News in the Category "Text"
Page 57 of 64
Improved Security Requires IT Diversity
In his recently released book, Beyond Fear: Thinking Sensibly About Security in an Uncertain World (Copernicus Books, 2003), security guru Bruce Schneier argues for a more common-sense and less technology-centric approach to both IT security and physical security. In this interview with Computerworld, Schneier shares his views on IT security.
You recently co-wrote the report “CyberInsecurity: The Cost of Monopoly. How the Dominance of Microsoft’s Products Poses a Risk to Security.” Would you have written it if the world had been standardized around another operating system? …
REVIEW: Practical Cryptography, Bruce Schneier/Niels Ferguson
The preface points out that cryptography has done more harm than good in terms of securing information systems, not because cryptography fails in and of itself, but, rather, due to the improper use or implementation of the technology. This book is intended to provide concrete advice to those designing and implementing cryptographic systems. As such, it is not the usual introduction to cryptography, and is aimed at a fairly limited group.
Chapter one asserts that we should be engineering for security, rather than speed or bells and whistles. Security is only as strong as the weakest link, we are told in chapter two, and (following from the idea of defence in depth) we need to have engineering in depth (and probably breadth, as well). The issues are important, but there is some lack of clarity to the organization and flow of the text and arguments: the reader may start to wonder what the essence of the message is. (I see that I should have trademarked “professional paranoia” when I started using it years ago, but it is nice to note that the point is being taken.) Chapter three is a rather unusual “Introduction to Cryptography” (and the mathematical format of the text doesn’t make it easier for the math-phobic to concentrate on the meaning), but focussing on the applications and problems, the cryptanalytic attacks, and repeating the injunctions against complexity and the sacrifice of security for performance is a reasonable position…
A Tax on the Honest
HOW useful are ID checks in large office buildings? Is it safe to use a credit card online? Can face-scanning systems make airports safer? Not very, yes, and no, says Bruce Schneier in “Beyond Fear”, the latest of several books on security to have appeared since September 11th 2001.
Mr. Schneier, however, comes at these questions from an unusual and informative perspective. He is one of the world’s leading experts on computer security, and arguably the most articulate. For years, he has explained the ins and outs of his field by drawing analogies with real-world security. In his new book, he turns this approach on its head, using his analytical skills, honed in the field of computer security, to evaluate the other security measures that are now so common…
Risky Business?—Examining the Difference Between Safety and Security
In Beyond Fear, security consultant Bruce Schneier undertakes to teach the reader “to think about security.” That focus is the book’s strength and its limitation.
First, the limitation. The book refers to crimes, accidents and attacks, many of which would be fascinating to know about. But this book is not about any of those prospective events. It has a more practical purpose.
Thinking about security will be particularly valuable for anyone who has to make a decision about that—a business owner, perhaps, or a policymaker. Schneier lays out a set of questions to ask about any system: What is it trying to protect? From what? What good will it do? What problems will it create?…
Beyond Fear: Thinking Sensibly About Security in an Uncertain World
A “professional thinker about security” and author of Applied Cryptography (1994), said to have sold >200,000 copies, applies the methods developed for computer security to broader security issues, especially security against terrorism. “Security issues affect us more and more in our daily lives, and we should all make an effort to understand them better. We need to stop accepting uncritically what politicians and pundits are telling us. We need to move beyond fear and start making sensible security trade-offs.” Everyone makes security trade-offs, every day. We live our lives making judgments, assessments, assumptions, and choices about security (e.g., when we lock the door to our home, we make a security trade-off: the inconvenience of using a key in exchange for some security against burglary). Making security trade-offs isn’t some mystical art: “the goal of this book is to demystify security, to help you move beyond fear.” To get beyond fear, you have to start thinking intelligently about trade-offs, the risks you face, and the options for dealing with those risks. A lot of lousy security is available for purchase, and a lot of lousy security is imposed on us by government. Once we move beyond fear, we can recognize bad or overpriced security…
Security Bookshelf
Beyond Fear, by Bruce Schneier, Copernicus Books, 2003.
Schneier is a world-renowned cryptography expert who literally wrote the book on the subject when he penned Applied Cryptography. In these pages, he tackles broader security issues in the wake of the 9/11 attacks.
Beyond Fear is intriguing and thought-provoking. Taking examples from the headlines and from his experiences studying homeland security issues, Schneier teaches us to avoid fear and use good sense when making security choices. He cites interesting facts to help readers keep things in perspective. For example, he reports that while many people may worry about shark attacks, more people die each year in pig attacks than shark attacks…
Security through Simplicity
Bruce Schneier is one of the world’s best known and most pragmatic security experts. He is also a man of considerable breadth of knowledge, if one were to judge from his latest book, Beyond Fear.
What Schneier could have chosen to do in this book—or for that matter any book he writes—was to create a treatise for experts. He has the expertise to do it, is eminently qualified to do so and would be taken seriously if he did. Instead, he has chosen to cater to the masses and written what is, in my opinion, the best primer on security, one that can be understood by the man in the street…
Security Executive Stresses Trade-Offs
It’s a gutsy way to start a book on security. In “Beyond Fear,” published this month by Copernicus Books, Bruce Schneier asks us to set aside our revulsion and horror to grasp what the 9-11 terrorists accomplished. What they did, he says, was efficient, audacious, well-planned, simple and, from their view, successful. This understanding is key to moving beyond fear and improving security, says Schneier, who created some well-known encryption algorithms—formulas used to scramble and unscramble computer data. He’s also founder and chief technology officer of Cupertino, Calif.-based computer security monitoring company Counterpane Internet Security Inc. The privately held company has attracted more than $50 million from some big-name venture funds. To improve security, we must demystify it and consider the trade-offs, he says. He hates the idea of national ID cards, opposes use of computerized voting machines and abhors the notion of arming commercial airline pilots. He recently spoke with IBD about security…
Bruce Schneier: The Evolution of a Cryptographer
For a while, it seemed as if Bruce Schneier himself was encrypted. No one could decipher his whereabouts for an interview with CSO. This was unusual because Schneier, founder and CTO of Counterpane Internet Security, is usually aggressively available to the press. Plus, he has a new book to promote—Beyond Fear: Thinking Sensibly About Security in an Uncertain World—a decidedly iconoclastic and non-IT view of security. But the book also challenges physical security practitioners to learn a thing or two from the infosecurity ranks: to think in terms of systems…
"We've Made Bad Security Tradeoffs"
Bruce Schneier is a rare creature in the computer-security world. Although he made his name as an alpha geek in cryptography and later, as chief technology officer of Net-security outfit Counterpane, Schneier can also speak to laypeople about the general security matters that increasingly touch all of our lives.
In the post September 11 era, he has emerged as one of the more cogent and quotable thinkers on the topic. In particular, he has asked hard questions about the effectiveness of some of the security measures passed after the terrorists’ massacre. Schneier’s latest book, Beyond Fear (Copernicus Books, 2003), is a highly readable compendium of his thoughts on the various aspects of real-world security. Designed for a general audience, it’s a great introduction to a complicated and confusing topic. I interviewed Schneier via e-mail over the week of Aug. 25. Here are edited excerpts of our exchange:…
Sidebar photo of Bruce Schneier by Joe MacInnis.