Shostack + Friends Blog


Books Worth Your Time (Q1 2019)

Just what the title says...


  • Making Software "What Really Works, and Why We Believe It" by Andy Oram and Greg Wilson. This collection of essays is a fascinating view into the state of the art in empirical analysis software engineering.
  • Agile Application Security by Laura Bell, Michael Brunton-Spall, Rich Smith and Jim Bird. A really good overview of the many moving pieces in an agile SDL. Good enough that I bought a paper copy to augment the ebook. (Also, sometimes redundant, and says nice things about my work.)
  • Click Here to Kill Everybody by Bruce Schneier. Thought-provoking survey of the problems that come from the book above not being better read. More seriously, we haven't scaled application security, and even if we do, there will be bad developers who'll do a crappy job at building things. What can we do about that as a society? I don't like all of Schneier's answers, but the reasoning is sound.


  • Trust Me, I'm Lying: Confessions of a Media Manipulator by Ryan Holiday lays out the toolbox of the fellow who used to run marketing for American Apparel. Shows how guerrilla marketing works in the age of Twitter, and outlines techniques now being used to screw up elections and people's lives.
  • The Internet of Garbage by Sarah Jeong. As a summary of the problems and challenges of the internet, it's aged sadly well since 2015.
  • The Tangled Tree: A Radical New History of Life. We're used to thinking that genes are passed on from parents, but as David Quammen explains, there's also horizontal gene transfer (NIH, Wikipedia). Really fascinating history of both science and the personalities involved. Recommended despite the writing being somewhat rocky and uneven – these are hard topics and I do not envy the author's task of making an accessible and interesting read.
  • Things We Think About Games by Will Hindmarch and Jeff Tidball is 140 micro-essays about games. Some I loved, some I hated, but I enjoyed the heck out of it.


As it turns out, all three fiction books are re-imaginings of other stories. If you find that wicked annoying, these are not for you.

  • The Queens of Innis Lear, by Tessa Gratton is a re-telling of Lear from the perspective of his daughters.
  • A Study in Honor, Claire O'Dell re-tells the Holmes/Watston story in the aftermath of a second American Civil War.
  • Spinning Silver, Naomi Novik is a re-telling of the Rumplestiltskin tale. (Hugo nominated)

That's what I read last quarter that I want to share. What was memorable for you?