Reading Pipeline

Posted on Feb 5, 2022 (updated Mar 23, 2024)

A list of books in various stages of my reading pipeline. There are no affiliate links. Also see: complementary lists for courses and papers, articles, and talks.

Currently Reading

On the Radar

Snoozed

Finished

Books I’ve read, ordered from most recent to some time in 2021 when I started writing this down.

  • When. Good. This was fascinating! Timing isn’t everything, but it sure is a heck of a lot. I was particularly struck by how often we tend to brush off matters of time, whether it be when school starts (early), when to take breaks, and when to wake up or go to sleep. Yet, if there were a virus or boogeyman that had even half of the same effects as timing, we would be quick to identify and combat them. We should change our framing here. It’s time!
  • A Vulnerable System. Good. A tour through the evolution, trials, and dysfunctions of the security industry. The last chapters had some hot takes that I’m still in active denial about, but it’s a good read for anyone interested in how we got here.
  • Atomic Habits. Meh. It’s a short read, but I do think a summary or blog post can get you most of the way there.
  • Everybody Lies. Good. It’s filled with insightful yet uncomfortable truths about human behavior. I was fascinated with how internet searches are a truth serum that pierces right through people’s facades and into their private thoughts.
  • Building Browser Extensions. Meh. It’s about the only book I can find on this topic, but it wasn’t particularly strong or insightful.
  • The 7 Habits of Highly Effective People. Good. I can clearly see why this is such a classic! This is packed with great advice, and I was pleasantly surprised to see how relevant it was to other aspects of my life, especially parenting. I think the concept I’ll remember most is the trade-off between production vs. production capability (or P-PC balance).
  • Building a Second Brain. Good. I liked the methodologies outlined in this book, particularly The PARA Method. The book itself, though, was… okay. I think there are probably faster ways to get up to speed in effective note-taking and organization, particularly if you already see the value of it.
  • The Emperor of All Maladies. Good. Simultaneously stark and inspiring. I was left with deep admiration for the medical professionals, scientists, and most importantly—their patients—that battled cancer in the early years of oncology. There’s so much to be proud of in progress, yet so much more we still have to uncover.
  • Application Security Program Handbook. Good. While I preferred Agile Application Security, I think this handbook was fairly decent, especially in the later chapters that covers topics like security champions and guardrails vs. gates. I’d recommend this to teams starting their appsec programs, or who need to figure out what to do next.
  • Quantum Supremacy. Good. This was a really fun read! I really only followed quantum computers' implications on cryptography, so I was quite stunned by all the potential applications in chemistry and medicine. The future looks quite bright!
  • How to Talk So Little Kids Will Listen (& Listen So Kids Will Talk). Good. I listened to the audiobook over a long span of time. It turned out surprisingly well, especially given the relatively independent format. I quite liked how the co-authors complemented and balanced each other. I wrapped it up feeling like I’d be a better parent!
  • How to Win Friends and Influence People in the Digital Age. Good. I quite liked this! A lot of it might fall somewhere between common sense and “well, just don’t be a jerk”, but they’re all great reminders nonetheless.
  • Work Rules!. Good. I read this after a few references from Software Engineering at Google. I particularly resonated with the hiring philosophies. Adhering to the rule of “always hire people better than you” is so crucially important.
  • Zero to One. Meh. I mean… I get it, there are some valuable insights here to be sure, but I had a hard time getting past both the tone and worship of monopolies. Maybe that means I’ll never found a monopoly, and I’m totally okay with that.
  • Software Engineering at Google. Great! I’m convinced that many of the practices discussed here (particularly testing) are the healthiest ways to run software engineering at scales between ~5 people and, well, Google. Some of the more memorable concepts discussed include Hyrum’s Law, The Beyoncé Rule, and… Testing on the Toilet.
  • Seven Languages in Seven Weeks. Good. I thought this was a fun survey of different programming language paradigms and concepts. It leans heavy into functional programming, especially towards the later chapters, ending with Haskell. I finished the book with a greater appreciation and grasp of prototype-based languages (e.g. Io), logic- and constraint-based languages (e.g. Prolog), and the elusive monad.
  • Tomorrow, and Tomorrow, and Tomorrow. Good. I don’t typically read books like this, so I was pleasantly surprised with how beautiful this story was. While I was a bit underwhelmed with the ending, I did mostly enjoy the characters’ stories.
