20 April 2020

"Bitcoin for the befuddled" by Conrad Barsky and Chris Wilmer

Bitcoin is one of the hottest topics today. It has gone further than a technological oddity to an evolutionary lap for finances and a matter of discussion for politicians. But understanding Bitcoin is hard. Its concepts are new and its foundations are mathematical and technological so average people have an hard time trying to understand what Bitcoin is based on.

The main good point of this book is that it tries to follow the way described by its title. You are not supposed to have any technical background to read this book, as it explain things for average people using usual day concepts and examples. Even using comics and funny drawings author are able to make easy really complex concepts that other books try to explain overwhelming you with math formula.

Sure, your are not going to develop a bitcoin based app or become the next digital billionaire just reading this book, but at least you'll lose your fears and start to understand what all this fuss is about and how it can change your life in the future. It is a light reading that you can end in just a weekend.

So, this book is quite recommended for everybody who wants to learn quickly the very basics of Bitcoin, both just to understand media news about cryptocurrencies and as a first step of further learning about this topic.

15 April 2020

Programming in Python 3 by Mark Summerfield

Python is an extremely powerful but easy to learn programming language. If you have prior knowledge of any programming language you can learn Python in just few hours and you can be a proficient developers in just some days.

However this simplicity can be dangerous too if you stay at the basics and don´t go further into this wonderful language. It's easy to keep using it just as an script language and think that that is all with Python. But actually Python is complete development language that you can use with almost anything you would need with an ease and expressiveness not easy to find in any other language.

This books focus in Python 3, the new generation of this language that now is its standard. Such an an evolution lap was not able to offer full backwards compatibility with former Python 2.7 branch. But actually this books gives a good guidance to promote your Python code to 3 branch. Book's content is extremely complete covering from basics (flow control, strings, files) to advanced topics (decorator, context manager, functors, abstract classes and metaclasses and a huge etc). Those topics will prove to be very useful to help you to translate easily mental concepts to code. All those concepts are explained with clean code, well commented and easy to understand.

As a summary, this is a good book both for newbies who want to start from the begining and for those with good expertise that want to get full advantage from Python. Besides, once finished this book is a good language reference to keep at hand on your bookshelf.

08 April 2020

Practical Lock Picking by Deviant Ollam

Security engineering ranges many fields. One of those fields is physical security. Historically one of the main pillars of physical security are locks, like you can find at doors, safes, drawers or treasure chests. Knowing how they work and how they can be subverted to make them open should be part of any security engineer expertise. Too often, the access card to the super-critical-Data-Processing-Center is kept inside a mere office drawer with a simple waffer lock.

Practical Lock Picking is written by a professional lock-picker in a clean and simple manner. Currently it focuses in to lock kinds: pine and waffer. Actually that covers 90% of doors and drawers nowadays. Author starts by describing both locks manufacturing process to enumerate their usual manufacturing defects, defects that can be used make them open. Afterwards, book describes usual methods and tools to make those locks open. Everything is plenty of diagrams to explain visually every step.

Although, author is a professional he is aware that his potentials readers are newcomers to this topic, so explanations are very detailed and he makes a real effort to put himself in a newbie feet. So he offers advice about how to start a collection of training locks and lock-picking locks, at a low initial cost and following a progressive difficulty when trying new locks.

Overall, this book is good and I find it a must have for any security engineer bookshelf.

06 April 2020

Security Engineering by Ross Anderson

Security Engineering by Ross Anderson is likely the best security book I've read so far.

Whereas other books explain from a technical point of view exclusively, Anderson focus on concepts establishing the mental framework to guide a security engineer along his professional career. So he does not refer to any specific firewall brand, programming language or operating system, but to design successes and failures along Information Technologies and Communications history. This is so enriching because dominant vendors marketing try to convince you that you only need to invest vast amounts of money to buy latest tech to get your information assets secure. However for Anderson technology is just a tool to perform a proper assess and design, from a mental framework based on comprehensive concepts independent from the latest tech state of art.

Along this book, these concepts are assessed, applying them to every information security field comparing them with historical events. So, many topics are covered. Topics so interesting and different like psychology, ergonomics, cryptography, access control policies to information assets, economics impact on security, integrity controls, security in shared data environments, intellectual property, terrorism and a quite long etc... 

The author's long expertise gives many examples to book from banking, defense industry and intelligence sector (of course, those sectors have been the great developers of current information security state of art). In those examples you get detailed descriptions ranging from IFF systems (Identify-Friend-or-Foe) to command and control military organizations; from the evolution of nuclear missiles protocols to improvements of electronics to spy electromagnetic emissions.

Besides, this books is going to stay relevant on your shelf for long as happens with general topics covered in it. This book is not one of those that end in your basket after some years.

All that makes Security Engineering a critical book for any security engineer and a good investment worth every penny you use to buy it.