FREE SHIPPING on Orders of $40 or More!
The Myths of Security: What the Computer Security Industry Doesn't Want You to Know

If you think computer security has improved in recent years, The Myths of Security will shake you out of your complacency. Longtime security professional John Viega, formerly Chief Security Architect at McAfee, reports on the sorry state of the industry, and offers concrete suggestions for professionals and individuals confronting the issue.

Why is security so bad? With many more people online than just a few years ago, there are more attackers -- and they're truly motivated. Attacks are sophisticated, subtle, and harder to detect than ever. But, as Viega notes, few people take the time to understand the situation and protect themselves accordingly. This book tells you:

  • Why it's easier for bad guys to "own" your computer than you think
  • Why anti-virus software doesn't work well -- and one simple way to fix it
  • Whether Apple OS X is more secure than Windows
  • What Windows needs to do better
  • How to make strong authentication pervasive
  • Why patch management is so bad
  • Whether there's anything you can do about identity theft
  • Five easy steps for fixing application security, and more

Provocative, insightful, and always controversial, The Myths of Security not only addresses IT professionals who deal with security issues, but also speaks to Mac and PC users who spend time online.

1110832445
The Myths of Security: What the Computer Security Industry Doesn't Want You to Know

If you think computer security has improved in recent years, The Myths of Security will shake you out of your complacency. Longtime security professional John Viega, formerly Chief Security Architect at McAfee, reports on the sorry state of the industry, and offers concrete suggestions for professionals and individuals confronting the issue.

Why is security so bad? With many more people online than just a few years ago, there are more attackers -- and they're truly motivated. Attacks are sophisticated, subtle, and harder to detect than ever. But, as Viega notes, few people take the time to understand the situation and protect themselves accordingly. This book tells you:

  • Why it's easier for bad guys to "own" your computer than you think
  • Why anti-virus software doesn't work well -- and one simple way to fix it
  • Whether Apple OS X is more secure than Windows
  • What Windows needs to do better
  • How to make strong authentication pervasive
  • Why patch management is so bad
  • Whether there's anything you can do about identity theft
  • Five easy steps for fixing application security, and more

Provocative, insightful, and always controversial, The Myths of Security not only addresses IT professionals who deal with security issues, but also speaks to Mac and PC users who spend time online.

13.49 In Stock
The Myths of Security: What the Computer Security Industry Doesn't Want You to Know

The Myths of Security: What the Computer Security Industry Doesn't Want You to Know

by John Viega
The Myths of Security: What the Computer Security Industry Doesn't Want You to Know
Add to Wishlist
The Myths of Security: What the Computer Security Industry Doesn't Want You to Know

The Myths of Security: What the Computer Security Industry Doesn't Want You to Know

by John Viega

Overview

If you think computer security has improved in recent years, The Myths of Security will shake you out of your complacency. Longtime security professional John Viega, formerly Chief Security Architect at McAfee, reports on the sorry state of the industry, and offers concrete suggestions for professionals and individuals confronting the issue.

Why is security so bad? With many more people online than just a few years ago, there are more attackers -- and they're truly motivated. Attacks are sophisticated, subtle, and harder to detect than ever. But, as Viega notes, few people take the time to understand the situation and protect themselves accordingly. This book tells you:

  • Why it's easier for bad guys to "own" your computer than you think
  • Why anti-virus software doesn't work well -- and one simple way to fix it
  • Whether Apple OS X is more secure than Windows
  • What Windows needs to do better
  • How to make strong authentication pervasive
  • Why patch management is so bad
  • Whether there's anything you can do about identity theft
  • Five easy steps for fixing application security, and more

Provocative, insightful, and always controversial, The Myths of Security not only addresses IT professionals who deal with security issues, but also speaks to Mac and PC users who spend time online.