  • The Squat Bible. Meh. This was kind of lightweight and disappointing for a “bible”. I suppose I should have read the page count before purchasing and/or realizing that there’s only so much you can write about squatting. I don’t think there’s anything particularly novel here that you can’t get online for free or more effectively through a trainer.
  • Range. Good. Heya, I’m a generalist! This was a great read and gave me a modicum of confirmation bias confidence that my winding, delayed career path was arguably the best way for me. As a parent, this also help me put at bay the early-start fallacy, and prioritize exposure to lots of great experiences vs. specialized one(s).
  • Homo Deus. Good. Whew, this really challenged and changed some of my beliefs. I guess I’ve been on a bit of a “what will the future look like?” stint lately, but this book was less prophetic and predictive, and tugged at the ways we define what we think makes us “special” as humans… and systematically dismantles it against the backdrop of data, technology, and a future where intelligence is mandatory and consciousness is not.
  • The Things We Make. Good. How could I not like this!? It’s a survey and foray into the art and science of engineering. I’ve always thought that engineering was basically applied science, but this book changed my mind on that. There are even compelling accounts of how engineering often preceded both science and understanding, driven only by rules of thumb and “the engineering method”. A must-read for any engineer, in any engineering discipline!
  • The Staff Engineer’s Path. Great! I needed this book. It’s jam-packed with useful information, both tactical and strategic. I’d recommend this to both current and aspiring staff engineers and the humans that support and manage them.
  • What the Dog Saw. Good. A collection of interesting articles that Gladwell wrote in the New Yorker. I was particularly intrigued about the essay on choking vs. panicking.
  • David and Goliath. Meh. I’m on the fence with this book. I always appreciate a good underdog story. It started out quite strong, and it certainly opened my eyes to new ways of thinking on how disadvantages could actually be advantages. But I can’t help but feel like it overfits on survivorship bias.
  • Dark Territory. Good. We have the benefit of hindsight now, but it was interesting to read about the government responses, follies, and victories while modernizing to the new cybersecurity landscape (and “dark territories”).
  • The Inevitable. Meh. It was a tad too futurist for me, but I do think the author got a lot of things right. The piece on tracking and the effects on privacy was a hard pill to swallow, and I’m either naively optimistic or in denial.
  • The Cyber Effect. Good. A surprisingly deep book on how so many things change about human behavior in the digital world… and the lack or lag of all the guardrails that we have in the physical. It’s a concept I’m sure most people have some intuition about, but the author really crystallizes all these important topics. It’s a particularly good read if you’re a parent.
  • The Subtle Art of Not Giving a F*ck. Meh. It’s alright, I guess. The message is more about on caring for only the things that really, really matter… and ditching everything else that doesn’t. While I didn’t really get much from this, it’s a decent reminder.
  • The Ransomware Hunting Team. Good. Quick read, but I learned so much about the intriguing and often selfless world of ransomware hunters and fighters. It definitely increased my respect for what they do. I was particularly inspired by Fabian Wosar’s story, all the struggles he went through and how much he helped victims, pro bono. Also, the schadenfreude from all the distress and disruption he caused ransomware gangs was certainly enjoyable. It’s good when the good guys win!
  • Seveneves. Good. Alright, this book is long and extremely detailed, but I did enjoy it. There were a few points towards the end where it seemed to break from hard sci-fi and get a little… out there. Regardless, it was still an inspiring story of hope and survival. If you liked Cixin Liu’s trilogy, give this a shot! It’s what the movie, Moonfall, should have been (don’t watch it…)
  • Noise. Good. Another eye-opener from Kahneman, and an excellent follow-up to Thinking, Fast and Slow. The author covers many different concepts at depth relating to statistical randomness and noise (of course!), along with domains in which they’ve failed or fooled us. The discussion on the variance in the legal system was particularly depressing and surprising. This is a good book to pick up if you liked his previous book, or Taleb’s Fooled by Randomness.
  • Crucial Conversations. Meh. This just didn’t click with me. The concepts are important, and the author provides some useful models and tools. Yet, it just wasn’t memorable enough for me. I think I would have preferred a summary or a blog post, but this might be good for you if you’re new to or struggle with these types of conversations.
