Security Books

The author's purpose was to teach a layman how to choose a company, based on its accounts.
Inicially he explains why this is the best way to buy a share.
The reader realizes that own a share is the same as own the company.
Afterwards he teaches, in a very easy way, which numbers to look for in the annual balance.
Finally, he shows when to buy.
I've never thought I would be able to understand financial words and numbers so quickly.

This is a good introduction to Value Investing. However, I have deducted one star in its rating mainly because the valuation chapter is weak. The author should rewrite that chapter and focus on Graham's simple formula as well as a true Discounted Cash Flow model instead of the P/E and EPS based valuation.

Furthermore, the glossary and index should also be significantly expanded, for instance, Shareholder's Equity does not appear in the glossary, nor in the index, yet it is an important concept to understand. The same goes for other important concepts. The author is also too repetitive and has a tendency to mix the explanation of different things instead of properly separating them. This is confusing sometimes.

But these things aside, and considering the general lack of outstanding texts in this field, I would still recommend this book to someone wanting to gain an understanding of what Value Investing is all about. If the author were to fix the things I mention above I would not hesitate to give the book a top rating.

As an avid reader of dozens of value investing books, from Benjamin Graham's "Security Analysis" to Marry Buffett's "Buffettology", and Phil Town's "Rule #1", I have to say that I wish I read "Getting Started in Value Investing" first. Each of the aforementioned texts where valuable, but Mizrahi's book does the best job describing value investing soup to nuts. Beginning investors who are serious about pursuing a path to financial freedom by managing your own investments and attaining above-average market returns would be well suited to begin with this book, as part of a broader self-education program. What is Buffett's secret that Mizrahi so succinctly describes? Buy long-term positions in excellent companies with durable competitive advantages that you understand WITH A MARGIN OF SAFETY. It sounds simple, and it is. But simplicity does not mean that it does not takes some hard work, and tremendous patience to succeed in value investing. Read this book, it is a great first step.

Even after reading dozen's of investing books, this is still the one I grab for the 20-minute recap before making large investment decisions.

This is probably the best book for any level of investor who in interested in learning more about value investing. I have recommended this book to a number of my friends and gave a copy to my sister in law. Mr Mizrahi writes in a easy to read style which will allow any reader to understand exactly what he is saying. One of the best ways to describe this book is as a condensed version of Graham and Dodd's "Security Analysis." After reading this book, much of what Graham and Dodd said became much clearer. This book provides the perfect blueprint for investing in stocks and making it though tough times like these. One of the best features of this book is how Mizrahi lays out exactly how to read and analyze a balance sheet. Someone need not be an accountant to be able to translate a balance sheet into a meaningful document. The chart provided in the book makes the process of reading a balance sheet even easier. By reading "Getting Started in Value Investing" along with Jim Cramer's "Sane investing in an insane world" you will receive two distinct and important views about investing. Neither of these books offer "stock tips"; rather they force an individual to do their own research and homework about the stocks they are interested in. By reading these books will become a more informed investor, and you will be able to avoid many of the pitfalls investors make.

I was almost saddened when I finally ended reading the last chapter of this work, because it was so interesting and, as one reviewer put it, "a deceptively simple book".

This is a really entertaining book that starts with demolishing some usual misconseptions about value investing and the (in)famous Efficient Market Theory. Then it explains to reader why most of the hot money in Wall Street is almost incapable to find bargain price stocks and finally Mr. Mizrahi tells reader how to find bargain priced treasures himself. The examples Mr. Mizrahi uses are so simple and novise-friendly, that you can read them without any prior knowledge about the subject and still understand them quite well.

"It is not risky to buy securities at a fraction of what they are worth.", said Warren Buffett once. This book is so valuable that it will propably sell at a fraction of what it is really worth too.

I make it a point to read pretty much every book that comes out about Iraq and environs. Though there has been no recent shortage of first-rate books about the region, this one packs a punch like you wouldn't believe.

To tell you the truth, I haven't seen the book since I first lent it out. The guy I lent it out to lent it out to someone else and so on and on. That I have yet to get it back should tell you something.

The basic story is that Steven Vincent was your typical dingbat liberal living in the Big Apple as an art critic, believing that God was in his heaven and that all was right with the world . . . and that in particular Islam was a basically peaceful but tragically misunderstood religion.

Then September 11th happened, and in a fit of shock, grief, duty, and curiosity, Vincent hied himself off to desert lands as more or less a roaming reporter for hire.

The book relates his transformation from smug liberal to one who was truly concerned about constructing a fairer portrait of the chances for peace and progress over there.

So far, so good. And whatever you think of his politics, and whatever your position on the war is, and blah blah blah blah.

Listen: the thing that really pushes this book over the edge into the realm of greatest books I've ever read is what happened to Vincent after he wrote it. I won't spell it out here, but you can easily find out on the net.

