Reddit mentions: The best internet & social media books

This is probably more than what you are looking for, but I’ll go ahead and pass on what I have been using. I was already thinking about putting together a less expensive, non-Becker CPA exam strategy for r/accounting once I pass all the exams; so this will be a good warm up.
I haven’t taken all of the exams yet (I have passed the ones I have taken), but I can tell you the resources that have seemed to help the most far. I am pretty cheap, so I have tried to obtain my materials as inexpensively as possible (which is odd because my employer is paying for everything upfront).

For all of the exams I have purchased the Wiley CPA exam prep books; If you are lucky you might be able to find them at your local library.

I also use the Gleim multiple choice questions, and simulations. Gleim questions are in my experience more challenging than the real test questions, which make the actual exams seem not so bad (which is a great confidence booster). I try to answer 1500-2000 MC questions in the last couple of weeks leading up to the exam. I went through the Gleim regulation simulation questions once before the exam, and they really helped me a lot.

For BEC I pretty much relied on tons of Gleim MC questions, and the Wiley materials. I also used my managerial accounting textbook for reviewing cost accounting.

Additional materials I used for REG were my undergrad Business Law textbook, and the Federal Taxation book I mentioned in my last post.

For FAR (the test I am preparing for now), it had been so long since I took any financial accounting courses, I felt I needed a more fundamental review. I have been working through Schaums Outline of Intermediate Accounting I, Second Edition and Schaums Outline of Intermediate Accounting II, Second Edition. I have also been reading Governmental Accounting Made Easy, which has been helping with governmental accounting concepts (I never covered this in school). I am hoping that Wiley and Gleim materials will be sufficient for IFRS.

I’ll have to get back to you on AUD in a few months, but I am assuming that it will probably be a Gleim, Wiley, and old text book combo.

I hope that this helps. It has worked pretty well for me, but everybody learns a little different. Good luck!

Wow, 24 hours and no replies?!

Fine, you know what? FUCK IT!

Alright, first off - While you can concentrate on physical, understanding the basics of the digital side of things will make you more valuable, and arguably more effective. I'll take this opportunity to point you at Metasploit and tell you to atleast spend an hour or so each week working to understand it. I'm not saying you have to know it backwards or inside-out, just get a basic understanding.

But you said you want to go down the physical path, so fuck all that bullshit I said before, ignore it if you want, I don't care. It's just a suggestion.

Do you pick locks? Why not? Come on over to /r/Lockpicking and read the stickied post at the top. Buy a lockpick set. You're just starting so you can go a little crazy, or be conservative. Get some locks (Don't pick locks you rely on!) at a store, and learn the basics of how to pick.

Your fingers will get sore. Time to put down the picks and start reading:

• Social Engineering - The Art of Human Hacking
  
• Practical LockPicking - A Physical Penetration Tester's Training Guide
  
• No Tech Hacking - A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing
  
• Unauthorised Access - Physical Penetration Testing For IT Security Teams
  
• Ninja Hacking - Unconventional Penetration Testing Tactics and Techniques
  
• Metasploit - The Pentration Tester's Guide (OPTIONAL but suggested)
  
• The Basics of Hacking And Penetration Testing - Ethical Hacking and Penetration Testing Made Easy (OPTIONAL but suggested)
  
• Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks (OPTIONAL but suggested)
  
  That reading list right there gives you over 2000 pages to read. Read. Read More.
  
  Tired of Reading? Have you been listening to the Social-Engineer.org Podcasts? 53 quality podcasts right there. Time to catch up!
  
  Tired of listening? Take a break! And by "Take a break" I mean grab your lockpicks, a lock, and start picking while you relax with a Jayson Street video. He's fun to watch, and will hopefully distract you while you try picking a lock. Also, he highlights how you don't have to be a computer-genius to be good at PenTesting. Go watch more of his videos while you pick locks - It's entertaining at least, and informative/educational at best. Now go watch Deviant Ollam's videos if you're done with Jayson Street.
  
  Sounds like a lot? It's not. You'll spend a bit of money getting started with picks, locks, and books. It's the nature of the game, no good way around it. It's time-consuming. You may have to give up playing your favourite games for a while. But the things you learn and skills you develop will pay more than that game did. By the time you're halfway through any one of those books you'll have a much better idea of what questions you want or need to ask in order to progress further and faster every day.
  
  Go to Security Cons. DerbyCon is awesome, and happens in late September, plenty of time to start saving money and making reservations. Talk to people, ask questions, and make connections. You will learn more in those 4 days than some people learn in months or years and you'll have tons of fun.
  
  If you can swing it, attend Deviant Ollam's "Physical Security Skills for Penetration Testers" class. The things you will learn in that class will make it worth every damned penny, and you'll feel like a bad-ass at the end of it.
  
  Is this what you wanted?

Alright kid, if you really want to cook - and I believe you do - you're gonna need to know how to kick ass in the social media world. Sorry to say it, but that's what it's gonna take.


My recommendation? Check out Social Media for Writers. I bought this thing about a month or so ago and ooh boy was it handy. Not only does it go over some general guidelines, but it also takes a look into SEO, Content Marketing, and all the major players out there: Facebook, Twitter, Google+, Tumblr, Wordpress, you name it. It'll be a valuable reference trust me. You don't have to do everything in there, but it'll give ya some guidelines on how to get your name out there.


Now you might be thinking "Jeez, I said I wanted to advertise, not get famous on Social Media!" Well, SocMedia is big this day and age, and to try to get yourself noticed and not even have an active twitter feed or Facebook Page is kinda silly. Not to mention it can work as free advertisement for you - and you don't even have to take out any ads!


This is also on a bit of a tangent, but if you want some kick-ass tools to help with your book check out The Breakout Novelist by Donald Maas. Maas is a publisher over in yon New York, and Breakout Novelist collects some of his best advice from previously published works. I'm not even halfway through the book yet and hot damn have I learned some neat things. Trust me, this little desk reference will give you some pointers to make your book stand out even more, regardless of genre. The other great thing about Maas is he's more focused on helping writers who want to tell their stories and BE writers rather than Fame-Seekers, so this is more than just a book that tells you how to do the bare minimum.


Good luck and godspeed! Let me know how it turns out - I'm always looking for some new furry writers to get to know - being a writer myself.

It might be that blogging isn't for you, and if that's the case, there's nothing wrong with that! You know you enjoyed writing a book. I think if the main factor holding you back from working in another (even if just for fun), is feeling you shouldn't do it yet, maybe you could try and identify your reasons for feeling that way. Are the reasons for not doing it as strong as the sense of purpose you feel when writing? Is it because you truly don't want to work on another book until you hear from your editor, or is it because you feel like you're supposed to wait to write until you hear from the editor? Several of my favorite authors have books that were released after they became well known, but were written before their actual first published book. So I don't know if there's any clear should/shouldn't in your situation!

I have a few books (both regular and workbook style) on planning out a blog saved to my wish list.

I have a small, 4 year old blog with a small following (around 200 views a day on average during times I'm not actively writing on it). It mainly was built by connecting with other bloggers and commenting on their blogs, as well as by learning about how to get my blog to show up in Google searches (I only had to learn it once, do it, then haven't messed with it since, although I probably should). At first, it was only read by my family and friends. I am considering these books because I haven't felt like writing lately, and want to put more thought into the structure of my blog.

EPIC BLOG: One-Year Editorial Planner

The Ultimate Blogger To-Do List

How To Style Your Brand

Blog, Inc.: Blogging for Passion, Profit, and to Create Community - I borrowed this one from the library yesterday.

If money were no object, I would get this one because I really like parts of it, however the parts about taxes and employees and the like wouldn't be of use to me! I also don't know why it's for women not men... Marketing, I suppose The Conquer Kit: A Creative Business Planner for Women Entrepreneurs

This is my favorite of the guided journal type books I purchased. Design the Life You Love I am only a little into it, however I think it is perfectly suited to our personality type.

Edited: formatting and forgotten thoughts

Let me preface this by saying I know nothing about netsec but can offer a general framework.

To make a career out of netsec you need to know the answers to three questions:

1. Who will I work for?
   
2. What will they want me to do?
   
3. How can I get them to employ me?
   
   As a starting point you might like to check out
   
   http://www.amazon.com/InfoSec-Career-Hacking-Sell-Skillz/dp/1597490113
   
   That book covers nominally what you are after but it's a touch old (2005) so things might have changed since it was published. Apparently it discusses the various job types within the industry which should give you a sense of what is possible.
   
   With this information you next want to find a list of employers you'd like to work for. Your goal is to try to build relationships with those companies: do they offer internships? What knowledge/experience are they looking for from new employees? Could you meet with someone to talk about the industry? Etc.
   
   You might be able to do this by blindly emailing or phoning the companies. However, it will probably be more effective if you can meet someone face to face. The obvious way to do this is to go to university careers fairs, conferences, local clubs etc. If you're at university you might be able to ask your teachers if there is anyone they know of who they could introduce you to.
   
   At the very start of this networking phase you could be quite broad in who you talk to. If you know 20 people and they each know 20 people then you have access to 400 friends-of-friends. Sometimes someone knows of someone who could be helpful for you. Once this lead generation has kicked into gear though you can focus down on the people most relevant to you.
   
   At this stage you hopefully be able to answer the question 'What do I need to know?' with 'If I can do x,y,z then ABC Inc will give me work.'
   
   You will now want to start learning those skills. Your contacts might be able to give you some suggested reference sources but you're probably best off learning by doing a series of small projects. The reason is that they will give you a sense of 'what it is really like' beyond the textbook theory, but also because they will prove that you can actually do something. It's one thing to say "I know some basic reverse engineering." and another to say "I know some basic reverse engineering, here is a 'Hello World!' program I wrote in C and here is a crack I wrote which makes it output 'Goodbye World!' instead."
   
   If you're really pushing this you could start a blog detailing your projects. From your perspective it's a way to track your progress. From a more pragmatic perspective it is an advertisment for yourself and a way to keep bubbling at the back of your prospective employers mind as they can see what you are working on.
   
   As you continue along this path eventually you'll get the necessary skill set to start applying for positions. When you do apply you'll hopefully have two aces up your sleeve: projects which prove you are capable of undertaking the required work, and ideally some sort of reference from an established figure within the industry (or even better, company.)
   
   I am vaguely aware of a netsec one-person consultancy company vibe. I don't know how common that is or how you would set up as an independent contractor but that is another path to look into.
   
   ----
   
   This approach is loosely based on this which might be interesting to you for a much more detailed application in an academic setting.

Let me just say this: if you are wanting a community and spiritual feelings or feel goods are there other places that you could get those things? If you check out r/Frisson/ you might get some of those spiritual feelings without the need for a church. Or you can learn how to get strong spritual feelings anytime you like by just remembering a time when you felt that way and then focus on that feeling. Actors use this method to recall feelings during their plays, shows etc so they can make the scene believable. (usually done with anger sadness joy) As for a community wouldn't you rather just join a meetup that already has ideals that meet your own instead of having to do mental gymnastics to make your worldview work? Also be prepared as Mormons tend to be super friendly when they are trying to convert you but once you are converted they focus their efforts elsewhere. That isn't to say this will absolutely happen but it can just ask some of those that are ex-converts to the church on this subreddit you will see what I mean. I think you would be better off finding some real authentic people that think similarly to you and are able to think critically about everything in their lives instead of just anything that doesn't involve religion. Read www.cesletter.org before you join as well so you know some of the old fallacies and doctrines that are in the history of the church or in other words the un-whitewashed version of TSCC. Also consider do you really want to give your money to a group of con-artists that are working actively to get people to not think critically but instead want people to just have faith in them and their doctrine? If you do this you are perpetuating the problem, if you join, then those who aren't thinking critically of TSCC will just be even more enthralled because "hey look guys an atheist just joined see we have the truth!" Please recognize their niceness for what it is even though they even may genuinely believe they are being nice they are that way because they are told to be from TSCC toward converts not because they actually think they need to help a fellow human just for the sake of helping them, this is especially true if they are trying to pressure you to join. Just think will they still be just as friendly if I decide not to join? If the answer is no then it would seem to me that they are trying to get something out of such as a pat on a back from their bishop, or trying to get a promotion calling such as become a bishop. Think of them as salesmen they actually use many of the same tactics, which also happen to be similar to what social engineers use. Social engineer is just an elaborate name for a con-artist. See what I mean in this book [here.] (https://www.amazon.com/Social-Engineering-Art-Human-Hacking/dp/0470639539) As for social conservative please elaborate do you dislike gays? if not they you will see this church does some real damage with that community with their policy that any gay families children can't be baptized till they are 18 and renounce their parents marriage. It's really outrageous. If you just want limited government then I share that sentiment I don't really love either party, as such you can find people that share your values and don't need to join a church to get spiritual fulfillment and social fulfillment.

I mean, the requirements are all spelled out for you in the job description:

KNOWLEDGE, SKILLS, ABILITY(IES):

• Knowledge building out a complete IoT solution stack, identifying gaps with current platform and developing plans to fit those gaps
  
• Knowledge planning and building demo centers for specific vertical solutions
  
• Knowledge develop plans to scale an IoT practice at the City of Dallas as standalone or cross-functional entity
  
• Effective oral and written communication skills
  
• Ability to lead technical conversations with customers to design and execute pilots
  
• Ability to Collaborate internally with relation functions
  
• Ability to develop plans for training
  
• Ability to work directly with business representatives to understand the specific requirements that are driving the need for a solution to be designed; then plan and implement the design activities required.
  
• Ability to develop plans to scale an IoT practice at the City of Dallas as standalone or cross-functional entity.
  
• Ability to lead technical conversations with vendors to establish valuable partnerships.
  
  -----
  
  You need to analyze each of those bullet points and expand on what they mean.
  
  Let's look at the first, and very significant bullet point:
  
  > Knowledge building out a complete IoT solution stack
  
  
• What is IoT?
  
• What are the components of an IoT stack?
  
  It should be noted that else where in the job description, the concept of IoT as a component of Smart Cities is added to the conversation.
  
  
• What is a Smart City?
  
• How is IoT used to create a Smart City?
  
  > identifying gaps with current platform and developing plans to fit those gaps
  
  Gaps in an IoT platform... so some infrastructure and software development systems integration is expected.
  You will need to be comfortable with large scale systems design work.
  
  What is a large scale system, and how does one design one? Perhaps starting with smaller scale first might be a wise path...
  
  -----
  
  Now lets take some of those buzzwords and explore them:
  
  https://www.amazon.com/dp/0393082873
  
  https://www.amazon.com/dp/1498702767
  
  https://www.amazon.com/dp/0262527731
  
  
  
  
  

Here is a "curriculum" of sorts I would suggest, as it's fairly close to how I learned:

1. Programming. Definitely learn "C" first as all of the Exploitation and Assembly courses below assume you know C: The bible is pretty much Dennis Richie and Kernighan's "The C Programming Language", and here is the .pdf (this book is from 1988, I don't think anyone would mind). I actually prefer Kochan's book "Programming in C" which is very beginner freindly and was written in 2004 rather than 1988 making the language a little more "up to date" and accessible. There are plenty of "C Programming" tutorials on YouTube that you can use in conjunction with either of the aforementioned books as well. After learning C than you can try out some other languages. I personally suggest Python as it is very beginner friendly and is well documented. Ruby isn't a bad choice either.
   
   
2. Architecture and Computer basics:
   Generally you'll probably want to look into IA-32 and the best starting point is the Intel Architecture manual itself, the .pdf can be found here (pdf link).
   Because of the depth of that .pdf I would suggest using it mainly as a reference guide while studying "Computer Systems: A Programmers Perspective" and "Secrets of Reverse Engineering".
   
   
3. Operating Systems: Choose which you want to dig into: Linux or Windows, and put the effort into one of them, you can come back to the other later. I would probably suggest Linux unless you are planning on specializing in Malware Analysis, in which case I would suggest Windows. Linux: No Starch's "How Linux Works" is a great beginner resource as is their "Linux Command Line" book. I would also check out "Understanding the Linux Kernel" (that's a .pdf link). For Windows you can follow the Windows Programming wiki here or you can buy the book "Windows System Programming". The Windows Internals books are generally highly regarded, I didn't learn from them I use them more as a reference so I an't really speak to how well they would teach a "beginner".
   
   
4. Assembly: You can't do much better than OpenSecurityTraining's "Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration" class lectures from Xeno Kovah, found here. The book "Secrets of Reverse Engineering" has a very beginner friendly introduction to Assembly as does "Hacking: The Art of Exploitation".
   
   
5. Exploitation: OpenSecurityTraining also has a great video series for Introduction to Exploits. "Hacking: The Art of Exploitation" is a really, really good book that is completely self-contained and will walk you through the basics of assembly. The author does introduce you to C and some basic principles of Linux but I would definitely suggest learning the basics of C and Linux command line first as his teaching style is pretty "hard and fast".
   
   
6. Specialized fields such as Cryptology and Malware Analysis.
   
   
   Of course if you just want to do "pentesting/vuln assessment" in which you rely more on toolsets (for example, Nmap>Nessus>Metasploit) structured around a methodology/framework than you may want to look into one of the PACKT books on Kali or backtrack, get familiar with the tools you will use such as Nmap and Wireshark, and learn basic Networking (a simple CompTIA Networking+ book will be a good enough start). I personally did not go this route nor would I recommend it as it generally shys away from the foundations and seems to me to be settling for becoming comfortable with tools that abstract you from the real "meat" of exploitation and all the things that make NetSec great, fun and challenging in the first place. But everyone is different and it's really more of a personal choice. (By the way, I'm not suggesting this is "lame" or anything, it was just not for me.)
   
   *edited a name out
   
   
   
   
   
   

Oi. Disclaimer: I haven't bought a book in the field in a while, so there might be some new greats that I'm not familiar with. Also, I'm old and have no memory, so I may very well have forgotten some greats. But here is what I can recommend.

I got my start with Koblitz's Course in Number Theory and Cryptography and Schneier's Applied Cryptography. Schneier's is a bit basic, outdated, and erroneous in spots, and the guy is annoying as fuck, but it's still a pretty darned good intro to the field.

If you're strong at math (and computation and complexity theory) then Oded Goldreich's Foundations of Cryptography Volume 1 and Volume 2 are outstanding. If you're not so strong in those areas, you may want to come up to speed with the help of Sipser and Moret first.

Also, if you need to shore up your number theory and algebra, Victor Shoup is the man.

At this point, you ought to have a pretty good base for building on by reading research papers.

One other note, two books that I've not looked at but are written by people I really respect Introduction to Modern Cryptography by Katz and Lindell and Computational Complexity: A Modern Approach by Arora and Barak.

Hope that helps.

I'm not an expert here but I've picked up interest in the last 3 months and have been pouring through a lot of online resources related to Cryptography and coding. Here's some of what I've been working with:

Hacking Secret Cipher with Python: http://inventwithpython.com/hacking/
> Great hands on book teaching you about various types of ciphers, how they work, how to break them. If you don't know much coding, that's still okay for this book, you learn some of the Python basics.

Applied Cryptography
http://www.amazon.com/Applied-Cryptography-Protocols-Algorithms-Source/dp/0471117099/ref=sr_1_1?s=books&ie=UTF8&qid=1394549623&sr=1-1&keywords=applied+cryptography
> Great book, essentially a cryptographers bible. I got the latest edition on Ebay for $20 total, nearly brand new, so it's cheaper than Amazon

Online course in Cryptography by Dan Boneh - standford
https://class.coursera.org/crypto-preview/lecture
> I'm halfway through this course and I'm loving it. I would be done by now but I've been busy the past couple of weeks.

That first resource is great and really easy to follow. It'll give a nice foundation for computer cryptography. I was able to get through it in a little over a week.

I have some experience with attacking password hashes and I want to clear a few things up regarding password strength. While I'm by no means an expert, I have actually performed these attacks against passwords I've generated and hashed myself.

It seems like the linked source is mostly talking about how long it takes to brute-force, which is far from the only way to get a password. I did check the expected brute-force times and they are mostly accurate, but they are certainly falling behind. My GTX 1070 is expected to crack all 8-character md5 hashes in about 4.5 days at 16 gigahashes/second compared to the 2015 estimate they used of 11 GH/s. It's no quad-TitanX build, but it's strong enough to illustrate the widening gap.

But I think it's important to understand that real password attacks are much, much more sophisticated than a raw brute-force, and keyspace can be drastically reduced by taking advantage of the flawed ways that people try to "strengthen" their passwords. I'll bold it so it's clear: Number of characters is not an effective assessment of password strength unless they are generated randomly. Let's use some of the passwords from the source as examples. "security1" is an uncommon English word with one number - a common password pattern and an easy dictionary+digit mask attack. "P@ssw0rD", aside from likely being in many top X password wordlists itself since it's a mutation of "password", is a common word with the first and last letters capitalized and has a few very common replacements(a->@ and o->0), and would easily be caught in a dictionary+rule attack. It doesn't matter that your password is 10 characters long when it's a somewhat common 6-character name + a year. Massive real-world password dumps like rockyou also change things significantly and make raw wordlist and wordlist+rule or mask attacks much more effective.

The hashcat wiki has a lot of information about intelligent attacks against password hashes. There is also a great book about it, Hash Crack.

As you mentioned, diceware is one of the best ways to generate a passphrase, with a keyspace of 7776^(number of words), assuming that we know that it's a diceware password. Five words is stronger than most real passwords. Seven to ten words is basically uncrackable with current technology and should stay that way for a few years. Best of all, it's very easy to remember.

