Beautiful Security: Leading Security Experts Explain How They Think
Editors: Andy Oram and John Viega
In Beautiful Security, a bevy of experts describe how they look at a particular aspect of information security. They offer the knowledge they have acquired through many years and countless situations, and they do a good job at presenting information security as a fascinating career choice – one that allows a level of independence and creativity rarely associated with it. It must be mentioned that most of the authors are know for their capacity for thinking outside the box.
About the author
Andy Oram is an editor at O’Reilly Media. He currently specializes in free software and open source technologies. His work for O’Reilly includes the first books ever published commercially in the US on Linux, and the 2001 title Peer-to-Peer.
John Viega is CTO of the SaaS Business Unit at McAfee. He is author of many security books, is responsible for numerous software security tools and is the original author of Mailman, the GNU mailing list manager.
Inside the book
The book is a collection of essays. Every chapter is written by a different author – ranging from Peiter Zatko, the original creator of L0pthCrack to Phil Zimmerman, the inventor of PGP. The chapters are a good mix of theory and practice.
For every point they make there is a real-life case study that that helps you understand its ramifications. They cover varied subjects:
- Common mistakes and psychological security traps
- Perils of WiFi access and how to mitigate them
- Underground economy of security breaches
- Secure processing of payments
- Advertising frauds
- Encryption – PGP’s Web of Trust
- Security as a design requirement, and more.
To say the least, you will find out a vast amount of useful information that will make you rethink your security practices (and hopefully your mindset).
Try to think about the most widely covered security breaches in the last 5 years – most of them are in this book. Explained and analyzed, they offer an insight into the many questions that have to answered and thought of if you want to cover all your bases.
The goal of this book is to demolish the notion of security as an afterthought and to make it assume it’s rightful place as an integral part of the creative process. I feel secure that it will.
Beautiful Security is an enjoyable book that answers many questions and does so in a simple, yet effective way. It is particularly suitable for all those people who have been around the net for a while and have learned many terms and phrases concerning information security, but they have still only a vague idea of the notion they represent.
It’s also a good starting point for people who are thinking about starting a career in security – it is a book that opens a window into the inner workings of information security and could influence your final decision.
The book covers a wide range of issues that form the Internet experience as we know it today. I urge you to read it to form a clear picture of risks that await you online and of the ways to avoid them – coming from experts that have looked at each issue from every possible angle.