[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4ef5fec60803191346v4435c77av440c251469af80ac@mail.gmail.com>
Date: Wed, 19 Mar 2008 13:46:31 -0700
From: coderman <coderman@...il.com>
To: reepex <reepex@...il.com>
Cc: full-disclosure@...ts.grok.org.uk, Valdis.Kletnieks@...edu
Subject: Re: [full disclosure] agile hacking?
On Wed, Mar 19, 2008 at 12:42 PM, reepex <reepex@...il.com> wrote:
> ... I much prefer books like
> 'hacking the art of exploitation', 'the art of software security
> assessment', and 'secrets of reverse engineering' because they are tool
> agnostic and teach the low level concepts that are going on.
amen!
the first and last are two of my favorites. this discussion mirrors
the tension between programmers steeped in the physical architecture
they use and complicated but indispensable concepts like asm
instr/pointers and (some of) the newer generation familiar only with
high level scripting languages and toolkits that abstract away all
such details.
while the latter can be effective and appropriate for a myriad of
modern development tasks, there is still a world of understanding that
will never be accessible at such higher layers.
there is no point in arguing which is better; these are complementary
skills that the truly proficient will master at both ends of the
spectrum. this way leads to wisdom.
as for "hacking" tool set tutorials (howto kismet, wireshark,
metasploit, etc), these texts are as satisfying as a dir full of man
pages. useful references, yes. fundamentally instructive in theory
they are not.
to each his own...
[i'll add 'Silence on the Wire' to this list of useful texts]
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists