Disclaimer: this is the book review I turned in for a class, and I almost died writing it, so I don't have the strength to do more than copy/paste. If it doesn't sound like my usual breezy review style, that's why. Many apologies.

Bruce Schneier is a technologist and security expert who has written about security since the 90’s. He is a fellow at the Berkman Center for Internet and Society at Harvard University and has published books, articles, and academic papers about cybersecurity. In his 2016 book, Data and Goliath, he warned about the mass surveillance issues associated with big data. In Click Here to Kill Everybody, he tackles the dangers of our increasingly interconnected planet and the Internet of Things (IoT).

Schneier says, “It used to be that things had computers in them. Now they are computers with things attached to them.” He asserts that even if we don’t think of cars or refrigerators as computers when we buy them, the fact that they are raises serious security concerns. If computers are vulnerable to attack, and if everything is a computer, the threats have escalated from loss of data to loss of life and property, where an attack could crash a car or an airplane, sabotage someone’s pacemaker, or shut down a city power grid. Throughout the book, Schneier uses the term “Internet ” as shorthand for the interconnected computer systems that are “the Internet Things Us.”

Since the book is directed to a general audience, the author is careful to explain terminology that may be new to readers, such as the CIA triad used to describe information security, which consists of confidentiality, integrity, and availability. His explanations are clear and thorough, with enough review when terms are used in different chapters, that a layperson never feels lost. The book is heavily cited (78 pages’ worth) and easy to navigate back and forth from text to citations on an electronic version (his citation method is less user-friendly with a print copy). His citations can also be found on the book’s website https://www.schneier.com/books/click-here (Links to an external site.), and any updates after April 2018 will be found on this page.

The book is written as an overview to raise awareness of the issues and draw a larger audience into the discussion. Schneier says himself he’s offering breadth rather than depth. The book has two parts: The Trends and The Solutions. In Part 1, he discusses why Internet has so many security problems (it was never designed with security in mind), and why security isn’t prioritized by companies or government agencies. He says, “Insecurity is in the interests of both corporations and governments…Corporations want insecurity for reasons of profit. Governments want it for reasons of law enforcement, social control, international espionage, and cyberattack.” Most of Part 1 will be review for longtime followers of Schneier’s writing. Newcomers may be overwhelmed by these chapters because the picture they paint is certainly dire. Schneier provides ample, persuasive documentation of vulnerabilities in such things as infrastructure, health equipment, cars, data integrity, algorithms, and supply chains. He says new risks “arise from the very nature of Internet , which encompasses and connects almost everything, making it all vulnerable at the same time.” In Part 2, Schneier outlines his ideas for securing Internet . Many of his ideas need further discussion and fleshing out, which the author readily admits, calling them “a bunch of great ideas that won’t happen anytime soon.” Most of his solutions depend on the cooperation of tech companies and government, which leaves the reader perhaps more informed by the end of the book but not necessarily empowered.

The research that went into this book is one of its greatest strengths, and Schneier has a clear, persuasive writing style that makes the subject matter accessible to the general public. There’s a lot to absorb, and Schneier probably would have been able to make his case without quite the bombardment of doom that made up the early chapters of the book. It’s clearly a topic he’s passionate about, and for good reason. Even though the reader may not have a clear sense of direction of their role in the larger solutions outlined in Part 2, the information in the book will still raise awareness of the issues and be useful for decisions made as a consumer.

This book is recommended for general collections in both public and academic libraries. The information is useful for consumers in general, and it provides a good introduction to current cybersecurity issues for students and individuals interested in educating themselves on the subject ( )

Ambitious argument for rethinking the world's internet security structure. This sounds as likely to happen as anything radical when it comes to climate change, social justice, or other ways of changing the world. Still, if you work online (and who does not) this could be important to read and think about. ( )

I've been a fan of Bruce Schneier for a long time, though I've not yet read many of his long-form content (I read his email newsletter, and have worked my way through parts of his texts on cryptography). This timely book deals with the consequences of our technologies, how certain proposed solutions cannot work to solve them (and will, in fact, make the current and future problems vastly more difficult to solve), and suggests some positive ways forward.

One thing he touches on late in the book is the nature of resilience with regard to security, disaster planning, and recovery. This topic seems to me to be connected to [a:Nassim Nicholas Taleb|21559|Nassim Nicholas Taleb|https://images.gr-assets.com/authors/1206025993p2/21559.jpg]'s concept of "Antifragility" (from his book [b:Antifragile: Things That Gain from Disorder|13530973|Antifragile Things That Gain from Disorder|Nassim Nicholas Taleb|https://images.gr-assets.com/books/1352422827s/13530973.jpg|19092611]) - the idea of creating systems that improve under stress, rather than ones the fail when stressed. I would like further exploration of this in a technological context and policy context. ( )

Consistent with lots of his writing. Advocates for public interest technologists. Worth reading. ( )

A worthy follow-up to 2015's _Data and Goliath_. After reviewing the truly abysmal privacy and security conditions afforded by today's digital technologies and practices, and by the growing takeover of everything by the Internet of Things (IoT) in particular, Schneier explains his belief that correction and reform are theoretically possible. He rightly argues that strong government action would be needed but that this would require the governments to stop being a big part of the problem themselves and to avoid wrong-headed policies such as mandating encryption backdoors for law enforcement. He believes that in the long run "surveillance capitalism is not sustainable" (p 209), but it still seems to me that (1) nothing short of wholesale societal rejection of the ill-conceived IoT would be required, that (2) this is just not going to happen, and therefore that (3) life in the relatively near future will no longer be worth living.