Secrets and Lies: Digital Security in a Networked World

This initially rather daunting volume proves surprisingly readable at several levels. Some will find the slightly folksy approach as a dumbing‐down. Having a non‐technical background, but a good appreciation, I found that the approach occasionally irritated, but for the most part it was a very helpful way of explaining complex issues without over‐simplification. (Those seeking a deep technical approach should look no further than Security Engineering – a Guide to Building Dependable Distributed Systems by Ross Anderson, also from Wiley, and now also available in Japanese. This jam‐packed book is a timely reminder of the realities and practicalities of the networked world – and the security threats and risks of the online world reflect those of the physical world.

Schneier is an old hand in information security. He’s made a career in designing and analyzing security systems. He refreshingly acknowledges an earlier mistake (having written Applied Cryptography envisioning a world where cryptography would provide every user with as much protection as government, and a mathematical Utopia – as he called it – would protect all our secrets, guard our identities online, and enable secure online gambling). Secrets and Lies sets out to correct the fundamental error – that cryptography (a branch of mathematics) cannot provide this protection by itself. There can be no simple “magic security dust” that provides total protection.

Like the physical world, the online world (and cryptography) do not exist in isolation. Whether it be viruses or bank safes, someone, somewhere, for whatever reason will see that as a challenge to crack. The weak points have nothing to do with the mathematics. It is the hardware, the software, networks and people, and the key mantra to bear in mind that is the theme is that security is a chain of links or interconnections, that is only as secure as the weakest point.

There is no system that is perfectly secure, even if it apparently passes all tests and probes at a given point in time. Security employs a wide range of processes that look, as this book does, at an entire system and the individual elements, inter‐relationships, and brings various technologies and strategies to build better and more secure systems.

Remember, though, that neither systems nor people live in isolation, and that constant change is part of “real‐world” systems. Security is a continuing process; as further weaknesses or insecurities are detected, so do the security analysts and designers devise ways of preventing, detecting, reacting to these. Devising ways of identifying and bringing the guilty to justice is a branch in its own right.

The volume appears in three parts: the Landscape, an exploration of the environment of threats, attacks, adversaries, and security needs; the Technologies (and this is where it does get a little technical and folksy), amongst which are cryptography, computer security, identification and authorization, and last but not least the human factor; and Strategies, like threat modeling and risk assessment, product testing, and security policies and counter‐measures. Schneier urges us to read the book in order, from beginning to end, and then read it a second time. The chapters do build on one another, and I endorse his recommendation, even if he recognizes that this may be too much to expect.

The book is readable, and even if you do not find digital security as such a fun, cool, and serious pastime and business as he does, that will not stop you getting some enjoyment and improve your knowledge and understanding of this vital area. Just one week’s logging of security breaches (ranging from leakage of customers’ details to the wrong customer, to hacks into customer personal and financial records, to more prosaic applications – vulnerabilities, regular scans of, and determined attempts to hack, home computers) revealed an array of problems, many in supposedly secure products and systems. It may have been that, when the product was originally designed, it was considered secure. What is increasingly observable is that in the interest of ease of use things are being built that are less secure.

His introduction, and the analysis of systems, make us appreciate just how important systems are to the problem. Apart from being daedal (I had to look that up: difficult to understand because of intricacy), digital systems are very complex in their own right, and then are linked with and interact with one another in ever larger, complex systems. Systems have emergent properties, in that they either do or are used to things neither intended nor expected by their users or architects and developers.

The fourth property of relevance is that systems have a very specific kind of failure. They have bugs that force the system to misbehave. It does not malfunction and no longer work properly. Instead it may not do what you wish it to do, but in a particular way that may well not be repeatable, and quite likely in a way that is not explicable. System faults are not peculiar to the digital environment. The telephone technician testing for line faults will be familiar with the notion of no fault found or right when tested. System bugs may only present when a possibly unique combination of actions or rather interactions happens.

The implications of these for the security of systems like the Internet is that it is so much harder to secure more complex systems. Real world systems have to consider trade‐offs, usability, mistakes, and inevitable error. Whilst it is possible to theoretically design an ideal secure system, in practice this is not possible to implement. Given these realities, good security covers prevention, detection, and reaction. And that is where I leave you to get into the nuts and bolts of this highly recommended book.