Security is a trade-off; it comes at the cost of money, time, convenience, capabilities, and liberties. That’s the gist of Schneier on Security, a collection of essays and articles on security.
Schneier’s arguments are clear, sensible, concise, and convincing: most security initiatives in the wake of 9/11 have been counterproductive or ill-advised; civil liberties provide safety from mis-use of power and should not be sacrificed lightly; people tend to over-react to rare risks; terrorism is incredibly rare and measures should be proportional; guard foremost against the root cause of a risk, not particular tactics; current airline and airport security is mostly theatre; data-mining is overrated (credit-card fraud excepted); security is a system, not a thing; security is a trade-off.
The essays are non-technical, organised by topic, and easily digestible. They do overlap and the book lacks a tight exposition of a coherent security theory (if Schneier wrote that book I would definitely buy it). Most of the essays are good, but the following stand out and are well worth your time:
- What the Terrorists Want
- The Security Threat of Unchecked Presidential Power
- Airport Passenger Screening
- Security vs. Privacy
- Avian Flu and Disaster Planning
- Aligning Interest with Capability
- Rare Risk and Overreactions
- The Security Mindset
Bruce Schneier, Schneier on Security (Indianapolis: Wiley Publishing, )