  • Thinking, Fast and Slow. Great! I finally picked this up after reading all the references to Kahneman from Taleb’s books. It did not disappoint! There are so many fascinating and useful gems packed into this book. The concept of our brains’ dual systems (and all the strengths and pitfalls that come with them) really opened my eyes. It’s extremely thought-provoking.
  • Agile Application Security. Good. Solid advice on how to build a product security program and culture that developers don’t hate. Some of the specific tools are probably already out of date, but the approach is still extremely pertinent and valid. I’d recommend this to security engineers and managers who are building new programs, or who are trying to dramatically change existing ones.
  • Sapiens. Good. This book got some flak by critics, but I actually liked it! It was a decent overview of human history and, perhaps depressingly, a mirror into how absolutely awful we were (and are) to each other, life, and the Earth. Lots of different concepts and time periods covered here!
  • The Three-Body Problem (Series). Great! Insanely creative and thought-provoking, and wholly unsurprising why this series consistently makes it into “top 10” sci-fi book lists. If you find the Fermi Paradox interesting, you’ll find this equal parts amazing… and terrifying.
  • Talking to Strangers. Good. It’s been a long time since I’ve read a Malcom Gladwell book! This was a good follow-up and contrast to Liars & Outliers (see below). The author artfully challenges typically black-and-white positions, and elicits both nuance and empathy for bystanders fooled by lies. It certainly expanded my view, appreciation, and caution of situations where truths and lies aren’t clear.
  • How to Invent Everything. Meh. I had high hopes for this, but the content and humor just didn’t land for me. In retrospect, it totally makes sense to focus on survival skills. I think I kept wanting it to be more along the lines of “you’re dropped off in the woods with a hatchet, here’s what you need to invent to send an email.” (Which I would totally buy and read!)
  • Countdown to Zero Day. Good. This was wild. I was surprised and awestruck by this gripping account of Stuxnet and the precise, systematic dismantling of Iran’s nuclear program. I also learned a bit about the grey-hat exploit market and what nation state actors are capable of (at least, what we know of).
  • Life 3.0. Good. A refreshing and hopeful take on the possibilities of a future with AGI. This really opened my eyes to the potential outcomes of beneficial AI and superintelligence that don’t involve Skynet and killer robots, as well as the critical importance of AI safety research. Our future is in our hands, which is both equally empowering and terrifying.
  • Liars & Outliers. Meh. It was… alright. I think it tried too hard to be a sociology book, and for whatever reason (especially the first few sections), it just didn’t stick with me. I would have much preferred a short post or essay focusing on Bruce’s model of trust and the dynamics of various pressures: societal, moral, reputational, and institutional, which I found quite interesting!
  • A Hacker’s Mind. Good. This was like taking Bruce’s The Security Mindset (a short post), and running with it to make a book, yielding great results. This expanded my view on what “hacking” can be, and it’s always a joy to hear how people hack and circumvent systems and controls. Some of the examples were… a stretch, but if you enjoy hearing innovative and devious ways to abuse systems, pick this up!
  • Skin in the Game. Great!. This was the first piece I read in the Incerto, and I re-read it (and upgraded the rating) after reading the first four books. It just gets better with time and context of the previous works. Asymmetric relationships are everywhere and knowing how to identify and deal with them is important.
  • Unconditional Parenting. Good. I put this in my queue after hearing about it in a Hacker News thread, and I finally got around to reading it. I wish I had read it earlier! This challenged a lot of my ideas and views, and it definitely changed the way I will raise my kids. Highly recommend this, especially for parents of younger kids.
  • The Expanse (Series). Great! I only read the last three books after binging the TV show, but I am absolutely enthralled with the universe that the authors built. It’s been a hot minute since I read any non-non-fiction books, and this was a welcome reprise. If you like space operas, this is your jam.
  • Software Security. Meh. There are some good concepts here, but I had trouble slogging through the content that hadn’t aged as well. I can still appreciate the fundamentals discussed here that many companies still can’t manage, but there are probably much better texts out there today. The inside, back cover (an outline) has a quick tl;dr that should sum it up for you.
  • Antifragile. Good. I guess Taleb’s books just get better and better! It’s like every iteration repeats but refines powerful concepts, but with more nuance and crispness. I especially liked, well… anti-fragility. Especially through the lens of software, I think it elucidates a bunch of concepts around reliability, like how teams with strong incident response become more resilient over time.
