Book Review

Beyond Fear:
Thinking sensibly about security in an uncertain world
Bruce Schneier


I read this book for work. The author has a lot to say about security and it's potential trade offs. He constantly (to great positive effect) uses 5 questions to look at lots of different topics:

1. What assets are you trying to protect?
2. What are the risks to those assets?
3. How well does the security solution mitigate those risks?
4. What other security problems does the security solution cause?
5. What trade-offs does the security solution require?

The question of trade-offs is the biggest one in the book. All security solutions have trade offs. One potential trade-off to a security system on a computer is that it might cause a user or developer to not be able to get anything done. (Last night I went over to one of my home teaching families house. They had a new (to them) computer, his brother in law had installed Windows, and ratcheted up the security settings so high that they couldn't do anything with the computer. I reinstalled the machine for them.)

Some other things I liked that he talks about in the book:

• security (protecting against bad guys) vs. safety (protecting against mistakes from the god guys)
• robustness vs brittleness - how bad security happens
• detection works when prevention fails - why auditing is important
• fixing the weakest link

I think this book is a must read for anyone involved in IT security in any way. If nothing else, it will give you a different perspective about what security (or safety, anyway) really is.

One thing that might sometime soon get me in trouble: The book has a section on Identification, Authentication, and Authorization. He talks about how many places use drivers licenses as an identification tool. (It's an authorization tool when it is used to show you are allowed to drive. It's an identification or authentication tool when the cashier at the store wants to see your name and picture on it.) One of his points is that you show an expired drivers license at the airport, and the ticket agent will check the back to see if the card really is expired, or if there is an extension to the expiration on the back. (The expiration is the authorization to drive, the name and picture on the card are still you.) This struck a cord with me for some reason. Ever since I read that section (something like 2 or 3 months ago now) I have had a compelling urge to get into it with a cashier about why they are checking the expiration date on the back of my drivers license. I can normally suppress this urge. I nearly let it out 2 weeks ago when Tara and I were at a notary for something. I starting asking why she was checking the expiration date on the card, since the picture was still me on the card, whether or not it was expired. The notary didn't look like she appreciated the question. I dropped it. I really need to make sure I don't get into it at the airport, since I already have to get cleared to fly. (Just what I need, tick off the ticket counter person who is trying to help me out.)