Many of My E-Books for Cheap

Humble Bundle is selling a bunch of cybersecurity books very cheaply. You can get copies of Applied Cryptography, Secrets and Lies, and Cryptography Engineering -- and also Ross Anderson's Security Engineering, Adam Shostack's Threat Modeling, and many others.

This is the cheapest you'll ever see these books. And they're all DRM-free.

Posted on July 18, 2017 at 6:38 AM • 21 Comments


WayneJuly 18, 2017 1:01 PM

I'm very disappointed that Secrets and Lies is provided as a PDF, not as an epub or mobi. I hate PDFs for books as I'm not able to rescale fonts on my iPad Mini and I'm stuck with fixed margins. They're much harder to read and forget about reading it on my phone.

But I am glad to be able to get a copy.

BillJuly 18, 2017 1:03 PM

@Wayne: I've had some success converting PDF to epub using Calibre and reading on my phone.

DroneJuly 18, 2017 7:33 PM

I can't get the new Humble Bundle Google reCAPTCHA to work. This is the second Humble Bundle I can't buy because of the damn reCAPTCHA B.S.

Humble Bundle doesn't care. The first time they took two days to answer my Email and even then they just blew me off. Then after yelling at them by Email a real human eventually answered. But by then the bundle had expired.

Years of being a good Humble Bundle customer. No more now because of yet-another case of the broken Google reCAPTCHA.

If you want to hurt your customers look no further, Google reCAPTCHA has your back.

DBJuly 18, 2017 11:35 PM

Always wanted to grab a copy of you Applied Cryptography, finally got my hands on it :)

AdamJuly 19, 2017 2:13 AM

What format is Applied Cryptography in?

Would gladly buy the whole bunch if it were in epub or azw3 or anything that my e-reader can handle.

LoveJuly 19, 2017 6:00 AM

And what should we be reading now (besides your blog) that is the modern equivalent? While I'm interested and buying the bundle, is the info still relevant?

JesseJuly 19, 2017 6:34 AM

There are several formats available, pdf and epub (except one) for all books, and a few also with mobi.

Clive RobinsonJuly 19, 2017 7:19 AM

@ Love,

While I'm interested and buying the bundle, is the info still relevant?

Yes, without a doubt.

There are two important things knowledge teaches us,

1, Facts to use and build upon.
2, Knowledge of how to find facts.

Nearly all facts are not actually facts when first thought about, they are observed coincidences, that give rise to hypotheses. Such hypotheses are usually testable[1] and produce the same results for different people in different places. With time different tests are devised and if the original hypothesis survive the tests they become facts and on the road to becoming laws.

The fact some hypothesis is at some point found to have issues does not of necessity render it usless. For instance Newton's laws are more than sufficient to navigate around the Solar System. Einstein's equations do produce results that more accurately match the behaviour of "nature" but even they don't match everything.

But importantly the process of testing gets improved and this knowledge helps find new observations and coincidences thus hypotheses. Such testing often is found to be applicable to more than one domain of knowledge or field of endever. Thus even failures provide steping stones to improved knowledge.

[1] Reliable testing can only be done with suitable measurands that are standardized. This in it's self has it's own field of endevor metrology (the science of measurment). It also has it's own issues with standards as a look at how the way we are changing the methods of obtaining fundemental standards for the SI Units will show.

JohnJuly 19, 2017 4:13 PM

Damn you for making my hands hurt! I can't help but keep applauding on this!

Clive RobinsonJuly 20, 2017 8:14 AM

@ Ross,

you can download it from my website for free!

It would be nice if you could update a couple of chapters and perhaps add a couple more.

Your book is one of the few to go into the side channel and EmSec sides of things, and although academia has not moved as far or as fast as they could have done in this area, things have moved sufficiently that an update would contain much new and usefull information to both students and practitioners.

Poor student July 23, 2017 7:26 PM

Hard to justify buying second or third tier ($25) just for one or two book.... :(
Prof Anderson should really undate some of his materials.

Anony E MouseJuly 24, 2017 2:48 AM

The Applied Cryptography PDF is not searchable. Is this deliberate or an error?

LouJuly 25, 2017 4:10 AM

Also purchased, I regret it somehow, since a good part of applied cryptography is somewhat out of date. I like the writing though.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.