Wednesday, October 03, 2012

Liars and Outliers - the book

A blog I have kept on my radar for many years is the one from Bruce Schneier.  Security, specifically for me around computers and networks, has always been an interest to me.  I've seen how exploits worked and studied them to better understand the underlying principles that make them work.  Mostly to better understand how to defend against them.  For example, one of the first exploits I worked on was understanding forging IP addresses in TCP/IP packets and HTTP headers back in the 90s.  And yet I'm still surprised by how many programmers continue to put information they use to establish "trust" into easily forged headers.  Fortunately I've been involved early enough on some projects to squash misguided efforts like that.

Bruce authored the book "Liars and Outliers" and it was one of the few books I purchased for my Kindle as a pre-order because I have not been disappointed by his previous works.  It is a well thought out and methodical book that builds and builds one block at a time.  I highly recommend it (as do several other reviewers).