Book Review: Data and Goliath

This is one of Bruce Schneier’s latest books, but my first read from him. The title caught my attention, and I’m glad it did.

Book Review: Data and Goliath

This is one of Bruce Schneier’s latest books, but my first read from him. The title caught my attention, and I’m glad it did.

Data and Goliath book cover

Just  in case you don’t know, Bruce Schneier is a big celebrity in the  information security area. Cryptography, operating systems, encryption,  computer and network security; you name it and this guy has a book on  it. Not only that — they all have great reviews.

Don’t ask me how I  did it, but I got Diogo Monica (the security lead at Docker) to answer a  direct message on Twitter about books he thought were important for  those wanting to get into the infosec world. He told me to read, among  other titles, Cryptography Engineering, co-written by Schneier. I went  and bought it along with this one, and it seemed like an interesting  enough title to pick up and read straight through.

Now I know what  you’re thinking. You’re thinking that this book might be too technical  for you. You’d have to look up all the jargon like encapsulating buffers  with quantum encryption and whatnot. Rest assured that the writing is  very accessible. After all, no technical book would ever be a New York  Times bestseller. Yep, that happened.

I seriously encourage  anyone who can’t imagine how much companies and governments can find out  about us to read this book. With that said, let’s get into the meat and  potatoes.

The content

Schneier  describes our current time to be one without privacy — and the sooner  you learn to live with it, the sooner you can start to protect yourself.  As a computer science student, none of the example told struck as too  surprising, since most tech giants have resources that rival the  governmental budgets of entire countries. What does in fact surprise me  is the scope of surveillance: it’s ubiquitous.

You start to think  about all the good stuff that technology has given us that we didn’t  have one or two decades ago: free email, free cloud storage, along with  powerful applications we use to improve our everyday lives. But Schneier  says that we get really dumb when we see a price label with ‘Free’  written on it. We are in fact trading services for which personal data  is harvested in exchange for something that happens to be free of  charge. If you were handed a list of all information Google will sum up  about you over the years, maybe you’d consider getting a paid email. But  everything is taken silently, because nobody bothers to read terms and  conditions. This calls for a Vine:

When you agree to Apple's Terms and Conditions without reading through them.

All  jokes aside, there are some pretty sinister examples throughout the  book that tell you what companies do with your data, and you’d be  surprised at the sheer amount of times that it gets sold to what I’m  calling Big Data Corporations, whose purpose is to profile you and merge  every piece of information about you into a single data center. Please  allow Mr. Schneier to drop some sense on your ass:

We  use systems that spy on us in exchange for services. It’s just how the  Internet works these days. If something is free, you’re not the  customer, you’re the product.

The more I thought  about this, the less I cared for all of my online profiles, but I’m not  reaching for my tin foil hat just yet. This is a sobering and eye  opening read, it is the reason why foundations like the EFF exist, and  now I find it very important. Somewhere, a group of people is looking  out for everyone’s privacy. Maybe the next time you’re feeling  charitable you’ll consider donating to them. After all, they fight for  your online rights, and they might just save your digital bacon someday.


I  took me a while to figure out why this book should get a good review. I  mean, it’s just a compilation of bad news for me both as a citizen and  as a consumer, so why would I rate something positively if all it does  is make me feel powerless? Furthermore, I’m definitely not going to  throw my phone in a river and start living ‘off the grid’. It’s just the  way the world is and I want to enjoy technology, not be afraid of it. This means that in the end it will be a tedious read for someone who  doesn’t care for privacy. If you’re the type of person that couldn’t  care less about what Facebook does with your data, then you’d probably  find this to be the worst book you’ve ever read. It is definitely not  marketed towards you!

The other side of the argument is that most  people (including me) were not aware of the current state of online and  offline privacy, and enlightening people seems like a great way to start  solving the problem. It is a safe assumption that the general public is  not aware of the scope of these practices, because we would rebel  against it if we knew. So, by educating all of us we are indeed  progressing towards a better future, one where people know they are  being tracked and may voice their collective opinions on the topic. I  feel that Schneier does a great job at this, especially because he  doesn’t dive into the more technical details which would definitely  scare away some readers.


You get  bombarded with bad examples of both corporations and government agencies  that largely go unpunished while being told just how much the biggest  tech companies can easily find out about you (spoiler: everything).

In  the ending chapters, when all is lost and doomed, a breath of fresh air  arrives in the form of security best practices and recommendations,  both to you as an individual and several suggestions towards society in  general. If Snowden did his part by being a whistle-blower and telling us all  about what the NSA is doing, then Schneier also did his best by making  an understandable version for everyone.