We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Thinking Security by Steven M. Bellovin - Free Chapter Included

Sarit Newman Internet Security Researcher

Thinking Security is a book about adapting to rapidly changing technology and thinking out-of-the-box to prevent (or fix) future attacks. We sat down with the author, Steven Bellovin, to learn more about his book.

A world-respected security expert, Steven Bellovin's Thinking Security: Stopping Next Year's Hackers tackles the problem of cyber security head-on. Many people believe they're secure if they follow the same protocol from the year before, but with technology changing all the time, it's not sufficient. Thinking Security helps you understand security systematically, so you can stay updated on rapidly changing technology and prepare for the future.

We sat down with Bellovin, who caught his first hacker back in 1971, to talk about his book.

vpnMentor: What made you write Thinking Security?

Bellovin: For years, I've been saying that the worst thing to do in technology is to give yesterday's answer to today's questions. Technology changes; why should the old answers be right?

Authentication is a classic case in point -- the standard advice to "pick strong passwords" dates to 1979, a time when many people were using hardcopy terminals and had no local computing or storage capability, and might have to remember three passwords. None of that is true
today -- why should the advice remain the same?

In any case, I encountered an excess of misguided information regarding authentication, which prompted me to start writing. Fortunately, I was on sabbatical then, granting me ample time to pen a book. Other areas where I continually observed the same issues included firewalls (notably, I co-authored the pioneer book on this topic in 1994), PKI, cloud computing, and more. The issue I identified was the absence of instruction encouraging individuals to think beyond mere checklists. While I've endeavored to impart this skill to my students, there was a noticeable lack of quality resources that accomplished this. Hence, I resolved to write my own book.

vpnMentor:  What new knowledge did you gain while writing this book?

Bellovin: That's a remarkably hard question to answer.

Any time you write a book, you're forced to learn the fine details of anything you cover, even in an area you know well. Take firewalls, for example. I've been working with them for a very long time -- I co-authored the very first book on them, in 1994, and have done further work on them since then -- but ruminating on what, fundamentally, firewalls are and what they're good for led me to some new insights on their role in collaborative projects, and on how to do proper logging in such situations.

For that matter, authentication is far more subtle than I had thought, even though it was a desire to dispel myths about it that led me to write this book in the first place. I have some forthcoming papers examining what, in essence, identity is, and what the real risks are for various authentication schemes.

Thinking Security: Stopping Next Year's Hackers is available for purchase on informit.com.

Click here to read the first chapter of Thinking Security.

 

We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

About the Author

Sarit is an experienced internet security writer who believes everyone has the right to online privacy.

Did you like this article? Rate it!
I hated it! I don't really like it It was ok Pretty good! Loved it!
out of 10 - Voted by users
Thank you for your feedback

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address

Thanks for submitting a comment, %%name%%!

We check all comments within 48 hours to ensure they're real and not offensive. Feel free to share this article in the meantime.