Data and Goliath by Bruce Schneier (Book Review)

Excerpt

Data and Goliath is a fascinating exploration of this post-Snowden world we live in. It shows how the back-doors that technology companies were forced to implement for the NSA, have actually become weapons for other agencies and hackers to use. We're taken through the murky world of international espionage, and shown how we have all become collateral damage in this digital arms race. Schneier also explains that even when we try to protect ourselves by leaving Facebook or Gmail, the fact that our friends and relatives still use them means we're caught up in this global informational dragnet.

I'll admit, at times the book leaves you with a profound sense of hopelessness, as fighting against powers so strong appears an exercise in futility. But all is not lost. In the final third of the story, Schneier outlines his manifesto for how governments, corporations, and individuals can change they way they act, thus restoring some kind of trust to the online world. Sadly this is also one of the slowest part of the book, as the governmental and corporate sections really feel more like a utopian call to arms than an actual solution. Data has become so valuable that the prospect of them surrendering it for the greater good seems a distant and unrealistic possibility.

Tips on how individuals can at least obfuscate the data we generate is useful. Schneier advocates software such as the Tor browser, HTTPS Everywhere, plus other helpful tools. He also has some ingenious ideas about throwing in random behaviour to mess with the algorithms that predict our patterns.

In the end you're still left with the knowledge that big brother really is watching, and won't be stopping anytime soon. But at least if you're aware of the facts it could help you make better decisions about how much you, at least willingly, share. It might not be a happy read in a lot of ways, but it is an important one.

Categories: Book Reviews, Data and Goliath, Text

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.