Carry On: Sound Advice from Schneier on Security

Bruce Schneier

384 pages, parution le 24/01/2014

Ajouter à une liste

Indisponible

Résumé

Up-to-the-minute observations from a world-famous security expert

Bruce Schneier is known worldwide as the foremost authority and commentator on every security issue from cyber-terrorism to airport surveillance. This groundbreaking book features more than 160 commentaries on recent events including the Boston Marathon bombing, the NSA's ubiquitous surveillance programs, Chinese cyber-attacks, the privacy of cloud computing, and how to hack the Papal election. Timely as an Internet news report and always insightful, Schneier explains, debunks, and draws lessons from current events that are valuable for security experts and ordinary citizens alike.

Bruce Schneier's worldwide reputation as a security guru has earned him more than 250,000 loyal blog and newsletter readers This anthology offers Schneier's observations on some of the most timely security issues of our day, including the Boston Marathon bombing, the NSA's Internet surveillance, ongoing aviation security issues, and Chinese cyber-attacks It features the author's unique take on issues involving crime, terrorism, spying, privacy, voting, security policy and law, travel security, the psychology and economics of security, and much more Previous Schneier books have sold over 500,000 copies Carry On: Sound Advice from Schneier on Security is packed with information and ideas that are of interest to anyone living in today's insecure world.

L'auteur - Bruce Schneier

BRUCE SCHNEIER is an internationally renowned security technologist who studies the human side of security. A prolific author, he has written hundreds of articles, essays, and academic papers, as well as eleven books that together have sold more than 400,000 copies. He has testified before Congress, is a frequent guest on television and radio, and is regularly quoted in the press. His blog and monthly newsletter at www.schneier.com reach over 250,000 devoted readers worldwide.

