book cover

John Wiley & Sons
432 Pages

15th Anniversary Hardcover
ISBN 978-1-119-09243-8

ISBN 978-0-471-45380-2

Praise for Secrets & Lies

“Successful companies embrace risk, and Schneier shows how to bring that thinking to the Internet.”

—Mary Meeker, Managing Director and Internet Analyst, Morgan Stanley, Dean Witter

“Just as Applied Cryptography was the bible for cryptographers in the 90's, so Secrets and Lies will be the official bible for INFOSEC in the new millennium. I didn't think it was possible that a book on business security could make me laugh and smile, but Schneier has made this subject very enjoyable.”

—Jim Wallner, National Security Agency

“The news media offer examples of our chronic computer security woes on a near-daily basis, but until now there hasn't been a clear, comprehensive guide that puts the wide range of digital threats in context. The ultimate knowledgeable insider, Schneier not only provides definitions, explanations, stories, and strategies, but a measure of hope that we can get through it all.”

—Steven Levy, author of Hackers and Insanely Great

“This book should be—and can be—read by any business executive, no specialty in security required. It will alter the way you do business. Anyone reading Secrets and Lies will immediately understand that security involves everything: where you work, how you work, and who you work with. In this remarkable book, security is a metaphor for all business-related issues. It provides a unique understanding of the digital age and is a handbook for understanding business problems and challenges. At Walker Digital, we spent millions of dollars to understand what Bruce Schneier has deftly explained here.”

—Jay S. Walker, Founder, and Chairman, Walker Digital

“Good security is good business. And security is not (just) a technical issue; it's a people issue! Security expert Bruce Schneier tells you why and how. If you want to be safe, you should read this book before the other side does!”

—Esther Dyson, chairman, EDventure Holdings

“The book is of value to anyone whose business depends on safe use of e-mail, the Web, or other networked communications. If that's not yet everybody, it soon will be.”

—Stephen H. Wildstrom, Business Week

“Instead of talking algorithms to geeky programmers, he offers a primer in practical computer security aimed as those shopping, communicating or doing business online - almost everyone, in other words.”

The Economist

“[A] more readable but depressing look at just how tough it can be to maintain security.”

—Stephen Manes, Forbes

“[A] startlingly lively treatise on, among many other things, why our basic decency, trust, and willingness to help others will always allow 'social engineers' (a hacker term for con artists) to leapfrog even the most elaborate firewall. There are, however, ways to minimize the damage, which Schneier spells out in user-friendly language, with lots of colorful asides... [A] jewel box of little surprises you can actually use.”

—Anne Fisher, Fortune

“Setting himself apart, Schneier navigates rough terrain without being overly technical or sensational—two common pitfalls of writers who take on cybercrime and security. All this helps to explain Schneier's long-standing cult-hero status, even—indeed especially—among his esteemed hacker adversaries.”

—John Simons, The Industry Standard

“Aiming straight for the vaunted 'general audience, [Schneier] peppers the 400-plus pages with Yogi Berra quotes, analogies drawn from 'Star Wars' and trivia tidbits from Greek mythology. But the folksy wit doesn't obscure a core message as frighteningly entertaining as Dr. Lecter's flesh-eating antics: In cyberspace, you're dead meat on a stick.”

—Brendan I. Koerner, Salon

Secrets and Lies should begin to dispel the fog of deception and special pleading around security, and it's fun.”

New Scientist

“Schneier is intimately involved with the security community - besides being the creator of the [Blowfish] and [Twofish] encryption algorithms and a frequent speaker at technical conferences, his company deals with this day in and day out. More to the point for a book, he can also write. It makes reading about Product Testing and Verification (Chapter 22) rather than a snooze, a treat.”

—Jeff “hemos” Bates, Slashdot

“All in all, as a broad and readable security guide, Secrets and Lies should be near the top of the IT required-reading list.”

—Stan Gibson, eWeek

“You have to ask yourself why all books about this subject aren't written in such a relaxed and simple style.”

Palmtop Pro (original in German)

“...a practical, straightforward guide to understanding and achieving security throughout computer networks.”

—Computer Security Alert

Secrets and Lies is a fun and easy read that belongs on every IT manager's bookshelf. Because this is such a large and complex topic, it is easy to miss important details. I agree with the author's recommendation that the book should be read twice from cover to cover.”

—Riley Eller, DevX Enterprise Zone

“One of the most important security books to come out in the last ten years.... Readers looking for a matter-of-fact, no-nonsense initiation into the world of information systems security should consider Secrets and Lies required reading.”

Security Management

“It's a remarkable book. Anyone touched by these issues—which is to say, almost everyone—should read it.”

