July 25th, 2008 Anthony Towry
Geekonomics: The Real Cost of Insecure Software
attempts to employ solid economic reasoning behind software defects that impact security.
Geekonomics was a finalist in the running for a prestigous Jolt Award, and not terribly expensive (coming in @ MSRP $30 and less than that most places), so I jumped on it. The case for this book in my mind is that it really speaks to the ideas of reaping what you create incentive for. The book explores EULAs, Open Source, cement, car crashes and plane wrecks. Read the full review
Posted in Books | No Comments »
February 8th, 2008 Anthony Towry
I recently finished flipping through Podcasting Hacks. I say flipping, because I read it in a completely hit-and-run way, digging into the hacks that screamed out.
The book isn't bad, but is definitely geared toward the podcasting newbie. The depth at which format styles and interviewing is covered should be sufficient for any newcomer to produce interesting content.
I would have personally liked to have seen a bit more on some of the technical audio mixing and post production stuff, but who are we kidding? Like my podcast is ever going to be more than a Fisher-Price microphone and a kazoo.
Posted in Books, Podcast | No Comments »
January 17th, 2008 Anthony Towry
This book is just almost worth reading, almost. I get excited about securing the endpoint. So, you can imagine how miffed I was when this book turned out to suck.
I agree with the author in that the endpoint has become the perimeter, and as such, shifts and flows as devices enter and leave. The endpoint is critical. The author does a fair job of presenting the concept. However, a communication breakdown starts to occur soon after. Your flag to put the book down is when he introduces the grand scheme for standardizing graphical representations of a network and it's endpoints.
The only place I can see this book being of use is in the hands of a lightly trained desktop manager. The basic steps for keeping a clean box are provided. Implementation may be a tough thing to bring about "by the book" as the recommendations are not necessarily business friendly.
There are some nuggets of wisdom buried in the noise, but it's really not worth the effort to read. I do not recommend this book.
Posted in Books, Management, Security | No Comments »
November 15th, 2007 Anthony Towry
Fuzzing: Brute Force Vulnerability Disclosure takes you to the edge of Application Testingville and kicks you 30ft outside city limits. The methods used to vulnerability test software in an automated way have never been so clearly conveyed. This book becomes family for anyone stalking the elusive 0-day. Like a second cousin really, but still you hold it near and dear. Read more...
Posted in Books, Programming, Security, Testing | 1 Comment »
September 28th, 2007 Anthony Towry
Scott Berkun is one cool cat. He's had a couple of books that have been wildly successful. The first book of Scott's that I read was The Art of Project Management, which played to his business experience with corporate America. This book stays in that vein, playing on creativity coaching.
I really love this book because it attempts to blow away some of the structural cruft that people build up through a life of fairy tale innovation. It's easier to accept that innovative thoughts are placed into the heads of geniuses through some sort of black magic and voodoo. It's much harder to recognize the hard work that is required to achieve a goal. Which explains my lack of innovative productivity.
The Myths of Innovation is easy to read and insightful.
Posted in Books | No Comments »
