Musings
- Book Reviews
Here we are gathering book reviews on information and network security, management, and leadership.
Book Review: The New School of Information Security, by Adam Shostack and Andrew Stewart - October 31st, 2008
Book Review: Crimeware, by Jakobsson and Ramzan - July 12th, 2008
Book Review: Dreams from My Father, by Barack Obama - February 4th, 2008
Book Review: LAN Switch Security:What Hackers Know About Your Switches, by Eric Vyncke and Christopher Paggen - January 11th, 2008
Book Review: Made to Stick: Why Some Ideas Survive and Others Die, by Chip Heath and Dan Heath - January 2nd, 2008
Book Review: Geekonomics, by David Rice - December 27th, 2007
Book Review: End-to-End Network Security, by Omar Santos - December 6th, 2007
Book alert, Behind the Screen: Hacking Hollywood, by Mark Stone - November 27th, 2007
Book Review: Linksys WRT54G Ultimate Hacking, by Paul Asadoorian and Larry Pesce; Raul Siles Technical Editor - October 31st, 2007
Book Review: The Black Swan: The Impact of the HIGHLY IMPROBABLE, by Nassim Nicholas Taleb - October 27th, 2007
The Best Security Books to have in your library - October 25th, 2007
Book Review: The Age of Speed, by Vince Poscente - October 2nd, 2007
Book Review: Virtual Honeypots by Niels Provos and Thorsten Holz - August 21st, 2007
Book Review: Seduced by Success by Robert J. Herbold - June 26th, 2007
Book Review: Selling Blue Elephants, by Moskowitz and Gofman - June 25th, 2007
Book Review of Snow Crash leads to Second Life - April 18th, 2007
Book Review: Miracle in the Andes, by Nando Parrado and Vince Rause - February 20th, 2007
Book Review - Information Security Law: Control of Digital Assets - February 19th, 2007
Book Review - Cisco Network Admission Control - January 1st, 2007
Book Review: The Art of Software Security Assessment - December 19th, 2006
Book Review: The New School of Information Security, by Adam Shostack and Andrew Stewart
October 31st, 2008
By Stephen Northcutt
The New School of Information Security
Shostack and Stewart
I carried this book with me on multiple plane flights and read it, and read it again, and then again and, to be honest, I can't follow it. I agree that Security Professionals need to change the way they think about security, I really do. But this just goes on and on and on and never seems to get to the point. So, I am going to point you to my new net friend, Kevin Thompson, who has done a high quality review that I fully agree with. I hope it is OK to post his email to me on the topic, but it says it all in a nutshell:
My book review of New School includes the cliffs notes version of the book. I believe that the main idea is expressed in Chapter 4 and the rest of the book is just supporting that. Not to say that the rest of the book isn't valuable, but if you only had 30 minutes to get the point of the book, I would say read chapter 4. Here's the link to my review. http://blackfistsecurity.blogspot.com/2008/08/book-review-new-school-of-information.html