God, knowing the real ending makes the final third of this book unbearable. Truly unbearable. Some of the most emotionally exhausting and harrowing reading I've ever done.

See, he meets this woman named Nour. And God! God! I can't take it.

Sparrow, O sparrow!

First, let me say that Steven Vincent died for this book. He was murdered because he wrote brutally honestly about the dark underbelly of Iraq, about how here (and much of the Middle East) life is cheap and what passes for culture twists minds and perpetuates continued ignorance in the majority of the populace. Steven is gone now, but his opus is still available and if you only read one book about Iraq in your entire life, then In the Red Zone should be that one book.

I read this book in one sitting, from cover to cover, all 240 pages in the span of about six hours. Everything you need to know about the war, Shia, Sunnis, Kurds, the occupation, what the future could hold - it's in here. The good, the bad and the ugly are all laid out for you. This book will be of equal fascination to both pro and anti-war readers because Steven didn't sugarcoat a thing when he wrote In the Red Zone. He didn't sugarcoat Iraq one iota and he died for it.

Life is cheap in cultures that glorify death. Steven found that out the hardest way. His death has a silver lining - Nour - his brave Iraqi intrepreter. She was shot by the same vicious parasites that killed Mr. Vincent but survived and is still somewhere in Iraq (as far as I know), guarded, silenced or both. Steven and Nour are microcosms of the relationship between America and Iraq. Read In the Red Zone. It will force you to make adjustments to everything you thought you knew. In the Red Zone is Chapter 1 in the story of 21st century. Other Americans and Iraqis will be stepping forward to write Chapter 2. Are you one of them? Which side will you step forward on?

This book manages to deliver a concise, beautifully written account of Iraq, as seen through the eyes of Iraqis and foreigners living there in the early post-Saddam years. We hear from Iraqi men and women of all backgrounds, American "activists", soldiers, policemen, and clerics...to name but a few!
Mr. Vincent begins his journey on the highway that leads from Jordan to Baghdad. This highway gives the reader a pretty good idea of what Iraq as a whole will be like. On it, shiny SUVs and junkmobiles alike zoom at breakneck speed through the desert, avoiding roadside thieves and potholes. Should travelers need a break, they can lounge on one of countless picnic tables installed in years past on this road by Saddam's "planners", and refresh themselves with blasts of wind and sand under the 116 degree sun.
The author travels to Baghdad, the Sunni triangle, Kirkuk, Basra, and to the Holy Shia cities in the south. He reports the views of the cynics, and the disillusioned, as well as those of the (not at all scarce) intrepid optimists who persist in believing in the possibility of a democratic Iraq.
Mr. Vincent doesn't mince words as he describes the many unpleasant and even horrible scenes he finds throughout the country, but also of the growing pockets of Iraq reclaimed from destruction. Throughout he gives a very even-handed account, such that we can identify with both foreigners and locals, and with passionate Iraqis on opposite sides of many ideological wars.
I found his chapter on the Shiite pilgrimages and holidays, excellent. (In order to gain entry to these, he poses as an American Shiite, and must recite boilerplate Muslim creed in his broken Arabic). Here, we join him in his immersion and admiration of the Shiites' as he recounts their history of perseverence in the face of centuries of Sunni domination, but we also join him as he confides his more cynical verdicts on the Shia glorification of bloodshed and death he witnesses during several religious celebrations.
I also found his chapters on life in Basra outstanding. Here Mr. Vincent recounts his experience under the wing of a brave and iconoclastic Muslim woman, Nour, a Basra native. As his guide, she risks her reputation and indeed her life (she receives serial threats from those who view her as out of line), as she guides him to interviews with mullahs, fanatics, moderates, opportunists, party figures, and soldiers, and translates for him their warnings, criticisms, and their....occasional admiration, accompanied by pleas to carry on, and report the truth about Iraq and their dreams for its renewal as a nation finally free from dictatorship to us, the future readers of their story.

Freelance journalist Vincent first visited Iraq in September 2003. While other reporters sheltered in insulated compounds or heavily-fortified hotels of the "Green Zone," he lived and traveled in the "Red Zone," that is without security and among ordinary Iraqis. In all, Vincent has penned one of the best-written accounts of post-Saddam Iraq, one of the few that captures the debates, issues, and contradictory emotions that Iraqis are juggling.

In the Red Zone fills a void left by the many think-tank pundits, academics, and journalists who wrote books in the wake of Saddam's fall, where the Iraqi voice is often lost. Vincent's account has the advantage of bringing to light his encounters with ordinary Iraqis. Among other experiences, he was in Karbala when a series of bombs killed 140 in the city in March 2004; and while traveling in Basra, he was briefly interrogated by U.S. intelligence. He makes no attempt to cover the minutiae of daily Iraqi politics but instead takes a big-picture approach.

