We modeled the Cybersecurity Canon after the Baseball or Rock & Roll Hall-of-Fame, except for cybersecurity books. We have more than 25 books on the initial candidate list, but we are soliciting help from the cybersecurity community to increase the number to be much more than that. Please write a review and nominate your favorite.
The Cybersecurity Canon is a real thing for our community. We have designed it so that you can directly participate in the process. Please do so!
While not purely a security book, The Cathedral & the Bazaar, and the ideas behind it, were a catalyst for the open source movement. Originally delivered as a speech to the 1997 Linux Kongress in Germany, this pivotal piece changed how we, as an industry, look at software development. It was the impetus for traditionally closed source companies to start open source projects and lead to the start of the Mozilla project. While the original speech should be required reading for how it shaped the industry, the book is more than you really need to read.
Though the revised text of the 1997 speech is the meat of The Cathedral & the Bazaar, the author includes additional commentary on tangential areas to make it into a book format: part observation (the best hacks start out as personal solutions to problems), part helpful advice (your last duty as a project owner is to hand it off when you lose interest), and part chronicle of hacker norms (be humble, don’t hold bugs against the author).
The text is somewhat technical, though you can skip over the especially technical sections without losing much of the value of the book. The essence is his nineteen lessons for good open source development:
There are some very strong feelings on open source development in our industry. With true believers on either side of the debate, discussions often take a religious bent. This book is no different, and there is no confusion about which side the author is on. Still, there is some valuable analysis, if you are able to get through the philosophical discussions on how software is best created. In the author’s viewpoint, the two criteria that determine whether open source should be the development solution are:
Regardless of your feelings on open source and commercial software, this speech was a key historical moment that was arguably the genesis of many security community open source projects.
While The Cathedral & the Bazaar is a historical piece that has shaped the industry, the book adds a lot of tangential commentary that wasn’t of as much value. While you should definitely read the text of the 1997 Linux Kongress speech online, you can skip the book.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.