  • Blood, Sweat, and Pixels. Good. I read this on the heels of finishing a half-gamedev, half-Rust book (see below) to get an account of what the industry is like. Oof, it’s brutal, and far more demanding that I could have imagined. The stories are certainly awe-inspiring, but I can’t get over the survivorship bias and how many studios must have shed blood and sweat without tasting victory.
  • Hands-on Rust. Good. What a gem! I came in just wanting to just refresh and sharpen on Rust, but came out wanting to make an indie roguelite game set in space. Knowing absolutely nothing about game dev but having a deep respect and appreciation for it, I think this book was a good intro to it and Rust.
  • The Black Swan. Good. I liked this a lot more than the previous book (see below). I think my main gripe with the Taleb is his writing style and how he… well, figuratively shits on his rivals and professions. Regardless, if you can get through that (or don’t have an issue with it), there are some excellent topics here on how to better understand the world and all the fallacies of black swans, bell curves, and the Ludic fallacy.
  • Ghost in the Wires. Good. An entertaining account of Mitnick’s life and hacking exploits: phone phreaking, computer hacks, social engineering, and law (he hacked that, too). Parts in the middle did feel a bit repetitive, but I’d still recommend this!
  • MongoDB: The Definitive Guide. Good. I gave MongoDB a bad rap when I used a long time ago, but it looks like it’s come a long way. I have a lot more experience with relational databases, so learning about how MongoDB does things was enlightening! I particularly enjoyed the different design patterns to consider when you’re dealing with documents… and the idea that normalization is for sissies.
  • Fooled by Randomness. Meh. There are some powerful examples and narratives of statistical fallacies, but I had a hard time getting through large sections of the book where the author went on tangents.
  • Computer Networking: A Top-Down Approach. Good. What a pleasant survey of computer networking! This was a detailed and informative textbook, and I loved the “top-down” approach vs. the relatively more common “bottom-up” style. It gave me an appreciation and understanding of how and where different networking protocols fit in the big picture.
  • The Mythical Man-Month. Good. Models and concepts that (mostly) withstood the test of time, many of which you’ve probably either heard of or experienced first-hand. This book is more about the humans that build software than it is about software—and that’s why it’s so important! If you’re short on time, just read the titular essay, the chapter on The Second-System Effect, and the final chapters that contain an outline and retro.
  • Structure and Interpretation of Computer Programs. Great! Alright, this book is absolutely insane. I can’t believe this is used in intro-level classes because there are very advanced concepts and paradigms jammed into this book. Everything from functional programming, to concurrency, to building an interpreter for Scheme (in Scheme) to building a machine language and compiler. I’m almost jealous that this wasn’t my first foray into computer science. I quite rarely re-read books, but this is one I’ll add to the short list, particularly because I skipped many of the exercises. Don’t miss out on this one!
  • Serious Cryptography. Meh. It’s a good overview of major cryptography concepts, but I consistently found myself wanting either more detail (to be fair, the author does list many “Further Reading” resources) or more applicability. I still think it’s well-written and clear about its goals, but it just wasn’t what I was looking for.
  • The Rust Programming Language. Good. This was probably the best intro to a language I’ve read! Not terribly long, but just enough content and examples to grok the core concepts. You can read all the same (and probably updated) content on the official site.
  • Threat Modeling. Good. There’s a lot more than threat modeling in this book! It reads like an opinionated meta-analysis (your take if that’s a good or bad thing) that pulls from a wide array of content and resources. You can open it up on a random page and likely pick up or learn something useful.
  • Container Security. Good. Lots of useful fundamentals packed into a relatively short book. The author spends the first half or so of the book going over how containers work, and then pivots into how to protect them. Overall good read that you can finish in one sitting. Liz has a knack for explaining complex subjects simply, and I will be sure to follow her work!
  • Code: The Hidden Language of Computer hardware and Software, 2nd Edition. Good. This reminded me a lot of Elements of Computing Systems, but with a much gentler introduction, larger focus on hardware, and a lot more coverage of computing history. I think the end tapered off considerably after building a CPU, and it just felt rushed. Nonetheless, it’s a good book if you want to know how to build a computer from the ground up.
