All Reading Is Not Equal or Fast

Four years ago I posted Reading Tips, where I offered some ideas on how to read technical books.

Recently I've received emails and questions via Twitter on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same subject.

In this post I'd like to offer anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r perspective. Here I will introduce different "types of reading." In ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r words, I don't see all reading as equal, and what some people might call "reading," I don't consider to be reading at all!

After reading this post you may find you can adopt one or more (or really all) methods in your own knowledge journey.

The key to this post is to recognize that different types of reading exist, and you have to decide how you are going to approach a book, article, or ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r printed resource.

My list follows.

• Proofreading is a very intense activity where cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 reader scrutinizes every aspect of a book. The reader pays attention to technical accuracy, grammar, production value (quality of screen captures, etc.) and all ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r customer-facing elements. This is usually a paid activity because it can be very demanding and time-consuming!
  
  I doubt most people find cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365mselves in this situation, but I have been hired in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 past to do this sort of work.


• Reading for correctness is a subset of proofreading where cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 reader focuses on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 accuracy of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 written material.
  
  For example, is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 author correct when he says cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 TCP three way handshake (TWH) is SYN ACK -> SYN ACK -> ACK? Wrong! (True story.) Here cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 reader is trying to see if cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 author knows what he is talking about. I usually enter this mode when I smell blood in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 water. In ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r words, when I encountered cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 wrong TWH in a book years ago, I continued hunting errors until I was mentally exhausted.
  
  This is an unpleasant form of reading reserved for error-prone books. Once an author proves he or she knows cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 material I usually don't enter this mode. I only read for correctness as preparation to write a book review of a technically inaccurate book.


• Memorization is anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r intense reading form, usually reserved for academic classes. If you've had to study for a biology test, you've probably read for memorization purposes. If reading for memorization, I will likely heavily mark cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 text and create independent, supplementary materials like flash cards. Yes, on real index cards! The act of writing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 material helps activate ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r areas of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 brain to memorize information.
  
  Thankfully I haven't had to do this sort of reading in years, or at least not regularly. I have had to memorize information for amateur radio license tests, and I like creating flash cards for that information.


• Reading for learning is one of my common modes. With this approach I mark up a text (generally underlining or bracketing key terms and sections) and add comments or questions in margins.
  
  You might think cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 previous (and possibly cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 subsequent) reading modes are all about learning too, but simple learning for me is a more relaxed endeavor compared to memorization or correctness.
  
  The goal of learning is to be able to remember a subject, preferably well enough to at least describe it (but not teach it) to a third party.
  
  Reading for learning is as fast as you are able to absorb material.


• Reading for practice is closely related to learning, but it involves material that has an operational aspect. For example, reading a programming book for practice, for me, involves trying cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 code examples, and even better trying cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 sample exercises.
  
  Practice is a more active form compared to learning. With learning I might be able to explain a pointer, but with practice I could write a program using one.
  
  Due to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 hands-on manner, this is a slow form of reading.


• Reading for familiarization is anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r one of my more common reading forms. Here I am just trying to understand cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 author without necessarily planning to implement his or her concepts in real life. For example, I plan to read a book on Windows internals in April, but I do not plan to become a Windows kernel programmer.
  
  Reading for familiarization is probably cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 fastest way to read a technical book and still derive value from it. I may or may not mark up a book for familiarization purposes.


• Reading for reference starts to enter cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 gray area of possible "fake reading." If you only read a few sections or chapters of a book, have you really "read it?" For example, I've relied on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 massive book Unix Power Tools, but because I've only referenced parts of it, I've never formally reviewed it.
  
  In my opinion, unless you heavily reference a book over time, you're not really reading at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 level cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 warrants a review.


• Sampling is not reading. Top Amazon book reviewer frauds, this means you. Looking at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 front cover, back cover, index, table of contents, and a few sample pages doesn't make you qualified to write a book review. The sorts of people who write more than a few book reviews per day are cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 fakers who consider "sampling" to be "reading."


• Reading for entertainment is not generally an approach I take with technical books! Sure, I enjoy cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m, but it's not like reading a classic fiction book. When reading a nontechnical work, I tend to devour pages. I'm not sure if that's good or bad, but it's exceptionally fast since cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 emotional component engages additional brain components that would allow me to later describe cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 content should I wish to do so.

How does reading for reviews fit in? In my view, as long as you're not "sampling" or reading for reference, any of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 methods above qualify for writing a review. I suggest adding one component to your reading process to assist with review writing: keep a separate notebook and take notes as you read. Be very specific, e.g., "p 121 had this quote... etc." The more notes you take, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 easier your review will be to write.

So what does this mean if you want to know "how does Bejtlich read so many books?" The answer is to decide just how you want to read a book. When I read a book on C or Windows Internals in April, I will likely be reading for familiarization. I don't plan to be a C coder or Windows developer, but I do want to be conversant in certain topics. If I get really motivated I will turn to my PC and try some examples. (In fact, I'll probably do that for a book on coding for Windows, since I've never done that before.)

What this means is that I, reading for familiarization, will probably read faster than someone else reading for practice, or memorization, or anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r time-consuming purpose. It all depends on your goal! On anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r day I may be reading for practice because I really want to know more about a topic, and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n I'll be slower and more engaged.

Incidentally, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 more you read, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 faster you will likely become. I don't think improving your reading is limited to children, eicá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r (although my daughters are pretty scary in terms of speed).