	

	

	

> # How does a big company full of smart people miss a revolution?
>
>
>
> The Friendly Orange Glow: The Untold Story of the PLATO System and the Dawn of Cyberculture (Brian Dear 2017; Pantheon) tells a story of business blindness.
>
> The programmers of the powerful CDC mainframe had all of the technical knowledge, and more, of the PC pioneers, but they didn’t want to drop everything and rush to the PC. The business folks behind the mainframe were similarly mentally locked into their well-trodden paths of sales and applications.
>
> The CDC/PLATO folks actually built a modern distributed system, with a microprocessor in every terminal (“desktop PC”) and communications lines back to a server.
>
> > Instead of orange pixels, they were grayish white. The new terminal, called the IST (short for Information Systems Terminal), looked more like an early personal computer. A big, wide, heavy base, with a black grille in front, to which a detached keyboard was connected via a thick cable. On top of the base was a monitor, a special elongated CRT with a square display featuring exactly 512 x 512 black-and-white pixels and, mounted directly over the surface of the CRT’s glass, a reflective, acrylic touch screen with barely visible gold wires crisscrossing across the display. During the nine months of development, the price of CMOS (complementary metal-oxide semiconductor) memory chips had plummeted even further than Hill had anticipated. “According to the really long-haired predictions,” says Hill, “it was going to come down, by six or eight to one, and it came down about ten to one, right when we were doing our development. The result was that we could produce a memory-mapped video terminal, which as far as I know had never been done before, because it was cost-prohibitive.
> >
> > “We produced what in effect was a PC,” says Hill, “in 1975.” When one considers the year this machine was developed, and compare it to what else was available at that time, it is suddenly apparent that CDC had just leapfrogged over the entire microcomputer field. Here is Hill describing his machine: “[ It had an] 8080 microprocessor, it had plugin cards, it had a separate monitor, with a cable going to the main box, it had a separate keyboard, it had plugin modems, plugin memory, plugin communications, and we even had a plugin disk driver, that wasn’t part of the standard stuff, but we had it networked, so it was revolutionary. And our big problem was producing it at low cost. And we did that. That terminal came in with something like a $ 1,300 cost, in the first few terminals. And that was beyond everybody’s belief.” By the time the IST was ready to be sold to consumers, the marketing people had marked up the price to over $ 8,000, says Hill. It was the beginning of a long line of very bad decisions at CDC. Hill believed the terminal should have been sold for $ 100 above cost. “If we’d done that, we would have flooded the market because people knew they could use it for other things. It would take loadable programs— we could load programs down from the mainframe into that terminal.”
>
> Note the last sentence. The system had the same capability as a modern Web browser that may download a Java or JavaScript program from the server.
>
> The author says that CDC had roughly $1 billion in revenue in 1969 ($7 billion in today’s mini-dollars) so it was about one seventh the size of IBM. Management went all-in on computer-delivered education, which meant trying to sell to governments such as the Soviet Union, Iran, and Venezuela. The U.S. government delayed the Soviet sale due to security concerns and then killed it after the invasion of Afghanistan (imagine how many trillions of dollars we could have saved if we had let the Russians support the secular government in Afghanistan and not supported the Mujahideen!). The Iranian deal fell apart due to political instability:
>
> > CERL and CDC created Persian-language support in PLATO as part of the demos, and eventually the Shah’s government agreed to a deal. However, it required that the IST terminals had to be made in Iran (or at least have a decal with “Control Data of Iran” and Persian script on it affixed to the screen bezel). In the end, the Ayatollah Khomeni and the Iranian revolution ended CDC’s hopes in that country. Several of the government ministers, including Prime Minister Amir-Abbas Hoveyda, who had attended the demos back in 1975, were executed. CDC personnel had to evacuate the country, and the company lost a lot of money.
>
> The Venezuela dream didn’t pan out either…
>
> > “Venezuela was more corrupt than Iran, if that was possible…. In South America, the Venezuelans were known as the ‘Iranians of South America’ and not just for their oil reserves. You could get anything you wanted in Caracas— anything. Like many CDC international offices, CDCVEN [the acronym CDC used for its Venezuelan business] had its own guy specializing in local bribery and ours was good.” This was CDC’s fixer for Venezuela, “used for more local practical bribery associated with licenses, permits, getting employees and families out of scrapes, etc.” … “My short version,” Smith once explained in an email, “is the PLATO buy became entangled in Venezuelan politics and did not survive the massive political infighting and jockeying for a bite out of it for all concerned (including two or more of our own guys). I do not believe we lost it because we did not bribe. True there was a corporate public effort to clean up our act (I have seen CDC bribe all over the world— even in places like Germany, supposed to be un-bribable) but HQ never backed off of doing business along those lines (anyway it was very difficult to stop the local CDC folks from making deals HQ did not know about). In a lot of countries it was the only way to do business. When the U.S. government started with pressure on U.S. companies to not bribe they started our downfall in the business world….
>
> Are you a big believer in social impact investing? So was the imperial CEO of CDC:
>
> > Morris tried to explain to [William] Norris the benefits of pursuing business and education markets at the same time— charging more to business customers so they could charge less to education customers— but Norris did not see it this way. “Norris logically could see it that way,” said Morris. “But his concern was, ‘I’m doing this because I want to make a social impact on education. And if you guys go and turn your attention to selling in the business environment, you’re going to start forgetting about education, and start forgetting about our end goal. I want you to concentrate on education. Okay?’ And so based on that, we did concentrate on education, I still think today if we had sold into the business environment we would have been able to fund more of the stuff that was getting the price down and achieving the educational objectives that we were out to achieve.”
> >
> > “Addressing society’s major unmet needs” became Norris’s rallying cry, a remarkably progressive mantra for a tech company in the 1970s and 1980s, and one that the rest of the industry and financial world regarded with befuddlement or derision.
> >
> > In 1984, Randall Rothenberg wrote a profile of Bill Norris and Control Data for Esquire magazine. The article never ran. However, Rothenberg’s recollections of the article’s conclusions shed light on the predicament Norris and CDC were in, particularly with regard to PLATO. “Control Data,” he says, “was an example of what we’d later call industrial policy; its expertise was in seeking government funding for technology projects relating to supercomputing. When the government market for supercomputing for military and economic applications began to dry up (because of, e.g., the advance of minicomputing), CDC, instead of adapting its business model, began to seek new uses within a government welfare structure for its existing supercomputing technology. Using the technology for training, small business development, etc., was a logical extension of this. What CDC could not do was diverge from a model predicated on powerful central control. The whole notion of distributed systems— in computing, in social welfare, in anything else, it seems— was totally foreign to it. So the inapplicability of its technology to the social-welfare aims it was seeking to address was something the company could not work around. Put another way, it had come up with the perfect Great Society solution— twenty years late.”
>
> CDC and PLATO were successful in some markets:
>

> (continues in next comment)

I agree (to an extent).

I think that the rhetoric used by progressives has gone a long way towards alienating people whose experience of drawing the short lot in life doesn't fit into an increasingly atomising intersectional intellectual discussion of "identity".

I think a lot of poor whites who feel (and have in reality been) left behind find the current identity politics that are so popular on collage campuses as an insult.

We on the left need to address this. The left was supposed to be about solidarity, but in recent years identity politics as a central theme has followed a perversely free market consumerist logic. It's like a tivo for the political landscape.

Conversely the right has co-opted the same assumptions of historically left wing thinkers in their critique of modern discourse.

I'm not advocating an "all lives matter" bs cop out, but that as long as we are focused on academic arguments about identity that leave the working classes alienated, then the progress we make will always be hindered by the resentment it fosters.

Not sure how to save it, but I hope we can.

Full disclosure: I am a white heterosexual cisco male, so I understand that my perspective on the importance and impact of identity politics is grounded in a privileged perspective, but I don't think that shutting people out is the solution.

Edit: added the bit about agreeing, in case my wall of text put anyone off reading the wall of text.

Edit 2: My thinking on this issue has been shaped largely by this book.

There are certainly aspects of her thesis I fundamentally disagree with (a modernist perspective on progress is something I find kinda problematic -but I am wearing a t-shirt with Foucault on it as I write, so I might be a little biased. Also her turn against "counter culture", although I think that in fairness the author means that transgression for the sake of transgression is a hollow concept that has been romanticised by the left for too long -and with that I would begrudgingly agree. Although I do think it makes for a powerful tool to question our own assumptions).

A Little History of Science, by William Bynum. (Link) It's a little newer than Bryson's A Short History of Nearly Everything, but on par with it in most respects. Covers the histories of medicine, astronomy, chemistry, the discovery of plate tectonics... pretty much all areas of science. Highly entertaining (particularly the section on anatomy and how early artists were painters by day and grave-robbers by night).

I also liked The Blogger Abides, by Chris Higgins (Link), which is an extremely practical guide to managing a freelance career. It's written for writers but is applicable to most freelance professions (photographers, consultants, etc.), and includes sections that most "be a writer" books wouldn't, like how to manage self-employment taxes and give pesky publicity people the brush without looking like an asshole.

For more traditional nonfic, I liked Deep State (link) about the government's secrecy industry; Agent Garbo (link), about a farmer who just decides to be a spy and ends up helping the Allies bring down the Nazis (it's insane); and literally anything written by Mary Roach -- even her tweets are great.

I remember reading this one

I went to the NCSU stacks and grabbed an armful from the psychology section so my memory is fuzzy. The best one had a profile of two people's faces yelling at each other but I can't remember the title.

Other good reads that will roundabout teach the same mechanics:

A classic

A more fun read, but less relevant.

With more entrenched ideas like politics it may be useful to look into books on the mechanics of brainwashing. If you learn how to build a bomb, you learn a lot about diffusing them. You also may learn we're all mildly brainwashed in some innocuous way or another.

And if you're not much of a reader, Chris Voss puts most of these ideas pretty eloquently.

Edit: The ones that look more like textbooks than self help tend to be more useful with the exception of Dale Carnegie.

I wrote a book a little over a year ago to answer exactly these types of questions...
https://www.amazon.com/Hacker-Ethos-Beginners-Ethical-Penetration/dp/1523764368
There is a free preview with 100 pages from one of my early drafts if you want a sneak peek at what you'd be reading...
https://drive.google.com/file/d/0B8JvWS_y2CHqZ2EwWG9pcENjazQ/view

Reading the subreddits is certainly helpful as well. I would definitely recommend building your own lab of vulnerable machines to practice. You can get plenty of these from Vulnhub.com

Of course, you'll need some tutorials, chiefly of which I recommend www.cybrary.it, an excellent site for tutorials on all things security and infosec, including pentesting.
Other books I highly recommend...

• Mastering Metasploit
  
• Mastering Kali Linux for Advanced Penetration Testing
  
• The Web Application Hacker's Handbook
  
• The Hacker's Playbook
  
• The Shellcoder's Handbook
  
• Hacking: The Art of Exploitation
  
  Good luck, OP hat-tip
  

Probably a lot of readers of /r/water have read Cadillac Desert.

I own a copy of, and have made two false starts reading, The King Of California as recommend by the anonymous author of the blog On The Public Record.

I highly recommend A Great Aridness, a worthy heir to Cadillac Desert.

Also on my to-read list is Rising Tide. I would like to find a book that does for the Great Lakes what Marc Reisner did for water in the American West with his book Cadillac Desert.

A few things I've read this year that have little to do with water:

• The Sixth Extinction: An Unnatural History
  
• The Future of the Mind: The Scientific Quest to Understand, Enhance, and Empower the Mind
  
• The Human Experiment: Two Years and Twenty Minutes Inside Biosphere 2
  
• The Second Machine Age: Work, Progress, and Prosperity in a Time of Brilliant Technologies
  
• Citizenville: How to Take the Town Square Digital and Reinvent Government
  

Books that changed the way I look at things, and thus changed my life:

Light by M. John Harrison Helped me understand that my feelings of smallness and impotence were pointless. In the greater scheme of things there is always two things: Someone better-off than you, and Someone worse-off than you. Whining about it helps no one.

Crank by Ellen Hopkins Helped me understand my mother's drug abuse. Not condone it of course, but understand it. Within six months of me reading this book, my Mother actually started to get clean. Maybe she found it in my room or something.

House of Leaves by Mark Z. Danielewski Through this I learned the true power of fiction. This book makes movies look bad. It is the biggest must-read on my list.

Social Engineering: The Art of Human Hacking by CHristopher Hadnagy taught me how better to interpret my actions and the actions of others, and in general made me a more observant person. Barring the manipulative side of things, (which it helps you notice as other people do it or you do subconsciously) it helps you understand social interaction on a deeper level than just words.

A Child's First Book of Virtues by Emily Hunter

I'd have to say that this was one of the single most important books of my childhood. It taught me all the important bits. This book was gifted to me right after I learned to read, and I am quite frankly a better person because of it. It helped form the model by which I judged my own character.

And of course a set of the Encyclopedia Britannica and Compton's interactive encyclopedia.

Buh I like reading.

Bakers make great modernist cooks because it requires so much forethought/calculation. As for resources, my first book was Cooking for Geeks, then the Modernist Cuisine book set from Nathan Myhrvold (and have it signed by him "For Science!") which is the bible, but free options include their website, Seattle Food Geek, molecular recipes, this YouTube playlist from Harvard and the usual science-based cooking resources like Good Eats, America's Test Kitchen, and Chef Steps.

I learned not to overthink the ice sphere mold: fill it with water and take it out after three hours, then melt a hole in the top and suction out the liquid water with a syringe. The chocolate was tempered then about a tablespoon was dolloped into each half, joined, and tumbled for coverage. Turn every 15 minutes in the fridge until it pulls away from the mold.

The goat cheese was thinned to an oozy consistency with goat's milk to get the desired "popping" effect. I wanted to do something creamy that would complement the char on the lamb and acidity of the vinaigrette.

Best things to sous vide: Eggs to various stages of yolk doneness, well-marbled but tough cuts of meat (think USDA Prime grade Chuck steak and pork ribs) over 72 hours at 140F, salmon with smoked salt to 113F is spreadable like butter

I do agree they could and have tampered with shipping on things in the past (Countdown to Zero Day ); however, for the NSA (as an example) to target ordinary citizens seems a bit out of focus for what the NSA would want to use resources on. I'm not saying they would not (please excuse the double negative), it seems like a lot of effort for next to zero gain. They would want to target individuals of high interest for sure and have shown in the past to be very specific on how they target them. Again the above mentioned book details how specific the Stuxnet virus was to avoid it from activating on every logic controller or found. I feel the same would be true for certain agency's to target select individuals not an entire group.
Also, if this bothers you then how can you trust VPN encryption at this point? Who can say they have or have not broken that? How can you trust they haven't broken HTTPS encryption? We can "what if" this to death.
For myself, I'm really looking forward to this phone for the lack of a company tracking me. No more Google listening to everything I say within ear shot of my phone. No more Google tracking everywhere I've been all day Watch this.

The NSA cares about national security, you downloading that new album of MP3s with Bit torrent is a matter for other agencies. Why waste the resources?

I imagine that their warehouses will get some in up to two weeks before they ship. There are a few ways to score one early. My favorite method for getting early deliveries from Amazon requires you to spend a little bit more money. Add this, this, this and this to your cart and use your Amazon prime to get overnight shipping.

Now you've got a little reading to do (no big deal for us Kindle lovers though, right? LOL!) Give this a read. On your PC, I guess since you don't have a kindle right now :(. Maybe print it out.

You've still got a few weeks before they hit the warehouses. Give this page a once over. Which one of those is nearby you? Take a drive down to the airport and do a little Kindle-lover pilgrimage! Make some notes about what people are wearing. You'll want to get an outfit like that.

Go back a few more times at different times of day. Get a feel for the flow of the place.

Now we have some more reading to do! Pick up the Kindle edition of this and read it on your PC (you'll get to put it on your new Kindle soon!). (I <3 Calibre's reader for this sort of thing.)

Hold on, someone's at my door. Probably about that slick "free TV from Best Buy" deal I posted a while ago! BRB!

I think T-shirt slogans and Twitter hashtags are just another type of "performative wokeness" that lets your colleagues demonstrate to one another how seriously they take racial injustice. It's really not attacking white people, because it's more likely than not to be a white person wearing the damn thing.

At this point, these activists are not interested in generating a dialogue with others outside their in-group. They're looking to solidify bonds with each other. It's a bit of ass-backwards tribalism, but liberals are sick and tired of having to be the adult in the room, so college-aged academics are happy to adopt a sarcastic, countercultural, 4chan-style "burn it all down" approach in order to build a foundation to stand on against out-group members. It's an emotional release rather than a productive move in favor of social liberalism.

I really enjoyed reading Kill All Normies, which breaks down the politics of transgression (attacking what we think is socially acceptable or polite) that both Tumblr reactionaries and alt-right superstars have engaged in. I see the "white tears" stuff as a natural extension of that, an attempt to reclaim a transgressive voice on the left that falls on a lot of deaf ears because of its inherent contradiction.

In other words, those slogans are not inflammatory or counterproductive to social liberalism, because they never were intended to advance social liberalism. Instead, they have been successful in uniting certain voices in this blip of time during the Trump era (for better or for worse), though I'm not sure how much longer that kind of rhetoric can sustain itself beyond that.

The best book I've read on the subject urban survival is How to Survive the End of the World as We Know It.

For wilderness survival go for The SAS Survival Handbook.

As for growing crops, first aid, things like that, I find its best to learn those skills from a non-survival oriented book. You can apply the skills you learn in them to your personal situation (geographical location, financial restraints, likely local disasters, etc).

That being said, the best books on growing food and livestock are The Encyclopedia of Country Living and The Backyard Homestead.

Finally, while it's technically not a book, The Survival Podcast has a priceless wealth of informational podcasts on different subjects pertaining to modern survivalism.

I would highly recommend Cooking for Geeks. It explores the science behind what you're doing while providing you with a solid stable of recipes. It also approaches cooking more like a laboratory and less like an art. If you get a chance I also highly recommend you watch Gordon Ramsay's Ultimate Cookery Course. A quick google search should reveal the best places to watch it.

I would recomend you to read Future Crimes by Marc Goodman https://www.amazon.co.uk/Future-Crimes-Digital-Underground-Connected/dp/0552170801?SubscriptionId=AKIAILSHYYTFIVPWUY6Q&tag=duckduckgo-ffab-uk-21&linkCode=xm2&camp=2025&creative=165953&creativeASIN=0552170801 mostly deals with the non existence of electronic security though and how it is and can be exploited

Information and Corporate security is a very big subject, so it kind of depends where you intend to take your story. But you can start by reading the Wikipedia article about InfoSec https://en.wikipedia.org/wiki/Information_security and then see how each area fits into your story and work out from there.

Some realisim in how difficult it can be to track down a hacker, read The Cuckoo's Egg by Clifford Stoll
https://www.amazon.co.uk/Cuckoos-Egg-Tracking-Computer-Espionage/dp/1416507787/ref=sr_1_1?s=books&ie=UTF8&qid=1500888747&sr=1-1&keywords=clifford+stoll very different from what you see in the media

IMHO the most interesting area in Information security is Social Engineering, it requires cunning and skill, and sometimes you can't stop admiring the talents and genius of some of these people. Read Social Engineering: The Art of Human Hacking https://www.amazon.co.uk/Social-Engineering-Art-Human-Hacking/dp/0470639539/ref=sr_1_1?s=books&ie=UTF8&qid=1500889212&sr=1-1&keywords=social+engineering+the+art+of+human+hacking

Each year Verizon release their data breach report http://www.verizonenterprise.com/verizon-insights-lab/dbir/2017/ it is free to download (don't have to register, just click the download only button) I think that is possibly the best insight you can get into corporate security challenges in 2017

Fierce_Fox is right. FM manuals such as FM-217-76 Survival.....may be somewhat outdated but the information is reliable.
As a Medic/EMT my prepping focuses on my skill set with everything else falling close in line. I have a lot of information in digital format; both on USB and a small external drive. I have a small tablet that is in my BoB for reading documents and such.
At a minimum, here are my suggestions:
FM 21-76 Survival - Department of the Army
https://archive.org/details/military-manuals
SAS Survival Guide - https://www.amazon.com/SAS-Survival-Guide-Collins-Gem/dp/0061992860/ref=sr_1_1?ie=UTF8&qid=1483496552&sr=8-1&keywords=sas+survival+guide
The Pocket Prepper's Guide - Bernie Car
https://www.amazon.com/Preppers-Pocket-Guide-Things-Disaster/dp/1569759294/ref=sr_1_fkmr0_1?ie=UTF8&qid=1483496827&sr=8-1-fkmr0&keywords=The+Pocket+Prepper%27s+Guide+-+Bernie+Car
The Complete Disaster Home Preparation Guide - Robert Roskind
https://www.amazon.com/Complete-Disaster-Home-Preparation-Guide/dp/0130859001/ref=sr_1_1?ie=UTF8&qid=1483496881&sr=8-1&keywords=The+Complete+Disaster+Home+Preparation+Guide+-+Robert+Roskind
How To Survive the End of the World As We Know It-James Wesley,Rawles
https://www.amazon.com/How-Survive-End-World-Know/dp/0452295831/ref=sr_1_1?ie=UTF8&qid=1483496952&sr=8-1&keywords=How+To+Survive+the+End+of+the+World+As+We+Know+It-James+Wesley%2CRawles
Bug Out - Scott B. Williams
https://www.amazon.com/Bug-Out-Complete-Escaping-Catastrophic/dp/156975781X/ref=sr_1_1?ie=UTF8&qid=1483496991&sr=8-1&keywords=Bug+Out+-+Scott+B.+Williams
When There Is No Doctor - Gerard S. Doyle, MD -
https://www.amazon.com/When-There-Doctor-Challenging-Self-reliance/dp/1934170119/ref=sr_1_2?ie=UTF8&qid=1483497054&sr=8-2&keywords=When+There+Is+No+Doctor
The Ultimate Survival Medicine Guide - Joseph Alton, MD & Amy Alton, ARNP - https://www.amazon.com/Ultimate-Survival-Medicine-Guide-Preparedness/dp/1629147702/ref=sr_1_fkmr0_1?ie=UTF8&qid=1483497109&sr=8-1-fkmr0&keywords=The+Ultimate+Survival+Medicine+Guide+-+Joseph+Alton%2C+MD+%26+Amy+Alton%2C+ARNP
Last, but not least, The Zombie Survival Guide - Max Brooks
https://www.amazon.com/Zombie-Survival-Guide-Complete-Protection/dp/1400049628/ref=sr_1_1?ie=UTF8&qid=1483497158&sr=8-1&keywords=The+Zombie+Survival+Guide+-+Max+Brooks
The last one is more humor but it does have many great points and ideas.
A library that covered everything would be very heavy and take up a bit of space. For the minimum, at least 1-2 books on everything one will need to survive will still be a lot. These books should be read, reread, and read again. We can't memorize everything, but having this to go back on when needed is a great addition. There's tons of information online and downloadable for free.
Depending on one's skill set, then they may not need as much. Teach others in a group is a must. Can't have one person be the ONLY one who can do 'this' skill. IMO, research should always be the first step. So much information out there and it's free.

cooking for geeks is an excellent book to help you understand how to experiment with food. it has good recipes, but i really appreciated it for how much it encourages you to experiment with recipes and how to think of novel additions/changes to them.

Bruce Schneier is Chief Security Technology Officer of British Telecom, one of the world's leading security experts and a very vocal advocate of strong security practices that benefit common people. He's published his crypto-gram newsletter since 1998, which is translated into several different languages, and published several books on the topic, including Applied Cryptography. If anyone is qualified to give testimony to Congress on the subject of technical measures to ensure airport security, it's this man.

I am an avid "people watcher" and notice things other people don't. I often accidently memorize things I would never need to memorize.
(like the license plate from the car in front of mine while driving)

Advice (things I have noticed):

Watch things, see a bird? Watch it. See a group of people? Watch them. It helps to be in a higher place. Have you ever noticed people almost NEVER look up when in the mall? Stands at the edge and look down.
Always, always, always, look around. Never stop looking around. Learn to do it naturally and to pay attention to something or someone while still studying your surroundings.

If you feel wierd watching people, wear headphones or hold a phone. Sounds dumb, I know. But what I have found is if you are wearing noticable headphones or have a phone in your hand. People don't expect or think it's wierd that you are staring in random directions which include theirs. Act like you have a reason to be there.

Remember how tall you are, it can help you find the height of objects or people.

Remember, most of the things you learn in a day will vanish within 20 seconds because of your short term memory and the way your brain sorts what to keep and what not. But that's not the point right now. The more you watch and pay attention. The more you will retain.

Make it a game, it will eventually give you a feeling of having the upper hand on people.


EDIT: If you also want to learn about people, not just details then I suggest you read about Social engineering. One of my personal favorite books is http://www.amazon.com/Social-Engineering-Art-Human-Hacking/dp/0470639539/ref=sr_1_1?ie=UTF8&qid=1318521071&sr=8-1

The guy that wrote that blog post has a good book called Spam Nation that talks about his deep dive investigation into Russian cybercrime gangs. It's incredibly good, and he's one of the best reporters on the cyber underground.

I'd also look for the coverage of Stuxnet. There's a really good documentary about it called zer0days, and since you specifically asked about books you could do Countdown to Zero though I haven't read it so I don't know how good it is. If you haven't heard about Stuxnet it's a fascinating story about just how advanced US cyber warfare capability is.

For what it's worth, cryptography is famously hard to get right and I would strongly recommend that you use existing crypto software if you are actually trying to secure your computer.

That said, if you're interested in coding and want to learn more about encryption just for fun, you should check out the Matasano Crypto Challenges. They teach you about the fundamentals of cryptography by having you build a bunch of ciphers and then break them.

If you're looking into doing this more professionally, I've been told that Cryptography Engineering and Applied Cryptography are some good resources, though I haven't read them myself.

Yes and no. A minimal keyspace password is still a problem but I covered that in a previous post. It's up to the engineer and the user to expand on that, not the hash. Or you have to go with lunatic 1s hash stuff which just creates it's own problems as you've pointed out - I believe there's better novel approaches to making sure more entropy is captured from the user.

Quick mention about rainbow tables; The input keyspace of any password is relatively small, which is why rainbow tables on unsalted hashs are the cheapest attack, but once you salt the password, it's impossible to predict where in the expanded hash keyspace the collision will occur, thus the whole keyspace of the hash is relevant.
You'd have to have a rainbow table for every salt (presuming another 1KiB) and for the common keyspace for user passwords. Using xkcd's easy example of 28bits entropy, that's still 8000^28 entries, so (8000^28 )*(10[pw]+1000[key]+1000[salt])bytes aka 3.888 x 10 ^112 bytes - ie. not feasible.

Which brings us back to brute forcing taking longer than the universe is old.

So entropy is the key and bring us back to xkcd... again. Educate users to make better passwords or provide better ways of capturing entropy like patterns, colours, picture (key files) and puzzles.

If you're really into the subject, go read Applied Cryptography. It'll better explain the situation than I! :D


edit: for superscripts going crazy and refocus the point.

check out r/oscp Lots of blogs being posted over there almost on a weekly basis on what people did to get ready for the test and about the test.

> I have just set up simple virtual lab (Metaspolitable + Kali ) so where should I start ?! Is there any curriculum or learning path I need to follow to make my life easier ?!

What is your background when it comes to this stuff?

https://www.jpsecnetworks.com/week-1-oscp-preparation-lab-setup/

You need also learn about Windows exploitation

>Would you recommend specific course where you can get all what you need for OSCP in one place ?!

https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/

They already have a course to get you going. If you are totally new to this world, check out CEH, it will hold you hand and at least introduce you to the concepts of pentesting but the cert doesnt mean jack shit unless you are going for a 8750 requirement.

elearning has some basic pentesting courses to get you started and its a lot more hand holding that OSCPs material. However they seem to focus on relying on metasploit a lot more than you are allowed to use

https://www.amazon.com/Hacker-Playbook-Practical-Penetration-Testing-ebook/dp/B07CSPFYZ2

Well, it mostly depends on what you’re trying to achieve. You definitely do not want to drop tools on the disk of the compromised machine if stealth is the main goal. You would load stuff into memory instead (reflective PE injection, reflective DLL injection (Powersploit toolkit) in case of Windows, /dev/shm in case of linux) and that way leave a minimal footprint for the blue team.


As to what would get picked up, that depends on the configurations. Process injection, process hollowing, outgoing connections, etc. can all be detected with the right (YARA) rules. Your best bet would be to use non-standard protocols such as DNS (look up dnscat2), ICMP and use the compromised host as sort of a pivot. Sending tool traffic through it instead of installing the needed tools on it.


Here are two writeups from the real world:

https://www.exploit-db.com/papers/41915

https://packetstormsecurity.com/files/155392/HackBack-A-DIY-Guide-To-Rob-Banks.html


Here are some other resources you may like (including DA compromise):

https://medium.com/@adam.toscher/top-five-ways-i-got-domain-admin-on-your-internal-network-before-lunch-2018-edition-82259ab73aaa

https://youtu.be/dKUS26BlKlc

https://youtu.be/q7DfaaUHXYE

https://www.amazon.com/Hacker-Playbook-Practical-Penetration-Testing-ebook/dp/B07CSPFYZ2


PS: I do not condone malpractice. Provided links are purely educational... Also sorry for the formatting, on mobile. Feel free to DM with more questions, this is a wide topic.

Schneier's Applied Cryptography can be difficult to get through, but it is a really good book to spot read / keep as a reference.

http://www.amazon.com/Applied-Cryptography-Protocols-Algorithms-Source/dp/0471117099

I'd also start reading blogs to get into the security mindset. Schneier on Security, Krebs, the podcasts that have been mentioned by other posts. They often have really good archives, too.

I made a similar jump, IT to Security Analyst.

I spun up a home lab in vmware with Kali, metasploitable, splunk, pfsense and security onion (for snorby).

I read a couple books:

Network Intrusion Detection:

https://www.amazon.com/gp/aw/d/0735712654

Applied Cryptography:

https://www.amazon.com/gp/aw/d/0471117099

Between this and diving into security centered news sites I went from 0 to (what felt like 60) in about 3 months. I was picked up as a security analyst for a pretty solid tech company.

The ever-excellent Khan Academy has produced a very nice and short series of videos explaining how cryptography works. Anyone who understands basic high school arithmetic can follow this. If you have ever been interested in the science of codes, ciphers, breaking them, etc. this is worth a look:

http://www.khanacademy.org/science/brit-cruise/cryptography

More in-depth treatments of cryptography can be found here:

https://www.coursera.org/course/crypto

and here:

http://www.youtube.com/playlist?list=PL71FE85723FD414D7&feature=plcp

And for the truly hard-core some of best books on crypto are:

http://www.amazon.com/Applied-Cryptography-Protocols-Algorithms-Edition/dp/0471117099/ref=sr_1_1?s=books&ie=UTF8&qid=1340524661&sr=1-1&keywords=applied+cryptography

and

http://www.amazon.com/Practical-Cryptography-Niels-Ferguson/dp/0471223573/ref=sr_1_1?s=books&ie=UTF8&qid=1340524712&sr=1-1&keywords=practical+cryptography

and

http://www.amazon.com/Cryptography-Engineering-Principles-Practical-Applications/dp/0470474246/ref=sr_1_2?s=books&ie=UTF8&qid=1340524751&sr=1-2&keywords=practical+cryptography

By far, my favorite and most loved book is Cooking for Geeks, while I'm not a geek, it's still a great reference for everything imaginable, and explains why food cooks the way it cooks, or why food reacts the way it does. Helps avoid mistakes and become independent if you don't have any book for a recipe on hand.

Super helpful! Thanks for the response. Might be dumb but what does CEH stand for? I'll avoid it as it sounds like I should.

I bought this book and this book I'll do all the excercises in them.

What are the CTF's you mention?

Thanks again though, very helpful.

I currently work 2 jobs and have my fingers in a lot of pies.

That being said, I still find the time to cook. Not as much as I like, but I do so quite regularly.

Aside from reading cook books, watching Good Eats, and America's Test Kitchen, I got the most experience from practice.

I also visit these subreddits.

http://www.reddit.com/r/cooking

http://www.reddit.com/r/askculinary

Book wise, I have quite a few books on both technique and the food itself.

A few of my favorites are:

On Food and Cooking by McGee - http://www.amazon.com/gp/product/0684800012

Cooking for Geeks by Potter - http://www.amazon.com/Cooking-Geeks-Science-Great-Hacks/dp/0596805888/

How to Cook Everything by Bittman - http://www.amazon.com/Everything-Completely-Revised-Anniversary-Edition/dp/0764578650

and a multitude of others.

Oh jeez.

I actually kinda want to revisit that DDoS episode for a couple reasons. Not to least, my friend Molly, who helped with that ep, just released her book on the subject which is AMAZING. If you're looking for some reading, highly recommended.

Pairs well with another colleague's book about Anonymous that just came out, if you need new reading times two.

Interesting analysis. I have been thinking the same lately, while reading Biella Coleman's recent book on Anonymous. She is quite sympathetic to anon culture, as am I, despite its toxic elements. The interesting question is how the consensus seemed to drift in a weird, conservative way around GG, when in the past it supported more progressive causes (Steubenville, etc.). Are these just different subgroups within anon, have people drifted (eg. weev revealing himself to be a plain old unironic racist), have some boards always been this fucked, what's the story?

I think this would be too much for one book. Having different books written by experts in their respective fields makes the most sense.

I think the book (How to Survive the End of the World as We Know It)[http://www.amazon.com/How-Survive-End-World-Know/dp/0452295831) by James Rawles does great as an overview and from there he recommends many different other books that focus on specific things like growing crops and preserving food.

The point of my post is that its going to take a library to survive.

Depending on exactly what part of the automotive computing field you want to get involved in you may be better off with Computer Science (machine vision, deep learning, etc), Computer Engineering (sensor design, bus interfaces, etc) or Electrical Engineering (analog design, signal integrity, etc). A great book to get started is The Car Hackers Handbook https://www.amazon.com/dp/1593277032/

> Suppose the voting machine stores...

No, this isn't how cryptography is used for voting (or can be used) as far as I recall. Recommended read: https://www.amazon.com/Applied-Cryptography-Protocols-Algorithms-Source/dp/0471117099 :) I haven't taken much interest into secure voting apart from what I have read in this excellent book. I think it's a great starting point for any serious thinking about this topic.

I suck at explaining myself. For example, the second serial number I mentioned isn't for YOU and is not meant to prove anything but act as a "fake" (but verifiable) one you can present to blackmailer. I failed to explain even that properly.

