Beyond Fear

Where other books on the subject feed on the paranoia or give you cookie-cutter 'solutions' that have little bearing on reality, Schneier's BEYOND FEAR gives you the tools and the knowledge you need to make critical security decisions on your own. Schneier skewers the myths, the hidden agendas, and the outright poor decisions made in the name of "security," using real life examples to show us how to effectively evaluate a situation. Schneier's credentials as a security guru are impeccable; at the same time, he has the unique (and far too rare) gift of being able to write to a general audience. His writing style is as entertaining as it is informative. This is a book you'll enjoy reading; more importantly, it's a book you SHOULD read -- because it will arm you with the knowledge you need in today's world.

Rating:
Summary: Excellent new book
Review: This new book of Bruce's covers a lot of practical aspects to security that is particularly relevant in a security-obsessed society. It's important to make sure when you do something that's supposed to increase security that it actually work. This is the most important, really. If it's not going to work, why bother. Discussing security in general terms explains why some counter-intuitive measures are good security. It also shows why security measures that are broadly based but weak can be better than ones that are targeted but strong.

Rating:
Summary: Finally! An intelligent treatment of security!
Review: Too many books on security provide "how to" information (buy this, install that), with no regard to what is being protected and from what. "Beyond Fear" doesn't talk about what to buy to "feel" safe, but about how to analyze threats, risks, and the actions one might take to deal with them in an intelligent and interesting read. His insights into anti-terrorism efforts are enlightening.

Rating:
Summary: Excellent Read
Review: What impressed me most about this book was how enjoyable it was to read. Security is a difficult subject, but this book makes it easy. I learned something on every page.

Rating:
Summary: A really outstanding resource
Review: What's been written is simply the best general level explanation of what security is and should be that I've ever come across. The author methodically, clearly, and concisely describes the elements of security, and how to evaluate them.
Not just computer security either -- physical real-world security is also discussed and analyzed in language that really is so simple that even an administrator could understand it.

Not only that, but in what I consider one of the book's strongest strengths, the reader walks away able to explain security to others, and to evaluate security based on reasonable criteria and tools instead of just gut instinct.

I really think that this book ought to be required reading for anyone who has anything to do with security in any way, whether it be recommending it, designing it, implementing it, or using it. It's that good.

Rating:
Summary: Great book!
Review: When one of the smartest security people writes one of the most readable books on the topic, this required 10 stars. Alas, I can only give 5.

This book is so good; I bought a copy for my supervisor.


Rating:
Summary: Great book for the intelligent layman
Review: You don't have to know anything about security or cryptography to find this book useful. It'll teach you what you need to know, in an informative, entertaining manner. I particularly enjoyed the illustrative examples -- while may be an urban legend or two buried in there, most of the material appears to be well-researched.

The five-point method for assessing the value of a security measure is useful both in itself and to give a comparative framework for people to discuss security issues with each other.

Highly recommended.

Rating:
Summary: May be applicable, in general - beyond "digital systems"
Review: You know, folks, I've a hunch that this book might be applicable, in regards to the "bureaucratically dreamt of", "news-agency talked about", "popularly assumed-of", however "real" phenomenon, particularly: "Homeland security".

I'll admit, I have not yet read Schneier's work, this one. (As I recall, another technician mentioned Schneier; a stop-by at a web-site followed; then,wound up adding this to "my little? wish list")

I figure, I know "a sure thing", when I see it, expressed in written form.

Schneier is a trustworthy author.

So, while I have not yet read it, yet this book - Schneier's - gets "the 5-all-good mark-of-confidence, permanent and for-real real," even in terms of forward, reasoned anticipation, about the applicability of Schneier's expressions, in regards to: digital-systems work, and "general security".

Concluded: It's a book, wholly worth your time.

Rating:
Summary: good book for the layman; entertaining but w/some flaws
Review: _Beyond Fear_ is a good book, and I'd put it into the "should read" but not "must read" category for people working in security (as opposed to _Secrets and Lies_, which I put into the "must read" category). There's little new or profound in the book, which is essentially an elaboration with examples on the five-step process of analyzing and evaluating security systems given on pp. 14-15 of the book:

1. What assets are you trying to protect?
2. What are the risks to these assets?
3. How well does the security system mitigate those risks?
4. What other risks does the security system cause?
5. What costs and trade-offs does the security solution impose?

In the process, Schneier provides many interesting examples. This is an excellent book on security for the layman. But it is definitely a book targeted at a popular audience. There are no footnotes or references, and Schneier occasionally tosses off remarks or asides that are questionable, if not false.

There are two significant flaws in the book:

1. It exaggerates the subjectivity of a security evaluation. On p. 17, chapter two is titled "Security Trade-offs are Subjective." But it's not the trade-off itself that is subjective. It's not the risk assessment that is subjective. It is people's non-instrumental desires (basic desires) or
values that are subjective.

Schneier writes (p. 17) that "Different people have different senses of what constitutes a threat"--but some are right and some are wrong. His distinction between perceived and actual risk shows that the important one is actual risk, not perceived risk. Actual risk is objective, not subjective. Schneier continues "or what level of risk is acceptable." That can certainly have a subjective component, but even subjective components can conflict with each other and be internally inconsistent, indicating a problem in the evaluation.

The final sentence of the chapter contradicts the chapter title: "Because we do not understand the risks, we make bad security trade-offs." (p. 31) If the trade-offs were subjective, there would be no such thing as a bad trade-off, only a trade-off perceived to be bad by someone.

Later in the book Schneier contradicts the strong subjectivity claim (e.g., p. 249: "Massive surveillance systems are *never* worth it." (emphasis added)) I don't think he seriously meant to make the strong claim--I think it's just careless/imprecise writing. p. 259 seems to get it pretty much right, but he should really have found a philosopher to review this book--that a problem is intractable doesn't mean that the answer is subjective, nor does the fact that subjective interests enter into the picture mean that the answer, given those interests, is subjective.

2. The book argues for an exaggerated egalitarianism--that anybody, regardless of background, training, or intelligence, can do security analysis. At the same time, the book touches on some of the evidence that ordinary judgments are inaccurate, and that people are notoriously bad at estimating and comparing risks due to the natural use of heuristics like vividness, recency, etc. (the classic Kahnemann and Tversy book, _Judgment Under Uncertainty_, summarizes some of this evidence).
It would be grossly mistaken to think that Joe Schmoe off the street is going to be capable of designing (or evaluating) the effectiveness of a complex security system, versus people with appropriate training and experience--just as mistaken as hiring people with no computer knowledge to build and maintain your IT infrastructure.
Again, like in point 1, Schneier says things which contradict the strong hypothesis he seems to argue for, for example when he writes that wealthy people want doctors who treat others, not just standing by on 24/7 on-call for those wealthy people, because they want doctors who are experienced.
And I think this is a good comparison--the position Schneier *should* be arguing for is that we should take responsibility for our own security in the same way that we should take responsibility for our own health. We still need to rely on experts, but we should take an active role in consulting with them and evaluating what they tell us, especially since (just as in health care and medicine) there are people who know what they are talking about and those who are snake oil salesmen.