on 11 January 2013
I greatly enjoyed reading this book; every few minutes, it seemed, I'd pick up my iPad to look up a name or event mentioned in passing. Schneier does a great job collecting anecdotes and linking them to his central thesis, and if you enjoy interesting anecdotes and experimental results on trust you'll enjoy this book. The central point of the book was well-argued, but seemed to me fairly self-evident; I read the author's blog, so quite possibly I am not the target audience. The diagrams every few pages also struck me as a bit too straightforward; I appreciate the author's attempts to create a system by which to logically structure/think about incentives, but I felt it somewhat incongruous with the light, anecdotal style of the rest of the book. I also, as a computer scientist, would have enjoyed a bit more technical detail.
Having said that, this book is an excellent introduction to the issues surrounding trust in a changing, technological world. I've given it 5 stars for this reason; I believe that it is perfectly placed for its intended audience. For a reader already somewhat knowledgeable in the field, it's a great compendium of fun facts though, and still well worth a read.
on 26 July 2012
Bruce Schneier lives in a very different world. His specialty has long been IT security, and he has drilled so deep, no one can compare. This book is about trust and security, using history, psychology, sociology, anthropology, and especially philosophy, to trace their development and deployment. He not only divines the if, but the how and when that people, and their societies, confer trust. He slices and dices his topic in every conceivable way. It is a fascinating process to watch.
And yet, it doesn't always ring true. Schneier spends many pages extolling the virtues of society and how an optimal mix of co-operative elements keeps the liars, cheaters and criminals in check. There are whole chapters on societal, moral and reputational pressures. But we have only to look to our own reality to see it isn't so.
At the corporate level, for example, individual companies do not always work to keep the bad seeds out. Entire industries are crooked, criminal affairs that exist purely to suck the lifeblood out of their customers. There isn't a bank in the United States that we can take pride in. They don't talk about customer loyalty; they plot lock-in. They are universally loathed and despised, and they continue to treat their customers worse and worse, to reinforce it. Airlines should be prosecuted for the obvious collusion in the bizarre fee structures, penalties and restrictions they all magically decided to impose on the public a few years back. Health insurers have one overriding goal - to deny health services to their customers and let them fight to get reimbursed. There isn't one of them anyone loves. If they all disappeared tomorrow, no one would mourn for the good old days.
There isn't one participant in any of these entire industries that we trust. There isn't one participant in these industries who take your side or come to your defense. We don't trust them to do what they say, we don't trust them to be honest and forthright, and we don't trust them with our personal data. We don't trust entire sectors of the economy. We have zero faith in any of them. And that goes for every level of government, too, whether it's $100,000 in pork to a brother-in-law, to selling the entire state to gas frackers. The NYPD is seen as an army of occupation. Congress rates well below used car salesmen in confidence and trust.
That's not how Schneier describes it. So by page 100 I was looking at Liars and Outliers differently.
Meanwhile, the book races through internet security and the false confidence everyone has in posting personal photos and messages. Schneier rightly points out there can be too much security, and cutting our trillion dollar security expenditure in half will not double our risk for terrorism. We are not safer for that level of spending, he says, and spending ten times as much will not make us ten times safer.
Another excellent chapter, Institutions, uses the TSA as model of conflicting needs and perceptions to describe how this one agency performs its mandate. Schneier was was on the plaintiffs' bench when TSA, reacting to the underwear bomber, suddenly and massively deployed full body scanners, which among other faults, could not detect an underwear bomb. Pointless security, at huge expense. A poster child for this book.
In conclusion Schneier point out comprehensively that we constantly look in the wrong place, overreact to squeaky wheels and ignore the smaller problems that can have greater impact. Doesn't matter that more Americans die from exposure to peanuts than to terrorists that we spend trillions on terrorists and nothing on allergies.
The prognosis is for more of the same; it's the nature of the beast, unfortunately. Schneier lays out the parameters for making it work better. But we all know, plus ca change.....
on 1 November 2012
Bruce Schneier's writing career has followed a well defined path from the specific to the general. He started with Applied Cryptography, a highly technical reference on computer encryption, then came Secrets and Lies, an outstanding book on computer security. This book continues the trend as it considers security and trust in the widest possible sense.
I found this book thought provoking and stimulating but a more difficult read than some of his earlier books. It's definitely very meta... it gets quite philosophical on the nature of security and trust in modern society.