Don't overdo it though. I would not be surprised to learn that chemical reactions are involved with reading, especially cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 more intense learning modes. In some cases I can feel my ability to absorb material shutting down, and at that point cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is really no reason to continue. Take a break.

I also advise against reading in bed, although this is a truly personal opinion. For some people, it works great. I don't make it past five minutes!

If you have questions on this post, please comment here. I have to moderate everything so it may take me a while to notice cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m. Thank you.

Tweet

Review of Hacking Exposed: Web Applications, 3rd Ed

Amazon.com just published my four star review of Hacking Exposed: Web Applications, 3rd Ed by Joel Scambray, Vincient Liu, and Caleb Sima. From cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 review:

This is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 third Hacking Exposed: Web Applications (HE:WA) book I've reviewed, having reviewed cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 second edition in 2006 and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 first edition in 2002. While I gave cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 earlier editions each five stars, I don't think HE:WA3E quite meets my expectations of a five star web application security book -- at least not one bearing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Hacking Exposed (HE) series name.

In my opinion, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 winning formula for a good HE book was set by cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 first in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 series, back in 1999: 1) explain a technology of interest; 2) show exactly how to exploit it; 3) recommend countermeasures. For me, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se three steps MUST be followed, and any book with HE in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 title that fails to follow this recipe is likely to fall flat. The reason I like this approach is simple; in many cases, defenders first encounter a new technology only after a researcher or intruder has broken it! In ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r words, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 offensive side is usually far ahead of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 defensive side, because offenders often specialize in a promising new area and pursue it relentlessly until cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y break it. Good HE books help redress this imbalance by getting cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 defender up to speed on a new technology, showing how to break it, and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n suggesting defensive measures.

Tweet

Review of iOS Forensic Analysis Posted

Amazon.com just posted my three star review of iOS Forensic Analysis by Sean Morrissey. From cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 review:

I've read many forensics books over cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 last decade and written one as well. I believe that iOS Forensic Analysis (IFA) offers some useful information, but cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 manner in which cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 author presents it is not as effective as it could be. If cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 author were to write a second edition that structures cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 material in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 way I recommend, I believe it would merit a four or five star review.

Tweet

Review of Computer Incident Response and Product Security Posted

Amazon.com just published my three star review of Computer Incident Response and Product Security by Damir Rajnovic. From cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 review:

When I first learned that Cisco Press was publishing a book about product security (Computer Incident Response and Product Security, or CIRAPS), I was excited to see what cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y might create. Cisco's Product Security Incident Response Team (PSIRT) is one of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 best in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 industry, with a long history and mature processes. Furcá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rmore, no published book currently provides extensive coverage for companies trying to design, build, and run cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir own PSIRT. Racá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r than focusing on this topic and thoroughly examining it, however, CIRAPS spends only 100 pages out of a 215 page book talking about PSIRT issues. While cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re are parts of CIRAPS that I found interesting, I don't think cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y justify reading cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 whole book.

Tweet

Review of pfSense: The Definitive Guide Posted

Amazon.com just posted my five star review of pfSense: The Definitive Guide by Christopher M. Buechler and Jim Pingle and published by Reed Media. From cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 review:

I have to admit that pfSense: The Definitive Guide (pTDG) caught me off guard. I expected cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book to mainly discuss installing and using cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 pfSense firewall appliance, which would have been enough for me to enjoy cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book. However, I was pleased to see coverage of many issues related to network security and firewall design and operation. For me, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se features elevated cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 entire book to five star status. If you're interested in learning how pfSense can help your organization, and what it means to deploy firewalls, pTDG is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 right book.

Tweet

Mini-Review of The Book of Pf Posted

Because I wrote a three star review of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 first edition of The Book of Pf by Peter N.M. Hansteen, Amazon.com won't allow me to write a review of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 second edition. So, I added cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 following comment to my old review indicating that I think cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 second edition deserves four out of five stars:

Amazon won't allow me to write a review of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 second edition of this book, so I'm adding this comment. I'm pleased to say that I believe cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 author accepted much of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 feedback in my first review as well as feedback from ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r reviewers. He's improved cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book so much that I think it warrants 4 out of 5 stars. He spends more time explaining key concepts racá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r than simply including cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 text. For example, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 author introduces features like macros (p 18) whereas in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 first edition he just started using cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m. The book is also fairly up-to-date, with coverage of OpenBSD 4.8, FreeBSD 8.1, and NetBSD 5.0. Reading how to use Pf on all three platforms was very helpful. One request for a future edition is to include more "tips and tricks" that an experienced firewall administrator is sure to have. For example, when working remotely on a firewall ruleset, what methods does cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 author use to test configurations and ensure that if he makes a mistake he isn't locked out of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 system? Finally, I think this book is a fine companion to PfSense: The Definitive Guide by Buechler and Pingle.
Tweet

Review of Kingpin Posted

Amazon.com just posted my four star review of Kingpin by Kevin Poulsen. I read this book by checking it out of my library! From cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 review:

I've read and reviewed almost all of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 non-fiction computer crime and espionage books written since cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 1980s. Kingpin by Kevin Poulsen is one of my favorites. I will recommend this book to fellow digital security professionals and those who would like insights into our world. Kingpin's coverage of Max Ray Butler's (MRB) constant entanglement with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 dark side is a lesson for anyone contemplating using cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir skills for evil.

On a related note, in late 2007 I posted Max Ray Butler in Trouble Again and followed that in 2010 with Max Ray Butler Sentenced (Again).

Tweet