Two Words, One Answer.
security
- security + lean (31)
- resolution + security (26)
- buddhism + security (19)
- Steffi Graf + security (18)
- migrant + security (17)
- Hi-5 + security (17)
- security + check (16)
- guards + security (15)
- measures + security (15)
- Cameras + security (15)
- ackerman + security (14)
- officers + security (13)
- Web application + security (13)
- security + upside (13)
- whelan + security (11)
- word_system + security (11)
- security + systems (11)
- security + cameras (11)
- armed + security (11)
- security + gently (11)
- security + The Exorcism of Emily Rose (10)
- checkpoints + security (9)
- Automatic + security (9)
- chemical plant + security (9)
- security + reckon (9)
- security + Celtic Women (8)
- dry + security (7)
- Ackerman + security (5)
- flaw + security (5)
- homeland + security (5)
- security + prodigious (5)
- benefit + security (4)
- 200612 + security (4)
- Endpoint + security (3)
- phishing + security (3)
- social + security (3)
- clearance + security (3)
- Clearance + security (2)
- security + adt (2)
- security + service federal credit union (2)
- Diplomatic + security (2)
- word/word/word/word/word/word/private + security (2)
- adi + security (1)
- gps + security (1)
- word/craigslist + security (1)
- word/data + security (1)
- Computer Network + security (1)
 The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws $50.00 The Web Application Hacker's Handbook (TWAHH) is an excellent book. I read several books on Web application security recently, and this is my favorite. The text is very well-written, clear, and thorough. While the book is not suitable for beginners, it is accessible and easy to read for those even without Web development or assessment experience. At 736 pages, TWAHH is the sort of book that one needs to read more than once in order to digest its contents. At every turn I perceived the authors to be experts and I trusted their advice. Their "Hack Steps" sections nicely summarize key points for operators. The authors integrate explanations of HTTP as a protocol into their text, without boring readers already familiar with the protocol. They also also demonstrate their subject using code snippets for multiple languages and products. While I considered almost all of the book to be equally helpful, I'd like to mention three specific chapters or sections. First, chapters 1-3 provided a great technical overview of the subject. Chapter 11, Attacking Application Logic, featured examples from the authors' consulting experience which really resonated with me. Finally, I liked the recognition of the importance of locally-written applications, called "bespoke" applications, in chapter 13. I struggled to find much to complain about in TWAHH. My only concern appeared early in the book, when the authors talked about "all user input is untrusted." They really meant "all user input is untrustworthy," or they should have said "Web developers should consider all user input to be untrusted, but they often trust it." The difference between "untrusted" and "untrustworthy" is subtle, and I still understood the authors' point. I strongly recommend TWAHH to anyone with a role in defending Web applications. The authors have set a very high standard with this book. Great work!  Skylink SC-100 Security System Deluxe Kit $129.77 I'm using the skylink setup in my 1 br apartment (~1000 sq ft). I have the two magnetic sensors hooked up to the windows (rather than using one for the door), and the motion detector is covering the rest of the space. I imagine that you would need a few more motion detectors for a whole house. The detector is incredibly sensitive--I would expect a lot of false alarms if you have animals roaming around. I haven't had any problems with light or shadows triggering it though. It works well in the dark. I've been happy with everything so far and it's been quite dependable. The keychain component is helpful since I prefer to set my alarm to "away" at night. This allows me to disarm from my bedroom and get up to have a glass of water, etc, in the apt. area that is in motion detector range. The alarm is piercingly loud. I would say that the only downfall so far is how loud the system is when it arms. It lets out a couple (loud) short beeps that are probably annoying my neighbors a lot. The chime mode is equally loud, but it wouldn't be bad if I were using this in a larger space. Another minor disadvantage is the design of the magnetic sensors. My windows are oriented vertically and they can be opened from other side. I would technically need two of these sensors for each window to be thorough. Also, if my windows were locked, a burglar would be smashing the windows, not opening them. With that being said, I would recommend investing in more motion detectors and only using the sensors for doors (which is their intended purpose anyway). This system was incredibly easy to set up. I'm not sure how difficult it would be to add additional components, but I expect that they would be no problem. Overall it is a great buy and will give you some peace of mind for a reasonable price.  GE 50723 Motion Sensing Night Light $11.99 Works well to light up a stair case. Kinda disappointing in that it doesn't use LED's.  Security Engineering: A Guide to Building Dependable Distributed Systems $70.00 Security Engineering 2nd ed. by Ross Anderson offers an accessible yet comprehensive introduction to the discipline. Chapters are modular in nature so it's not required to go straight through the book. Amateur to mid-level explanations of important security engineering topics (encryption, emsec, etc) are very illuminating. My only complaint is that the editing seems a little rushed. For example there are several obvious typographical errors and sometimes the same sentence or choice of words are repeated verbatim when the author refers back to examples of a particular concept. |
|