  • Web Application Security. Nah. Extremely basic, despite the author purporting that it could be used by intermediate-level security engineers as well. I suppose it’s a decent introduction or even refresher; however, there was significant material missing, outdated, or perhaps wrong, e.g. CSRF defenses.
  • Secrets and Lies. Good. While published in ~2000, it’s incredible (and sad?) just how so many of the problems and concepts Schneier introduces and predicts here are still relevant today. This was an excellent survey of information security, and while the examples are dated, few of the underlying principles are… or will be.
  • OAuth 2 in Action. Good. Very thorough and practical breakdown of OAuth 2.0, and extremely useful for anyone developing or working with this protocol. I especially liked how a chapter was dedicated to each major component (e.g. client, authorization server, protected resource), as well as one strictly on vulnerabilities and pitfalls.
  • Performance Modeling and Design of Computer Systems: Queueing Theory in Action. Good. I really enjoyed this book and topic! This is one of the better textbooks I’ve read, rich and comprehensive with plenty of wonderful examples. I would have loved to have taken a course designed around this book. I actually gave a talk (slides) about some of the topics in this book. Queueing is an absolute necessity for any software engineer, and this is a great book to get you ramped up on it.
  • The Every Computer Performance Book. Meh. Quick read (<200 pages), but I do think you can get the most important insights of the book from a summary.
  • Building Secure and Reliable Systems. Good. Very refreshing take on the intersection (and differences) of security and reliability at Google. Lots of great insight here!
  • Amazon Web Services in Action. Meh. I picked this up as a refresher to AWS but found it was very dated (2015).
  • Practical Cloud Security. Meh. This is actually a wonderful resource if you’re brand new to cloud security, but if you are familiar with most of the concepts in the table of contents, I’d recommend a pass. This is a very breadth-first resource that doesn’t go into a ton of detail.
  • The Bogleheads’ Guide to the Three-Fund Portfolio. Great!. This is probably this highest ROI (both time and money) book you can read that will improve your financial health and future. “Don’t just do something, stand there!”
  • Personal Finance for Tech Professionals. Good. I’d recommend this for (duh) tech professionals, especially those working at startups. It boils down a lot of tricky concepts, simply, especially around equity and taxes.
  • Lying for Money. Good. A fantastic intro into fraud, the mindset of fraudsters, and the economics that drive (and bust) fraud schemes.
  • Operating Systems: Three Easy Pieces. Great! A fantastic follow-up to nand2tetris. Broadly covers virtualization, persistence, and concurrency in operating systems. A must-read for all software engineers.
  • The Elements of Computing Systems. Good. What a gem that lived up to its hype! Learning how computers work from the ground up was fantastic. The first chapters on hardware are free at nand2tetris.
  • Essential Scrum. Meh. Okay, I guess, given the topic. I might revisit it, but there are probably shorter books to read on the topic.
  • The Go Programming Language. Good. One of the better intros to programming languages I’ve read. I finally got to officially learn Golang, and this was a treat to go through.
  • PCI Compliance. Good. Surprisingly, so! I thought this was going to be a slog, for sure, but it turned out much better than expected. What a gentle intro into what I thought was the boogeyman!
  • Practical Vulnerability Management. Good. Must read for anyone working on a vuln. management program. Practical (duh) and pragmatic approach.
  • Secure by Design. Good. This was my first intro into domain-driven design (with a security lens), and it made me want to learn more about DDD. I was originally looking for security reviews, but this changed my view on how important data modeling is to software security.
  • Securing DevOps. Good. Fantastic read on DevSecOps and shift-left security. I also learned a ton about detection and response. Super-relevant to security and threat engineering.
  • The Tangled Web. Good. Some of this information is outdated, but there’s so much knowledge packed into this book. Highly recommend for anyone interested in web- and appsec.
  • The Shellcoder’s Handbook. Good. This was so freakin’ cool. Lots of really great stuff here for binary exploitation and reversing that you won’t find elsewhere. I skipped a few architecture-specific chapters, but I remember being blown away by how to defeat exploit mitigations and smuggle in shellcode with ASCII encoders.
