Click Here to Kill Everybody: Security and Survival in a Hyper-connected World Reprint Edition

The title is a tad too clickbait-y (mine probably as well) but this is still the Bruce you admire and respect, with a clear message and scrupulous work. Long story short: the book warns us of unrelenting expansion of Internet into physical world - the Internet of Things - not coupled with adequate security practices. We are dangerously close to a situation where hackers are able to cause real, tangible damage on massive scale. Bruce discusses how all of this came about, what dangers we are facing, and what we can collectively do to improve the course of things.By “improving”, I mean not only preventing cyber crime, but also protecting privacy and data generated from our actions in the Internet. In a tone set a few years ago in “Data and Goliath”, the author argues that security is weakened by Western governments’ propensity for mass surveillance, unlocked by Internet’s central role in our social lives and economic activities. What Snowden revealed, still holds true. Cryptography is painted by the officials as a tool of criminals. Proponents of privacy-strengthening techniques are labeled as “weak on terrorism”. Elite hackers are employed by governments to find vulnerabilities in systems and networks - not to fix them, but to enable surveillance, espionage and attacks.Another major factor is security being non-trivial to implement properly and not valued in the economy. Stakeholders prefer to have higher profits now, rather than spend on security which may - or may not - help in the future in case of a cyber attack. Security breaches are treated as PR issues, software companies are in vast majority avoiding any liabilities resulting from faulty programming. Most customers are not thinking of security features, making their purchases on the cheap. Production cycles are increasingly shorter, with little space for security testing. This short-term thinking leads to Internet connecting untold millions of devices which are exploitable.Bruce does not believe that market forces can nudge companies towards more secure products. From their perspective, being insecure brings almost no financial harm. Since we are in an equilibrium, where shoddy security is beneficial for most players (and consumers are largely indifferent), the only way out is to change the rules of the game. In other words, policymakers should step up and enforce higher security standards in software, similarly to what historically happened in the automobile, aircraft or pharmaceutical industries.The book is broad in scope - broader than “Data and Goliath” - and its purpose is to form a basis for discussion on the role of digital security in our lives (not only IoT, but the Internet in general). You can be certain that any article you read that concerns security can be related to concepts pictured herein. It truly serves as “a lay of the land”.My main takeaway is the author’s notion that security is not a problem of technology. Solutions exist. The problem lies in the incentives of people and organizations - as is, in my opinion, with many issues troubling the world today - and correcting those requires concerted effort. We can do better!

I just finished this one and was very pleased. Bruce makes a solid case for the urgent need to plan invest in securing our cyber-physical systems. Working for a global tech conglomerate (Siemens) has me now addressing cybersecurity with every client I speak to. Although the risks are, and will, continue to be moving targets, this book breaks them all down in an easy-to-understand format without getting too technical. I'd recommend this book to just about anyone dealing with connected products. on any level

Subtitle: Computer bytes dog, dog in critical conditionThe recommendation/suggestion and summary chapters are well supported by direct reference to the earlier chapters. I sense your audience is NOT technical but at a minimum rationale. In other words, no "magical thinking" required /allowed within the context of the subject matter.

The many commonsense ideas that Schneier shares and promoted in Click Here to Kill Everyone are pervading an incredible amount of the ideas and discussions I'm having with other people. It literally has been life-changing for me. I find myself making well-reasoned arguments that when I think about it can be sourced to this book. Everyone involved thinks I'm making some master statement and that I'm smart...and all I'm really doing is promoting what Schneier wrote. I find myself wanting to say, "Read Bruce Schneier's latest book...it's all in there!" And I do, when it's appropriate. I'm not talking about just between friends or on discussion blogs, but in real meetings by serious groups looking to better secure the Internet. Schneier has the plan for how to significantly improve computer security, from a policy and legislative side figured out. Click Here to Kill Everyone is the blueprint for making that happen.

This is by far the best single resource I've found to date on IoT security--what the problems are, how we got to this point, what needs to be done, and why it matters. I've read more books, standards, guidelines, articles, and other text on this topic during the past year than I could remember, and this is the only one I've seen that pulls it all together into a cohesive narrative with the proper level of alarm and a realistic plan of action. I've worked in the security industry for 20 years, and I'm already recommending this book to my colleagues.

Easy to read, full of clear and deep understanding for cyber passioned people. All explained in an easy fashion

Very Good book

There are books that everyone need to read. This is one of them, it is not deeply technical but very practical.If you want to understand what is going on with the security you may want to read this.If you use Internet you may want to read this. If you have a baby monitor you may want to read this.If you are a data professional you must read this.