—Jon Udell, Byte

“So how to reach people with this geeky material? Schneier, founder of Counterpane Internet Security Inc. in San Jose, peppers the book with lively anecdotes and aphorisms, making it unusually accessible.”

—Charles Piller, LA Times

Secrets and Lies is really outstanding.... I think that Schneier has put the entire range of digital threats into appropriate context. I think that this is the book that every business executive should read. And it's written in a manner that every executive can understand. There's no code in it. No cryptographic algorithms. There are lots of good examples and true stories.”

—Peter H. Salus, ;login:

“As soon as you can find this one in the bookstores, buy it. It belongs on every security professional's bookshelf. And, while you're buying yourself a copy, buy one for your boss.”

—Peter Stephenson, SC Magazine

“A practical, straightforward guide to achieving security throughout computer networks. Schneier uses his extensive field experience with his own clients to dispel the myths that often mislead IT managers as they try to build secure systems.”

Security Watch

“Schneier's book is an excellent read.... Unlike some other nontechnical security resources, Schneier's book is authoritative because he's been there and done that, having invented—and cracked—a couple of equally important algorithms. He understands the issues and the issues behind the issues.”

—Bill Machrone, PC Magazine

Secrets is a comprehensive, well-written work on a topic few business leaders can afford to neglect.”

Business 2.0

“Beyond its technical merit and pointed insight into the state of information security, this book showcases Schneier's aptitude at separating the wheat from the chaff. Like few others in the computer security arena, he has a knack for explaining complex topics in a way every layman can understand--and doing so without pontification or oversimplification. That's a rare treat in an industry brimming over with marketing hype and technical mumbo-jumbo.”

—Andy Briney, Information Security

“Schneier offers enough gritty history, cautionary tales and colorful explanations to keep readers engrossed, whether they're new to the security field or seasoned professionals. In addition, he has managed to pepper his text (especially the latter sections) with plenty of useful tips and advice that can help companies battle their way through the dangerous and often confusing task of securing their most valued assets.”

—Daintry Duffy, CIO Magazine

Secrets and Lies, which examines "The Landscape, Technologies, and Strategies," is laced with real-world stories about security and privacy breaches—some well known, some not.... [An] excellent book.”

—Privacy Times

“What makes the book distinctive is that it's readable, well-paced and wouldn't look out of place in the business class cabin of a 747. In short, it's aimed at the savvy exec or layperson who wants to be able to speak from an informed position after the next macro-related network shutdown.”

—Josh Gliddon, Australian Personal Computer

“It's easy for a layman to read. He doesn't start using geek terms until chapter five. Schneier writes with insider knowledge without sounding like he's spent his whole life in front of a monitor.”

—David E. Romm, Shockwave Radio

“One point seems to have been glossed over in the praise for this work. Schneier's writing is lively, entertaining, and even playful throughout the entire book. Not only is this volume a realistic and useful view of the security enterprise, but it's a lot of fun.”

—Rob Slade, Internet Review Project

“It's not often that a truly outstanding book is written for both technical users and management. Fortunately, Secrets and Lies pulls off this feat rather well.”

—Dustin Puryear,

“From Applied Cryptography to Secrets and Lies is an amazing transformation and writing about it must have taken considerable courage and honesty! There is a lot more to say about this book, including a long list of memorable quotes, but no more space--read it yourself. It's a good read.”

—Niels J. Bjergstrom, Information Security Bulletin

Secrets and Lies gives the clearest explanation we have yet seen as to the fundamental problems faced when dealing with technology.”

AEGIS e-Journal

“Newcomers to the world of Schneier will be surprised at how funny he can be, especially given a subject commonly perceived as quiet and dull. Whether he's analyzing the security issues of the rebels and the Death Star in Star Wars or poking fun at the giant software and e-commerce companies that consistently sacrifice security for sexier features, he's one of the few tech writers who can provoke laughter consistently.”

“Schneier's book is surprisingly jargon-free and easy to understand, even if you're not au fait with the inner workings of TCP/IP--its common-sense, practical style makes a potentially dense and arcane subject accessible by just about anybody. It's also bang up to date, which makes for a pleasant change.”

—Roger Gann,

“Any security geek worth his salt needs the background this book provides. Granted, technology has changed and advanced since this book was first published in 2000, making some of the examples irrelevant in today’s environment, but the basics of security that they illustrate have not.”

—Ken Harthun, Security Corner

“I was really surprised at just how pertinent it still is. This book was written before Stuxnet, before the PRISM scandal… heck, the book was written BEFORE FACEBOOK, yet after reading Secrets and Lies I feel like Bruce Schneier saw them coming from a decade away. Like a Digital Nostradamus.”

—Joe Zack,

up to Secrets & Lies

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Resilient Systems, Inc.