 | Price Comparisons: Rental | | Sorry, the textbook you were looking for is not available as Rental, at any of the stores we searched. | Summaries and Customer Reviews are supplied by Amazon.com | FROM THE REVIEWS: "Does arming pilots make flying safer? Computer security guru Schneier applies his analytical skills to real-world threats like terrorists, hijackers, and counterfeiters. BEYOND FEAR may come across as the dry, meticulous prose of a scientist, but that's actually Schneier's strength. Are you at risk or just afraid? Only by cutting away emotional issues to examine the facts, he says, will we reduce our risks enough to stop being scared." --Wired "In his new book, 'Beyond Fear', Bruce Schneier -- one of the world's leading authorities on security trade-offs -- completes the metamorphosis from cryptographer to pragmatist that began with Secrets and Lies, published in 2000. The new book dissects a range of security solutions in terms of the agendas of the players (attackers and defenders) and touches -- too briefly -- on ways of modifying those agendas. I particularly like the idea that insurance, the standard tool used in business to control risk and convert variable costs to fixed costs, can help make developers accountable for insecure software. Product-liability laws aren't likely to change anytime soon. But if actuaries measured the risk associated with use of competing software products and priced insurance policies accordingly, maybe we could close the feedback loop in a positive way." -- infoworld.com Many of us, especially since 9/11, have become personally concerned about issues of security, and this is no surprise. Security is near the top of government and corporate agendas around the globe. Security-related stories appear on the front page everyday. How well though, do any of us truly understand what achieving real security involves? In Beyond Fear, Bruce Schneier invites us to take a critical look at not just the threats to our security, but the ways in which we're encouraged to think about security by law enforcement agencies, businesses of all shapes and sizes, and our national governments and militaries. Schneier believes we all can and should be better security consumers, and that the trade-offs we make in the name of security - in terms of cash outlays, taxes, inconvenience, and diminished freedoms - should be part of an ongoing negotiation in our personal, professional, and civic lives, and the subject of an open and informed national discussion. With a well-deserved reputation for original and sometimes iconoclastic thought, Schneier has a lot to say that is provocative, counter-intuitive, and just plain good sense. He explains in detail, for example, why we need to design security systems that don't just work well, but fail well, and why secrecy on the part of government often undermines security. He also believes, for instance, that national ID cards are an exceptionally bad idea: technically unsound, and even destructive of security. And, contrary to a lot of current nay-sayers, he thinks online shopping is fundamentally safe, and that many of the new airline security measure (though by no means all) are actually quite effective. A skeptic of much that's promised by highly touted technologies like biometrics, Schneier is also a refreshingly positive, problem-solving force in the often self-dramatizing and fear-mongering world of security pundits. Schneier helps the reader to understand the issues at stake, and how to best come to one's own conclusions, including the vast infrastructure we already have in place, and the vaster systems--some useful, others useless or worse--that we're being asked to submit to and pay for. Bruce Schneier is the author of seven books, including Applied Cryptography (which Wired called "the one book the National Security Agency wanted never to be published") and Secrets and Lies (described in Fortune as "startlingly lively...[a] jewel box of little surprises you can actually use."). He is also Founder and Chief Technology Officer of Counterpane Internet Security, Inc., and publishes Crypto-Gram, one of the most widely read newsletters in the field of online security. |
Average Customer Rating:   Not worth reading I'm a computer scientist and this book didn't teach me anything. I do not recommend this book to anyone, there is nothing you will learn from it. Save your money or spend it for a better book! A must read for every legislator out there. "Beyond Fear" should be required reading for EVERY SINGLE ONE of our legislators. Well... this book and the constitution. Knowledge of both of these tomes would go a long way towards stemming the tide of ridiculous, pandering, appear-to-be-doing-something-ANYTHING laws that seem to flood out of State and Federal government houses each month.
Combining relevant examples with 5 comprehensive steps that should be evaluated as part of any important security assessment, Bruce pragmatically walks the line between impractically crippling defensive measures and vulnerably insecure systems that must be used by myriad folks on a daily basis. He emphasizes our natural tendency to overestimate certain kinds of (ultimately irrelevant) risks while we casually accept on a daily basis risks that are of far greater likelihood and, ultimately, consequence than those we emotionally invest ourselves in.
While Bruce does not say this explicitly, the examples and figures in his book support the statement that I have heard made that "If you read about it in the newspaper, it's not something you need to worry about." (BTW, this can apply to positive things too, like reading about someone winning the lottery). The only reason it's being reported is because it's unusual or spectacular. That's why the handful of deaths airplane crashes (631 in the U.S.A each year) receive so much publicity but the thousands of people dying in car accidents (41,700 in the U.S.A. each year) receive only the vaguest of coverage.
Perhaps my favorite quote in the book on this topic is that "More people are killed every year by pigs than by sharks.". To contrast with the numbers above, about 0.6 people are killed in the U.S.A. each year by sharks. That's five orders of magnitude less than the automobile figure. Yet how many people do you know are fearful of going swimming, yet have no problem driving to the corner store for some milk?
Anyway, there are great examples given of computer issues, financial issues, terrorist issues and even beekeeper issues. You will not want for examples that you can relate to.
Definitely a starting point for a reasoned, rational discussion on how to make the best possible trade-offs for the most useful and unencumbering risk reduction in a world of finite resources. Rehash indeed Having already read "Secrets and Lies", I often felt like I had already read this book.
Even if this is your first Schneier, however, I completely agree with other reviewers that there is a lot of padding going on, and the contents of the book could have been presented much more succinctly.
I think quality (as opposed to quantity) of the contents is what's saving this title. The author gives a professional and detached opinion about security in general, focussing often on post-9/11 security countermeasures.
Today (2009) parts of this book are obviously outdated, but sadly, much of its rational analyses are still valid. It's clearly not been a favourite read among post-9/11 politicians. Great read Nutshell review - A great read. Entertaining and informative. So well written and very useful at the same time. Useful tool for executives I was pretty excited to read Bruce Schneier's Beyond Fear, I have enjoyed hearning him speak and like his blog. I will say that the book could have said what it says with a lot less pages, possibly even an essay. However, there are lots of great stories and a fantastic word picture called "Security Theater". His illustration is that after 9/11 no one knew what to do to combat air terrorism, so they gave the appearance of action by doing things like confiscating nail files. Oh do I agree that much of what we see is security theater!
Bruce has a five step process he tries to illustrate, especially in the second half of the book:
* What assets are you trying to protect?
* What are the risks to these assets? ( I think threats is a more correct word than risks )
* How well does the security solution mitigate those risks?
* What other risks does the security solution cause?
* What trade-offs does the security solution require?
This is a nice implementation of threat vector analysis and he tells great stories. I am not sure the book teaches that much, but it might be a valuable awareness tool for executives. |  |
Select button not working? 