That said, In the Red Zone has its limitations. There is little discussion of the Kurdish issue and minor errors of fact pop up--for example, the date when Iran's Safavid dynasty began.

In contrast to the usual journalistic practice of adding color to an article by including an occasional man-on-the-street interview, usually conducted by an Iraqi assistant, Vincent provides a deeper insight into Iraqis. He introduces the reader to Qasim, a Baghdad art gallery owner who, because of a club foot, managed to avoid the carnage of the Iran-Iraq war; Assad al-Abady, deputy director of the Iraqi National Organization for Human Rights; a secular Sunni woman torn between her love of freedom and the "humiliation" of having it delivered by foreigners; a Fallujah policeman who swears blood lust against Americans after U.S. soldiers kill his son; a Shi'ite taxi driver still euphoric over liberation; and a Christian woman in Basra whom Vincent later learns had been raped in her youth by Saddam's police.

Vincent also spent time with foreigners. He details a long conversation with a Canadian antiwar activist who lectured him about U.S. "human rights violations" but would not condemn insurgent terrorist attacks on Iraqi civilians or visit Saddam's mass graves. Vincent also describes a surrealistic encounter with CodePink, an American peace group, during which one member doubted that Saddam really was that bad. He also notes the Iraqi reaction to Western peace groups. "How can people accept for so long the crimes of a dictator, then rise up to try and stop a war begun to remove that dictator from power?" one Iraqi lawyer asked. "Antiwar activists should examine their consciences."

Michael Rubin
Middle East Quarterly
Summer 2005

Although he died while free-lancing in Iraq, I am thankful that this great journalist was able to write this book before he left us. It is an extremely interesting look at life in Iraq, the Iraqi people, and the challenges we face there. I'm sorry about his untimely death, and wish he could have stayed around to write many more compelling and inspiring books such as this one. God bless his family and bless the memory of this brave man.

If you're thinking about taking the Security+ exam from the position of a complete newcomer to the field of INFOSEC, then this book is highly recommended. The print quality is not that great, there are a few typos here and there and the humor sometimes gets a little tedious. But look beyond these shortcomings and this book is worth every penny you spend on it. In fact, if the Security+ exam were not as technical as it is, then this book would be the definitive text. The material is laid out in simple language and yet technical details like port numbers are covered nicely. In all, if you are new to INFOSEC, or you just want to be sure of your foundations, then this is a good place to start. For the exam, read this book first and then get Security+ Prep Guide by Ronald L. Krutz and Russell Dean Vines to provide more technical insight. Polish both off with the 100-page study guide that you get with Security+ Transcender and you should have no problems achieving 85% pass mark.

Congratulations to Helen and Tcat, their book is one of the most organized and practical technical books I have ever seen. I has been very useful to study and day-to-day tasks. A very good choice to prepare to Security+ Exam and IT security career.

I like how this book ties in real life examples and stories into its pages. This makes it a bit more interesting read then most dry, boring, and technical books on Security+.

When you are purchasing any can of material you must do your research on the product. Well I did and it has paid off!
You well not find a better book when your pursuing your Security+
certification! This book not only gets you going in the right direction, but the authors have also included links if you want to delve deeper into the particular subject they are addressing.
(I mean they did their research!)
The software they also include in my opinion is just simply one product you just cannot do without!

There are just too many kudos to list!

When purchasing any kind of material you must do your research. Well I did and it has paid off!

This is the book you want to have when you are pursuing your Secutity+ certification!

It has so much information that is presented in a way that makes you want to never let it down!
Not only will you have this wealth of information, but the authors have included so many hyperlinks related to subject they are addressing. This is great for the person that just wants that extra touch!

The tools which they include on the cdrom are just ones you must have! The missus and myself love testing each other.

There are just too many kudos too list!

When you wake up at 4:30 in the morning and start reading you know you have a great book in your hands!

My Outreach Librarian picked this book for me to read and I'm SO glad she did. I learned a lot about dogs and cat behavior when they go missing. Kat Albrecht, an ex-police Dispatcher, trains her pet Weimaraner, Rachel and her two bloodhounds, A.J. and Chase, to find lost dogs and cats. When Kat and her dogs get called to find a lost boa constrictor from a California Zoo, it causes chaos. In this book, we learn how these rescue dogs find lost pets, with some ending out with happy endings and some not too happy. When Kat supposedly finds the man of her dreams, she finds they don't agree on the care of her pets. It was nice to hear about the different ways a lost pet can be found. What I found very interesting was when one of Kat's dogs was able to find a certain cat out of several cats in one household. I was able to learn from this is that all cats have their own distinctive scent. At the end of this remarkable book, Kat gives a lot of good pointers on what to do when we lose a pet. There are a lot of resources to choose from. I highly recommend this book for all animal lovers and keep some Kleenex handy.