As a side note, you make many assumptions about the voting process. For example, where I live you cannot get a duplicate voting card because this means messing with results easier so a photo would indeed be a proof etc. This is a detail though because I think you have much stricter expectations of a cryptographic system than you have of a physical one as if the latter couldn't be tampered with (they are!).

I think I'm not qualified for this discussion simply because cryptography isn't my specialization, esp. in this context. But thank you so much for sharing your thoughts.

Ok, but like $10? $25? Would help for making suggestions.

here are a few useful things:

• Multitool you can carry on a keychain for $10
  
• Cooking for Geeks book
  
• REI giftcard...climbers always need more gear
  
• Rolls of athletic tape if his hands get torn up climbing
  
• Amazingly absorbent towel for gym/camping use
  
  

I'd going to answer in two posts here, this one will link stuff to websites or amazon for physical books. The other will be more discussion based. (e.g. this is just a raw data dump.)

I have used some google foo and I'm willing to post links, note that many of these will overlap (that is they have the same free PDFs or HTML pages etc.) Others are a bit further out there, e.g. magnetic pole reversal etc.

You get the point though people compiled whatever they though the world might need after aliens, the clintons took your guns, or trump and putin nuke everybody, global warming, plague, etc. Since it takes a massive amount of work to put these together and most people are not dedicated enough to do so, they all have the flavor of whatever the person building them thought was most important.

Here is a list, use from it what you can. Including in the list are things like RACHEL, hardware hotspot for wifi that any computer can connect to, like a library box or pirate box. Many of these resources are focused on and in use in 3^rd world nations. things like the one laptop per child might be a perfect resource to allow some technology designed cheaply but ruggedly to have to access this stuff.

https://en.wikipedia.org/wiki/CD3WD

https://worldpossible.org/rachel

http://librarybox.us/

http://one.laptop.org/

http://www.appropedia.org/Welcome_to_Appropedia

http://www.fastonline.org/CD3WD_40/CD3WD/INDEX.HTM

cd3wd torrent magnet link. 2012 version

dropbox link for torrent files for the above if the magnet or trackers aren't working.

http://oer2go.org/

Pole shift library magnet link

Need 55 gigs of wikipedia offline? get it at this link

http://www.cs.amedd.army.mil/borden/Portlet.aspx?ID=cb88853d-5b33-4b3f-968c-2cd95f7b7809

http://hesperian.org/books-and-resources/

https://modernsurvivalonline.com/survival-database-downloads/

https://www.amazon.com/gp/product/0061992860

https://www.amazon.com/gp/product/0452295831

https://www.amazon.com/gp/product/1570618402

https://www.amazon.com/gp/product/1933392452

https://graywolfsurvival.com/3083/documents-need-bugout-bag/

https://www.opensourceecology.org/gvcs/

I loved Cooking For Geeks by O'Reilly. It gives examples of recipes as it explains the chemistry and physics of what's happening to the food. Very interesting and entertaining, and it upped my cooking game by a lot.

A lot depends on the school and the program- some are operations focused, others are management focused. What school are you going to? It sounds like you're pretty well ahead already, so I wouldn't worry too much, especially as you will be reading a lot for school, but if I had to give you one book, I'd go with the Hacker's Playbook https://www.amazon.com/Hacker-Playbook-Practical-Penetration-Testing-ebook/dp/B07CSPFYZ2. Its a far better book that the for dummies series.

This does not make sense to me.

> The Public keys will be base 36 numbers ranging from 00000 (0) to ZZZZZ (60,466,176).

As nsa_at_home points out, the key representation normally has nothing to do with the actual key. Cryptographers will represent things in binary as a convenient standard; you'd say "I want a key with at least 23.5 bits of entropy", say. It's very, very easy to represent a key with N bits of entropy in any form you want, which sounds to be your goal; in this case, you'd take a number in base 2 and just convert it to a number in base 36.

For most purposes, your keyspace is not large enough. Say encryption has a cost of N. That means that brute-forcing your entire keyspace only costs about 60 million times that much. If you want a signing operation to be reasonable on a computer, you probably can't blow more than, oh, say, let's say a second on it for most applications that I can think of. If I'm willing to brute force for a day, I've already covered 1/700th of the keyspace. If I get 700 computers, I've broken your encryption.

Your key has ~25.8 bits of entropy. ln(36\^5)/ln(2). A typical RSA pubkey in practical use today might have a key length of 2048 bits, to give you an idea of what you might want to shoot for.

> The Private Keys need to be originally derived from the public keys mathematically (or Vice Versa)

This makes no sense. The point of public/private key encryption is that the person who has the public key cannot derive the private key; this property means that you can give out the public key without needing to worry about anyone using the public key being able to decode messages others have encoded and sent to use using the public key.

If you don't care about this property, you would be using symmetric encryption, not pub/privkey encryption.

> The Private Keys need to be completely different yet within the same number range (0 - 60466176) without being guessable (ex: very complicated and possibly irreversible).

Now I'm really lost. A key isn't "reversible"; a process is. You can't run a key backwards; it's just a number.

The only other pieces of information out there that it might be deducible from would be the pubkey (and you've already specified that you want the privkey to be derivable from the pubkey, which doesn't make sense either, so that's already reversible) and a known-plaintext attack on the ciphertext (and as I point out above, for most practical uses, your mandated key length is so short that it probably is derivable from the ciphertext for most practical applications).

• If you want a practical solution here, you don't want to invent a new pubkey system. That is incredibly difficult; it's taken years and many many people hammering on various crypto systems (and breaking some of them) to get us to where we are now. You want to build something with existing pubkey systems. You might want to explain what your practical goals are, because the requirements of the thing specified just don't make sense for any real-world system.
  
  
• If you want to learn about crypto, and want to do a pubkey system as a form of practice, you are probably going to be better off reading your way through existing material than trying to learn by doing things from scratch. Honestly. I'd recommend reading and comfortably understanding Applied Cryptography to at least have a reasonable understanding of the issues that you're going to deal with. I have not read it, but I know enough people who do know what they're talking about who recommend it that it'd be my go-to recommendation. I think that you may be dramatically underestimating the scope of work that goes into developing basic crypto tools like pubkey systems.

I actually love it. I kinda geek out over it. check out things like:
http://www.amazon.com/Cooking-Geeks-Science-Great-Hacks/dp/0596805888/ref=sr_1_1?ie=UTF8&qid=1414009628&sr=8-1&keywords=cooking+for+geeks

for instance, did you know the boiling point of table salt is about 230 degrees F? if you're cooking something about to go into the oven above that temp, you'll never taste the salt. save it and salt after at the table, or switch to sea salt, which boils hotter.

>Uhh... what?

Some reading for you. Obviously gamergate wasn't the genesis of the alt-right, but it was certainly a major driver in it's rise to prominence and a very popular pathway for nerdy young men to join the radical right-wing.

Wow. I just got done reading Countdown to Zero Day (arguable a major source document for that movie) and I never got the sense that anyone involved wore a cape. Additionally the book goes into details about several 'versions' of stux that seemingly were developed by several different teams. Quite a good book if you are interested and my local library had it.

I truly recommend Cooking for Geeks, I love it.

Thank you all for your responses! I have compiled a list of books mentioned by at least three different people below. Since some books have abbreviations (SICP) or colloquial names (Dragon Book), not to mention the occasional omission of a starting "a" or "the" this was done by hand and as a result it may contain errors.

edit: This list is now books mentioned by at least three people (was two) and contains posts up to icepack's.

edit: Updated with links to Amazon.com. These are not affiliate - Amazon was picked because they provide the most uniform way to compare books.

edit: Updated up to redline6561

• 14 The C Programming Language
  
• 11 Structure and Interpretation of Computer Programs
  
• 8 Introduction to Algorithms
  
• 7 Compilers: Principles, Techniques and Tools
  
• 6 Programming Erlang
  
• 5 The Mythical Man-Month
  
• 5 The Pragmatic Programmer
  
• 5 Applied Cryptography
  
• 4 Beautiful Code
  
• 4 The Little Schemer
  
• 4 Programming Perl
  
• 3 Types and Programming Languages
  
• 3 Gödel, Escher, Bach
  
• 3 OpenGL Programming Guide
  
• 3 Code Complete
  
• 3 Artificial Intelligence: A Modern Approach
  
• 3 Programming Pearls
  
• 3 ANSI Common Lisp
  
• 3 A Brief History of Time
  
• 3 Agile Web Development with Rails
  
• 3 Concrete Mathematics: A Foundation for Computer Science
  
• 3 Modern Operating Systems
  
• 3 Paradigms of Artificial Intelligence Programming
  
• 3 Operating System Design and Implementation
  
  

Cooking for Geeks. I've read all the books mentioned in the thread thus far, but I think this book will be more your sister's speed.

I found it a lot more fun to read than the others. It has some hard-hitting science in it. If you were interested in actual food science books, I have a library of over 500 pdfs if you wanted to look through them.

Guns and ammo. Lots of both.

Worth more than gold in an apocalypse.

You can't defend yourself with gold :)

But you can't go all guns and bullets, otherwise you'll just end up stealing from others and killing to survive. You have to have food, water, tools, camo as well.

If you're really interested, here's a good book by James Rawles:
http://www.amazon.com/How-Survive-End-World-Know/dp/0452295831

Please note, this guy does survival for a LIVING. So you're not going to get as prepared as he is. It's just a good guide on what questions you should be asking yourself about your situation.

There is a book that just recently came out, titled Social Engineering that is very in depth. The author also has a website and podcast. I liked the book, and the pod casts are pretty neat. The only thing w/ the pod casts is that they are a little heavy on the chit-chat, a little light on the information.

1. The book: Download,Amazon
   
2. The Website/Podcast

Ok, it's good a question. I loved cryptography learned bitcoin. But i recommended this book!
And if you suck at math i recommended write a code with existing crypto-libs (on python,go,cpp etc....)

A guy I work with teaches ethical hacking courses, advises a college cybersecurity club, and maintains an ethical hacking lab. These are all things he's been getting into lately.

Lockpicking set

Or

The Car Hacker's Handbook

+

USB2CAN

+

DB9 to OBDII cable

Or

Tiny quadcopter (upgradeable, has a camera for use with monitors or video goggles to give you a first-person view, fantastic if you have a cat)

+

Transmitter

Applied Cryptography: Protocols, Algorithms, and Source Code in C by Bruce Schneier. Bruce Schneier is basically the Chuck Norris of Information Assurance. The book is old and many of the technical details about cryptography are out of date, but it's still probably the best introduction to the subject.

If you found this interesting, check out the book The Perfect Weapon by David E. Sanger.

Stuxnet, Russia's Internet Research Agency, Chinese corporate espionage, ISIS social media campaigns... it's all there.. and it's VERY interesting.

https://www.amazon.com/Countdown-Zero-Day-Stuxnet-Digital/dp/0770436196

I highly recommend this book, you guys will love this one!

"The Political Class" is from 2018, but in general I don't think this year has been particularly good for books.

I'm also a fan of "Dark Deleuze" from 2016.

If I had to pick one recent one, I'd pick "Kill All Normies" from 2017.

Tequila is chill af and makes the commute go so much fast... although I sometimes wish the commute was longer so I could listen to it more. :P

And you're darn tootin' that I love cooking! A sizeable chunk of my YouTube subscriptions are just cooking channels and I got Cooking for Geeks for Christmas, and I'm still working my way through it...

