Claudius Link reviewed The myths of security by John Viega
Aged security read, lacking a common thread, finishing weak
2 stars
As the book is from 2009 it deserves some slack for some of the content. For the age it contains a surprising (or disappointing) amount of still current statement and correct predictions.
But unsurprisingly nothing new.
Sadly the book is lacking a common thread. I feels like the author just duped his thoughts on a variety of topics. While many chapters provide an insightful view or at least an interesting perspective, the last few chapters, often only one page each, are just unreflected and carelessly stated opinions.
E.g. the chapters on privacy and anonymity are each less than a page, both more or less state "customers don't car, why bother. If you have nothing to hid you don't need to care"
Which is especially irritation as the closest thing to a common threat in the book was "users don't care about security. We need to make/help them care more"
The "nothing to hide" take quickly breaks if you think about cameras on you home. The current cameras in Airbnb scandal ist an instance of this.
To find users for whom privacy and anonymity is a matter of life and death you can look at journalist, activists and dissidents in many countries including the "west". It's not restricted to governments, also companies and organised crime utilise lacking privacy and anonymity.
But you don't need to go this far. Abusive partners are a threat generally overlooked.
The last few chapters really devalued the whole book and making me questioning if it's worthwhile to read other stuff by the author.