Secrets and Lies is a thorough backgrounder in all aspects of network security, an extremely wide remit that stretches from passwords to encryption, passing through authentication and attack trees along the way. The book is divided in to three broad categories, The Landscape, which covers attacks, adversaries and the need for security; Technologies, which discusses cryptography, authentication, network security, secure hardware and security tricks; and concludes with Strategies, which looks at vulnerabilities, risk assessment, security policies and the future of security. Mercifully there's a dim light at the end of this tunnel and Schnier ultimately remains upbeat about maintaining computer security and details a way forward in his conclusion.
Although working in a necessarily techie environment, Schnier's book is surprisingly jargon-free and easy to understand, even if you're not au fait with the inner workings of TCP/IP--it's common-sense, practical style makes a potentially dense and arcane subject accessible by just about anybody. It's also bang up to date, which makes for a pleasant change. Secrets and Lies is never less than thought-provoking and should be essential reading for every network administrator in the land. Be afraid, be very afraid! --Roger Gann --This text refers to an out of print or unavailable edition of this title.
From the Author
This book was different. I got two-thirds of the way through the book without giving the reader any hope at all. And it was about then I realised that I didn't have the hope to give. I had reached the limitations of what I thought security technology could do. I had to hide the manuscript away for over a year; it was too depressing to work on.
I came to security from cryptography, and framed the problem with classical cryptography thinking. Most writings about security come from this perspective, and it can be summed up pretty easily: Security threats are to be avoided using preventive countermeasures.
For decades we have used this approach to computer security. We draw boxes around the different players and lines between them. We define different attackers -- eavesdroppers, impersonators, thieves -- and their capabilities. We use preventive countermeasures like encryption and access control to avoid different threats. If we can avoid the threats, we've won.
If we can't, we've lost.
Imagine my surprise when I learned that the world doesn't work this way. I had my epiphany in April 1999: that security was about risk management, that detection and response were just as important as prevention, and that reducing the window of exposure for an enterprise is security's real purpose. I was finally able to finish the book: offer solutions to the problems I posed, a way out of the darkness, hope for the future of computer security.
Secrets and Lies discusses computer security in this context, in words that a business audience will understand. It explains, in my typical style, how different security technologies work and how they fail. It discusses the process of security: what the threats are, who the attackers are, and how to live in their world.
It'll change the way you think about computer security. I'm very proud of it... --This text refers to an out of print or unavailable edition of this title.
From the Inside Flap
From the Back Cover
About the Author
Excerpt. © Reprinted by permission. All rights reserved.
I have written this book partly to correct a mistake.
Seven years ago I wrote another book: Applied Cryptography. In it I described a mathematical utopia: algorithms that would keep your deepest secrets safe for millennia, protocols that could perform the most fantastical electronic interactions-unregulated gambling, undetectable authentication, anonymous cash--safely and securely. In my vision cryptography was the great technological equalizer; anyone with a cheap (and getting cheaper every year) computer could have the same security as the largest government. In the second edition of the same book, written two years later, I went so far as to write: "It is insufficient to protect ourselves with laws; we need to protect ourselves with mathematics."
It's just not true. Cryptography can't do any of that.
It's not that cryptography has gotten weaker since I994, or that the things I described in that book are no longer true; it's that cryptography doesn't exist in a vacuum.
Cryptography is a branch of mathematics. And like all mathematics, it involves numbers, equations, and logic. Security, palpable security that you or I might find useful in our lives, involves people: things people know, relationships between people, people and how they relate to machines. Digital security involves computers: complex, unstable, buggy computers.
Mathematics is perfect; reality is subjective. Mathematics is defined; computers are ornery. Mathematics is logical; people are erratic, capricious, and barely comprehensible.
The error of Applied Cryptography is that I didn't talk at all about the context. I talked about cryptography as if it were The Answer TM. I was pretty naive.
The result wasn't pretty. Readers believed that cryptography was a kind of magic security dust that they could sprinkle over their software and make it secure. That they could invoke magic spells like "128-bit key" and "public-key infrastructure." A colleague once told me that the world was full of bad security systems designed by people who read Applied Cryptography.
Since writing the book, I have made a living as a cryptography consultant: designing and analysing security systems. To my initial surprise, I found that the weak points had nothing to do with the mathematics. They were in the hardware, the software, the networks, and the people. Beautiful pieces of mathematics were made irrelevant through bad programming, a lousy operating system, or someone's bad password choice. I learned to look beyond the cryptography, at the entire system, to find weaknesses. I started repeating a couple of sentiments you'll find throughout this book: "Security is a chain; it's only as secure as the weakest link." "Security is a process, not a product."
Any real-world system is a complicated series of interconnections. Security must permeate the system: its components and connections. And in this book I argue that modern systems have so many components and connections--some of them not even known by the systems' designers, implementers, or users-that insecurities always remain. No system is perfect; no technology is The Answer TM.
This is obvious to anyone involved in real-world security. In the real world, security involves processes. It involves preventative technologies, but also detection and reaction processes, and an entire forensics system to hunt down and prosecute the guilty. Security is not a product; it itself is a process. And if we're ever going to make our digital systems secure, we're going to have to start building processes. A few years ago I heard a quotation, and I am going to modify it here: If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology. This book is about those security problems, the limitations of technology, and the solutions.
HOW TO READ THIS BOOK
Read this book in order, from beginning to end.
No, really. Many technical books are meant to skim, bounce around in, and use as a reference. This book isn't. This book has a plot; it tells a story. And like any good story, and you won't buy the ending if you haven't come along on the journey.
Actually, I want you to read the book through once, and then read it through a second time. This book argues that in order to understand the security of a system, you need to look at the entire system - and not at any particular technologies. Security itself is an interconnected system, and it helps to have cursory knowledge of everything before learning more about anything. But two readings is probably to much to ask; forget I mentioned it.
This book has three parts. Part 1 is "The Landscape," and gives context to the rest of the book: who the attackers are, what they want, and what we need to deal with the threats. Part 2 is "Technologies," basically a bunch of chapters describing different security technologies and their limitations. Part 3 is "Strategies": Given the requirements of the landscape and the limitations of the technologies, what do we do now? I think digital security is about the coolest thing you can work on today, and this book reflects that feeling. It's serious, but fun, too. Enjoy the read. --This text refers to an out of print or unavailable edition of this title.