Kat's book broke my previous record. I read this book in 1 day. I am a pet store manager in Simi Valley. I post missing pet flyers every day in the window at my store. These pet owners agonize over the disappearance of their beloved pets. I wish this book was around for me to read 10 years ago. I am now telling everybody to read her book whether they have lost a pet or not. I can't wait for her next book. The inside scoop is it will be more of a guide how to find your lost pets. But nothing beats the real thing and that is Kat Albrecht "Pet Detective" Email her at Missing Pet Partnership.

I enjoyed reading this book very much. Kathy Albrecht stories were nice to read-I read it front to back in 3 days, however i originally ordered this book to help in finding my lost cat and expected it to be a large reference on ideas on how to find a lost cat. But that wasnt the case there is only 5 pages out of the whole book on this topic. The rest is kathy's adventures in police work, canines, the loss of her pets and how she become a lost pet detective. She does speak of her searches for a few lost pets.

If you want a good read this is a good book. But if you are looking for a lost pet better to go to her website and read the information there.

I was at the library searching for something to read, and the beautiful dog on the cover caught my eye. I had no idea that this book would help me deal with the loss of my cat Ruffles, who had been my companion and friend for 14 years. This book speaks to all pet lovers. A great read.

Jeri
Ashburn, VA

The Lost Chronicles by Kat Albrecht is a great book for dog lovers or people that love mysteries. I absolutely love this book! I don't really like to read but I have eleven dogs and this book is definetly my type of book. I especially like how Kat did a wonderful job writing this book using imagery; it makes the book seem as if I was there watching it. It has so many great stories about her dogs, life, adventures, and mysteries. One of the things I like alot about this book is the pictures of her and her dogs. After seeing the pictures, You can picture all the things she's talking about so easily. Another great quality about this book is the supsense and different emotions. While she is telling a story the details she uses makes you have to know whats going happen: you'll find that this isn't a book you can put down. She describes her emotions and dog's emotions very well.This non-fictin book is great for all ages and you'll never have to worry about getting bored while reading. I reccomend this book to anyone especially if your a animal or mystery fan.

I wanted to write and thank Mr. Walker for writing this book. I worked in Healthcare IT and have a master's degree so I've taken lots of tests in my life .... the series 6 is the most difficult I've taken. However with Mr. Walker's material I passed the first time studying only 3 weeks and taking weekends off. He makes very boring material interesting and you will catch yourself laughing out loud sometimes as his humor. If you want to pass the first or next time you take the series 6 this is a must read.

I consider myself kind of a smart guy, but the Kaplan materials made my brain hurt. I was really suffering through my studying. Then along comes this book with tidbits such as this:
"a variable annuity is really just a mutual fund investment that grows tax deferred."

Oh yeah. Now that makes sense. Why couldn't the competitor products state this so clearly? I read page after page of competitor materials and didn't REALLY understand what an annuity was until I read that one simple sentence I quoted above.

This book is full of this sort of thing. Everything explained so you can actually understand it.

Bottom line: I got a 92 on my Series 6. I'm happy I got this guide.

I'm very happy with the book I received. The information is written in clear, understandable terms. The author discusses what is on the series 6 test and uses examples and humor to help with understanding the concepts, as well as, practice tests. I know I will be able to pass the test after reading this book.

I recently decided it was time to pursue a new career in financial services and in order to do so I needed to pass the Series Six. This is not very easy, in fact, I didn't think I could pass. I failed on the first try and figured I needed something that would help someone like me who has never done this stuff and doesn't speak this languge. In the past, I usually tuned out financial talk.
I got a copy of Pass the 6 because it looked like it was in the language I speak..."human." It was, and it was even funny at times too. Guess what? I passed with flying colors today!!!
The book also covers things that will really be on the test. The other book I used on my first try helped me with about 60 percent of the questions that are actually on the test.
The author acutally answered a few of my questions through e-mail. That's a first!!! I've never been able to chat with the author while I'm reading his book. I really got the sense he genuinely wanted me to pass.
Bottom line, this is the one that will get you the 70 or above you need to pass. The others may, but this one will. I knew none of this before and now I feel like Warren Buffett Jr.!!!

I just took the Series 6 yesterday for the first time, and walked out with a piece of paper that said "pass." This would not have been possible without Mr. Walker's book. I got caught in a situation where I had to take the test much earlier than anticipated, and only had about a week of study time. Using nothing else but this book, I studied for and passed the test. I am absolutely convinced my success is due to this book, which not only gives you practice tests, but presents the information in a non-jargon format so you can actually understand and absorb the knowledge.

