Ask HN: Where to start reading on security?
I'm a CS student right now thinking about specializing in security. The problem I have, however, is that I don't know enough about security to know on which particular areas of security I want to focus. I only know enough to realize that it is in of itself a quite diverse field.
My question for all the security guys that hang around here is this: what books or blog should I start with if I want a general introduction to the field? I could just wait for the intro level course at my university, but I like to give myself a head start (especially on introductory courses) as I find that the repetition of teaching myself and being taught in class gives me a much more solid foundation in the material.
7 comments
[ 2.7 ms ] story [ 33.3 ms ] threadhttp://news.ycombinator.com/user?id=tptacek
Particularly the link that says "reading list."
http://www.grc.com/securitynow.htm
http://attrition.org/errata/charlatan/steve_gibson/
To balance that with something constructive, if you are already comfortable with software development, I'd suggest checking out these to get started with playing around:
https://www.corelan.be/index.php/2009/07/19/exploit-writing-... - Part 1, they go to 11.
https://google-gruyere.appspot.com/ - for web app sec
For me, understanding the attacker mindset is what makes a good security professional.