Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.

  • Apple
  • Android
  • Windows Phone
  • Android

To get the free app, enter your email address or mobile phone number.

Beautiful Security: Leading Security Experts Explain How They Think 1st Edition

4.7 out of 5 stars 11 customer reviews
ISBN-13: 978-0596527488
ISBN-10: 0596527489
Why is ISBN important?
ISBN
This bar-code number lets you verify that you're getting exactly the right version or edition of a book. The 13-digit and 10-digit formats both work.
Scan an ISBN with your phone
Use the Amazon App to scan ISBNs and compare prices.
Have one to sell? Sell on Amazon
Buy used On clicking this link, a new layer will be open
$16.70 On clicking this link, a new layer will be open
Buy new On clicking this link, a new layer will be open
$32.30 On clicking this link, a new layer will be open
More Buying Choices
31 New from $14.49 41 Used from $0.01 1 Collectible from $24.75
Free Two-Day Shipping for College Students with Amazon Student Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student


2016 Book Awards
Browse award-winning titles. See all 2016 winners
$32.30 FREE Shipping. In Stock. Ships from and sold by Amazon.com. Gift-wrap available.

Frequently Bought Together

  • Beautiful Security: Leading Security Experts Explain How They Think
  • +
  • The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage
Total price: $45.40
Buy the selected items together

Special Offers and Product Promotions


Editorial Reviews

About the Author

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in free software and open source technologies. His work for O'Reilly includes the first books ever published commercially in the United States on Linux, and the 2001 title Peer-to-Peer. His modest programming and system administration skills are mostly self-taught.

John is CTO of the SaaS Business Unit at McAfee, his second stint at McAfee. Previously, he was their Chief Security Architect, after which he founded and served as CEO of Stonewall Software, which focused on making anti-virus technology faster, better and cheaper. John was also the founder of Secure Software (now part of Fortify).

John is author of many security books, including Building Secure Software (Addison-Wesley), Network Security with OpenSSL (O'Reilly), and the forthcoming Myths of Security (O'Reilly). He is responsible for numerous software security tools and is the original author of Mailman, the GNU mailing list manager. He has done extensive standards work in the IEEE and IETF and co-invented GCM, a cryptographic algorithm that NIST has standardized. John is also an active advisor to several security companies, including Fortify and Bit9. He holds a MS and BA from the University of Virginia.
NO_CONTENT_IN_FEATURE
Like this book? Find similar titles in the O'Reilly Bookstore.

Product Details

  • Paperback: 302 pages
  • Publisher: O'Reilly Media; 1 edition (May 8, 2009)
  • Language: English
  • ISBN-10: 0596527489
  • ISBN-13: 978-0596527488
  • Product Dimensions: 7 x 0.8 x 9.2 inches
  • Shipping Weight: 1.2 pounds (View shipping rates and policies)
  • Average Customer Review: 4.7 out of 5 stars  See all reviews (11 customer reviews)
  • Amazon Best Sellers Rank: #361,240 in Books (See Top 100 in Books)

Customer Reviews

Top Customer Reviews

Format: Paperback
This collection of essays is a very clearly written introduction to a number of current topics and techniques in computer security. It is not a how-to book, but it includes several case studies and gives you a good idea of what is happening in the field. For the most part the book does not assume prior knowledge in the field, although occasionally a bit of hacker or security jargon is used without being defined.

For me the most interesting chapters were the one with case studies. In this book you will learn how to steal people's credit card numbers at airports (run a cut-rate WiFi access point), how to scan for malicious websites without getting infected (harder than it looks, and a constant battle of measures and countermeasures), and the true history of Pretty Good Privacy, as told by its inventor, Phil Zimmermann (not as lurid as the versions you have probably heard, but still full of twists and turns). You'll learn the going rates for stolen personal and financial information (not that much, so if you're going to steal it, you need to steal a lot) and how to run your own cyber money-laundering network (which seems to be where most of the money and the risk is). Microsoft plays a prominent role in the book, sometimes as hero, sometimes as chump.

The layout and production of the book are very good, and it has a good index (a glossary would have been nice, too). I have a couple of minor gripes: the book is set in itty-bitty type (I measured it at 8 points on 12 point line spacing); and although the book has two editors, the preface is written in the first person singular (apparently by Oram, but this is not stated).
Read more ›
Comment 22 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback
Beautiful Security is full of pertinent information for all of us. The book is well written, covers topics we need to know about, is very readable. Start with the first entry by Mudge: his perspective is accurate and revealing and of course he writes well so enjoy the new insights you gain by reading this book. Highly recommended.
Comment 4 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback
Like O'Reilly's Beautiful Teams, this book's a series of essays by industry experts, this time focused on security. The various authors do a great job of covering topics from social engineering to forcing firms to focus on security. The chapters are all well-written, although a few do better jobs of keeping the material interesting and flowing.

You'll find plenty of security-related history in the book. Phil Zimmerman's chapter on PGP's Web Of Trust is one example. Pieter Zatko's discussion of his work on the LH0phtCrack is another. Both stories help expose mindsets which, sadly, haven't changed a whole lot.

Security, as with testing or overall quality, is at its most fundamental roots a culture issue. Not every story focuses on this aspect, but pointing out bad culture is a common theme through many of the chapters. Zatko's discussion of "Learned Helplessness," John McManus's Security by Design, and Jim Routh's Forcing Firms to Focus are all great reads on this line. Many of the stories correctly emphasize that security isn't just about someone hacking code - it's a much broader issue.

As with any good security book, there's plenty of well-done content which will likely scare you in to re-thinking how you and your company approach security. Beautiful Security can help you identify practices, problems, and mindsets which leave you, your company, or your clients at risk.

Overall it's a very useful, highly readable book on a critical subject.
Comment One person found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback
Books that collect chapters from numerous expert authors often fail to do more than be a collection of disjointed ideas. Simply combining expert essays does not always make for an interesting, cohesive read. Beautiful Security: Leading Security Experts Explain How They Think is an exception to that and is definitely worth a read. The books 16 chapters provide an interesting overview to the current and future states of security, risk and privacy. Each chapter is written by an established expert in the field and each author brings their own unique insights and approach to information security.

A premise of the book is that most people don't give security much attention until their personal or business systems are attacked or breached. The book notes that criminals often succeed by exercising enormous creativity when devising their attacks. They think outside of the box which the security people built to keep them out. Those who create defenses around digital assets must similarly use creativity when designing an information security solution.

Unfortunately, far too few organizations spend enough time thinking creatively about security. More often than not, it is simply about deploying a firewall and hoping the understaffed security team can deal with the rest of the risks.

The 16 essays, arranged in no particular theme are meant to show how fascinating information security can be. This is in defense to how security is often perceived, as an endless series of dialogue boxes and warnings, or some other block to keep a user from the web site or device they want to access. Each of the 16 essays is well-written, organized and well-argued. The following 4 chapter are particularly noteworthy.
Read more ›
Comment 7 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse

Most Recent Customer Reviews

Set up an Amazon Giveaway

Beautiful Security: Leading Security Experts Explain How They Think
Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers. Learn more
This item: Beautiful Security: Leading Security Experts Explain How They Think

What Other Items Do Customers Buy After Viewing This Item?

Pages with Related Products. See and discover other items: computer security, computer history