Excellent high-lvel book for anyone involved with software development and implementation. This book digs deep with enough details of security in coding and testing practices and how to avoid security related bugs and vulnerabilities. The book also does well in terms of secure coding, white box and black box testing very well.

Few things where this book falls short "Ignorant" to emerging application landscape and the coding complexities in a multi-platform and application integration environment - J2EE, .NET, XML Web Services and SOA. I am sure, the author will agree on those gaps hopefully we see in the next edition of this book.

The book deserves 5 stars for the concepts + illustrations and 3 stars for those keen on development details for distributed applications.

A required reading for anyone involved with software development and implementation. This book drills-down to security in coding and testing practices and how to avoid security related bugs and vulnerabilities. The concepts illustrated on secure coding, white box and black box testing are excellent. As a developer/architect, I thoroughly enjoyed this book and I suggest to everyone who wants to get started on secure coding and testing practices.

Couple of things I QUIBBLE with are... the book does'nt realize the emerging issues and how-to's for build/refactor security for distributed application proliferation as your it - Portals, Web Services and SOA. The way we develop software is changing, the applications are becoming more pervasive and no-longer contained standalone to a system which makes the built-in security brittle impeding the agile business requirements for application/process orchestration, b2b federation and Web based application mashups. I am sure, the author will realize those gaps in the next edition of this book.

Havingsaid - This book is still a must-read for the budding security developer who wants to focus on secure programming and testing.

What is MISSING - You will not find answers for how you do secure web-centric applications, XML Web services - message-level security, identity federation and other b2b application complexities.

Software Security is the best book for learning to integrate security throughout your software development lifecycle. It contains all the security material that is missing from software engineering books. The author understands that your software development lifecycle is different from his, and so focuses on seven touchpoints that can be introduced into any software development lifecycle, instead of attempting to sell you a new lifecycle. He also understands that no matter how important security is to you, you can't change everything about you develop software tomorrow, so he introduces the touchpoints in order of effectiveness based on his extensive consulting experience, starting with tool-assisted code reviews and architectural risk analysis.

If you're a software developer, Software Security is an essential book to have on your shelf, and you'll also want a secure programming book like Secure Programming with Static Analysis (Addison-Wesley Software Security Series) or the author's own Building Secure Software: How to Avoid Security Problems the Right Way.

I read six books on software security recently, namely "Writing Secure Code, 2nd Ed" by Michael Howard and David LeBlanc; "19 Deadly Sins of Software Security" by Michael Howard, David LeBlanc, and John Viega; "Software Security" by Gary McGraw; "The Security Development Lifecycle" by Michael Howard and Steve Lipner; "High-Assurance Design" by Cliff Berg; and "Security Patterns" by Markus Schumacher, et al. Each book takes a different approach to the software security problem, although the first two focus on coding bugs and flaws; the second two examine development processes; and the last two discuss practices or patterns for improved design and implementation. My favorite of the six is Gary McGraw's, thanks to his clear thinking and logical analysis. The other five are still noteworthy books. All six will contribute to the production of more security software.

Gary McGraw's book gets my vote as the best of the six because it made the biggest impact on the way I look at the software security problem. First, Gary emphasizes the differences between bugs (coding errors) and flaws (deeper architectural problems). He shows that automated code inspection tools can be applied more or less successfully to the first problem set, but human investigation is required to address the second. Gary applauds the diversity of backgrounds found in today's security professionals, but wonders what will happen when this rag-tag bunch (myself included) is eventually replaced by "formally" trained college security graduates.

Second, Gary explains that although tools cannot replace a flaw-finding human, they can assist programmers trying to avoid writing bugs. Gary is the only author I encountered who acknowledged that it is unrealistic to expect a programmer to keep dozens or hundreds of sound coding practices and historical vulnerabilities in his head while writing software. An automated tool is a powerful way to apply secure coding lessons in a repeatable and measurable manner. Gary also reframed the way I look at software penetration testing, by showing in ch 6 that they are best used to discover environmental and configuration problems of software in production.

Third, Gary is not afraid to point out the problems with other interpretations of the software security problem. I almost fell out of my chair when I read his critique on pp 140-7 and p 213 of Microsoft's improper use of terms like "threat" in their so-called "threat model." Gary is absolutely right to say Microsoft is performing "risk analysis," not "threat analysis." (I laughed when I read him describe Microsoft's "Threat Modeling" as "[t]he unfortunately titled book" on p 310.) I examine this issue deeper in my reviews of Microsoft's books. Gary is also correct when he states on p 153 that "security is more like insurance than it is some kind of investment." I bookmarked the section (pp 292, 296-7) where Gary explained how the "19 Deadly Sins of Software Security" mix "specific types of errors and vulnerability classes and talk about them all at the same level of abstraction." He's also right that the OWASP Top Ten suffers the same problem. Finally, Gary understands the relationships between operators and developers and the importance of security vocabulary.

