can2t do in achieving digital security
Main Description
Bestselling author Bruce Schneier offers his expert guidance on achieving security on a network Internationally recognized computer security expert Bruce Schneier offers a practical, straightforward guide to achieving security throughout computer networks. Schneier uses his extensive field experience with his own clients to dispel the myths that often mislead IT managers as they try to build secure systems. This practical guide provides readers with a better understanding of why protecting information is harder in the digital world, what they need to know to protect digital information, how to assess business and corporate security needs, and much more. * Walks the reader through the real choices they have now for digital security and how to pick and choose the right one to meet their business needs * Explains what cryptography can and can't do in achieving digital security
Unpaid Annotation
Bestselling author Bruce Schneier offers his expert guidance on achieving security on a networkInternationally recognized computer security expert Bruce Schneier offers a practical, straightforward guide to achieving security throughout computer networks. Schneier uses his extensive field experience with his own clients to dispel the myths that often mislead IT managers as they try to build secure systems. This practical guide provides readers with a better understanding of why protecting information is harder in the digital world, what they need to know to protect digital information, how to assess business and corporate security needs, and much more.* Walks the reader through the real choices they have now for digital security and how to pick and choose the right one to meet their business needs* Explains what cryptography can and can't do in achieving digital security
Table of Contents
Prefacep. xi
Acknowledgmentsp. xv
Introductionp. 1
The Landscapep. 11
Digital Threatsp. 14
Attacksp. 23
Adversariesp. 42
Security Needsp. 59
Technologiesp. 83
Cryptographyp. 85
Cryptography in Contextp. 102
Computer Securityp. 120
Identification and Authenticationp. 135
Networked-Computer Securityp. 151
Network Securityp. 176
Network Defensesp. 188
Software Reliabilityp. 202
Secure Hardwarep. 212
Certificates and Credentialsp. 225
Security Tricksp. 240
The Human Factorp. 255
Strategiesp. 271
Vulnerabilities and the Vulnerability Landscapep. 274
Threat Modeling and Risk Assessmentp. 288
Security Policies and Countermeasuresp. 307
Attack Treesp. 318
Product Testing and Verificationp. 334
The Future of Productsp. 353
Security Processesp. 367
Conclusionp. 389
Afterwordp. 396
Resourcesp. 399
Indexp. 401
Table of Contents provided by Syndetics. All Rights Reserved.

This information is provided by a service that aggregates data from review sources and other sources that are often consulted by libraries, and readers. The University does not edit this information and merely includes it as a convenience for users. It does not warrant that reviews are accurate. As with any review users should approach reviews critically and where deemed necessary should consult multiple review sources. Any concerns or questions about particular reviews should be directed to the reviewer and/or publisher.

  link to old catalogue

Report a problem