Beyond Fear

Hope your Memorial Day weekend 2017 is going well. Yesterday afternoon my wife and I stopped by her brother’s place to prepare, cook and then consume a late lunch. Earlier in the day my wife chopped some onions and peppers, cut some chicken thighs and pork shoulder, I pulled from the freezer some bags of shell fish (OK sue me, we eat pork and shell fish) and an assortment of spices (including saffron). We put in the trunk of the car a box holding the ingredients and our 24” paella pan.

When we arrived to her brother’s house, there was a very light rain. The temperature was about 72 F and light winds. Her niece started a wood fire in the fire ring. When hot I placed the paella pan on a grill and added some olive oil. Once hot, the chopped onions and garlic were added. The meats joined the party next. We needed to add some water to the flames to control the temperature. It is simpler to cook over coal or propane, but we were all gathered around having a few (OK, more than a few) drinks. When the meats were brown the broths were added. Once all started boiling we added several cups of Arborio rice. Some veggies and seafood were added later. One has to constantly move the contents in the pan with some type of spatula. This is to prevent the paella from burning and helps the rice cook evenly. Some beer was also added when the rice needed more time. We ran out of chicken broth. When done, I removed the pan from the fire and squirted the juice of half dozen lemons over the rice. After 10 minutes or so we sat down around a patio table to enjoy the meal. By then the sun was shining. We all had two or three heaping servings. When done the pan was about half full. We had our fill. What a nice day chatting with family and friends sharing some delicious foods.

The main purpose of this post is to collect my thoughts on “Beyond Fear” by Bruce Schneier published by Copernicus Books in 2003. It has been about 14 years after the book was published. Things have changed since then (including the terrible events of 9/11). That said; most concepts and ideas still hold true today. I recommend it for readers that wish to polish their understanding on security in all aspects of life.

I purchased the book a couple weeks ago with the main purpose of reading chapter 13, “Identification, Authentication and Authorization”. Through the years, I have purchased and read most of Bruce Schneier’s books.

Besides the chapter of interest to me, Schneier proposes a set of five questions to evaluate security. These are:

What assets are you trying to protect?
What are the risks to the assets?
How well does the security solution mitigate those risks?
What other risks does the security solution cause?
What costs and trade-offs does the security solution impose?

The steps are used several times in the book to evaluate security measures we encounter in our lives. I found it interesting how they help one evaluate them. Each individual may have different opinions and answers based on their personal feelings and agendas.

The last chapter contains some additional yet more generic rules that also help evaluating security. They are:

Schneier Risk Demystification
Schneier Secrecy Demystification
Schneier Agenda Demystification

It is impossible to summarize an entire book of 285 pages in this post. If interested in the subject I urge to get a copy and find out more about security. It can help you in your daily life and in my case with work. I would assume that system architects and software developers at large would like to always produce software as secure as possible. It is left for the support team to continue enhancing security during the life cycle of the products.

If you have comments or questions regarding this or any other post; please leave me a note in the comments section. I will reply as soon as possible.

Enjoy;

John

Follow me on Twitter: @john_canessa

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.