"Click Here To Kill Everybody" Book Review by Cybersecurity Expert Scott Schober
Forget the fact that this esteemed security expert is also a cryptographer and author of seminal cybersecurity books including Data and Goliath and Liars and Outliers…does Click Here to Kill Everybody live up to its own hype or is is just all theatrics?
Although I’ve never met Bruce Schneier, I can gather from his personality and the way my colleagues speak of him that he is the security expert’s expert. Up until June of this year, Bruce was the CTO for Resilient Systems, a private company that offered incident response solutions. Basically, IBM saw that they were doing good work cleaning up corporate security messes all over the infosec world and entered into an agreement with them not too long before acquiring them back in 2016. Schneier, their CTO had already made a name for himself as a fellow at the Berkman Center for Internet and Society at Harvard Law School and also as a burgeoning writer of many technical publications on cryptography and books on cybersecurity.
But those credentials don’t necessarily translate into great reading of 300+ pages of a cybersecurity tome so how does Click Here To Kill Everybody: Security and Survival in a Hyper-connect World fare? Schneier’s take on current and future security trends is so detailed, I sometimes needed a notepad to keep up. His meticulous reporting, cross referencing and modeling of security trends and breaches is to be admired although I’ll admit, I sometimes felt like I was sitting in one of his classrooms at Harvard.
Schneier sets up his entire book by introducing Internet plus, a kind of idealized version of our current Internet. Here, it feels like Schneier is riffing off of common marketing speak including brands such as the Internet of Things. Brands like these promise minimal consumer frustration but actually deliver much more frustration than even archaic communications platforms such as email and SMS text do. This is because for all of IoT’s promises and standardization, we the consumers get mostly cheap but unsecured devices for our dollars. An empty smart fridge is great if it can tell me exactly what I need to shop for but what’s the point if it can also be easily hacked to spread malware through other connected devices and eventually steal my passwords, data and more?
Schneier’s Internet Plus relies heavily on education, standards and regulation. Throughout this book, Schneier is not afraid to invoke strong government regulation as a means to both stimulate competition and encourage things like research and job creation. I find his reliance on governance a little refreshing but some of his suggestions such as comprehensive software product liability measures might overstep his optimism a bit. But how can the man that titles his book Click Here To Kill Everyone even be considered an optimist?
One of the most enjoyable aspects of this book was the author’s adept warnings mixed with caution and optimism for our digital future. This book is not the work of a cynic. Otherwise, Schneier wouldn’t have detailed numerous solutions for myriad problems the cybersecurity community faces as a whole. Click Here To Kill Everyone is an absurd premise when taken literally but as Bruce Schneier details the problems, it steadily becomes a grim possible reality. Fortunately, experts including the author feel confident that our collective security woes are not too great to overcome in the future. I give this book 5 out of 5 stars. Stay safe.