Click Here to Kill Everybody: Security and Survival in a Hyper-connected World Reprint Edition

This is by far the best single resource I've found to date on IoT security--what the problems are, how we got to this point, what needs to be done, and why it matters. I've read more books, standards, guidelines, articles, and other text on this topic during the past year than I could remember, and this is the only one I've seen that pulls it all together into a cohesive narrative with the proper level of alarm and a realistic plan of action. I've worked in the security industry for 20 years, and I'm already recommending this book to my colleagues.

The title is a tad too clickbait-y (mine probably as well) but this is still the Bruce you admire and respect, with a clear message and scrupulous work. Long story short: the book warns us of unrelenting expansion of Internet into physical world - the Internet of Things - not coupled with adequate security practices. We are dangerously close to a situation where hackers are able to cause real, tangible damage on massive scale. Bruce discusses how all of this came about, what dangers we are facing, and what we can collectively do to improve the course of things.By “improving”, I mean not only preventing cyber crime, but also protecting privacy and data generated from our actions in the Internet. In a tone set a few years ago in “Data and Goliath”, the author argues that security is weakened by Western governments’ propensity for mass surveillance, unlocked by Internet’s central role in our social lives and economic activities. What Snowden revealed, still holds true. Cryptography is painted by the officials as a tool of criminals. Proponents of privacy-strengthening techniques are labeled as “weak on terrorism”. Elite hackers are employed by governments to find vulnerabilities in systems and networks - not to fix them, but to enable surveillance, espionage and attacks.Another major factor is security being non-trivial to implement properly and not valued in the economy. Stakeholders prefer to have higher profits now, rather than spend on security which may - or may not - help in the future in case of a cyber attack. Security breaches are treated as PR issues, software companies are in vast majority avoiding any liabilities resulting from faulty programming. Most customers are not thinking of security features, making their purchases on the cheap. Production cycles are increasingly shorter, with little space for security testing. This short-term thinking leads to Internet connecting untold millions of devices which are exploitable.Bruce does not believe that market forces can nudge companies towards more secure products. From their perspective, being insecure brings almost no financial harm. Since we are in an equilibrium, where shoddy security is beneficial for most players (and consumers are largely indifferent), the only way out is to change the rules of the game. In other words, policymakers should step up and enforce higher security standards in software, similarly to what historically happened in the automobile, aircraft or pharmaceutical industries.The book is broad in scope - broader than “Data and Goliath” - and its purpose is to form a basis for discussion on the role of digital security in our lives (not only IoT, but the Internet in general). You can be certain that any article you read that concerns security can be related to concepts pictured herein. It truly serves as “a lay of the land”.My main takeaway is the author’s notion that security is not a problem of technology. Solutions exist. The problem lies in the incentives of people and organizations - as is, in my opinion, with many issues troubling the world today - and correcting those requires concerted effort. We can do better!

Subtitle: Computer bytes dog, dog in critical conditionThe recommendation/suggestion and summary chapters are well supported by direct reference to the earlier chapters. I sense your audience is NOT technical but at a minimum rationale. In other words, no "magical thinking" required /allowed within the context of the subject matter.

The many commonsense ideas that Schneier shares and promoted in Click Here to Kill Everyone are pervading an incredible amount of the ideas and discussions I'm having with other people. It literally has been life-changing for me. I find myself making well-reasoned arguments that when I think about it can be sourced to this book. Everyone involved thinks I'm making some master statement and that I'm smart...and all I'm really doing is promoting what Schneier wrote. I find myself wanting to say, "Read Bruce Schneier's latest book...it's all in there!" And I do, when it's appropriate. I'm not talking about just between friends or on discussion blogs, but in real meetings by serious groups looking to better secure the Internet. Schneier has the plan for how to significantly improve computer security, from a policy and legislative side figured out. Click Here to Kill Everyone is the blueprint for making that happen.

I just finished this one and was very pleased. Bruce makes a solid case for the urgent need to plan invest in securing our cyber-physical systems. Working for a global tech conglomerate (Siemens) has me now addressing cybersecurity with every client I speak to. Although the risks are, and will, continue to be moving targets, this book breaks them all down in an easy-to-understand format without getting too technical. I'd recommend this book to just about anyone dealing with connected products. on any level

There are books that everyone need to read. This is one of them, it is not deeply technical but very practical.If you want to understand what is going on with the security you may want to read this.If you use Internet you may want to read this. If you have a baby monitor you may want to read this.If you are a data professional you must read this.

Very Good book

I've been a fan of Bruce Schneier for more than 20 years. His last two books have been necessary to read, but usually one chapter at a time, because the state of security is so depressing ; it's easy to become discouraged. As long as software and services vendors aren't subject to the level of liability that a child's toy faces, there's no incentive for them to do better.

I started to read click here to click everybody alongside studying for the CISSP and it helped tremendously by adding a real-world context to the academic material I was absorbing. The book dives into both the corporate and military worlds of information security and talks about the current, historic drawbacks to the policy mindset concerning security and privacy. Bruce Schneier’s style of writing is much the same as what his live talks are, just as much enthralling as it is entertaining. Along with his profound perspective he provides a sharp wit and excellent metaphors to help capture his meaning in the mind of the reader. He talks about how insecurity is both in the military and corporation’s interests. In the sense of the military this is the nation state putting its surveillance interests above that of the citizens it is in place to protect. With this building a good argument against the need for back doors in consumer-grade encryption algorithms and reinforcing the case for individual privacy. He also talks about the need for trust in society and the fact such backdoors will lead to “national insecurity”. A good read for those blinded by “I have nothing to hide” propaganda. He then goes on to talk about how corporations are geared towards insecurity by putting the onus on having fast, cheap software and not factoring the qualitative value of having secure software. Whilst security has NO quantitative (dollar) return of investment its value can be realized through looking at the potential costs of not having it. He goes on here to build a compelling case that this can and only be helped through government regulation. I did not find consider this book to be pessimistic, it provides bleak worse-case perspectives but offers hope through providing what the solutions should be. For example, he argues that we need a role in government advocating greater, more effective, and radical policy decisions confronting and addressing the existential issues we face in the digital age and APT threats against national infrastructure (inc civilian / corporate). This very role has recently been introduced in a Scandinavian country which is hopeful for the rest of us.

First part of the book showing the limitations of current internet architecture, software etc. Very informative if not your expertise.Second part just his solution which is more government.

Another good book from the Guru.

Bruce Schneier is one of the tech world's best ambassadors. Expert in the crunchy science, he has an unmatched ability to discuss cybersecurity issues without alienating either his fellow "geeks" or the lawmakers he is trying to influence.I recommend this book to anyone who is concerned about the future direction of the Internet, particulary the security challenges posed by the Internet of Things.Schneier manages to convey the risks of over-reliance on the offensive capabilities of national security agencies to buttress cybersecurity, while avoiding slipping into shrill diatribe. Plenty of good ideas here.

Un compendio molto completo, aggiornato e ben documentato sul tema della cybersecurity. Ricco di spunti interessanti