La siempre elusiva seguridad
Bruce Schneier, autor de libros como Applied Cryptography, anuncia en su newsletter CRYPTO-GRAM que prepara un nuevo libro sobre la seguridad en general. Vivimos en tiempos en los que la seguridad se usa como excusa para todo tipo de actuaciones y sin embargo nos resulta difícil evaluar en qué medida podemos considerarnos seguros o no. Es más, una falsa idea de seguridad puede ser peor que la carencia de seguridad:
My new book, still untitled, is a book about security. Not computer security, but security in general. Its goal is to teach readers how to think differently, how to tell good security from bad security, and to be able to explain why. Its goal is to instill in readers a healthy skepticism about security, especially the technologies surrounding security. Its goal is to convince readers that good security is about people.
The book walks the reader, step by step, through security: what works, what doesn’t, and why. It gives general principles that the reader can use to understand and evaluate security. It illustrates those principles with anecdotes from all over: crime, war, history, sports, natural science, myth, literature, and movies. And it gives the reader a simple process that he can use to understand the difference between good security and bad security.
Real-world security looks a whole lot like computer security. It’s not just that computers are everywhere; the same concepts and methodologies that allow us to make sense of computer security also apply to the real world. In my previous book, «Secrets and Lies,» I used real-world metaphors to explain computer and network security. In this book I am going to explain real-world security using the techniques, processes, and formalism from the computer world, without assuming any computer knowledge.
Por desgracia el libro no estará disponible hasta el próximo septiembre.
—–