Security through Simplicity

Bruce Schneier is one of the world’s best known and most pragmatic security experts. He is also a man of considerable breadth of knowledge, if one were to judge from his latest book, Beyond Fear.

What Schneier could have chosen to do in this book—or for that matter any book he writes—was to create a treatise for experts. He has the expertise to do it, is eminently qualified to do so and would be taken seriously if he did. Instead, he has chosen to cater to the masses and written what is, in my opinion, the best primer on security, one that can be understood by the man in the street.

The book has been released at the right time—the second anniversary of the attacks of September 11, an event which the US would have everyone believe “changed the world.” With that as a recurring theme in the country with the highest gun ownership and arguably the greatest degree of paranoia, it is easy for even the most balanced of experts to tilt slightly towards hysteria, and cast it as patriotism.

Take that as the background and then one would appreciate that what this book has achieved is doubly laudable. Schneier cuts across popular myth, assaults commonly-held beliefs and deftly dismantles the web of fear, uncertainty and doubt that many world leaders have spread in the wake of the attacks, mostly to serve their own ends.

Security, explains Schneier, is not something that one think of in absolute terms; it is a series of trade-offs. With that as the central theme, he takes the reader through the maze, explaining each aspect with down-to-earth examples which anyone can comprehend. What is remarkable is that the cases he cites to illustrate his arguments come from a myriad sources – from nature, from science, from various corners of the globe.

So does the creation of a national ID card make everyone safer? What about increased airport security and screening? What are the only two things which have actually increased airline security since September 11? How about the Patriot Act? The Total Information Awareness program?

There are no sacred cows here. Schneier categorically separates the sheep from the goats with no dogma guiding his reason. There’s plenty of commonsense buried within the tome—people, not technology, are the greatest asset when it comes to security; simplicity, not complexity, makes us safer. To quote him: “Good security systems usually involve technology and people working together, but the people have to run the technology, not vice versa.”

What’s commendable is that in all this discussion, Schneier is never pedantic, never mundane. The book is an entertaining read right through. My only regret is that he did not include some reference to the ridiculous fridge magnet distribution by the Australian government which must surely rank as the stupidest thing which any government did in the name of security after September 11. Oh well, let’s hope it makes the second edition!

Categories: Beyond Fear, Text

Sidebar photo of Bruce Schneier by Joe MacInnis.