Reviews of Secrets & Lies

Business Week Stephen H. Wildstrom
"The book is of value to anyone whose business depends on safe use of e-mail, the Web, or other networked communications. If that's not yet everybody, it soon will be."
The Economist  
"Instead of talking algorithms to geeky programmers, he offers a primer in practical computer security aimed as those shopping, communicating or doing business online - almost everyone, in other words."
Forbes Stephen Manes
"[A] more readable but depressing look at just how tough it can be to maintain security."
Fortune Anne Fisher
"[A] startlingly lively treatise on, among many other things, why our basic decency, trust, and willingness to help others will always allow 'social engineers' (a hacker term for con artists) to leapfrog even the most elaborate firewall. There are, however, ways to minimize the damage, which Schneier spells out in user-friendly language, with lots of colorful asides... [A] jewel box of little surprises you can actually use."
The Industry Standard John Simons
"Setting himself apart, Schneier navigates rough terrain without being overly technical or sensational -- two common pitfalls of writers who take on cybercrime and security. All this helps to explain Schneier's long-standing cult-hero status, even -- indeed especially -- among his esteemed hacker adversaries."
Salon Brendan I. Koerner
"Aiming straight for the vaunted 'general audience, [Schneier] peppers the 400-plus pages with Yogi Berra quotes, analogies drawn from 'Star Wars' and trivia tidbits from Greek mythology. But the folksy wit doesn't obscure a core message as frighteningly entertaining as Dr. Lecter's flesh-eating antics: In cyberspace, you're dead meat on a stick."
New Scientist  
"Secrets and Lies should begin to dispel the fog of deception and special pleading around security, and it's fun."
Slashdot Jeff "hemos" Bates
"Schneier is intimately involved with the security community - besides being the creator of the [Blowfish] and [Twofish] encryption algorithms and a frequent speaker at technical conferences, his company deals with this day in and day out. More to the point for a book, he can also write. It makes reading about Product Testing and Verification (Chapter 22) rather than a snooze, a treat."
eWeek Stan Gibson
"All in all, as a broad and readable security guide, 'Secrets and Lies' should be near the top of the IT required-reading list."
Palmtop Pro  
"You have to ask yourself why all books about this subject aren't written in such a relaxed and simple style." (original in German)
Computer Security Alert  
"...a practical, straightforward guide to understanding and achieving security throughout computer networks."
DevX Enterprise Zone Riley Eller
"Secrets & Lies is a fun and easy read that belongs on every IT manager's bookshelf. Because this is such a large and complex topic, it is easy to miss important details. I agree with the author's recommendation that the book should be read twice from cover to cover."
Security Management  
"One of the most important security books to come out in the last ten years.... Readers looking for a matter-of-fact, no-nonsense initiation into the world of information systems security should consider Secrets and Lies required reading."
Byte Jon Udell
"It's a remarkable book. Anyone touched by these issues -- which is to say, almost everyone -- should read it."
LA Times Charles Piller
"So how to reach people with this geeky material? Schneier, founder of Counterpane Internet Security Inc. in San Jose, peppers the book with lively anecdotes and aphorisms, making it unusually accessible."
;login: Peter H. Salus
"Secrets and Lies is really outstanding.... I think that Schneier has put the entire range of digital threats into appropriate context. I think that this is the book that every business executive should read. And it's written in a manner that every executive can understand. There's no code in it. No cryptographic algorithms. There are lots of good examples and true stories."
SC Magazine Peter Stephenson
"As soon as you can find this one in the bookstores, buy it. It belongs on every security professional's bookshelf. And, while you're buying yourself a copy, buy one for your boss."
Security Watch  
"A practical, straightforward guide to achieving security throughout computer networks. Schneier uses his extensive field experience with his own clients to dispel the myths that often mislead IT managers as they try to build secure systems."
PC Magazine Bill Machrone
"Schneier's book is an excellent read.... Unlike some other nontechnical security resources, Schneier's book is authoritative because he's been there and done that, having invented -- and cracked -- a couple of equally important algorithms. He understands the issues and the issues behind the issues."
Business 2.0  
"Secrets is a comprehensive, well-written work on a topic few business leaders can afford to neglect."
Information Security Andy Briney
"Beyond its technical merit and pointed insight into the state of information security, this book showcases Schneier's aptitude at separating the wheat from the chaff. Like few others in the computer security arena, he has a knack for explaining complex topics in a way every layman can understand--and doing so without pontification or oversimplification. That's a rare treat in an industry brimming over with marketing hype and technical mumbo-jumbo."
CIO Magazine Daintry Duffy
"Schneier offers enough gritty history, cautionary tales and colorful explanations to keep readers engrossed, whether they're new to the security field or seasoned professionals. In addition, he has managed to pepper his text (especially the latter sections) with plenty of useful tips and advice that can help companies battle their way through the dangerous and often confusing task of securing their most valued assets."
Privacy Times  
"Secrets & Lies, which examines "The Landscape, Technologies, and Strategies," is laced with real-world stories about security and privacy breaches -- some well known, some not.... [An] excellent book."
Australian Personal Computer Josh Gliddon
"What makes the book distinctive is that it's readable, well-paced and wouldn't look out of place in the business class cabin of a 747. In short, it's aimed at the savvy exec or layperson who wants to be able to speak from an informed position after the next macro-related network shutdown."
Shockwave Radio David E. Romm
"It's easy for a layman to read. He doesn't start using geek terms until chapter five. Schneier writes with insider knowledge without sounding like he's spent his whole life in front of a monitor."
ComputerworldThornton May
Internet Review ProjectRob Slade
"One point seems to have been glossed over in the praise for this work. Schneier's writing is lively, entertaining, and even playful throughout the entire book. Not only is this volume a realistic and useful view of the security enterprise, but it's a lot of fun."
Linux.comDustin Puryear
"It's not often that a truly outstanding book is written for both technical users and management. Fortunately, 'Secrets and Lies' pulls off this feat rather well."
Information Security BulletinNiels J. Bjergstrom
"From Applied Cryptography to Secrets and Lies is an amazing transformation and writing about it must have taken considerable courage and honesty! There is a lot more to say about this book, including a long list of memorable quotes, but no more space--read it yourself. It's a good read."
AEGIS e-Journal
"Secrets and Lies gives the clearest explanation we have yet seen as to the fundamental problems faced when dealing with technology."  
"Newcomers to the world of Schneier will be surprised at how funny he can be, especially given a subject commonly perceived as quiet and dull. Whether he's analyzing the security issues of the rebels and the Death Star in Star Wars or poking fun at the giant software and e-commerce companies that consistently sacrifice security for sexier features, he's one of the few tech writers who can provoke laughter consistently."

Secrets and Lies was also an Amazon Cyberculture Best of 2000 selection. Roger Gann
"Schneier's book is surprisingly jargon-free and easy to understand, even if you're not au fait with the inner workings of TCP/IP--its common-sense, practical style makes a potentially dense and arcane subject accessible by just about anybody. It's also bang up to date, which makes for a pleasant change."
Security Corner Ken Harthun
"Any security geek worth his salt needs the background this book provides. Granted, technology has changed and advanced since this book was first published in 2000, making some of the examples irrelevant in today’s environment, but the basics of security that they illustrate have not." Joe Zack
"I was really surprised at just how pertinent it still is. This book was written before Stuxnet, before the PRISM scandal… heck, the book was written BEFORE FACEBOOK, yet after reading Secrets and Lies I feel like Bruce Schneier saw them coming from a decade away. Like a Digital Nostradamus."

up to Secrets and Lies

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Resilient Systems, Inc..