Slashdot Mirror

← Back to Stories (view on slashdot.org)

Beyond Fear

Posted by timothy on from the more-secrets-fewer-lies dept.

pres (Preston Tollinger) writes "I picked up Beyond Fear: Thinking Sensibly About Security In an Uncertain World basically because it was by Bruce Schneier. I am sure most Slashdot readers know Schneier's name and his work. The problem is, this book probably isn't for you (but might be perfect for someone you know)." To find out what he means by that, read on for the rest of Tollinger's review, below. Beyond Fear: Thinking Sensibly About Security In an Uncertain World author Bruce Schneier pages 256 publisher Copernicus Books rating 7 reviewer Preston Tollinger ISBN 0387026207 summary A worthwhile introduction to real-world (not just computer) security, aimed at a literate but non-technical audience. The Book Beyond Fear is described very well by its subtitle: this book helps you think sensibly about security. Don't expect the highly technical material you have seen in Schneier's previous books, but rather the more accessible material, much like you might read in his monthly newsletter. That doesn't mean the book is breezy: In Schneier's wordy but well-written manner, he describes a five-step process to analyze any particular security system or practice. The process helps you make sure you understand what you are protecting, what the tradeoffs are, and whether, in the end if it is worthwhile to implement the system.

He then goes on to apply this method to a series of security issues while covering the various types of security and their weaknesses. For the most part this not a technical evaluation of the tools used, but rather an analysis for each example of what the security goals are and how the tools and technology achieve or fail to achieve those goals. Even more importantly, he deals with the tradeoffs inherent in any security system.

Schneier applies this method not only to the global issues that have come up since 9/11, from airline security to protecting government secrets, but also to personal issues, including tradeoffs in personal home security. By doing so, he takes principles which might be hard for some to understand in the abstract and makes it clear how they apply in situations almost everyone has thought about.

By drawing parallels, for instance, between how you might select a home alarm system to how you might evaluate the use of face recognition at the airport, Schneier shows that you don't have to be a security "expert" to think logically about security. He brings to the forefront the tradeoffs that you made in these personal choices; for example, the downside of dealing with deactivating an alarm system every time you come home. Then, in turn, he shows how you must consider the problem of people being falsely identified by the face recognition system at the airport.

Given this strong framework, he then uses his method to analytically and dispassionately tear apart most of the silly and stupid security methods (note my dispassion here) that have been put in place or considered in the past few years, from airline security methods to national ID cards. With a combination of funny yet pointed anecdotes, clear statistics and the occasional Harry Potter reference, Schneier uses his talent for cogent, rational explanation to show how people can think about security in the modern world, instead of simply panicking at every ominous news report.

To Read Or Not To Read So it sounds like a good book and probably would be for some, but there was not enough new content for me to make it worth my limited reading time. Perhaps due to my general interest in security or just because waiting in line at the airport has already given me a lot of time to think, but I have already considered most of the ideas Schneier raises in Beyond Fear. I own a shredder, but not an alarm system, because I have considered the risks and costs. I dislike the idea of a National ID card because I was already afraid of what someone might do who got access to it, and already monitor my credit report. I have written my local representative that while his recent bill to remove SSNs from insurance cards is nice, it's far too late (and how about just getting people to stop using SSN's as passwords?).

If this describes you, skip the book. However you might note above I didn't say this was a waste of my money. This book is soon going to find its way into hands of friends and relations who need to think about security. It is a great introduction to a way of thinking that is critical in a post-9/11 world. It should be required reading for members of Congress before any more security laws are passed based only on the need to do something instead of rational thought.

Summary If you think consciously about security, know who Schneier is, or have ever noticed (and complained) that many airport security measures make no sense, you probably don't need this book. If you have only considered this topic in general, though, and want a book to focus your thoughts, Beyond Fear will do that. Finally, if you have friends who don't yet think this way (admit it, we all do), get this book into their hands.

You can purchase Beyond Fear from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

15 of 152 comments (clear)

  1. If this is not the first post... by Anonymous Coward · · Score: -1, Offtopic
    ...I will wax my nutsack and paste it on my chin.

    As always, links to pictures will be posted.

    1. Re:If this is not the first post... by Anonymous Coward · · Score: -1, Offtopic

      Oh Michael, no one's interested. Get that through your head.

      Now go back to touching yourself while gawking at the goatse.cx guy, mmmkay?

