We’re getting to the end of the year and I thought I’d compile a list of books I read, referenced, perused, or reread this year, with my thoughts on them. Most of my reading for pleasure is fiction (specifically sci-fi or fantasy), but I do also read plenty of security-related or technical material. I’m going to split the list into fiction and nonfiction, and each section will be in no particular order.
- Understanding Cryptography, by Christof Paar and Jan Pelzl. This was the book that I first learned cryptography from in high school.
- Windows Internals, Part 1: System architecture, processes, threads, memory management, and more by Pavel Yosifovich et al. This is a deep dive into the internals of the Windows kernel with exhausting detail on how everything works. I won’t say it’s necessarily a must-read for developers or security professionals, but for those that want to work on code (or exploits) that touch the Windows kernel it definitely is.
- Principles of Secure Processor Architecture Design by Jakub Szefer. This is a bird’s-eye-view of threats and mitigations for secure processors. It’s an interesting introduction but isn’t overflowing with detail. I found it interesting but didn’t leave feeling like I had substantially advanced my skills or knowledge.
- Building Secure and Reliable Systems by Heather Adkins et al. An introduction to Site Reliability Engineering that I found quite fascinating even if it also made me glad that it wasn’t my job per se. Available free online from Google’s SRE Site.
- xchg rax,rax by xorpd. A small volume of assembly “poetry”. I approached them like puzzles and ended up learning quite a bit about the weird ghosts, demons, and dragons hiding inside the x86-64 ISA.
- The Theory of Committees and Elections by Duncan Black. I have been fascinated for years by voting systems and this is a somewhat dry but thorough introduction to formally analyzing different voting systems and how they introduce biases and weaknesses into a system.
- PoC||GTFO 0x20 by Manul Laphroaig et al. A yearly journal of weird hacks, cool tricks, and crazy shenanigans of the hacker variety.
- 2600 by various authors. The classic hacker quarterly.
- Flour Water Salt Yeast: The Fundamentals of Artisan Bread and Pizza by Ken Forkish. I always loved baking bread and sweets and the pandemic made me want to get a little more serious about my bread (along with everyone else it seems).
- A Wizard of Earthsea by Ursula K LeGuinn. A boy grows into a the world’s most powerful wizard, told as if it was an oral history.
- The Magicians by Lev Grossman. Dysfunctional undergrads learn that even being admitted to a secret magic school can’t solve their problems.
- Three Parts Dead by Max Gladstone. What if all the incomprehensible legal gibberish in that contract was actually a spell, and the lawyer that wrote it a wizard messing with powers man was not meant to possess?
- The Laundry Files by Charles Stross. What if all the incomprehensible code in that program was actually a spell, and the programmer that wrote it a wizard messing with powers man was not meant to possess? First few books are Bond pastiches but later ones have their own plot and identity.
- Kismet by Watts Martin. A genetically\ modified starfaring freelancer gets stuck between powerful corporations that want to control the future of gene modification.
- Starship’s Mage by Glynn Stewart. Since FTL travel is impossible… just say A Wizard Did It. Literally.
- Snow Crash by Neal Stephenson. This was supposed to be a satirical cyberpunk story about VR and hypercapitalism. Now it’s just nonfiction.
- The Dresden Files, by Jim Butcher. What would a wizard do if they lived in modern Chicago? Set up shop as a PI of course! You can skip to number 4 if you find the first one a little rough — the first three were written without the help of an editor (they were the author’s college writing projects).
- Neuromancer by William Gibson. This book basically defined cyberpunk as a genre. If you read it, you’ll almost think it was cliché, it’s so much the archetype of all that came later.