This is an HTML rendering of a working paper draft that led to a publication. The publication should always be cited in preference to this draft using the following reference:

The document's metadata is available in BibTeX format.

This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.

Diomidis Spinellis Publications

Copyright © 2004 by the Association for Computing Machinery, Inc. Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from Publications Dept, ACM Inc., fax +1 (212) 869-0481, or

Book Review: Beyond Fear: Thinking Sensibly about Security in an Uncertain World

Diomidis Spinellis
Athens University of Economics and Business

Bruce Schneier
Beyond Fear: Thinking Sensibly about Security in an Uncertain World
Copernicus Books, New York, 2003.
294 pp.

“Security is a tax on the honest”. Schneier, in his book’s last chapter, fittingly titled Security Demystified, explains that in a world of honorable and law abiding citizens our lives would be a lot simpler. Unfortunately, this is not the case: during our life we are constantly facing dangers and risks and often have to evaluate complex tradeoffs that involve the safety of ourselves and the people we love.

For thousands of years the planning of security was conducted by specialists working on isolated domains like defense, banking, or civil aviation. Security decisions, good or (often) bad, were not publicized and the general public was kept in the dark regarding important security tradeoffs and weaknesses. Advances in information and networking technology have resulted in immensely increased requirements for secure applications and associated algorithms and protocols to conduct e-commerce, store private data, and communicate on the open internet. As a result, a new generation of security researchers started working in an open environment of scientific discourse and exchange, publishing their results in the open literature and communicating across previously isolated domain boundaries. These efforts have made information security an important element of computer science with a systematized body of knowledge and accepted practices. Bruce Schneier, a respected member of the information security community, in his book “Beyond Fear” is taking the trip in the opposite direction, applying the knowledge he gained from his practice in IT security in handling security decisions in our everyday lives.

The book’s publication is exceptionally timely. A number of spectacular terrorist activities have resulted in many governments taking exceptional measures in the name of improving national security. Although security decisions in our private life are important and often tricky (is one more likely to be killed by a shark or a pig? — a pig, writes Schneier) the same decisions at the level of a country are critical, since they affect the type of society we will live in and the freedoms we will (or will not) enjoy. The book, written in a very clear and jargon-free style, will allow anyone to take correct and informed decisions on both fronts.

“Beyond Fear” is divided into three parts. The first introduces security as a matter of making appropriate, often subjective, trade-offs. The second part is essentially a tutorial on the working of security in the real world. Through many interesting and often entertaining anecdotes Schneier explains how systems fail, the role of attackers and defenders, the imbalances created by technology, the issue of brittleness, and the weakest link phenomenon. Separate chapters deal with detection, response mechanisms, identification, authentication, authorization, countermeasures, and fighting terrorism. In many cases Schneier analyzes important exemplar security problems through a five-step risk analysis process, which is also presented as a negotiation tool in the book’s last part: 1) what assets are we trying to protect? 2) what are the associated risks? 3) how well does the security solution mitigate them? 4) what other risks that the security solution cause? 5) what trade-offs does the security solution require? One would only wish that this rational thinking would be followed more often when implementing security measures.

Could the book be improved? The author’s overly US-centric view often appears parochial to a non-US reader: the 9/11 attacks although important from geopolitical point of view, are given far more attention than Schneier’s advocated risk analysis method would suggest; the discussion on identity cards ignores the problems these cards solve in everyday transactions in many European and other countries. Also, although the book had a very complete index, the lack of bibliographic references means that readers will not be able to trace the discussed facts back to their original sources. Both blemishes are minor however compared to the book’s accomplishment: a solid and rational treatment of everyday security that a layperson can understand and apply in practice.