Rating:
(33 reviews)
Author: Visit Amazon's John Viega Page
ISBN : 0596523025
New from $20.45
Format: PDF
Posts about Download The Book Free The Myths of Security: What the Computer Security Industry Doesn't Want You to Know Paperback from 4shared, mediafire, hotfile, and mirror link
About the Author
John Viega is CTO of the Software-as-a-Service Business Unit at McAfee, and was previously Vice President, Chief Security Architect at McAfee. He is an active advisor to several security companies, including Fortify and Bit9, and is the author of a number of security books, including Network Security with OpenSSL (O'Reilly) and Building Secure Software (Addison-Wesley). John is responsible for numerous software security tools and is the original author of Mailman, the popular mailing list manager. He has done extensive standards work in the IEEE and IETF, and co-invented GCM, a cryptographic algorithm that NIST (US Department of Commerce) has standardized. He holds a B.A. and M.S. from the University of Virginia.
Download latest books on mediafire and other links compilation Free The Myths of Security: What the Computer Security Industry Doesn't Want You to Know
- Paperback: 264 pages
- Publisher: O'Reilly Media; 1 edition (June 26, 2009)
- Language: English
- ISBN-10: 0596523025
- ISBN-13: 978-0596523022
- Product Dimensions: 0.7 x 5.8 x 8.5 inches
- Shipping Weight: 9.6 ounces (View shipping rates and policies)
Free The Myths of Security: What the Computer Security Industry Doesn't Want You to Know
Let me start by saying I usually like John Viega's books. I rated Building Secure Software 5 stars back in 2005 and 19 Deadly Sins of Software Security 4 stars in 2006. However, I must not be the target audience for this book, and I can't imagine who really would be. The book mainly addresses consumer concerns and largely avoids the enterprise. However, if most consumers think "antivirus" when they think "security," why would they bother reading The Myths of Security (TMOS)?
TMOS is strongest when Viega talks about the antivirus (or antimalware, or endpoint protection, or whatever host-centric security mechanism you choose) industry. I didn't find anything to be particularly "myth-shattering," however. I have to agree with two of the previous reviewers. Many of the "chapters" in this book could be blog posts. The longer chapters could be longer blog posts. The lack of a unifying theme really puts TMOS at a disadvantage compared to well-crafted books. I was not a huge fan of The New School of Information Security or Geekonomics (both 4 stars), but those two titles are better than TMOS.
If you want to read books that will really help you think properly about digital security, the two must-reads are still Secrets and Lies by Bruce Schneier and Security Engineering, 2nd Ed by Ross Anderson. I would avoid Bruce's sequel, Beyond Fear -- it's ok, but he muddles a few concepts. (Heresy, I know!) I haven't read Schneier on Security, but I imagine it is good given the overall quality of his blog postings.
If you want to shatter some serious myths, spend time writing a book on the "80% myth," which is stated in a variety of ways by anyone who is trying to demonstrate that insider threats are the worst problem facing digital security.
The Myths of Security: What the Computer Security Industry Doesn't Want You to Know is an interesting and thought-provoking book. Ultimately, the state of information security can be summed up in the book's final three sentences, in which John Viega writes that 'real, timely improvement is possible, but it requires people to care a lot more [about security] than they do. I'm not sure that's going to happen anytime soon. But I hope it does.'
The reality is that while security evangelists such as Viega write valuable books such as this, it is for the most part falling on deaf ears. Most people don't understand computer security and its risks, and therefore places themselves and the systems they are working in danger. Malware finds computers to load on, often in part to users who are oblivious to the many threats.
Much of the book is made up of Viega's often contrarian views of the security industry. With so much hype abound, many of the often skeptical views he writes about, show what many may perceive are information security truths, are indeed security myths.
From the title of the book, one might think that there is indeed a conspiracy in the computer security industry to keep users dumb and insecure. But as the author notes in chapter 45 -- An Open Security Industry, the various players in the computer security industry all work in their own fiefdoms. This is especially true when it comes to anti-virus, with each vendor to a degree reinventing the anti-virus wheel. The chapter shows how sharing amongst these companies is heavily needed. With that, the book's title of What the Computer Security Industry Doesn't Want You to Know is clearly meant to be provocative, but not true-life.
The book is made up of 48 chapters, on various so called myths.