ACCU Home page ACCU Conference Page
Search Contact us ACCU at Flickr ACCU at GitHib ACCU at Facebook ACCU at Linked-in ACCU at Twitter Skip Navigation

ACCU Menu

Advertisement

Advertisement

Membership

Join ACCU

Login

» Create an account

» Password Reminder

ACCU Buttons

Add them to your site:

ACCU: professionalism in programming (116x31 px)
ACCU: professionalism in programming (225x60 px)

Search in Book Reviews

The ACCU passes on review copies of computer books to its members for them to review. The result is a large, high quality collection of book reviews by programmers, for programmers. Currently there are 1949 reviews in the database and more every month.
Search is a simple string search in either book title or book author. The full text search is a search of the text of the review.
    View all alphabetically
Title:
Secrets&Lies (revised)
Author:
Bruce Schneier
ISBN:
0-471-25311-1
Publisher:
Wiley
Pages:
414pp
Price:
£11-99
Reviewer:
Francis Glassborow
Subject:
security
Appeared in:
16-3
I reviewed the original edition of this book so I will start this review by quoting the opening of the Introduction to this updated version.

It's been over three years since the first edition ofSecrets and Lieswas published. Reading through it again after all this time, the most amazing thing is how little things have changed. Today, two years after 9/11 and in the middle of the worst spate of computer worms and viruses the world has ever seen, the book is just as relevant as it was when I wrote it.

The attackers and attacks are the same. The targets and the risks are the same. The security tools to defend ourseleves are the same, and they're just as ineffective as they were three years ago. If anything, the problems have gotten worse. ...

I can understand the author's frustration. As a world authority on cryptography he feels a sense of guilt and frustration that the promise of cryptography to address security problems has failed and no one seems to be taking any notice. If you did not read the first edition, please read this one and then try to ram the message home to your managers, your employers and your political representatives.

The real issues have little to do with whether you can or cannot read my email, and the real issues are not those of so called cyber-terrorism.

But the real issues can impact on every one of our lives. Only when we all understand why using high technology will not solve our problems will we spend time addressing the fundamentals. There is no value in having highly sophisticated identification technology (such as iris scans) if simple forgery can change the information to match the identity thief.

Please do not just sit back and say 'someone ought to do something.' You are someone, do something. The starting point is to stop being either complacent or fatalistic and make yourself better informed. Read this book.