How long does it usually take for a book to be considered obsolete?

[Shock]

This has been a fear of mine for a while and it's finally time to address it.

Some books I've acquired like Counter Hack: reloaded are still going to be relevant in the present/near future (namely because of the methodology of what they teach) but others seem to be one trick ponies that work against a certain webapps that have been patched up since the book was released and this goes into my current situation.

Lately, I've been looking into the Hacker's Handbook series by whiley and while they do have good reviews, a lot of them are a bit dated(2007) and I have no idea if it will be presenting problems and issues that have already been patched up.

This there some merit in this train of thought or am I just worrying too much.   

 

[ajohnson]

IT books are ephemeral by their very nature. My personal experience is that they'll be relevant for 1-3 years, depending on the subject. Also remember that it can take around a year to get a book written and published, so parts of it will likely be dated by the time it hits the street.

I usually buy a book with the intention of giving it one solid read-through. After that, I should be familiar enough with the subject to just google any piece of information I'm looking for, as opposed to paging back through the book.

I think you hit the nail on the head though. If a book focuses on higher level procedures and concepts, it'll have a much longer life than a book that focuses on narrow, highly technical content.

Although, I don't understand your "fear" and "worrying." Most of us are in this field because we're drawn to the rapid change and opportunity to regularly learn new things. It's only natural that related educational material will quickly fall by the wayside. 

[Shock]

Although, I don't understand your "fear" and "worrying." Most of us are in this field because we're drawn to the rapid change and opportunity to regularly learn new things. It's only natural that related educational material will quickly fall by the wayside. 

That is true but as a broke college student, I'm trying to figure out which book will give me the most bang for the buck and as a prospective ethical hacker (and budding paranoid security professional), I don't feel it's ethical for me to torrent the books that I can't get (and god only knows what the PDFs could be binded with).

Either way, thanks for the reply. Certainly gives me a bit to think about.

[ajohnson]

Look for good deals on used books at half.com or Amazon. I've bought many where the cost of shipping was higher than the book.

There is also an abundance of free resources, such as SecurityTube, the papers on ExploitDB, Metasploit Unleashed, etc. Be sure to check out the vendors too. Google something like cisco security guide for some good information from Cisco. Microsoft has a lot on Technet as well. You may not get the nice narrative format of a book, but the same content is available. You can learn a lot without spending a penny.

[MaXe]

In short: Between 5 minutes and 100 years  Some concepts of testing/information can be applied almost forever, even in Internet time, while other things may become obsolete within 5 minutes if the issue is remediated at such a great scale that the attack vector becomes obsolete. (i.e. Cross-Site Tracing is practically useless nowadays. But it's good to know about.)

[3xban]

If the book refers to "WEP" as "the preferred method of securing a wireless network..."  then it's time to donate to the local library

[impelse]

For me a book became out updated is when the technologies is not use to much.

For example, I did not see to much Windows 200o lately, so I would not buy that kind of book.

In the other hand I saw many old programming books with C, or bash that they still look interesting...

[azmatt]

The same answer as every other question in the industry, it depends

A few months back I bought all three versions of the Hacker's Challenge books used on amazon for under $20 total. The first two editions are ten years old and while a lot of the specific attacks are no longer feasible they've been great for understanding the mindset and methodology aspects which aren't often covered.

I've got programming reference books written 3 years ago that I'll never touch again.

[Matthias2012]

..and there is another thing you have to think about. Sometimes when programs gets changed, they do not through away everthing in the code, they modify, they add and they leave code unused. It is still in there but now it is undocumented.
Do you know/remember what happens if you place .LOG(CR/LF) in the first line of a txt-file and open it with notepad.exe? And where is that documented?
 ...and maybe you can use that!
Maybe old books are obsolete but they are cheap and sometime you find treasures you didn`t searched for..

[jimbob]

Do you know/remember what happens if you place .LOG(CR/LF) in the first line of a txt-file and open it with notepad.exe?

I've never come across that one before, nice.

Books date at different speeds depending on the technology and the quality of the writing. Some older books like The Art of UNIX Programming are well worth reading despite its age. Java in a nutshell for JDK 1.3 should probably remain on the shelf. You might want to check the reviews in Amazon or aska round on the forum if you want to know about a specific title.

Regards
Jimbob