books

Moonshorty apollo17 1080

I had not seen this amazing picture of Harrison Schmitt near Shorty Crater. Via Astronomy Picture of the Day. If you enjoy these, Full Moon is a gorgeous collection of meticulously scanned Apollo images. There are various editions; I encourage you to get the 11″x11″ one, not the 8×8.

Read More 45 Years

Some of what I’ve read over the past quarter, and want to recommend each of the books below as worthy of your time. Cyber The Internet of Risky Things, Sean Smith. This was a surprisingly good short read. What I gained was an organized way of thinking and a nice reference for thinking through the…

Read More Worthwhile books, Q3

There’s a Humble Bundle on Cybersecurity, full of Wiley books. It includes my threat modeling book, Ross Anderson’s Security Engineering, Ferguson, Schneier and Kohno’s Crypto Engineering and more. I hope that this is the best price you’ll ever see on these books. Get ’em while they’re hot. The bundle goes to support EFF &/or Water…

Read More Humble Bundle

There’s a really interesting podcast with Robert Hurlbut Chris Romeo and Tony UcedaVelez on the PASTA approach to threat modeling. The whole podcast is interesting, especially hearing Chris and Tony discuss how an organization went from STRIDE to CAPEC and back again. There’s a section where they discuss the idea of “think like an attacker,”…

Read More Threat Modeling the PASTA Way

One of the themes of The New School of Information Security is how other fields learn from their experiences, and how information security’s culture of hiding our incidents prevents us from learning. Today I found yet another field where they are looking to learn from previous incidents and mistakes: zombies. From “The Zombie Survival Guide:…

Read More Learning from Our Experience, Part Z