  • The Hacker Playbook 3: Practical Guide To Penetration Testing. Meh. I’m on the fence with this one. I did enjoy it and learned about a bunch of nifty and specific techniques, like DNS tunneling. I’m lukewarm on it because I’m not entirely sure it will age well as both attacks and defenses adapt and change, but I would love to be wrong.
  • Never Split the Difference. Good. I listened to the audiobook, and it was fantastic. It’s an engaging narrative that gives you a unique perspective on how to negotiate.
  • Cloud Native Patterns. Good. Solid and helpful overview of patterns to make apps resilient in the cloud.
  • Big Data. Good. Digestible overview of Lambda architecture. Pre-requisite to learning about Kappa and streaming architectures.
  • It Doesn’t Have to Be Crazy at Work. Great! Another excellent entry from the Basecamp folks. No words wasted, and as refreshing as it is inspiring. What a fantastic company and book!
  • Database Reliability Engineering. Good. Lots of knowledge compressed into a relatively short read. As someone not directly in SRE/DBRE/DBA, however, I don’t think I got much direct utility from it. YMMV!
  • Magnolia Story. Good. An enjoyable, entertaining story. If you like the show, you’ll like their book.
  • Streaming Data. Good. I much preferred this content to Streaming Systems; in particular, I liked the methodical approach and survey of each core component of generalized streaming architecture. I recommend reading this before Streaming Systems.
  • Mastering PostgreSQL 11. Meh. Pretty good reference book on PostgreSQL, but seemingly very few ideas and concepts specific to PostgreSQL 11. At times, it felt like an early release, referencing features still on PostgreSQL 11’s roadmap. Nonetheless, there are some really great nuggets of information here, particularly on performance tuning and configuration.
  • Streaming Systems. Good. Fantastic introduction (and history) to streaming systems. I particularly enjoyed the unifying framework that the author presents, as well as key ideas and mental models, like stream-table duality. I don’t know how well it will age, but I’ll be sure to pick up following editions as new stream processing paradigms are introduced.
  • Kafka: The Definitive Guide. Good. Solid guide into Kafka. I’ll keep this handy on my shelf and will be revisiting it when I need to tune Kafka.
  • Designing Distributed Systems. Meh. Eh, it’s a quick read. Some interesting design patterns for micro-service architecture, but perhaps I didn’t appreciate it as much since I didn’t go through the Kubernetes examples.
  • Designing Data-Intensive Applications. Great! Best technical book I’ve read in quite some time. Absolutely fantastic.
  • Payment Systems in the U.S.. Good. This is a must-read for anyone in FinTech, especially engineers that need to build systems that move and transfer money. I hope this edition becomes obsolete, because so many of our critical financial systems (read: ACH) need drastic overhaul.
  • Guerilla Capacity Planning. Nah. The concept is 10/10, but the material was pretty hard to slog through. I recommend future readers just read perfdynamics.com articles to get the gist.
  • The Hard Thing About Hard Things. Great! Absolutely incredible read. A large chunk I couldn’t appreciate (advice on hiring and managing executives), but even if you read the first few chapters about Ben Horowitz’s journey, it’s worth a read.
  • Radical Candor. Good. The concept of radical candor was so enlightening to me that I made it a line item in my personal leadership philosophy. This book should be required reading for all teams, managers of teams, and managers of managers, alike. My only gripe with this is that I think it could have been shorter; but otherwise, it was a fantastic read.
  • React Quickly. Meh. Fairly decent intro and walkthrough of front-end stack utilizing modern technology. It definitely focuses on breadth over depth (not a bad thing), but my hesitations are on the focus of the book on technology vs. design patterns. I could see this book being outdated in short order due to the pace of JavaScript evolution.
  • SQL Performance Explained. Good. Should be required reading for application back-end developers! This was a short, yet information-packed, guide to tuning databases and applications. I too often see developers treat databases as black box abstractions; it’s refreshing to see the author embrace full-stack ownership.
  • Two Scoops of Django 1.11. Good. There is a wealth of knowledge and experience tucked away in this book. I loved the opinionated take that the authors present, particularly on avoiding pitfalls that might take developers weeks or months to learn the hard way. I sincerely hope they release a new guide for Django >2.0!
  • Video Encoding by the Numbers. Good. I severely underestimated how complex and nuanced video encoding can be, and this book really opened my eyes to it. You won’t become an ffmpeg wizard overnight, but you’re sure to learn something.
  • Cracking the Coding Interview. Good. An absolute must-have for software engineers seeking jobs, regardless of seniority. You’ll either learn or refresh on some concepts, but this also teaches you how to “play the game”, which is an unfortunately necessary skill.