I was pleasantly surprised by "Software Security". I reviewed an early draft for Addison-Wesley and wondered where the author was taking this book. It ended up being my favorite software security book, easily complementing Gary's earlier book "Building Secure Software." In my opinion, Gary is thinking properly about all the fundamental issues that matter. This book should be distributed to all Microsoft developers to help them frame the software security problem properly.

The root cause of many security vulnerabilities is poorly written software. Often, software applications are written without security in mind. The logical, yet elusive, solution is to ensure that software developers are trained in writing secure code.

Software Security: Building Security In is a valiant attempt to show software developers how to do just that. The book is the latest step in Gary McGraw's software security series, whose previous titles include Building Secure Software and Exploiting Software.

In past decades, writing secure code was left to the military and banking industry. Today, with everything on networks, all sectors must get into the act.

Much of the problem is that organizations target their security elsewhere--specifically on networks--rather than on software. But so many malicious attacks are directed at software that it is foolish to leave this vulnerability exposed.

McGraw goes into detail not only about writing secure code but also about key related areas, which he terms "the seven touchpoints of software security."

These points comprise code review, architectural risk analysis, penetration testing, risk-based security tests, abuse cases, security requirements, and security operations. A major portion of the book effectively discusses these "touchpoints," making the work a recommended tool for inculcating software developers with a security mind-set.

This book, like Stephen Flynn's "Edge of Disaster" succinctly dissects the problems we face in warding off terrorism at home and exposes our vulnerabilities. They are large - ports, shipping, energy infrastructure, chemical plants, food processing facilities, for openers.
Flynn describes the problem only too well,

At the root of the problem is the Department of Homeland Security's secrecy, lack of internal coordination, turf battles, and incompatabile data base systems. Equally problematic is the complacency of the AMerican people, who are being shielded from the realities by a patronizing government.

Flynn ascribes the current situation to be comparable to the "phony war" between the time of the nazi attack in Poland in 1939, and the invasion and capitulation of France in the SPring of 1940 because of failure to consider, plan and consider new battlefield tactics. In short, the French (and also the British, were using WOrld War I tactics to fight new German panzer tactics. The parallels of today's attitudes and the last days of the Roman EMpire also are, indeed, chilling.

The government is not the only culprit that lulls our citizens into complacency. In my personal opinion, the news media does not help with its focus on the trivial, a hiding of coverage of the war on terror, and seldom reviewing the vulnerabilities Flynn covers so well and rallying our citizenry to the realities of what's at stake.

The solutions?: Active involvement of citizens; Active involvement of government with relevant private industry; open communicatioan with all relevant players in state and local government; making infrastructure sufficiently resilient that terrorists no longer find a potential target attractive.

WHat is needed, and implied, is a revival of an approach pioneered by NASA in the early 1960's when they had to establish operational paradigms and procedures for which there was no precedent. It's called 'conceptual blockbusting'. FLynn's book will help us get there, if everyone reads it.

Flynn quotes Abraham Lincoln concerning new paradigms:

"The dogmas of the quiet past are inadequate for the stormy present. The occasion is piled high with uncertainty, and we must rise to the occasion. As our case is new, so we must think anew, and act anew. We must disenthrall ourselves, and then we shall save our country."

It's as relevant now in the war on terro as it was in 1962.

BUY this book, and buy extra copies for your loved ones and closest friends.

This book is a must read for anyone interested in the short comings of our Homeland Security Department. I initially bought the book after thumbing through it and finding a section on the lack of security with our cargo containers, a specific worry of mine.

This book not only breaks down where we are vulnerable, it explains why and offers workable solutions as to how to reduce this vulnerability. The book is a bit frightening in a way, when you read and realize how vulnerable we really are, even after 6 years of security measures. Why isn't more being done? What are the government officials covering up?

What makes this book hit like a sledgehammer is the credentials of the author. He was a Coast Guard Commander for 20 years, an expert in National Security Studies at the Council on Foreign Relations. He has been on Congressional Task forces studying the problems in homeland security as well as serving in the White House Military Office during President George H. Bush administration and director for Global Issues on the National Security Council during the Administration of President Bill Clinton. Stephen Flynn is obviously an expert on this issue and his words should be given their due weight.

Bottom line, insightful, a bit frightening, definitely a book to read if you like current events or really want to know how safe we actually are.

This book focuses practically entirely on the vulnerabilities of the American homeland, and offers some suggestions that could begin to lay the foundation for protecting those vulnerabilities. The book does not talk about the war on terror in the terms of the offensive operations such as Iraq, Afghanistan, intelligence matters, and targeted killings of Al-Qaeda at all.