If you "didn't mean Reddit.com" you shouldn't have said "a site like Reddit".

Anyway, no, what we have isn't "secure," but it at least (most places) has a paper trail. Any sort of internet voting system, however, would be less - far less - secure and far more gameable. No system running over the internet can be secure - at least, none that you can then give access to, well, everybody.

See Bruce Schneier's website - the man who literally wrote the book on cryptography.

Also for anyone that isn't a maga chud this book is well worth a pre-order: https://www.amazon.co.uk/Kill-All-Normies-culture-alt-right/dp/1785355430/ref=sr_1_1?ie=UTF8&qid=1495959410&sr=8-1&keywords=kill+all+normies , Angela Nagle has done some great articles so far explaining this subculture.

The owner of that blog wrote a fantastic book that got my husband and I started. That man thinks of everything!

http://www.amazon.com/gp/product/0452295831?ie=UTF8&tag=survivalcom-20&linkCode=as2&camp=1789&creative=9325&creativeASIN=0452295831

I can't recommend this book enough - it's a fantastic resource. We've purchased it and are following his advice in most aspects.

Here's a great book

On Food and Cooking: The Science and Lore of Cooking
http://www.amazon.com/On-Food-Cooking-Science-Kitchen/dp/0684800012

Cooking for Geeks
http://www.amazon.com/Cooking-Geeks-Science-Great-Hacks/dp/0596805888/ref=pd_sim_b_3?ie=UTF8&refRID=14FPMEDBMV4EW2MS7PBR

*The Science of Good Cooking
http://www.amazon.com/Science-Cooking-Cooks-Illustrated-Cookbooks/dp/1933615982/ref=pd_sim_b_1?ie=UTF8&refRID=14FPMEDBMV4EW2MS7PBR

Cooking for Geeks

It's not a cookbook; it instead teaches you general techniques and principles, how to think about and approach cooking, and the science behind it all (in an approachable way - not to the level of Harold McGee). There are some recipes, but they're just there to illustrate some topic or technique that was just discussed. This is, by far, the best cooking book I have ever read. I read it cover to cover, which is incredibly rare for me.

• Cooking for Geeks
  
  
• The Food Lab
  
  
• Alton Brown: EveryDayCook
  
  Publix publishes recipes in its stores, and I have one of their binders with a handful of the ones I thought seemed good.
  
  Also have to second The Joy of Cooking (mentioned by someone else).

My only issue is that all of the books listed are all geared towards surviving in the wild. There is definitely a place for that and we should all be ready to bug out if it is necessary. If I have to bug out then my first half dozen plans have all failed.

If your goal is to bug in and survive for as long as you can in a world gone mad I recommend starting with How to Survive the End of the World as We Know It: Tactics, Techniques, and Technologies for Uncertain Times. Once you have started to work your way through Rawles advice and started building your lists of lists my next suggestion is The Encyclopedia of Country Living.

Once you get through those two books then you should have a pretty good idea of how you're going to want to prioritize those lists you should have already made.

The New Basics:
http://www.amazon.com/New-Basics-Cookbook-Julee-Rosso/dp/0894803417

Cooking for Geeks:
http://www.amazon.com/Cooking-Geeks-Science-Great-Hacks/dp/0596805888

These two books really try to explain what is going on with each recipe, and why things are done a certain way. I learn every time I cook with them. Both of these also have sections on how to set up a kitchen (where to find items, where to spend your $$) in a smart way. Really useful if you're new to cooking, or just looking to upgrade your gear.

He might also like Cooking for Geeks, The Science of Good Cooking and On Food and Cooking: The Science and Lore of the Kitchen.

I've only read the first, but I've heard good things about all three.

Sounds like a synonym for denouncing or speaking out against?

This book sounds like it would be worth a read. Heard of it?
https://www.amazon.com/Kill-All-Normies-Culture-Alt-Right/dp/1785355430

One could imagine a steelman version of white nationalism that involves all of the adherents moving to Montana and Idaho, sort of a more dramatic white flight.

What's your plan?

I love my copy of Cooking for Geeks. It's rather light on actual recipes, but the extensive theory really helps for just making up a dish on the spot.

Between that and the Doubleday Cookbook (~800 pages of nothing but recipes), I hardly need anything else.

You're correct. And they do a great podcast, as well as Chris' book: http://www.amazon.com/Social-Engineering-The-Human-Hacking/dp/0470639539

https://arstechnica.com/tech-policy/2012/06/confirmed-us-israel-created-stuxnet-lost-control-of-it/

This book is an amazing read and gives a hugely comprehensive picture of everything: https://www.amazon.com/Countdown-Zero-Day-Stuxnet-Digital/dp/0770436196

https://www.wired.com/2013/06/general-keith-alexander-cyberwar/

Shit yea. Peep The Art Of Human Hacking by Hadnagy - it's incredible. Goes into the science behind human interaction.

Now, keep in mind that I'm not suggesting you manipulate people to do your bidding, although that can be done using these same techniques. With great power comes great responsibility!

The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age

By David Sanger, national security correspondent and a senior writer for the New York Times.

(Okay, at this point, I'm really just suggesting books on my to-read list, but I did hear the guy speak and he had some pretty good anecdotes.)

I liked Applied Cryptography by Bruce Schneier. Easy read.

Link

This one is free:

http://www.fak.dk/en/publications/Pages/publication.aspx?pageid=559

And

https://www.amazon.com/Hacking-Human-Ian-Mann/dp/0566087731

And this is probably one of the more well known ones:

https://www.amazon.com/Social-Engineering-Art-Human-Hacking/dp/0470639539

Also anything written by Kevin Mitnick

This is a great book that covers all of this info and much more!

*adds a bunch of stuff to reading list* Thanks very much. Yeah, "brand new area" jumped out at me too.

I'll add: Gabriella Coleman. Upcoming book, website.

A.) Gym membership to a gym I actually want to go to

B.) A decent set of chef's knives and a good cutting board

C.) Power saw and power drill/driver

D.) Cooking For Geeks and Mindfulness: Plain and Simple

Although not directly this book, I think it's a good place to start reading about mindfulness and helping start a journey into introspection. I have a few minor quibbles with his presentation, but I think it's a solid intro book.

Applied Cryptography is considered one of the best introductions.

Oh Bruce, how I love thee.

One of the "bibles":
http://www.amazon.com/Applied-Cryptography-Protocols-Algorithms-Source/dp/0471117099/ref=sr_1_1?ie=UTF8&s=books&qid=1256702627&sr=1-1

I read a bit of it, some great insights.

Two great pieces on Operation Olympic Games AKA Stuxnet

Book: Countdown to Zero Day

Documentary: Zero Days

Here is a great book that can answer a lot of your questions and give you some insight on what you can expect with various certification and paths.
http://www.amazon.com/gp/product/1597490113/ref=oh_details_o01_s00_i01?ie=UTF8&psc=1

This is way more than you need but it is an interesting read (that you can skim by chapter if you want to). http://www.amazon.com/Social-Engineering-The-Human-Hacking/dp/0470639539


Audio info http://www.social-engineer.org/podcast/episode-020-rapid-rapport-for-social-engineers/


Infographic. http://www.socialengineeringblogs.com/category/rapport/

chris hadnagy has a good book http://www.amazon.com/Social-Engineering-The-Human-Hacking/dp/0470639539/

kevin mitnick also has one "the art of deception"

hopefully my book will come out soon too :-)

I want to help, but because of lack of time, i will give you an incomplete answer

I have recently written an MSc thesis related to Social Engineering, where i had to review a number of books / papers / articles. One starting point for you would be to start by looking at the reference section of the thesis [here] (http://pure.ltu.se/portal/en/studentthesis/social-engineering-and-influence\(0d61b8aa-30ad-4cb0-9039-e04832f250a7\).html).

In general, anything from Kevin Mitnick is a good start, together with Chris Hadnagy's book

If you are to read only one book, start with Carnegie's book.

If you need more information information, let me know

A great video to start... and the relevant book.. This will serve as an excellent resource for now and future developers interfacing with vehicles.

Making up a persona and using articles to improve your search rank =/= social engineering, which has to do with hacking. They aren't even remotely similar. Again, you clearly have no idea what it means.
http://searchsecurity.techtarget.com/definition/social-engineering
http://www.amazon.com/Social-Engineering-Art-Human-Hacking/dp/0470639539

Some dank af infosec books:

Malware Data Science: https://nostarch.com/malwaredatascience

Real World Bug Hunting: https://nostarch.com/bughunting

Penetration Testing: https://nostarch.com/pentesting

Black Hat Python: https://nostarch.com/blackhatpython

Social Engineering: The art of human hacking https://www.amazon.com/Social-Engineering-Art-Human-Hacking/dp/0470639539

Linux System Security: https://www.amazon.com/Linux-System-Security-Administrators-Source/dp/0130158070

Advanced Penetration Testing: https://www.amazon.com/Advanced-Penetration-Testing-Hacking-Networks/dp/1119367689

That book is probably what you want. It looks like it focuses more on math and how it applies to cryptography rather than on crypto algorithms and how they work, pros/cons, etc. It was also used in this math class at Berkeley (lots of extra reading material on that page too).

Again, I think the book you found is what you want. But here are some other options if you want some:

• You may like A Course in Number Theory and Cryptography. A bit old, but still relevant.
  
  
• Intro to Modern Cryptography is what is used at my university and various others for an undergrad crypto course. Pretty rigorous.
  
  
• I doubt you'll want this, but Applied Cryptography is the seminal text on the subject. Most anything you could want to know about crypto is going to be in here (though it could use an update).
  
  

I enjoyed this: Social Engineering: The Art of Human Hacking.

Hacking: The art of exploitation

The Web Application Hackers Handbook

The Tangled Web: A Guide To Securing modern Web Applications

The Hacker Playbook 2

The Hacker playbook 3

Black Hat Python: Python Programming for Hackers and Pentesters

The Baffler was there on these people a while ago, Angela Nagel took the work from that and expanded it into a book....mostly because Incels become Proud Boys and the polo shirt goons of the Alt-Right - there is nowhere else to go if you both "love" and yet fear/hate women: these people do not exist on the far-Left.

It's totally a thing and it's one of my favorite parts of my job - but it can get really dark too when we do phishing/open source intelligence gathering :/

1. Do thorough first aid course.
   
   
2. Read How to Survive the End of the World as We Know It: Tactics, Techniques and Technologies for Uncertain Times
   
   
3. Subscribe to subreddits /r/collapse, /r/survival and /r/zombies
   
   
4. Break any addictions if you have them
   
   
5. Get fit and healthy

If you want to support the author, Amazon Link

"Hacker, Hoaxer, Whistleblower, Spy" sobre Anonymous. Estaba muy interesante por que, uno, describe lo que ha pasado los últimos 6 años en cuanto a seguridad en línea desde la perspectiva de Anonymous, y dos, por que me tocó vivir muchos de esos momentos en línea y en la vida real con lo de Cientología, Wikileaks, Occupy, etc. 10/10 recomendaría.
Antes de eso: "Social Physics". Dice que podemos usar "big data" para monitorear las interacciones de las personas para tomar mejores decisiones sobre como organizar nuestras empresas, organizaciones, y ciudades. Tipo chido, pero lo que argumenta sobre big data según yo puede exacerbar la desigualdad en poder que ya existe entre los "pudientes/1%/corporaciones" y el resto de la "gente común y corriente". También está el peligro de que los algoritmos que usamos para tomar decisiones no tomen en cuenta muchos factores importantes que igual pueden empeorar la disparidad económica y racial que ya existe. Pero tiene ideas muy interesantes. 8/10 léanlo si le entran a este tipo de cosas.
Siguiente: Capital in the Twenty-First Century. Trata sobre la desigualdad que existe y se ha creado con nuestro sistema económico actual. Viene muy recomendado.

http://www.amazon.com/Social-Engineering-The-Human-Hacking/dp/0470639539

This one is a good start.

