From: danny@cs.su.oz.au (Danny Yee) Date: Tue, 03 Jan 1995 21:35:16 +1000 Subject: Book Review - Computer-Related Risks title: Computer-Related Risks by: Peter G. Neumann publisher: Addison-Wesley 1994 subjects: computing other: 367 pages, bibliography, glossary, index, US$24.75 summary: if anything can go wrong, it probably will Disasters, crimes and high technology are all naturally attractive subjects, amd _Computer-Related Risks_ has plenty to offer. While the blurb claims that it is "much more than a collection of computer mishaps", the bulk of it does consist of fairly straightforward descriptions of different "incidents". These are arranged both thematically, into chapters with titles such as "Reliability and Safety Problems" or "Threats to Privacy and Well-Being", and by area (such as avionics or banking). Neumann does a good job of providing succinct descriptions which contain the information essential to understanding what went wrong (unlike typical newspaper accounts). Some of the material -- such as that on accidents in health services -- is frightening; some of it is just intriguing -- the possibility that there are other intelligent life-forms in the universe but that they encrypt and compress their signals so efficiently that all we see is white noise. Neumann ends each chapter with an attempt at general analysis, and though this often consists of truisms and straight typological classification, that is more of an indication of how much work there is to be done in the field than of any failing on his part. A set of questions comes with each chapter. While _Computer-Related Risks_ is (to quote from the blurb again) a "serious, technically oriented book", it is so broad in scope that it has little technical depth, and most of it will be accessible to anyone with basic computer literacy. I wouldn't want to put limits on its potential audience, but a few groups are obvious: people involved in risk management in an area that involves computers (i.e. anyone involved in risk management); those who have to make potentially hazardous decisions in the design, implementation or operation of computer systems -- network administrators, software engineers, protocol designers and managers of all kinds --; and anyone whose life or livelihood is critically dependent on computers. As pointed out above, however, this sort of material has general appeal, and I think _Computer-Related Risks_ will be enjoyed by almost anyone interested in computers. -- Disclaimer: I received a review copy of _Computer-Related Risks_ from Addison-Wesley, but I have no stake, financial or otherwise, in its success. -- %T Computer-Related Risks %A Peter G. Neumann %I Addison-Wesley %C Reading, Massachusetts %D 1994 %O paperback, bibliography, glossary, index %G ISBN 0-201-55805-X %P xv,367pp %K computing Danny Yee (danny@cs.su.oz.au) 3 January 1995 ------------------------------------------------------------- All book reviews by Danny Yee are available via anonymous FTP ftp.anatomy.su.oz.au in /danny/book-reviews (index INDEX) or URL http://www.anatomy.su.oz.au/danny/book-reviews/index.html ------------------------------------------------------------- Copyright (C) Danny Yee 1994 : Comments and criticism welcome -------------------------------------------------------------