Think You’re Safe Online? Think Again!
Let’s assume for a moment that you are not a techie or a hacker. You’re browsing in a bookstore and happen to pick up a copy of Secrets and Lies: Digital Security in a Networked World (John Wiley & Sons, $29.99). As you idly flip through it, all you see are dense paragraphs on arcana: the role of symmetric algorithms in encryption systems, the relative merits of code signing and access control at the interfaces, and what a one-way hash function does. Whoa! This is way over your head, you think, as you sheepishly put the book down and look for the latest Grisham thriller.
Not so fast. Despite big chunks of esoteric techspeak, Secrets and Lies is a thriller of a subtler sort. Author Bruce Schneier, chief technology officer at Counterpane Internet Security in San Jose, wrote a 1994 book called Applied Cryptography that became the bible of the field. Since then, while consulting for clients like Hewlett-Packard, Intel, and Merrill Lynch, he has done some deep and imaginative thinking on whether digital security is in fact an oxymoron. (As he says in the preface, if you think technology can solve your security problems, then you don’t understand the problems and you don’t understand the technology.) The result is a startlingly lively treatise on, among many other things, why our basic decency, trust, and willingness to help others will always allow “social engineers” (a hacker term for con artists) to leapfrog even the most elaborate firewall. There are, however, ways to minimize the damage, which Schneier spells out in user-friendly language, with lots of colorful asides: In a discussion of page-jacking, he mentions that the dial telephone was invented in 1887 by a Kansas City funeral director named Almon Strowger, who suspected that operators were routing his phone calls to rival undertakers.
But Secrets and Lies is also a jewel box of little surprises you can actually use. See, for example, Schneier’s persuasive analysis of why writing down your password (in defiance of your system administrator’s pleas) can make your computer, and your network, more secure rather than less. One thing’s certain: This book will make you think twice about ever again using your Visa card on a secure Website.