Abandoned

Books I simply gave up on. This list should be longer!

  • CISSP Study Guide. I feel like I’ve been in two opposing bubbles that were either all for or all against the CISSP, and I picked this up on a whim to broaden my perspective. Suffice it to say, this just wasn’t for me! I closed the book about halfway through, but it was nice to get some refreshers along the way.
  • AWS Penetration Testing. I abandoned this halfway through. It wasn’t bad, but it just wasn’t particularly engaging or interesting to me. It also didn’t help too much that the AWS environment had a bunch of “old” tech, so it just wasn’t as relevant to cloud-native infrastructure in 2022. YMMV, though!
  • Think and Grow Rich. I know this is a classic, but I just couldn’t get into it. A lot isn’t quite relevant anymore, and the whole “follow these steps and you will receive riches” was so repetitive. I feel like I can sum up most of the book by saying, “have grit.”
  • Computer Organization and Design. I picked this up after reading OSTEP and made it about halfway through. I think the book was alright, but I just wasn’t as interested in the hardware elements as I thought I would be.

Memorable

These are books I read a long time ago, and are memorable enough to mention.

  • On Writing Well. This is one of the few books I re-read every couple years. Not a word wasted.
  • Starship Troopers. Nothing like the movies! This was actually on military reading lists, and it’s more about civil-military relations more than anything.
  • Moonwalking With Einstein. Journalist turns memory champion. Fun read.

Re-read Queue

Books to re-read Some Day™, either because I’ve forgotten it or want to revisit with a new perspective.

Antilibrary

What? See also: Tsundoku. I’m not sure what’s wrong with me, either.

  1. 24 Deadly Sins of Software Security
  2. Adversarial Machine Learning
  3. Agile Retrospectives
  4. Algorithms to Live By
  5. The Amazon Way
  6. Applied Cryptography
  7. The Art of Computer Programming
  8. The Art of Deception
  9. The Art of Intrusion
  10. The Art of Invisibility
  11. AWS Security Cookbook
  12. Become an Effective Software Engineering Manager
  13. Blitzscaling
  14. Building Microservices
  15. Bulletproof TLS and PKI
  16. Clean Architecture
  17. Clean Coder
  18. Coaching Agile Teams
  19. Code Complete
  20. Compilers: Principles, Techniques, and Tools
  21. Computer Networks
  22. Concurrency in Go
  23. Continuous Delivery
  24. Cyber Frauds, Scams and Their Victims
  25. Data and Reality
  26. Database Internals
  27. Database Management Systems
  28. Design and Implementation of the FreeBSD Operating System
  29. Design Patterns Explained
  30. Designing Distributed Control Systems
  31. The DevOps Handbook
  32. Distributed Systems
  33. An Elegant Puzzle
  34. Enterprise Integration Patterns
  35. Hacking Multifactor Authentication
  36. Hooked
  37. How to Design Programs
  38. How to Solve It
  39. How to Steal a Lot of Money
  40. Hunting Cyber Criminals
  41. Incident Response & Computer Forensics
  42. Introduction to Autonomous Mobile Robots
  43. An Introduction to Functional Programming Through Lambda Calculus
  44. Introduction to Linear Algebra
  45. Introductory Graph Theory
  46. Investigator and Fraud Fighter Guidebook
  47. An Invitation to Applied Category Theory
  48. Learning Functional Programming in Go
  49. Linux Kernel Development
  50. The Linux Programming Interface
  51. Lions’ Commentary on Unix
  52. Mac OS X Internals
  53. Machine Learning: An Algorithmic Perspective
  54. Malware Analyst’s Cookbook and DVD
  55. Mathematics for Computer Science
  56. Microservice Architecture
  57. Patterns of Enterprise Application Architecture
  58. PoC||GTFO
  59. Production-Ready Microservices
  60. Purely Functional Data Structures
  61. Readings in Database Systems
  62. Refactoring
  63. Release It!
  64. Securing the Perimeter
  65. Security Engineering
  66. Security and Microservices Architecture on AWS
  67. Seven Concurrency Models in Seven Weeks
  68. Seven Databases in Seven Weeks
  69. Social Engineering
  70. Software Design for Flexibility
  71. Software Security Engineering
  72. Staff Engineer
  73. Super Thinking: The Big Book of Mental Models
  74. TCP/IP Illustrated, Volume 1
  75. Transaction Processing
  76. The Unicorn Project
  77. UNIX and Linux System Administration Handbook
  78. Windows Internals, Part 1
  79. Working Effectively with Legacy Code

† From Teach Yourself Computer Science

Other Reading Pipelines

  • Kevin Smiler (Melting Asphalt). He was the inspiration for this page!