A list of recommended security-related books and films.
“Citizenfour,” by Laura Poitras
Required viewing for the course. The 2015 Academy Award winner for Best Documentary Feature, this film tells the story of Edward Snowden and the NSA spying disclosures of 2013. Edited version available on Vidangel.com.
Streaming availability: https://www.justwatch.com/us/movie/citizen-four
“The Lives of Others,” by F. Henckel von Donnersmarck
For extra credit. The 2007 Oscar winner of Best Foreign Language Film of the Year, this film tells the story of a secret police agent in East Berlin in 1984 who surveils a writer and becomes increasingly absorbed his life. Edited version available on Vidangel.com.
Streaming availability: https://www.justwatch.com/us/movie/the-lives-of-others
“Sneakers,” by Phil Alden Robinson
A security pro finds his past coming back to haunt him, when he and his unique team are tasked with retrieving a particularly important item. —IMDB
Streaming availability: https://www.justwatch.com/us/movie/sneakers
“The Conversation,” by Francis Ford Coppola
For extra credit. A classic 1974 film psychological thriller starring Gene Hackman that revolves around surveillance. It is more relevant today than when it debuted. Edited version available on Vidangel.com.
Streaming availability: https://www.justwatch.com/us/movie/the-conversation
“War Games,” by John Badham
A young man finds a back door into a military central computer in which reality is confused with game-playing, possibly starting World War III. —IMDB
Streaming availability: https://www.justwatch.com/us/movie/wargames
“Zero Days,” by Alex Gibney
Required viewing for the course. A 2016 documentary about Stuxnet and the advent of cyberwarfare. Edited version available on Vidangel.com.
Streaming availability: https://www.justwatch.com/us/movie/zero-days
“Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers,” by Andy Greenberg.
“From Wired senior writer Andy Greenberg comes the true story of the most devastating cyberattack in history and the desperate hunt to identify and track the elite Russian agents behind it.”
“Spam Nation: The Inside Story of Organized Cybercrime-from Global Epidemic to Your Front Door,” by Brian Krebs.
In Spam Nation, investigative journalist Brian Krebs unmasks the criminal masterminds driving some of the biggest spam and hacker operations targeting Americans and their bank accounts. Tracing the rise, fall, and alarming resurrection of the digital mafia behind the two largest spam pharmacies-and countless viruses, phishing, and spyware attacks-he delivers the first definitive narrative of the global spam problem and its threat to consumers everywhere.
“Beyond Fear: Thinking Sensibly About Security in an Uncertain World,” by Bruce Schneier.
This book is about national security, terrorism, and how to think sensibly about whether security measures are worth the cost to society
“Click Here to Kill Everybody: Security and Survival in a Hyper-connected World,” by Bruce Schneier.
"Everything is a computer. Ovens are computers that make things hot; refrigerators are computers that keep things cold. These computers—from home thermostats to chemical plants—are all online. The Internet, once a virtual abstraction, can now sense and touch the physical world." This book is about the inherrent security issues in the Internet of Things.
“Data and Goliath: The Hidden Battles to Collect your Data and Control your World,” by Bruce Schneier.
Great book about the threats of surveillance to society, and what we can do about it. After reading the book, you probably won’t view surveillance the same way again.
“Liars and Outliers: Enabling the Trust that Society Needs to Thrive,” by Bruce Schneier.
Interesting book about how security enables trust that society needs to function.
“Secrets and Lies: Digital Security in a Networked World,” by Bruce Schneier.
Excellent overview of information security, from cryptography to authentication to the human factor
“Social Engineering: The Science of Human Hacking,” by Christopher Hadnagy.
A well-regarded book from a leading expert on social engineering. Hadnagy organizes the Social Engineer Village at DEF CON.
“The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage,” by Cliff Stoll.
Classic security novel – the true story of how a network admin got caught up in global computer espionage using network security monitoring. Reads like a thriller.
“Nothing to Hide: The False Tradeoff Between Privacy and Security,” by Daniel Solove.
A book that debunks the most common attack to privacy arguments.
“Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks,” by Deviant Ollam.
Another great and accessible book on more advanced lock-picking by Deviant Ollam.
“Practical Lock Picking, Second Edition: A Physical Penetration Tester’s Training Guide,” by Deviant Ollam.
The best book available to learn lock-picking.
“Permanent Record,” by Edward Snowden.
“Edward Snowden’s autobiography and story of how and why he exposed the US governments mass surveillance system of the internet.”
“Dragnet Nation: A Quest for Privacy, Security, and Freedom in a World of Relentless Surveillance,” by Julia Angwin.
Award-winning journalist Julia Angwin reports from the front lines of America’s surveillance economy, offering a revelatory and unsettling look at how the government, private companies, and even criminals use technology to indiscriminately sweep up vast amounts of our personal data.
“The Art of Deception: Controlling the Human Element of Security,” by Kevin Mitnick.
In-depth discussion of the techniques of social engineering and how to educate your organization to be less susceptible to these attacks.
“Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker,” by Kevin Mitnick.
Autobiography of Kevin Mitnick, famed computer hacker and social engineer. In addition to being a very entertaining and fascinating read, you’ll learn a lot about social engineering techniques from the accounts of his experiences.
“Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon,” by Kim Zetter.
Interesting and compelling read about the discovery of Stuxnet and how it changed the world.
“The Practice of Network Security Monitoring,” by Richard Beljtlich.
Excellent book on the principles of NSM and how to get started with Security Onion.
“The Code Book,” by Simon Singh.
This is a very interesting and gripping book about the history and intrigue of cryptography and cryptanalysis.
“Crypto: How the Code Rebels Beat the Government Saving Privacy in the Digital Age,” by Steven Levy.
A very engaging look at the modern history of cryptography, including the development of DES, RSA, and PGP. Also, it describes the fight in the 1990’s to legalize the use of strong cryptography.