Schneier on Security
Security is a trade-off; it comes at the cost of money, time, convenience, capabilities, and liberties. That’s the gist of Schneier on Security, a collection of essays and articles on security.
Schneier’s arguments are clear, sensible, concise (mostly), and usually convincing: most security initiatives in the wake of 9/11 have been counterproductive or ill-advised; civil liberties provide safety from mis-use of power and should not be sacrificed lightly; people tend to over-react to rare risks; terrorism is incredibly rare and measures should be proportional; guard foremost against the root cause of a risk, not particular tactics; current airline and airport security is mostly theatre; data-mining is overrated (credit-card fraud excepted); security is a system, not a thing; security is a trade-off.
The essays are non-technical, organised by topic, easily digestible, but they overlap; the book lacks a tight exposition of a coherent security “theory” (if Schneier wrote that book I would definitely buy it). Most of the essays are good, but these stand out:
- What the Terrorists Want
- The Security Threat of Unchecked Presidential Power
- Airport Passenger Screening
- Security vs. Privacy
- Avian Flu and Disaster Planning
- Aligning Interest with Capability
- Rare Risk and Overreactions
- The Security Mindset
You will do well to read and understand them. You might even enjoy them.