Product Details

ISBN-13: 9780596555832
Publisher: O'Reilly Media, Incorporated
Publication date: 06/16/2009
Sold by: Barnes & Noble
Format: eBook
Pages: 264
File size: 4 MB

About the Author

John Viega is CTO of the Software-as-a-Service Business Unit atMcAfee, and was previously Vice President, Chief Security Architect atMcAfee. He is an active advisor to several security companies,including Fortify and Bit9, and is the author of a number of securitybooks, including Network Security with OpenSSL (O'Reilly) and BuildingSecure Software (Addison-Wesley).

John is responsible for numerous software security tools and is theoriginal author of Mailman, the popular mailing list manager. He hasdone extensive standards work in the IEEE and IETF, and co-inventedGCM, a cryptographic algorithm that NIST (US Department of Commerce)has standardized. He holds a B.A. and M.S. from the University ofVirginia.

Table of Contents

Foreword ix

Preface xiii

Chapter 1 The Security Industry Is Broken 1

Chapter 2 Security: Nobody Cares! 5

Chapter 3 It's Easier to Get "Owned" Than You Think 9

Chapter 4 It's Good to Be Bad 19

Chapter 5 Test of a Good Security Product: Would I Use It? 25

Chapter 6 Why Microsoft's Free AV Won't Matter 29

Chapter 7 Google Is Evil 33

Chapter 8 Why Most AV Doesn't Work (Well) 41

Chapter 9 Why AV Is Often Slow 49

Chapter 10 Four Minutes to Infection? 55

Chapter 11 Personal Firewall Problems 59

Chapter 12 Call It "Antivirus" 65

Chapter 13 Why Most People Shouldn't Run Intrusion Prevention Systems 71

Chapter 14 Problems with Host Intrusion Prevention 75

Chapter 15 Plenty of Phish in the Sea 79

Chapter 16 The Cult of Schneier 87

Chapter 17 Helping Others Stay Safe on the Internet 91

Chapter 18 Snake Oil: Legitimate Vendors Sell It, Too 95

Chapter 19 Living in Fear? 99

Chapter 20 Is Apple Really More Secure? 105

Chapter 21 Ok, Your Mobile Phone Is Insecure; Should You Care? 109

Chapter 22 Do AV Vendors Write Their Own Viruses? 113

Chapter 23 One Simple Fix for the AV Industry 115

Chapter 24 Open Source Security: A Red Herring 119

Chapter 25 Why SiteAdvisor Was Such a Good Idea 127

Chapter 26 Is There Anything We Can Do About Identity Theft? 129

Chapter 27 Virtualization: Host Security's Silver Bullet? 135

Chapter 28 When Will We Get Rid of All the Security Vulnerabilities? 139

Chapter 29 Application Security on a Budget 145

Chapter 30 "Responsible Disclosure" Isn't Responsible 153

Chapter 31 Are Man-in-the-Middle Attacks a Myth? 163

Chapter 32 An Attack on PKI 167

Chapter 33 HTTPS Sucks; Let's Kill It!171

Chapter 34 CrAP-TCHA and the Usability/Security Tradeoff 175

Chapter 35 No Death for the Password 181

Chapter 36 Spam Is Dead 187

Chapter 37 Improving Authentication 191

Chapter 38 Cloud Insecurity? 197

Chapter 39 What AV Companies Should Be Doing (AV 2.0) 203

Chapter 40 VPNs Usually Decrease Security 213

Chapter 41 Usability and Security 215

Chapter 42 Privacy 217

Chapter 43 Anonymity 219

Chapter 44 Improving Patch Management 221

Chapter 45 An Open Security Industry 223

Chapter 46 Academics 225

Chapter 47 Locksmithing 227

Chapter 48 Critical Infrastructure 229

Epilogue 231

Index 233

From the B&N Reads Blog
Page 1 of

Related Subjects

Computers
Computers - General & Miscellaneous
Networking & Telecommunications
Computer Security
Security - Computer Networks
Computers
Computers - General & Miscellaneous
Networking & Telecommunications
Computer Security
Security - Computer Networks

Customer Reviews