[Book-Review] The Myths of Security: What the Computer Security Industry Doesn't Want You to Know

This book written by John Viega is meant mainly for non-security IT professionals and technical savvy people. The author highlighted his thoughts on - why AV fails, why we might get 0wned though we make safe caution against threat, why https fails, why IDS sucks, why CaptCha sucks, why responsible disclosure isn't responsible, why application security hasn't been achieved or won't be achieved  for always.

With the price of used book at $7.36~, it's worth to learn ideas from someone who have been in IT Security for many years and have written several security books (Building security softwares, Secure Programming Cookboook, 19 deadly sins of software,...etc). 


Popular posts from this blog

Bypassing referrer check with no script involved

Jumping out of Touch Screen Kiosks