The author's cogent argument rests on the concept of defense in depth. In addition to offensive operations to route out the terrorists, we also need to make our homeland less susceptible to successful attack and more resilient to the aftermath of the inevitable one that slips through the net.

The homeland is defined not just as American territory, but extends to include the global commercial, transportation, trading, and financial networks that are central to our way of life and our economy. This represents a rich field of targets for terrorists, with successful attacks being able to ripple through the networks and cause continuing and ongoing damage. Flynn opens his book with a scenario of an attack on shipping containers, and transportation links with radiological devices. The hypothetical comes off as very plausible and sobering.

The remainder of the book talks about what the major vulnerabilities of America are, such as chemical plants, food distribution, overextended medical systems via biological or chemical attacks, etc. He shows that we currently lack the capabilities, organizational structure, and practices to adequately secure these vulnerabilities.

He provides what are really "glimpses" of possible solutions to these problems, including RFID tracking of cargo containers and food shipments with embedded WMD sensors, government security standards for critical and hazardous infrastructure (nuke plants, water treatment facility chlorine gad tanks, etc.) continuing reorganization at the federal, state and local level to focus on security, insurance measures, and a particularly innovative concept to enlist private company participation patterned after the Federal Reserve system.

However at the length of this short and easily readable (if not pleasently readable) book Flynn cannot go into detail. The cost and time of implementing such systems are not gone into in a satisfactory manner, but that's not the point of the book.

The point of the book is that the government needs to do more to protect our homefront. Flynn convincingly makes his case, and provides reasonable guidelines about how to improve upon the situation.

A good read for American citizens who want to ensure that we are doing the best we can to protect our civilization.

That is how one of the chapters starts. It's a matter of when the next terrorist attack will happen, not if it will happen, according to the author, Stephen Flynn.

With absolute simplicity, common sense logic, and an irrefutable argument, he demonstrates how and why our government is failing to protect us from the terrorist threat. Industry and government are not willing to take the time and the money required to provide greater security for a war on terrorism that will never end.

Our water and food supplies, our chemical plants, and our ports are alrmingly unsecure from terrorist attack. Flynn creates a terrorist scenario demonstrating how the terrorist threat can become reality. He asserts our enemies are willing to spend the time to create the act of terror, while we are not willing to spend the time defending ourselves to foil it.

He blames industries which see no benefit in spending the money on security which will be passed on to their consumers, while non-security minded companies will maintain lower prices and take business away from the security-conscious ones.

This means that congress must act. It must set security standards that will be implemented across each industry thus spreading the cost to everyone. So far, congress, not wanting to offend their million dollar contributors have done nothing. Flynn also suggests that Americans must be willing to make the sacrifices necessary for this security.

We are operating on a World War II mentality i.e. the best defense is a good offense by taking the fight to their countries. That is not what Flynn recommends. Terrorists will always be able to get into this country. We must strengthen our security at home which will take years of dedicated preparation and action.

The author's book is a siren song. The beginning of his fourth chapter bears repeating as a end to this review. "When it comes to dealing with the new security agenda, Americans need to grow up....Terrorism is simply too cheap, too available, and too tempting ever to be totally eradicated. We must have the maturity both to live with the risk of future attacks and to invest in reasonable measures to rein in that risk."

For those who use the argument that we haven't been attacked since 9/11, remember, it took five years of planning. 9/11 is now more than five years ago. Truly, American apathy and complacency are the terrorists' greatest allies.

This is a clearly written, well reasoned book on how to provide real security for the U.S. homeland. To his credit, its author Stephan Flynn wastes no time either in partisan bashing of the current administration or in dissecting the many faults of the Department of Homeland Security. Rather he immediately shares his analysis of why domestic security in the U.S .is such an elusive goal. In the course of a number of chapters he builds a pretty strong case that in spite of all the talk, the U.S. is just as vulnerable to terrorist attacks as it was in 2000 before the 9/11 catastrophe. Flynn provides some specific examples what these vulnerabilities are and is especially effective in his analysis of shipping port vulnerabilities as a result of the exponential growth of containerized shipping. He also provides what appears to be a sensible and more importantly doable plan to actually reduce our vulnerabilities to terrorist attacks. He is an advocate of applying that long held business concept of `risk management' to the practice of homeland security. Like Richard Posner (Preventing Surprise Attacks - amazon.com) he points out the impossibility of making the U.S. completely immune to any terrorist threat and argues that it makes far better sense to rationally and logically identify which potential targets in the U.S. would cause the most loss of life and economic or social disruption if attacked and build a dynamic and multilayered defensive system to protect those targets.

Of course, Flynn is a former Coast Guard officer so his prescriptions for protecting America are practical not theoretical. Having spent twenty years protecting U.S. interests in our coastal waters, his thought on how to protect this country is based on a realistic understanding of the threats we face and a knowledge of what actually can be done to mitigate those threats. It is a shame that the Department of Homeland Security has not seen fit to follow his example.

