Rating: 
Summary: Secrets & Lies
Review: Bruce Schneier has the ability to keep his readers eyes "clued" towards the pages. Although the book is based on pure facts, it reads like a fiction bestseller. Behind the easy way to communicate with his readers lies a detailed research with mathematical accuracy. Certainly a mile-marker within the publications dealing with the digital- and networked world.
Rating: 
Summary: A lot of fluff - not enough real-world information.
Review: I was less than impressed with this book. Although Schneier is clearly a smart guy, from the very general way in which he describes security considerations, you would never know that he runs a security firm. This book is clearly targeted at the business executive who is curious about net security and wants to find out enough to be able to sit in meetings and speak reasonably intelligently about potential issues. But if you are at all familiar with technology, reading this book will probably not tell you anything you don't already know. (As an example, in one chapter there's a section called "Trojan horses" - he takes 3 or 4 pages and explains what a Trojan Horse is, AND THAT'S IT! Then he's off to the next topic. No explanation of how a cracker gets one onto your box. No explanation of how to defend yourself.) I may be a little biased because I bought this book and "Hacking Linux Exposed" after my site got hacked, so I was looking for detailed security measures. But having read both this book and "Hacking Linux Exposed", I can say that HLE covers all of the topics in Schneier's book with many extra topics added for good measure. And MOST IMPORTANTLY, while Schneier basically spends all his time talking in very general terms about ways in which crackers can break into your box, HLE has a section after every exploit where they tell you HOW TO PROTECT YOURSELF.
Rating: 
Summary: Good Infosec Intro
Review: For non-techies or people who are new to computer security, this book is a great start. Every topic has real world examples and the author never gets too technical with the descriptions. This book would be perfect for a survey course in infosec. The only complaint I have about this book is that the author tends to focus too much on cryptography, his specialty. PKI and other forms of encryption are an important part of infosec, but the majority of attacks bypass any form of cryptography altogether.
Rating:
Summary: Great book.
Review: This book was a great read. It was easy to get into quickly and every section was well written with real life stories and examples. It was a interesting read, like reading a thriller. Great book to keep as reference. Bruce really knows his stuff. Check out his other books too.
Rating:
Summary: Best 1st book, wholistic view of system security
Review: This book is an excellent discussion of the security issues as they relate to a modern IT environment. The book does not focus on encryption or other technology. Rather it discusses security from a practical, wholistic point-of-view. If you are looking for a best first book and are interested in developing a perspective on security and how it applies to technology based systems, then this is the book to read. I am a technical project lead in the IT industry. I have read at least a dozen books on the various aspects of security, and this one has proven to be the most useful to me, by far. I now can deal with any security issue or technology and be able to put it into its proper perspective. I can also hold my own in a discussion with any security "expert". I have recommended that everyone on my current program read this book.
Rating:
Summary: Security is Ensured by Process not by a Tool
Review: This book a bit less technical, and has a nice qualitative/accessible feel to it. The book makes a point that good security requires vigilance and cooperation of authorities and users of secure systems. Schneier shows (accurately) how the best systems software for security through cryptography can be subverted by "social engineering" (human error induced by the intruder) or by misapplication of tools. Managers of companies with machines connected to the internet really ought to take a look at this to get a sense of both their level of risk exposure and what options might be available to them. I strongly recommend this book to both my students and colleagues.
Rating:
Summary: Great book!
Review: I've finished reading it today. I recommend it for every network administrator concerned about security. The whole picture is there.
Rating:
Summary: Excellent Resource for Managers
Review: This book would serve as a foundation to educate managers, not just IT manager, on what they need consider in this, the digital age. If managers would read this book and apply what they know about risk management to the information in the book, then their companies should succeed on the internet. It provides the information individuals need in a language that anyone can understand. However, it is not an open once and read in one night book. Just like a fine meal you have to chew on the substance of the book and read it several times to understand the full flavor. One of the best quote in the book is in the preface "If you think technology can solve your security problem, then you don't understand the problems and you don't understand the technology" This book will help you understand both.
Rating: 
Summary: not really a security book
Review: the book is not really a security or hacking book. covers technology basics well and very humorous at times. so what's the point? author has written better books, have to give him that. very disappointed, i had higher expectations.
Rating:
Summary: Extraordinary book if you want to understand
Review: "Secrets and Lies" by Bruce Schneier taught me that computer security is much more than building better firewalls and managing them well. Schneier knows most hacks come through social engineering, unguarded other entrances, email delivered trojans, and other techniques that bypass the firewall entirely. He also knows that security will never be perfect, and talks frankly about how to minimize the risks you can't eliminate. That's the real world, and he treats it with deep understanding. Most computer books are "just the faqs" dumps of the subject, with a little organization. Schneier instaed is thoughtful and eloquent. He changed entirely how I thought about the subject. Dave Burstein
| 
