Beyond Fear: Thinking Sensibly about Security in an Uncertain World
Author: Bruce Schneier
FROM THE REVIEWS: "Does arming pilots make flying safer? Computer security guru Schneier applies his analytical skills to real-world threats like terrorists, hijackers, and counterfeiters. BEYOND FEAR may come across as the dry, meticulous prose of a scientist, but that's actually Schneier's strength. Are you at risk or just afraid? Only by cutting away emotional issues to examine the facts, he says, will we reduce our risks enough to stop being scared." Wired "In his new book, 'Beyond Fear', Bruce Schneier one of the world's leading authorities on security trade-offs completes the metamorphosis from cryptographer to pragmatist that began with Secrets and Lies, published in 2000. The new book dissects a range of security solutions in terms of the agendas of the players (attackers and defenders) and touches too briefly on ways of modifying those agendas. I particularly like the idea that insurance, the standard tool used in business to control risk and convert variable costs to fixed costs, can help make developers accountable for insecure software. Product-liability laws aren't likely to change anytime soon. But if actuaries measured the risk associated with use of competing software products and priced insurance policies accordingly, maybe we could close the feedback loop in a positive way." infoworld.com Many of us, especially since 9/11, have become personally concerned about issues of security, and this is no surprise. Security is near the top of government and corporate agendas around the globe. Security-related stories appear on the front page everyday. How well though, do any of us truly understand what achieving real security involves? In Beyond Fear, Bruce Schneier invites us to take a critical look at not just the threats to our security, but the ways in which we're encouraged to think about security by law enforcement agencies, businesses of all shapes and sizes, and our national governments and militaries. Schneier believes we all can and should be better security consumers, and that the trade-offs we make in the name of security - in terms of cash outlays, taxes, inconvenience, and diminished freedoms - should be part of an ongoing negotiation in our personal, professional, and civic lives, and the subject of an open and informed national discussion. With a well-deserved reputation for original and sometimes iconoclastic thought, Schneier has a lot to say that is provocative, counter-intuitive, and just plain good sense. He explains in detail, for example, why we need to design security systems that don't just work well, but fail well, and why secrecy on the part of government often undermines security. He also believes, for instance, that national ID cards are an exceptionally bad idea: technically unsound, and even destructive of security. And, contrary to a lot of current nay-sayers, he thinks online shopping is fundamentally safe, and that many of the new airline security measure (though by no means all) are actually quite effective. A skeptic of much that's promised by highly touted technologies like biometrics, Schneier is also a refreshingly positive, problem-solving force in the often self-dramatizing and fear-mongering world of security pundits. Schneier helps the reader to understand the issues at stake, and how to best come to one's own conclusions, including the vast infrastructure we already have in place, and the vaster systemssome useful, others useless or worsethat we're being asked to submit to and pay for. Bruce Schneier is the author of seven books, including Applied Cryptography (which Wired called "the one book the National Security Agency wanted never to be published") and Secrets and Lies (described in Fortune as "startlingly lively...[a] jewel box of little surprises you can actually use."). He is also Founder and Chief Technology Officer of Counterpane Internet Security, Inc., and publishes Crypto-Gram, one of the most widely read newsletters in the field of online security.
This book is soon going to find its way into hands of friends and relations who need to think about security. It is a great introduction to a way of thinking that is critical in a post-9/11 world. It should be required reading for members of Congress before any more security laws are passed based only on the need to do something instead of rational thought.
Table of Contents:
|Pt. 1||Sensible Security|
|1||All Security Involves Trade-offs||3|
|2||Security Trade-offs Are Subjective||17|
|3||Security Trade-offs Depend on Power and Agenda||33|
|Pt. 2||How Security Works|
|4||Systems and How They Fail||47|
|5||Knowing the Attackers||59|
|6||Attackers Never Change Their Tunes, Just Their Instruments||73|
|7||Technology Creates Security Imbalances||87|
|8||Security Is a Weakest-Link Problem||103|
|9||Brittleness Makes for Bad Security||119|
|10||Security Revolves Around People||133|
|11||Detection Works Where Prevention Fails||147|
|12||Detection Is Useless Without Response||167|
|13||Identification, Authentication, and Authorization||181|
|14||All Countermeasures Have Some Value, But No Countermeasure Is Perfect||207|
|Pt. 3||The Game of Security|
|16||Negotiating for Security||257|
Books about: Federal Contracting Made Easy or World Politics
Autobiography of a Tibetan Monk
Author: Palden Gyatso
Palden Gyatso was born in a Tibetan village in 1933 and became an ordained Buddhist monk eighteen years later. Through sheer determination, he won a place as a student at Drepung Monastery, one of Tibet's "Three Greats," where he came to spiritual and intellectual maturity. However, Tibet was enduring political changes that would soon alter his life irrevocably. When Communist China invaded Tibet in 1950, it embarked on a program of land reform and "thought reform" that would eventually affect all of Tibet's citizens and nearly decimate its ancient culture. In 1959, along with thousands of other monks, Palden Gyatso was forced into labor camps and prisons. He would spend the next thirty-three years of his life being tortured, interrogated, and persecuted simply for the strength of his beliefs, for being a monk. In 1992 Palden Gyatso was released from prison and escaped across the Himalayas to India, smuggling with him the instruments of his torture. Since then, he has devoted himself to revealing the extent of Chinese oppression in Tibet and the atrocities he endured. Palden Gyatso's story bears witness to the resilience of the human spirit and to the strength of Tibet's proud civilization, faced with cultural genocide.
San Francisco Chronicle
Has the ring of undeniable truth....Palden Gyatso's clear-sighted eloquence...makes his tale even more engrossing.
NY Times Book Review
Tibet's suffering exerts a profound claim on the world's compassion....In writing this wrenching memoir of extraordinary suffering, resistance, and endurance, Palden Gyatso has testified not only to the pain of countless individuals but to the devastation of a nation.
To readers of this memoir, however untraveled, Tibet will never again seem remote or unfamiliar.
The author embodies in his personal story the trials of his country under half a century of Communist Chinese rule. In 1992, Gyatso, a Buddhist monk then 59 years old, fled from Tibet to Dharamsala, India, where the exiled Dalai Lama encouraged him to write his autobiography. The chronicle of Gyatso's early adult years provides a window onto the ways of a Tibetan Buddhist monastery; the rest of his memoir, however, is largely about prison life. For after China invaded Tibet in 1950, claiming it for part of the People's Republic, many native monks, deemed politically reactionary, were thrown in jail. Gyatso was arrested in 1960 for refusing to accuse his teacher of spying for India. In prison he endured repeated interrogations, shacklings, and beatings at the hands of his captors. For his ability to bear up with dignity under such conditions, both Gyatso and the Dalai Lama, who wrote this book's foreword, credit his Buddhist training. But Buddhist teachings on meditation, suffering, and compassion are invoked here only tangentially. This is all the more noticeable when Gyatso himself questions the tradition: For example, he wonders why a learned monk of his acquaintance would show fear in the face of death, while a layman untrained in Buddhist philosophy can somehow manage to accept his own execution in peace. Gyatso leaves the question hanging. He refrains from asking Buddhism, which offers so many insights into individual suffering, to explain why whole nations suffer. Nor will readers find sustained reflection on the uses of Buddhist teachings to political resisters. Nevertheless, the writer gives witness to physical and mental anguish, inviting sympathy for the Tibetans while also asking for political intervention on their behalf.
Gyatso reminds us that the language of suffering is universal.