Technical 14 Sep 2004 14:35

Secrets and Lies

coverSecrets and Lies
Bruce Schneier

A sobering book… the main message in it is that there is no technological solution for social problems (which is the main reason why spam is such a big problem, as well). Applied to security in digital networks, what it means is that there is no “perfect way” to secure a network – any network – using only technological means. And, in fact, there’s no way to perfectly secure anything using any means whatsoever.

Why bother trying, then? Well, you can secure things well enough for your needs, and against the threats you face. And herein lies the problem: what are your needs, and what threats do you need to consider? This is the main issue, and the one that is so often glossed over. There is no point in spending thousands of dollars in firewalls and other technological counter-measures if someone can just call any employee of yours and get a password and an explanation of how to get in. Just as it makes no sense to put a fortified steel door in your house if a burglar can just as well go inside through a window.

There are several metaphors like this one in the book, and several security analysis of real-world issues, most of then not at all related to computers (and some not so real, also; there is a very good analysis of the security flaws in Darth Vader’s Death Star, for example). Despite the very serious subject, and the very serious implications of what it tells, this is a very fun book to read; a page turner. Recommended to anyone with any kind of interest in security, criptography and related issues.

By the way, this book was written and released before the 2001 terrorist attacks in the USA, and since them Schneier has written a number of articles analysing the security measures taken by the US government (and other institutions). They’re written in the same style as the book, and provide a very well thought of analysis of real-world issues as seen by a security specialist. They can be read at Counterpane‘s website.

Buy from

One Response to “Secrets and Lies”

  1. on 10 Dec 2004 at 3:37 1.rajkumar said …


Subscribe to the comments through RSS Feed

Leave a Reply