Some bits from various presentations, courses & training sessions.
Papers
Paper – Unfalsifiability Of Security Claims Its theoretical and outside the interests of many, however if you can put in the time and effort, its well worth it. Its use of strict logic / arguments (possibly tricky for some) makes it an interesting and rewarding read. It would be nice to see this rigor applied more often and in other areas. Hint: If you find it a bit difficult to follow; print it out. You can then make notes in the margins… Discussion about the paper |
Mobile phones….and how they leak data and cause problems. Recently on one of our favorite blogs, a post appeared about phones, IOT etc and they might be used to help (COV19 tracing for example). Appearing soon after that was this little gem. Discussion about the above. |
To what extent should one trust a statement that a program is free of Trojan horses? Perhaps it is more important to trust the people who wrote the software. Given as a Turing Lecture, this is a classic paper from one of the original creators of Unix. https://dl.acm.org/doi/10.1145/358198.358210 |
Books
Book – Crime by Computer. Written by Don Parker and published in 1976. Its well and truly out of print, so why is it interesting? As background, computing in the early to mid 70’s (for those old enough to remember) was…different. Main Frames occupied floors of buildings and consumed vast amounts of power to function (and to keep cool). They were so expensive that only governments, very large corporations and universities could afford them. Mini computers were also available. some of them worked stand alone, others were simply “pre-processors” for the main frame. Terminals? Generally no. Punch “cards or tape” was how you entered programs. Networking? No. Unless 300 baud serial links could be considered a network. As the title suggests, the book was a fairly comprehensive examination of crime involving computers. The interesting part, whilst much has changed since then, a lot has not….. Many (if not all) the problems covered in the book we still face today. Networking…simply added more problems to the list. if you speak to those that worked on those systems or wrote assembler for 8080, 6800 etc CPU’s back in the mid to late 70’s, they are not surprised. There are still the odd copies available from the usual sources. |
The second edition of “Security Engineering” by Anderson is available for download (released in 2008). The third edition has been released (2021) with several example chapters available on line. It is a comprehensive coverage of all aspects of security engineering. Anderson |
A favorite on signal processing. Well written and with excellent appendices. There are extra chapters only available on the web site. http://www.dspguide.com/ |
Another excellent book on signal processing – but with a musical twist. http://www.sp4comm.org/ |
A comprehensive book on information theory etc. Very useful as an introduction to compression. http://www.inference.phy.cam.ac.uk/mackay/itila/ |
Another book on Python, so why do we like it? Many people already know (or can use) a number languages, so they already “know how to program“. So when faced with “but another language” there are a number of options: a) Learn the language from the beginning (text book). b) ……lots of other options c) Get a an overview of the basics of the language and “pick up the rest” as they go forward. To someone that “can already program” this book fits nicely into the last category. Whilst its intended audience is different, its a quick and simple way to learn enough Python to get (the project) started. Also recommend are: IPython (www.ipython.org) a highly visual and interactive version of Python. and Jupyter Notebook (www.jupyter.org) a development and run time environment. Unfortunately the installation (simplicity) of the above packages varies between operating systems, fortunately cloud/online options also exist. |