Sommaire

Introduction
The Business and Economics of Security
Consolidation: Plague or Progress
Prediction: RSA Conference Will Shrink Like a Punctured Balloon
How to Sell Security
Why People Are Willing to Take Risks
How to Sell Security
Why Do We Accept Signatures by Fax?
The Pros and Cons of LifeLock
The Problem Is Information Insecurity
Security ROI: Fact or Fiction?
The Data Imperative
Caveat Emptor
Social Networking Risks
Do You Know Where Your Data Are?
Be Careful When You Come to Put Your Trust in the Clouds
Is Perfect Access Control Possible?
News Media Strategies for Survival for Journalists
Security and Function Creep
Weighing the Risk of Hiring Hackers
Should Enterprises Give In to IT Consumerization at the Expense of Security?
The Vulnerabilities Market and the Future of Security
So You Want to Be a Security Expert
When It Comes to Security, We're Back to Feudalism
I Pledge Allegiance to the United States of Convenience
The Good, the Bad, and the Ugly
You Have No Control Over Security on the Feudal Internet
Crime, Terrorism, Spying, and War
America's Dilemma: Close Security Holes, or Exploit Them Ourselves
Are Photographers Really a Threat?
CCTV Doesn't Keep Us Safe, Yet the Cameras Are Everywhere
Chinese Cyberattacks: Myth or Menace?
How a Classic Man-in-the-Middle Attack Saved Colombian Hostages
How to Create the Perfect Fake Identity
A Fetishistic Approach to Security Is a Perverse Way to Keep Us Safe
The Seven Habits of Highly Ineffective Terrorists
Why Society Should Pay the True Costs of Security
Why Technology Won't Prevent Identity Theft
Terrorists May Use Google Earth, but Fear Is No Reason to Ban It
Thwarting an Internal Hacker
An Enterprising Criminal Has Spotted a Gap in the Market
We Shouldn't Poison Our Minds with Fear of Bioterrorism
Raising the Cost of Paperwork Errors Will Improve Accuracy
So-Called Cyberattack Was Overblown
Why Framing Your Enemies Is Now Virtually Child's Play
Beyond Security Theater
Feeling and Reality
Refuse to Be Terrorized
Cold War Encryption Is Unrealistic in Today's Trenches
Profiling Makes Us Less Safe
Fixing Intelligence Failures
Spy Cameras Won't Make Us Safer
Scanners, Sensors Are Wrong Way to Secure the Subway
Preventing Terrorist Attacks in Crowded Areas
Where Are All the Terrorist Attacks?
Hard to Pull Off
Few Terrorists
Small Attacks Aren't Enough
Worst-Case Thinking Makes Us Nuts, Not Safe
Threat of "Cyberwar" Has Been Hugely Hyped
Cyberwar and the Future of Cyber Conflict
Why Terror Alert Codes Never Made Sense
Debate Club: An International Cyberwar Treaty Is the Only Way to Stem the Threat
Overreaction and Overly Specific Reactions to Rare Risks
Militarizing Cyberspace Will Do More Harm Than Good
Rhetoric of Cyber War Breeds Fear-and More Cyber War
Attacks from China
GhostNet
Profitable
The Boston Marathon Bombing: Keep Calm and Carry On
Why FBI and CIA Didn't Connect the Dots
The FBI's New Wiretapping Plan Is Great News for Criminals
US Offensive Cyberwar Policy
Human Aspects of Security
Secret Questions Blow a Hole in Security
When You Lose a Piece of Kit, the Real Loss Is the Data It Contains
The Kindness of Strangers
Blaming the User Is Easy-But It's Better to Bypass Them Altogether
The Value of Self-Enforcing Protocols
Reputation Is Everything in IT Security
When to Change Passwords
The Big Idea: Bruce Schneier
High-Tech Cheats in a World of Trust
Detecting Cheaters
Lance Armstrong and the Prisoner's Dilemma of Doping in Professional Sports
The Doping Arms Race as Prisoner's Dilemma
The Ever-Evolving Problem
Testing and Enforcing
Trust and Society
How Secure Is the Papal Election?
The Court of Public Opinion
On Security Awareness Training
Our New Regimes of Trust
Privacy and Surveillance
The Myth of the "Transparent Society"
Our Data, Ourselves
The Future of Ephemeral Conversation
How to Prevent Digital Snooping
Architecture of Privacy
Privacy in the Age of Persistence
Should We Have an Expectation of Online Privacy?
Offhand but On Record
Google's and Facebook's Privacy Illusion
The Internet: Anonymous Forever
A Taxonomy of Social Networking Data
The Difficulty of Surveillance Crowdsourcing
The Internet Is a Surveillance State
Surveillance and the Internet of Things
Government Secrets and the Need for Whistleblowers
Before Prosecuting, Investigate the Government
Psychology of Security
The Security Mindset
The Difference between Feeling and Reality in Security
How the Human Brain Buys Security
Does Risk Management Make Sense?
How the Great Conficker Panic Hacked into Human Credulity
How Science Fiction Writers Can Help, or Hurt, Homeland Security
Privacy Salience and Social Networking Sites
Security, Group Size, and the Human Brain
People Understand Risks-But Do Security Staff Understand People?
Nature's Fears Extend to Online Behavior
Security and Technology
The Ethics of Vulnerability Research
I've Seen the Future, and It Has a Kill Switch
Software Makers Should Take Responsibility
Lesson from the DNS Bug: Patching Isn't Enough
Why Being Open about Security Makes Us All Safer in the Long Run
Boston Court's Meddling with "Full Disclosure" Is Unwelcome
Quantum Cryptography: As Awesome as It Is Pointless
Passwords Are Not Broken, but How We Choose Them Sure Is
America's Next Top Hash Function Begins
Tigers Use Scent, Birds Use Calls-Biometrics Are Just Animal Instinct
The Secret Question Is: Why Do IT Systems Use Insecure Passwords?
The Pros and Cons of Password Masking
Technology Shouldn't Give Big Brother a Head Start
Lockpicking and the Internet
The Battle Is On against Facebook and Co. to Regain Control of Our Files
The Difficulty of Un-Authentication
Is Antivirus Dead?
Virus and Protocol Scares Happen Every Day- but Don't Let Them Worry You
The Failure of Cryptography to Secure Modern Networks
The Story behind the Stuxnet Virus
The Dangers of a Software Monoculture
How Changing Technology Affects Security
The Importance of Security Engineering
Technologies of Surveillance
When Technology Overtakes Security
Rethinking Security
Travel and Security
Crossing Borders with Laptops and PDAs
The TSA's Useless Photo ID Rules
The Two Classes of Airport Contraband
Fixing Airport Security
Laptop Security while Crossing Borders
Breaching the Secure Area in Airports
Stop the Panic on Air Security
A Waste of Money and Time
Why the TSA Can't Back Down
The Trouble with Airport Profiling
Security, Policy, Liberty, and Law
Memo to Next President: How to Get Cybersecurity Right
CRB Checking
State Data Breach Notification Laws: Have They Helped?
How to Ensure Police Database Accuracy
How Perverse Incentives Drive Bad Security Decisions
It's Time to Drop the "Expectation of Privacy" Test
Who Should Be in Charge of Cybersecurity?
Coordinate, but Distribute Responsibility
"Zero Tolerance" Really Means Zero Discretion
US Enables Chinese Hacking of Google
Should the Government Stop Outsourcing Code Development?
Punishing Security Breaches
Three Reasons to Kill the Internet Kill Switch Idea
Internet without Borders
Unpredictable Side Effects
Security Flaws
Web Snooping Is a Dangerous Move
The Plan to Quarantine Infected Computers
Close the Washington Monument
Whitelisting and Blacklisting
Securing Medical Research: a Cybersecurity Point of View
Fear Pays the Bills, but Accounts Must Be Settled
Power and the Internet
Danger Lurks in Growing New Internet Nationalism
IT for Oppression
The Public/Private Surveillance Partnership
Transparency and Accountability Don't Hurt Security- They're Crucial to It
It's Smart Politics to Exaggerate Terrorist Threats
References
Index

Voir tout

Replier

Caractéristiques techniques

	PAPIER
Éditeur(s)	Wiley
Auteur(s)	Bruce Schneier
Parution	24/01/2014
Nb. de pages	384
Format	15 x 23.5
Couverture	Cartonné
Intérieur	Noir et Blanc
EAN13	9781118790816
ISBN13	978-1-118-79081-6