Wednesday, April 27, 2016

Book Notes: Beautiful Security and The Myths of Security

Been awhile since I've done any book reviews or the like on this blog.  Am a little behind on my series looking at the "20 Books".

I'd thought I should bring to peoples attention a pair of books that came out a few years ago.  No so much technical security works as more philosophical:  Beautiful Security and The Myths of Security.  Both are from O'Reilly and came out in 2009.  And both share an author (kind of).

Beautiful Security is an anthology edited by Andy Oram and John Viega.  Its a collection of 16 works by a variety of security experts on varying topics.  Phil Zimmerman gives a history of PGP.  We get an introduction to the underground economy of stolen data.  Metrics and logs are covered.  There are a few more esoteric topics like security design and security theater.  I think no matter where you are in the infosec world, there will be something in here of interest, as well as several you should read as well.  I know for myself that stuff I didn't care about years ago has become more important, and so resources I kind of passed over have become more relevant.

The Myths of Security is subtitled: "what the computer security industry doesn't want you to know".  It's written by John Viega.  It's a smaller book, about 230 pages, and consists of 48 short chapters.  Most run about 2-3 pages.  Seeing as how the author worked for McAfee, there are several chapters that deal with antivirus.  But we get a range of other topics touched on as well.  Some are general, like privacy, others more details and technical like HTTPS and CAPTCHA.  Again, this is the kind of book you can pick up and read a few chapters and put it down and come back to it.  As they are short, you can fit them in between other things, and maybe they'll get you thinking.

So check out these 2 works.  I have them on my shelf for ready access.

No comments:

Post a Comment