Saturday, June 15, 2013

Thinking About Security Daemons

Posted on the Bit9 blog: Thinking About Security Daemons

See all my Bit9 blog posts here.

Wednesday, June 12, 2013

CS Reading List

I am not a bookworm and books do not represent my media format of choice. Nevertheless, I still have lists of books I feel everybody should read. That includes a list of books I feel every software engineer (or manager of software engineers) should read. That doesn’t mean people who aren’t software engineers won’t enjoy these books or benefit from them. It just means that if you write code for a living then you should at least be familiar with these:

This textbook changed my life, or at least the course associated with it did. I thought I wanted to do computer graphics up until taking CS 324 at BYU. The labs which come with this book introduced me to an abstraction level of computing that I loved: looking at the hardware side while staying barely on the software side. I still regularly use this book for a reference.
Anyone serious about software development will at least have some familiarity with design patterns. Of course, knowing design patterns no more makes you a software designer than knowing the contents of a Lego store makes you a Lego sculptor. Still, the Gang of Four’s canonical introduction to this topic helps us all have a foundational vocabulary upon which to build.
A paradigm shift in the construction and motivation of complex systems. The open source software movement continues forward. Whether or not you subscribe to the philosophy to any degree, you will interact with people who do. This book can help Cathedral types understand, appreciate, and maybe become more like Bazaar types. It does not include free beer.
My graduate school advisor recommended that all incoming computer science students read this book. Although it centers on Licklider, it provides an amazing background on the advent of modern computing up to the start of the century. It blew my mind to realize how early the visionaries imagined the world at which we eventually arrived.
I admit that this one is old. Fred Brooks experience managing the development of IBM’s System/360 took place in the mid-60s, and the essays center on that experience. Later editions have added chapters looking back on the earlier suppositions, and they appear to hold up well. Wading into software engineering management really does mean walking through tar pits.
Technology in the information age has rapidly outpaced legislation and societal norms. This creates significant problems as old laws and ways of thinking about things can artificially cripple and hamper technology enabled progress. Typically, those that understand the societal norms and legislation are not the ones who understand the technology, and vice versa. Lessig grasps both sides and, more importantly, proffers solutions.
I admit this may be more of a fanboy addition and that a similar list to this one in 20 years probably will not include this book. However, I like the perspective Jeff Jarvis brings to the discussion about privacy. I’m not saying he’s 100% correct, just that we need to see things from this point of view as well. We are social beings ready to reap the benefits to be gained through sharing.

I almost put this book in the non-fiction section as it’s semi-autobiographical, but in the end it’s a novel. The protagonist of the story investigates the meaning of quality, conveying his thoughts through conversations with others and flashbacks. The thought required to read this book may exercise mental muscles not normally used, but we can all benefit from understanding quality and how to pursue it.
Author Mark Russinovich draws from years of experience architecting software for the Windows operating system to write a compelling, modern-day, thriller. The two biggest weaknesses of the book include a zealous following of stereotypes and more adult content than seems necessary for the story. One thing the book does exceptionally well is get into the nitty-gritty of exploits in an engaging way.
This story moved me to tears, which says something (either about me or about the story). A lot of bad things happen to innocent people in this technological thriller, but in the end the author paints a world-wide networked society in which I want to participate.
The upcoming movie has increased interest in this work, but I first read it as a kid. Probably my favorite book of all time, it presents a number of philosophical and technological issues that still face us today. The movie cannot possibly do this book justice, so I suggest you read it and the other seven books in the series (I know there’s more but I can only vouch for the original eight).
Some may argue that Asimov’s I, Robot should take this spot, but I enjoy the scope and vision of the Foundation series. A political treatise wrapped in science fiction, it provides many nuggets of insight for those wishing to live in a modern and civilized society. “Violence is the last refuge of the incompetent.”
Where Foundation provides nuggets of insight, The Hitchhiker’s Guide extrapolates technology-enabled life to the absurd. A hilarious romp through the genre, it illustrates the importance of not taking ourselves too seriously since we are always finding out new ways in which the universe is weird. Plus, there’s Marvin.
I almost got turned off on this book by the atheist diatribe near the beginning of the book. Luckily I stuck with it and ended up thoroughly enjoying this story. A fun look at MMORPGs and a retrospective of the 80s, the book can introduce that culture for those who missed it. You’ll find it permeates the tech community.

I’ll end there for now. Offended I left something off? Feel like something else deserves a place? Leave suggestions in the comments.

Tuesday, June 4, 2013

Survey results

Thank you to all who participated in my survey for my lesson in Elders Quorum on June 2nd. This chart provides one summary view of the results:

You can still see the survey online at and look at some pie charts of the results Any data miners among you can look at the raw and anonymous data