Ross Anderson‘s seminal security book “Security Engineering” is available online here. This isn’t exactly breaking news because it has been up for a while but I finally got around to pulling this down and have been really impressed with the first couple of chapters. The use of specific examples of where protocol and system designs failed and the sorts of attacks they fell victim to is exceptionally helpful. I have always found that concrete examples help to drive home potentially confusing security topics and this book is full of them. Check it out.
dan _at_ denimgroup.com