Social-Engineer.org and the book are good starting points.

Chris Hadnagy's Art of Hunam Hacking is a good read. Its on audible too.

>*Learn social engineering, somehow.
http://www.amazon.com/Social-Engineering-Art-Human-Hacking/dp/0470639539

It just came out couple days ago. Publisher's release date is today infact. For that reason I havent read it and cant say if it's good or not.

Applied Cryptography might be useful to you.

I've heard good things about Cooking for Geeks for someone who doesnt know how to scramble an egg.

Countdown to Zero Day by Kim Zetter is a good read (amazon)

Go vote, kid

relates to voting because deciding what to have for dinner is hard. You can make it more fun with this cookbook by having a geeky topic and then voting on the recipes in that category!

Where Ghost in the Wires is more a story book filled with great tales of hacking and phreaking, Social Engineering: The Art of Human Hacking is more a HowTo book for SE.

Cooking for Geeks I'm a self professed geek and this book goes all geeky on food. It sounds like it would be an interesting read.

I've been really into coffee making/roasting. I added a pressure gauge to my machine, as well as a PID controller. I also built a coffee roaster using an old convection oven. I've also done beer brewing and fish keeping, which seem to be common to a few ChemE's at work.

edit.

http://www.amazon.com/Cooking-Geeks-Science-Great-Hacks/dp/0596805888

That book will put you on the right track if you ever considered working in food production. I got a job at a chocolate factory using some of the concepts out of it.

Also consider buying an Arduino and building some control systems. http://www.auberins.com/ is a good place to get started

Cooking for Geeks is very entertaining. It really gets into the science behind cooking.

http://www.amazon.com/Cooking-Geeks-Science-Great-Hacks/dp/0596805888

Believe me, it does work ;) I tried it a couple of times, also have a look at "Cooking for Geeks", it has a few recipes for dishwasher cooking.

Fun fact: Adam Savage is featured in that book, but I'm not sure if he's in the dishwasher chapter as well ^ ^

All the credit goes to Applied Cryptography

Always being keen in these areas, a book of social engineering.
http://www.amazon.com/dp/0470639539
Found it in a goodwill for a dollar.

It's like on the cover of this book

http://amzn.com/0470639539

This is probably the paper on aggregate personalities. I'd also recommend the book Kill all Normies, which is about 4Chan's personality.

Edit: Link fixed

> Mais je pense aussi que tu sous-estimes l'influence du "SJW" dans les médias, et surtout dans les universités américaines. C'est pas tout à fait une caricature, ça existe vraiment, et c'est assez répandu sur les campus. Ces personnes ont aussi des héroïnes et des médias qui sont les leurs (Lena Dunham est sans doute le plus grand exemple). Elles existent réellement, elles ne sont pas cantonnées à l'internet.

Pour ceux que le sujet intéresse, je vous suggère la lecture de Kill all normies.

Y a des choses intéressantes sur l'alt-gauche, leur pouvoir notamment à travers les "call out" sur Twitter/Tumblr et leur influence. Un de leurs éléments identifiants c'est la transgression (élément qu'elle partage avec l'alt-droite): enfoncer des portes ouvertes, des lieux communs culturels et sociaux, choquer et surtout être vus en train de le faire.

I read this book Kill All Normies which examines how toxic online culture was morphed into alt-right extremism. It was almost natural how one flowed into the next.

> In what way is that a HACK on our election?

Social engineering is an accepted form of hacking. Proof

If you are a science guy, I also recommend Cooking for Geeks.

http://www.amazon.com/Cooking-Geeks-Science-Great-Hacks/dp/0596805888/ref=sr_1_1?ie=UTF8&qid=1368040120&sr=8-1&keywords=cooking+for+geeks

Get a copy of Bruce Scheier's Applied Cryptography, there is plenty of stuff in there that's accessable even without a strict mathematical background. Most (if not all) of the algorithms in the book are explained with an example setup using Alice and Bob (and other characters) to explain the steps of the algorithms.

It also has extensive chapters on modern stream- og blockcifers, which may be somewhat harder to dig into as a novice.

Note that it does not comtain any material on the Advanced Encryption Standard (AES), since it was written before that was adopted.

Also the geek, cook, and reader will like this!

http://www.amazon.com/Cooking-Geeks-Science-Great-Hacks/dp/0596805888/ref=sr_1_1?ie=UTF8&qid=1346708939&sr=8-1&keywords=cooking+for+geeks

https://www.amazon.com/Countdown-Zero-Day-Stuxnet-Digital/dp/0770436196 has been recommended to me by multiple people. I have yet to read it myself though

You might like, Social Engineering: The Art of Human Hacking. Its actually happend and he uses a combination of computer and human hacking to achive his goals. Its not one long story but multible storys.

He has many more books on the subject.

http://www.amazon.com/Social-Engineering-Art-Human-Hacking/dp/0470639539

Just finished a book on stuxnet and I find it absolutely fascinating. Haven't watched the documentary yet, but if anyone is looking for more information, check out this book. It's written so anyone can understand it without any prior knowledge of computer viruses or nuclear power. I can't recommend it enough.

Kill All Normies by Angela Nagel would be a good (up to date) starting point. She's spent the last couple years embedded in their communities investigating them

https://www.amazon.com/Kill-All-Normies-Culture-Alt-Right/dp/1785355430

Bonus dirtbag left interview with her where they talk about how all their motivations are basically sadism

https://m.soundcloud.com/chapo-trap-house/episode-86-fash-the-patriarchy-feat-angela-nagle-22617

Two books on social engineering I can recommend:

Social Engineering: The Art of Human Hacking
http://www.amazon.com/Social-Engineering-The-Human-Hacking/dp/0470639539/ref=sr_1_1?ie=UTF8&qid=1333753273&sr=8-1

No Tech Hacking: A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing
http://www.amazon.com/No-Tech-Hacking-Engineering-Dumpster/dp/1597492159/ref=sr_1_4?ie=UTF8&qid=1333753273&sr=8-4

Applied Cryptology is the text you want.

Not to diminish the other recommendations, you may also want to look at Cooking for Geeks.

I was at the bookstore the other day and this started playing. I had this book in my hands at the time. Friggin' plotzed.

Picked one up yesterday: How To Survive The End Of The World As We Know It. So far so good.

http://www.amazon.com/How-Survive-End-World-Know/dp/0452295831/ref=sr_1_2?ie=UTF8&s=books&qid=1269304557&sr=1-2

Look up this book.

http://www.amazon.com/gp/aw/d/0452295831?pc_redir=1408456095&robot_redir=1

I reckon it covers most everything

"The Art of Human Hacking" :
https://www.amazon.com/Social-Engineering-Art-Human-Hacking/dp/0470639539

Social Engineering: The Art of Human Hacking

Here are some links for the product in the above comment for different countries:

Link: Social Engineering

• UK: amazon.co.uk
  
• Spain: amazon.es
  
• France: amazon.fr
  
• Germany: amazon.de
  
• Japan: amazon.co.jp
  
• Canada: amazon.ca
  
• Italy: amazon.it
  
  
  This bot is currently in testing so let me know what you think by voting (or commenting).

Not a pdf but.... http://www.amazon.com/Social-Engineering-The-Human-Hacking/dp/0470639539

https://www.amazon.com/Social-Engineering-Art-Human-Hacking/dp/0470639539

1. This
   
2. 2b2t.org@gmail.com

You Need,

http://www.amazon.in/Social-Engineering-Art-Human-Hacking/dp/0470639539/

Just wait until people figure out what hackers can do with neuro-linguistic programing.

It is covered briefly in this book, but this is just the tip of the iceberg. https://www.amazon.com/Social-Engineering-Art-Human-Hacking/dp/0470639539

Social Engineering: The Art of Human Hacking

http://www.amazon.com/Applied-Cryptography-Protocols-Algorithms-Source/dp/0471117099

http://www.amazon.com/Applied-Cryptography-Protocols-Algorithms-Source/dp/0471117099

this should keep you busy for awhile.

I don't actually have the stuff for mac and cheese at the moment.

I started from the basic recipe this cookbook gives you and then Injust kinda improvise

A me e' piaciuto cooking for geeks.
Ti spiega cose molto interessanti (anche se contiene pochissime ricette)

Cooking for Geeks

Cooking for Geeks

Je voudrais m'acheter un livre de cuisine qui parle un peu de la science derrière et qui explique à quoi sert chaque étape.

J'ai quelques références en anglais, du genre I'm just here for the food ou Cooking for geeks, est-ce que quelqu'un aurait de bons livres en français sur le sujet (ou de meilleurs bouquins en anglais)?

http://www.youtube.com/user/GoodEatsComplete

Deli.sh

http://www.amazon.com/Cooking-Geeks-Science-Great-Hacks/dp/0596805888

Last time an unprecedented worldwide hack occurred the person involved wrote a book about it. Verifiable conformation isn't much to ask for here, especially when America's made up stuff before.

Would you call it... A friendly orange glow ?

That, too, can be obtained now.

There's a book now

Oh really https://www.amazon.com/Kill-All-Normies-Culture-Alt-Right/dp/1785355430/ref=sr_1_1?s=books&ie=UTF8&qid=1501445885&sr=1-1&keywords=kill+all+normies

Did anyone else see the book that was mentioned? hhahaha

Gib dir 'Kill All Normies' von Angela Nagle.
Ein exzellentes Buch, das nachzeichnet wie sich linke und rechte Empörungskultur gegenseitig hochgeschaukelt haben.

This video is brand new, and much of the theory behind it has only been fleshed out since the election. Nagle's book, Kill All Normies came out in June.

Wait...you're Irish and you studied TRP...are you Angela Nagel?
https://www.amazon.com/Kill-All-Normies-Culture-Alt-Right/dp/1785355430

>Customers who bought this item also bought --

>https://www.amazon.com/Kill-All-Normies-Culture-Alt-Right/dp/1785355430/...

Reeeeeeee

Cooking for Geeks

http://www.amazon.com/gp/aw/d/0596805888/ref=redir_mdp_mobile/177-3506314-2531537

These should get you strated:



What Every BODY is Saying Amazon link.

The Definitive Book of Body Language Amazon link


Whit focus on social engineering:



Social Engineering: The Art of Human Hacking Amazon link



If money is an issue you can find all of these books on pirate bay.



These books are not read-once-and-become-expert, like with any skill it takes time and practice.

I understand Harold McGee's On Food and Cooking is a classic and very highly reviewed. It clocks in at just under 900 pages though, and I haven't read it so I can't personally recommend it.

I myself am partway through Cooking For Geeks - it can be a little gimmicky at times, but it's a very accessible/enjoyable book covering the science behind it all!

Why not Social Engineering by Chris Hadnagy? This book has a lot of really interesting and dangerous insights into manipulative psychological techniques.

Just read chapters on elicitation, pretexting, psychology and related stuff, side away technical information.