A really excellent book that clearly explains all the areas in which computer security is lacking. The reader will end up with a much clearer understanding of where their computer security is failing them but will unfortunately have no way of really rectifying the situation. Not for security newbies who may gain the false impression that they don't need security.
n some ways this is a very scary book in that it very clearly explains how impossible that it is to actually secure a computer or network and clearly shows how some options give a false sense of security and may even make your system less secure. On the other hand, the book does make it clear what parts of security software do work and how well they work (where having security software works better than not having it). For the most part I agree fully with what the author says about security software worth having and what isn't worth it both for those who know nothing about security and for those more knowledgeable. With those areas where I did not have sufficient prior knowledge to have formed an opinion the viewpoint in the book appears logical.
Perhaps the biggest problem that this book has is identifying just who its target audience is. For the most part (as acknowledged in the book) the typical computer user has no interest in security and therefore is unlikely to even look at the book. Many of those actually working in security probably think that they already know all the answers and so would also not read this book (even though they are the ones who would probably benefit the most from reading it).
The second biggest problem with this book is that it presents you with all the reasons why various parts of computer security don't work but doesn't (and can't) provide the solutions to those problems. While someone who has read the book will have a much greater understanding of how their computer security isn't protecting them as well as it should, they are still stuck with nothing better to put in its place.
This article written by Stephen Chapman, Felgall Pty Ltd.