This is a great book for seasoned IT professionals that want to learn how to secure small and medium sized networks.

As others have said, if you want to read only one book, this is the one. The authors did a great job of describing concepts and relevant low level details and tools.

I enjoyed reading most of it, but I skimmed parts that described processes that seasoned engineers have applied countless times.

Highly recommended!

Fairly decent overview of perimeter security. If your a security professional you may learn a thing or two, if your a network administrator and your idea of security is a firewall then this book is meant for you. Its a fairly easy read, but some of the examples of the commands to enter in configuring routers and hosts could be eliminated. I felt the author was just taking up space with these examples. (not a big deal but I'm taking a star away on principal) I also felt the author could have gone into a little be more detail in the VPN chapter, especially when dealing with encryption, PKI, and authenication which I felt was glossed over. (again not a big deal, but when you call yourself the definitive guide, be more definitive and save the 'commands' for the user guides")

Very, very good.
All the most important subjects of perimeter security, remote access, resources separation are addressed.
TCP protocol details are clearly part of the explanation, therefore the more you know of it the better it is.
Useful links and vendor specific technology references are also included, like Microsoft, Cisco and so on.
Excellent.

Stephen Northcutt has done a great job! this is the most comphrensive book on the subject. I particularly found the part on access lists very helpful. Niloufer Tamboly, CISSP

Stephen Northcutt, and the various contributing authors, have created a masterful and well rounded guide of the various considerations that go into securing the network perimeter. As a student of Information Technology this book has been instrumental in my education and has earned a permanent place on my bookshelf (when it is not in my hands directly).

USEFUL FOR AN INEXPERIENCED INVESTOR. PRIMARY POINT IS TO FOCUS ON THE LONG TERM AND DO NOT RESPOND TO DAY TO DAY EVENTS COVERED IN THE MEDIA. SOME USEFUL INFORMATION ON WHICH STOCKS TO BUY AND WHEN. GOOD BUYS ARE FREQUENTLY NOT THE "BEST" STOCKS BUT RATHER THE ONES GETTTING THE LEAST ATTENTION FROM ANALYSTS AND THE MEDIA.

Another great book from Bernstein. This one is more accessible than Style Investing and has some great financial planning tips/exercises. After the last 2 years in the markets many investors should reasses their tolerance and goals and Bernstein gives a nice framework to do that within.

This is an outstanding book---the best I've read in 3 years. I particularly like the discussion of risk--how the general perception of risk differs form the investors point of view. And how the investor's perception of risk can be misinterpreted by the broker or financial consultant. A great discussion of value verses growth stocks and which do better under which circumstances. I learned alot by reading this book.

This is the best book I've read in several years. It is thought provoking and backed up by data to show which stocks do well and poorly over time. Alot of the information is counter-intuitive--i.e. shows how your gut instinct is often incorrect. I particularly like the book's discussion of risk, and how the conventional view of risk differs considerably for the average investors view of risk. I plan to reread this book soon.

This readable book explains very important concepts (risk/reward, asset allocation etc.) very well. Serious long-term investors would be well advised to navigate the noise (I would suggest shutting off CNBC as a start), read Richard's book, and then create a diversified portfolio that is expected to help them fund their long-term liabilities (education, retirement etc.) while matching their true risk tolerance.

This book addresses every aspect of doing business on the Internet securely. A must read for anyone that uses the Internet to either buy or sell.

This is an excellent book for the skeptic who thinks that "it can't happen to us!" I think many different companies (government and private sector alike) will be amazed at how comparitively little it actually costs to prevent a corporate disaster. Ever wish to go inside the mind of a good hacker and learn how he does it? This is the book for you!

The ubiquitous Internet is a double-edged sword. A major benefit is sharing information; a major detriment is the risk to customers of divulging private information. For e-businesses, therefore, privacy is a showstopper issue. This book was written to promote e-business success by helping organizations evaluate privacy needs, establish a privacy task force, use technologies to provide maximum protection, formulate privacy policies and procedures, implement and test privacy procedures, and monitor and modify privacy protection. This one's a winner--for companies that want to "win" at e-business.

The ubiquitous nature of the Internet is a double-edged sword, with sharing information a major benefit, and the risk of divulging private information a major detriment. In the rush to establish an e-business, organizations can't afford to ignore the showstopper issue: privacy. Erbschloe and Vacca provide a how-to for businesses to help them evaluate their privacy needs, establish a privacy task force, use privacy technologies to the best advantage, formulate privacy policies and procedures, implement and test privacy procedures, and monitor and modify their privacy protection. This one's a winner--for businesses that want to "win" at e-business.

A very informative and useful book in an area which is near and dear to all of us as we open up to the world of i-payments.