Windows Into the Soul

soulWindows Into the Soul : Surveillance and Society in An Age of High Technology
By Marx, Gary T.
Book – 2016

The library’s barcode sticker on the back generally obscures some unimportant back-cover information but, in this case, it is troublesome: it covers Schneier’s recommendation. I wanted to read that so I found it on the web:

In a world punch-drunk on data, with both governments and corporations Рnot to mention private persons Рincreasingly recording and correlating our every move, Windows Into the Soul is an important and timely book

The author, Gary Marx, is / was an MIT professor who lives and breathes surveillance, in particular, the social and philosophical aspects. This book is not easy reading, but it is thought-provoking.

Security Strategies Linux

Security Strategies in Linux Platforms and Applications
By Jang, Michael
Book – 2015

Linux systems administrators will like this very readable book.


  • Security threats to Linux
  • Basic components of Linux security
  • Starting Off: Getting Up and Running
  • User privileges and permissions
  • Filesystems, volumes, and encryption
  • Securing services
  • Networks, firewalls, and more
  • Networked filesystems and remote access
  • Networked application security
  • Kernel security risk mitigation
  • Managing security alerts and updates
  • Building and maintaining a security baseline
  • Testing and reporting
  • Detecting and responding to security breaches
  • Best practices and emerging technologies

Car Hacker’s Handbook

The Car Hacker’s Handbook: A Guide for the Penetration Tester, Craig Smith, No Starch Press

What causes worse damage, hacking into a desktop PC or a car? Often, the latter, and it has recently become a concern. You might have seen the video of a SUV in a ditch, directed there by a white-hat. Security professionals will want to know all about this topic, and can get an excellent start by reading the (free) current version. Shortly thereafter, you will want to buy the new, updated version from No Starch Press.

Those of us who chant the green “Reduce, Reuse, Recycle” mantra will have better reasons for keeping our 10-year-old cars!

See also IAmTheCavalry which is

a global grassroots organization that is focused on issues where computer security intersects public safety and human life. We strive to ensure that these technologies are worthy of the trust we place in them. [..] Our areas of focus are medical devices, automobiles, home electronics and public infrastructure.

The links below might not be much use.

Browser Hacker

The Browser Hacker’s Handbook
By Alcorn, Wade Book – 2014

Security used to be mostly about the firewall. Long ago! Now, with everything going through port 80,
the focus is more on the browser. Complexity comes with vulnerabilities, and this 600 page book explains many of them well. But this field changes rapidly, and the book is dated now.

Law, Privacy and Surveillance

Law, Privacy and Surveillance in Canada in the Post-Snowden Era
Edited by Michael Geist (May 2015)

Years of surveillance-related leaks from US whistleblower Edward Snowden have fuelled an international debate on privacy, spying, and Internet surveillance. Much of the focus has centered on the role of the US National Security Agency, yet there is an important Canadian side to the story. The Communications Security Establishment, the Canadian counterpart to the NSA, has played an active role in surveillance activities both at home and abroad, raising a host of challenging legal and policy questions.

online book from the University of Ottawa


Obfuscation A User’s Guide for Privacy and Protest By Brunton, Finn, 1980-
Book – 2015

If you are worried that large businesses and governments are snooping on you as you interact on-line, then you are not alone. We are not talking of criminal snooping or malware. We are talking of legal though shadowy tracking, mostly on web sites, with the resulting reams of information on you going into large databases. In many cases, the info is ‘anonymized’, but this is misleading: analysis of anonymized data can often identify individuals.

This small book discusses ways you can throw trackers off the scent by obfuscating your activities. The book is academic, and some of its ideas are stale and / or have been deprecated, but you will still want to read it. And disable Javascript using the uMatrix add-on ..