News in the Category "Text"
Page 59 of 64
Three Minutes With Security Expert Bruce Schneier
Security expert pushes full disclosure, forcing vendors to admit and fix bugs quickly.
Bruce Schneier is founder and chief technology officer of Internet security firm Counterpane. He has written two books on cryptography and computer security, Secrets and Lies and Applied Cryptography, and is an outspoken critic of Microsoft and other software vendors that produce products that contain dangerous security holes. We spoke with him about who is responsible for software security flaws and what consumers can do about the growing problem.
PCW: Are there more security holes in software, or are we just getting better at finding them?…
REVIEW: Bruce Schneier, Secrets and Lies: Digital Security in a Networked World
Secrets and Lies has generated a great deal of interest in the security community this year. Much of this interest probably stems from the simple fact that it isn’t every day (or every year) that you get a general security book, written for the non-specialist, produced by a major name in the field. But one point seems to have been glossed over in the praise for this work. Schneier’s writing is lively, entertaining, and even playful throughout the entire book. Not only is this volume a realistic and useful view of the security enterprise, but it’s a lot of fun…
Secrets & Lies: Digital Security in a Networked World (Review)
If you think technology can solve your security problems, then you don’t understand the problems and you don ‘t understand the technology.
So sayeth Bruce Schneier, the guru in security systems circles. His statements are often blunt but he certainly backs them up with the right credentials. He authored one of the classic texts on cryptography (Applied Cryptography) and BLOWFISH , one of the most frequently used encryption algorithms used in business systems today. BLOWFISH is the algorithm used in the PRIMAR Security System. Although Schneier’s first book, …
Review of Secrets and Lies
There are a lot of misconceptions about computer security, and a lot of unrealistic expectations about what is and is not possible. The truth is that completely reliable computer systems are impossible to achieve, and secure computer and networking systems are equally impossible. When this is understood, one is, at last, in a position to recognize risk and manage it.
Secrets and Lies gives the clearest explanation we have yet seen as to the fundamental problems faced when dealing with technology. If you are responsible, directly or indirectly, for data security, you need to understand that it is impossible to make a program that is error-free. In addition, as programs become larger, more complex, and more connected with other programs on other machines, they become even more prone to errors and to errors caused by interactions among systems…
Secrets and Lies: Digital Security in a Networked World
Secrets and Lies: Digital Security in a Networked World. By Bruce Schneier; published by John Wiley & Sons, 800/225-5945 (phone), 732/302-2300 (fax); 432 pages; $29.99.
Consider the scores of books about computer and network security available today. Many are fat tomes, exhaustively written with myriad details. But corporate networks remain extremely insecure. Is anyone buying or reading these books?
With its mantra that security is a process, not a product, Secrets and Lies is one of the most important security books to come out in the last ten years. It forces information security managers to focus on security at the macro level—the processes—rather than at the micro level, as in the installation of a firewall or intrusion detection system. And since so many managers do equate security with firewalls, it is easy to understand why corporate networks are at risk…
Secrets and Lies by Bruce Schneier: A Shockwave Review
The internet is growing up and, like a small child becoming an adolescent, it’s having growing pains. Fortunately, we have Bruce Schneier to act as our technological Dr. Spock.
The internet has moved from a Defense Department initiative to a toy for geeks to a powerful research and communications tool and is now a major economic force. Up until recently, the net was pretty much left alone. With the advent of the World Wide Web and faster connections speeds, commerce came to the net. Now, it takes big money just to start a net company. We need to treat the net like an young adult, even though the technology is still in its infancy…
Attack Defense
Number 2 of the top 14 security vulnerabilities, according to the recently released second edition of Hacking Exposed (Osborne/McGraw-Hill, $40): “Unsecured and unmonitored remote access points provide one of the easiest means of access to your corporate network. Telecommuters often connect to the Internet with little protection, exposing sensitive files to attack.”
Microsoft’s security experts appear to have overlooked this concept: It’s what seems to have happened in the company’s recent experience of being hacked from afar.
For a more readable but depressing look at just how tough it can be to maintain security, there’s …
Think You’re Safe Online? Think Again!
Let’s assume for a moment that you are not a techie or a hacker. You’re browsing in a bookstore and happen to pick up a copy of Secrets and Lies: Digital Security in a Networked World (John Wiley & Sons, $29.99). As you idly flip through it, all you see are dense paragraphs on arcana: the role of symmetric algorithms in encryption systems, the relative merits of code signing and access control at the interfaces, and what a one-way hash function does. Whoa! This is way over your head, you think, as you sheepishly put the book down and look for the latest Grisham thriller…
Tell Me No Secrets
Secrets and Lies: Digital Security in a Networked World
By Bruce Schneier
John Wiley & Sons, 2000, $29.99
Bruce Schneier’s latest book on security is a rare achievement, as it takes a highly technical and often deadly dull topic and creates a surprisingly accessible and often fascinating read for even the least techy exec. Secrets and Lies lays out the current landscape of network security—from the challenges presented by hackers and viruses to the often ineffectual state of corporate security systems. Schneier offers enough gritty history, cautionary tales and colorful explanations to keep readers engrossed, whether they’re new to the security field or seasoned professionals. In addition, he has managed to pepper his text (especially the latter sections) with plenty of useful tips and advice that can help companies battle their way through the dangerous and often confusing task of securing their most valued assets. …
The Encryption Algorithm Demolition Derby
Contestant would do it again 'in a second'
Last month we reported the triumph of two Belgian academics in the US encryption standard contest. But how was the contest organised? If you’re not interested, stop reading now.
In the early seventies the US government put out a call for an encryption algorithm. It had no response. A year later in 1973 they tried again and got one response, from IBM. Then followed a bit of politicking, but by 1975 DES was born.
DES was initially a FIPS (Federal Information Procurement Standard), but was quickly adopted around the world as the de facto standard for encryption…
Sidebar photo of Bruce Schneier by Joe MacInnis.