This evening I finished reading Secrets and Lies by Bruce Schneier.
Compared to a number of technical books I have read recently, this is probably one of the oldest publications. Due to the way that technology moves, I wasn't sure how relevent this book would still be. However, having come across Bruce through his reputation and after reading his blog for some time I decided to give it a go anyway.
My first impressions of the book were very positive. It was very thorough in covering the subject matter relating to digital security. I must compliment Bruce on his ability to explain usually technical jargon in a very non-technical and understandable way. Whilst I found this refreshing, I must admit that as a 'techie', I didn't learn a lot technically that I didn't already know (I think all techies must know about Alice and Bob's keys by now!)
However, where I was impressed was a number of times throughout the book where Bruce has suggested non-standard uses of technologies, or, non-standard attacks, or, non-standard approaches to things. His ability to see the bigger picture and think outside the normal boxes is clever and shows someone who knows his field intrinsically. This was further demonstrated with the number of times Bruce translated his definitions into non-computer related scenarios. At one stage he even explained attacks using the film "Star Wars" as the example (How cool is that!!) I also thought his use of attack trees was very useful.
In conclusion, whilst I found the core of the book a bit limiting in terms of learning new subject matter (for someone with a technical background), Bruce's different angle of approach to each subject area meant that there was still plenty of material worth reading in the book. For someone who is fairly new to the field of digital security, this book is an absolute must.
My next read is Bruce's, Beyond Fear. I'll let you know how I get on…..