    2. Re:If this is not the first post... by Anonymous Coward · · Score: -1, Offtopic

      Well if you are one of the nerds on this website, he is apparently a well known "technologist" of some sort. If you are, however, a normal person then this man is nothing to you. If you say that here, you will get modded offtopic. Case in point, the insightful poster shortly below. He simply stated that we slashdotters do not automatically know who this man is. Is that a crime? The nerds who mod this site said he was offtopic...

  2. www.fp by www.fp · · Score: -1, Offtopic

    www.stx

  3. Simply Preposterous! by Anonymous Coward · · Score: -1, Offtopic

    During our summer vacation this year, my wife and I amused ourselves by taking leisurely drives in Ohio and photographing every diamond-shaped highway sign that we saw along the roadsides. (Well, not every sign; only the distinct ones.) For provenance, I also stood at the base of each sign and measured its GPS coordinates.

    This turned out to be even more fun than a scavenger hunt, so we filled in some gaps when we returned to California, thereby proving my theorem of practical thinking about security and Richard Stallman's loinsack, which can be found in LaTeX format on my website.

    Sincerely,

    Donald E. Knuth

  4. I am sure... by Anonymous Coward · · Score: -1, Offtopic
    I am sure most Slashdot readers know Schneier's name and his work.

    No. We aren't all born with the knowledge of obscure technologists here. What next? We all read William Gibson? Nice try though. Oh and let me tell you, this is not a troll.

    Otherwise it looks like an interesting book and it has piqued my interest in Bruce Schneier and his work as well.

    1. Re:I am sure... by Anonymous Coward · · Score: -1, Offtopic
      This is not offtopic. Open your eyes moderators.

      Wow, give a nerd a little power and he will mod every insightful comment down. Accept it this man is completely obscure. People have a better chance of deciphering hieroglyphics than know who this man is.

    2. Re:I am sure... by Anonymous Coward · · Score: -1, Offtopic
      This is not offtopic. Open your eyes, my fellow AC.

      Wow, give a nerd a little power and he will mod every insightful comment down. Accept it, this man is completely obscure. People have a better chance of deciphering hieroglyphics than know who this man is.

      What's crass and ignorant is how it is percieved that we all care about cryptography and this obscure man. Some of us entered this field just for the hot babes and fast money. Deal with it.

    3. Re:I am sure... by Anonymous Coward · · Score: -1, Offtopic

      Fuck! I just wrote a fantastic comment and there was an error in the browser. Now I will just post this goatse.cx

  5. What? by Anonymous Coward · · Score: -1, Offtopic

    The problem is, this book probably isn't for you

    Why? Because I'm black? And overrated too? thanks a lot, Rush.

    --Donovan McNabb

  6. the creator's newclear power plan equals by Anonymous Coward · · Score: -1, Offtopic

    the end of the phonIE greed/FEAR based ?pr? ?firm? georgewellian fuddite corepirate nazi southern baptist freemason payper liesense stock markup FraUD execrable?

    none too soon to save the planet/population from a fate worse than debt?

    lookout bullow. the lights are coming up now.

    consult with/trust in yOUR creator...

  7. damn it.. anyway YOU DID IT! YOU GOT F1ST P0ST!! by Anonymous Coward · · Score: -1, Offtopic

    you are lame. ke? ke?

    Logged-in users aren't forced to preview their comments

  8. The Whigs, mang. by Anonymous Coward · · Score: -1, Offtopic

    The Whigs were a politcal party.

  9. Here is a way for security by mrs+clear+plastic · · Score: 0, Offtopic

    1. Don't own a car/house/boat/gun or anything else
    that requres registration/ownership title

    2. Be part of shared household (live with
    housemates who are similar minded).

    3. Use cash to pay your share of rent/utilities

    4. Use throw-away cell phones paid with cash

    5. Use calling cards vended for cash via
    vending machines

    6. Use cash on bus/train; don't use monthly or
    annual passes with your name associated with
    them

    7. Work for cash (under the counter or freelance)

    9. Travel via thumbing. Don't use train/plane/
    intercity bus. In some places you can go far
    via local bus to local bus.

    10. Get around as much as possible via bike/skate/
    walking.

    --
    Cleara
  10. BOXEN by Anonymous Coward · · Score: -1, Offtopic

    Donald E. Knuth
    Computer Science Department
    Gates Building 4B
    Stanford University
    Stanford, CA 94305-9045 USA