Bruce Schneier: Schneier on Security and/or Beyond Fear.
posted by Jairus at 10:34 AM on July 26, 2011 [1 favorite]

You know, since you are focusing on the digital age, I'd assign them some videos or TED talks on the subject.
posted by misha at 10:39 AM on July 26, 2011

Cory Doctorow's Little Brother might not be 100% applicable, but it was helpful for me in terms of opening my eyes to a wide range of digital security concerns. It's also a good read and might help nudge some of your students toward a greater interest in the subject. Oh, and it's free and available in a variety of formats.
posted by rebekah at 10:43 AM on July 26, 2011

Definitely include something from Schneier. I'd go with Secrets and Lies, but I haven't read "Schneier on Security" yet.
posted by rmd1023 at 10:46 AM on July 26, 2011

Security Engineering by Ross Anderson is a classic. It's not purely about computer security, but about security in general - thinking about threat models, attackers, the problems in having effective DRM, the psychology of passwords, and more. It illustrates all these with interesting anecdotes and examples too. It's the best book on security I've read (and based on the reviews on the page I link to, it's the best book that Bruce Schneier has read, too). The first edition is available for free, but the second edition is worth buying too.
posted by siskin at 10:49 AM on July 26, 2011

I was just coming in to recommend Beyond Fear.
posted by postel's law at 10:52 AM on July 26, 2011

I'm seconding rmd1023. I've often said that if ever I taught a course on intro to security, Secrets and Lies would be the textbook. It's very accessible to non-security folks, and teaches the security mindset of looking at how things break, not how they work.
posted by bfranklin at 11:17 AM on July 26, 2011

Seconding Secrets and Lies and Beyond Fear. Cuckoos Egg, while interesting, certainly isn't about "personal security". I would certainly include books on social engineering, like Art of Human Hacking or No Tech Hacking. Maybe Ira Winklers Corporate Espionage, as it has a lot of social engineering stuff. Sorta off the reservation, but something like Practical Lock Picking is pretty eye opening with respect to questioning our preconceived notions of personal security and what we take for granted.
posted by kjs3 at 11:26 AM on July 26, 2011

Beyond a book, could you assign them all the task of downloading a browser like Firefox and using a bunch of script-blocking/anti-ad/anti-pop-up add-ons, then writing about how their browsing habits have changed if they didn't use Firefox in the first place? Or maybe people who are already aware of these issues and think they're protected have to use, like, IE6/7/8 or something, and install every suggested plug-in, and follow-through on pop-ups or something, journaling their parallel experience?

Web browsing is what people think of when they think of this topic, I think - it might be a good window into what your students are thinking about when they're online (and what they just assume they'll always/never have to deal with just because of the browser they choose).
posted by mdonley at 11:44 AM on July 26, 2011 [1 favorite]

I really like both volumes of Google Hacking for Penetration Testers by Johnny Long. Gives a great idea about how you can use Google to data mine and foot-print potential targets.
posted by white_devil at 12:05 PM on July 26, 2011

This thread is closed to new comments.