REVIEW: "Secrets and Lies: Digital Security in a Networked World", Bruce Schneier
- BKSECLIE.RVW 20001022
"Secrets and Lies: Digital Security in a Networked World", Bruce
Schneier, 2000, 0-471-25311-1, U$29.99/C$41.95
%A Bruce Schneier schneier@...
%C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
%I John Wiley & Sons, Inc.
%O U$29.99/C$41.95 416-236-4433 fax: 416-236-4448 pfurlong@...
%P 412 p.
%T "Secrets and Lies: Digital Security in a Networked World"
"Secrets and Lies" has generated a great deal of interest in the
security community this year. Much of this interest probably stems
from the simple fact that it isn't every day (or every year) that you
get a general security book, written for the non-specialist, produced
by a major name in the field. But one point seems to have been
glossed over in the praise for this work. Schneier's writing is
lively, entertaining, and even playful throughout the entire book.
Not only is this volume a realistic and useful view of the security
enterprise, but it's a lot of fun.
As the author of "Applied Cryptography," the leading text in the
field; the founder of Counterpane Systems, with its major influence in
encryption consulting; and the publisher of the Crypto-Gram
newsletter, regular and thoughtful analyses of major encryption
related issues; Bruce Schneier is, among the technically and
cryptographically knowledgeable, arguably more influential than many
academics whose names might be more widely known in relation to
specific algorithms. So when Schneier states, in the preface, that
cryptography is not "The Answer(TM)" to security, you have to take him
seriously. He goes on, in the introductory chapter, to point out that
"The Answer(TM)" does not exist: securing complex systems is a hard
job purely because the systems are complex, and any easy answer is
bound to be wrong. The price of digital reliability is constant
vigilance. As such, don't come looking to this work for easy answers
or cookbook solutions. What you will find is a solid introduction,
and more, to the problems you have to overcome to keep your
information safe, and some guidelines on how to go about the task.
Part one is an overview of the field of network operations with a view
to restricting some ideal definition of "secure" to a more achievable
goal. Chapter two describes a number of digital threats (aside from
the mention of salami attacks, quite realistically) and points out
that none of the crimes are new, although the extreme of accessibility
is. Various attacks, and various motivations, are reviewed in chapter
three. The discussion of different types of adversaries, in chapter
four, provides a reasonable assessment of the whole range from script
kiddies to infowarriors, and compares relative levels of competency
and risk tolerance. Chapter five outlines security needs and, again,
points out that all computer security measures have their origins in
physical security practices we all take for granted.
Part two looks at the various technology components of security and
security systems. The writing in this section is a little more
mundane and less sparkling than other parts of the book, but the
material is reliable and convincing. Chapter six is, of course, an
excellent primer on the basic concepts and applications of
cryptography. The analysis is extended to "real world" limitations
and faults with encryption in chapter seven, including an intriguing
comparison of proprietary protocols and alternative medicine. Chapter
eight discusses computer security in broad terms, but concisely
expresses concepts and models that many other books waste pages on
without ever making the fundamentals clear. (It also provides some
amazing, and occasionally amusing, glimpses into the lack of security
in Microsoft's Windows.) Authentication is described well in chapter
nine. Chapter ten is oddly unstructured. Entitled "Networked-
Computer Security" it starts off with viruses and malware, talks a bit
about operating system architecture, and ends up with some Web
insecurities. While there are errors (particularly in the virus
section) most of the material is not really bad: it just seems strange
in comparison to the earlier chapters. Network Security, in chapter
eleven, returns to the original level of focus, and explains various
concepts using TCP/IP as an example. Chapter twelve takes a
depressing, but accurate, look at the major network security tools, as
well as making the important, though counterintuitive, point that
false alarms can be worse than no security at all. Software
reliability gets a fairly standard treatment in chapter thirteen, and
much the same is true of hardware security in chapter fourteen. As
might be expected, the coverage of certificates and the public key
infrastructure, in chapter fifteen, clearly sets forth all necessary
considerations and weak points to examine. Technical books usually
have some catch-all chapters, but not all of them admit it up front.
Chapter sixteen touches on a number of tricks that people have relied
on to protect data, and uses devastating logic to point out why said
stunts don't work. Finally, in chapter seventeen, we come to the
largest source of security problems, and the one we can't do anything
The first two parts looked at problems. Part three tries to present
some solutions, or at least approaches to solutions. Chapter eighteen
describes the vulnerability landscape, and suggests following the
process of attacking a system, in order to identify how much security
is needed at certain points, and weak areas that may need to be
reinforced somehow. (This is a far cry from the "how to hack" tools
lists of some of the more sensational "security" books, and much more
useful.) Risk assessment, in chapter nineteen, is reasonable and
balanced, but not great. Chapter twenty is disappointing, in that it
is entitled "Security Policies and Countermeasures" but concentrates
on a series of specific examples of good and bad security systems.
Elsewhere the book promotes the fact that without a policy you have no
security. It therefore seems a bit of an abdication of the topic to
leave it without much discussion of the actual production of a policy.
Attack trees might be seen as yet another example of a tool more
useful to the security breaker than the sysadmin, but chapter twenty
one's explanation shows how it can structure the task of analyzing
protective measures. This process is far more likely to succeed than
a vague injunction to secure everything, and this chapter alone
probably makes this work a "must have" for every security library.
Product testing, in chapter twenty two, deals mostly with how *not* to
evaluate software, and includes a good discussion of full disclosure
and the open source movement. However, I can definitely sympathize
with the position of the latter part of the chapter: potential
security is pointless, what really counts is how secure a system is
when set up by the typical harried administrator. The future is
usually left for last, but Schneier takes a solid look at likely
trends and paints an alarming, if not completely apocalyptic, picture.
Chapter twenty four supports one of the major theses of the book:
security is a process, not a product. Therefore, the chapter provides
a set of guidelines, attitudes, points, and general principles to be
used in looking at security as a process. The conclusion, in chapter
twenty five, seems to be that lots of people are trying to avoid their
proper responsibility for security, but the task is achievable.
Quite apart from the general readability of the text, Schneier has
ensured that the content and explanations are accessible to any
intelligent reader. You do not need specialist training to understand
the concepts presented herein. And the concepts encompass pretty much
everything to consider about security in a networked world. This is
one of the very few books that I feel I can recommend without
reservation to a newcomer concerned about computer or communications
security. It presents the situation clearly, with real explanations
of the dangers, but no overpromoted sensationalism. If the volume
seems a bit long all I can say, with Schneier, is that security is
complex. The book has very little wasted space.
I can also say that security professionals will not regret time spent
with it. We tend to need more frequent reminding than teaching, and
the comprehensive coverage touches on many issues that are important,
but may be ignored as not always being urgent. However, the book also
does an excellent job of explaining some specialty and esoteric
topics. Hopefully "Secrets and Lies" will have a prominent position
on many security library shelves.
copyright Robert M. Slade, 2000 BKSECLIE.RVW 20001022
====================== (quote inserted randomly by Pegasus Mailer)
rslade@... rslade@... slade@... p1@...
A computer, to print out a fact,
Will divide, multiply, and subtract.
But this output can be
No more than debris,
If the input was short of exact.
http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade