Archive for February, 2009
Foundations of Computer Security
Foundations of Computer Security
Anyone with a computer has heard of viruses, had to deal with several, and has been struggling with spam, spyware, and disk crashes. This book is intended as a starting point for those familiar with basic concepts of computers and computations and who would like to extend their knowledge into the realm of computer and network security. Its comprehensive treatment of all the major areas of computer security aims to give readers a complete foundation in the field of Computer Security. Exercises are given throughout the book and are intended to strengthening the reader’s knowledge – answers are also provided.
Written in a clear, easy to understand style, aimed towards advanced undergraduates and non-experts who want to know about the security problems confronting them everyday. The technical level of the book is low and requires no mathematics, and only a basic concept of computers and computations. Foundations of Computer Security will be an invaluable tool for students and professionals alike.
Computer Privacy Annoyances
From the moment you’re born, you enter the data stream-from birth certificates to medical records to what you bought on Amazon last week. As your dossier grows, so do the threats, from identity thieves to government snoops to companies who want to sell you something. Computer Privacy Annoyances shows you how to regain control of your life. You’ll learn how to keep private information private, stop nosy bosses, get off that incredibly annoying mailing list, and more. Unless you know what data is available about you and how to protect it, you’re a sitting duck. Computer Privacy Annoyances is your guide to a safer, saner, and more private life. Written by privacy pro Dan Tynan, and based on interviews with privacy experts from all over the globe, Computer Privacy Annoyances serves up real-world advice in bite-sized portions that will help you stop the snoops in their tracks. The book even addresses non-computing threats, from telemarketer-cum-stalkers, thieves at your mailbox, nosy folks in your HR department, cell phone eavesdroppers, and more. The key areas covered include:
- Privacy at Home
- Privacy on the Net
- Privacy at Work
- Privacy in Public
- Privacy and Uncle Sam
- Privacy in the Future
Daniel Tynan has written about Internet privacy and security for nearly a decade. His work has appeared in more than 40 national publications. As executive editor at PC World, Tynan edited a special issue on Internet Privacy that won a Grand Neal Award and was a finalist for a National Magazine Award. He has won more than a dozen other honors, including nine Neals, four Maggies, and two Computer Press Association Awards.
User Ratings and Reviews
5 Stars Wider than just the web
This book covers more than just your digital privacy. It sweeps on a wide variety of privacy topics. I find that a good thing since it’s comprehensive. In reality your digital identity is interspersed with your physical identity and both a very important.
This is the most accessible of the privacy books I’ve read. The advice is presented in bite sized bits that are easy to understand and implement. It gives both background and practical advice. Both of which are necessary to understand the problem and the solutions.
5 Stars Forget the “Computer” bit… *everyone* should read this book.
Computer Privacy Annoyances
O’Reilly
By Dan Tynan
ISBN 0596007752
As someone who gets asked questions about Internet use and safety all the time, a book I had been itching to read was “Computer Privacy Annoyances”, by Dan Tynan. According to the cover, the book covers “How to avoid the most annoying invasions of your personal and online privacy.”
The quick and dirty? The book gives very practical, real-world examples of how your data can be used, yet the author manages to avoid sounding like a doomsayer… even some of the more scary scenarios don’t come off sounding like sensationalism, just honest (and sometimes even apologetic) examples of what could very realistically happen. (I thank you, Mr. Tynan.)
I’ll take bets on anyone that doesn’t learn at least ten new things they didn’t know about their privacy rights. Mr. Tynan has taken the proverbial “They” and reduced it to the very organizations that “they” really are. Did you know you can request a copy of your FBI files? Do you know who has the power view it? Do you know who is collecting data on you at this very moment and what they are doing with it?
The book’s format allows for a surprisingly fast read. Well organized sections such as privacy at home, on the Internet, in public, at work, and even on a federal level allow for quick chapter absorption. In each chapter, the author states the annoyance, and then the fix. This allows for quick skipping over an ‘annoyance’ that might not annoy you that much.
I did notice that the author made no mention of the everyday information users give out about themselves without even realizing it, such as usernames that contain birthdates and such. But the Internet privacy chapter is only a small portion of the topics covered in this book. In fact, if I had to find one fault with this book, however, I’d say they lost a much larger audience that could have easily benefited from the book by calling it *Computer* Privacy Annoyances.
As a tech professional, if I could get all my clients, users, friends, family and complete strangers to read this book, I strongly believe identify theft could become a thing of the past. And it might even reduce global blood pressure, too. Bonus!
5 Stars Can’t run, Can’t hide
Much as we don’t want to, privacy is something we all need to think about and protect these days, unless we want to give up our computers and other gadgets and go back to stone tablets. Now we have an easy, funny, understandable guide to protecting ourselves in the online age, and we’d be foolish (and just asking for trouble) to ignore it. Dan Tynan has done all the hard work for us; now we just need to make sure that everyone we know reads this book!
5 Stars Required reading for today’s computerized society…
Privacy? Good luck! Even the slightest misstep on line (or anywhere else, for that matter) can open you up to privacy intrusions that you may not know about. Dan Tynan does a really good job in outlining these areas in Computer Privacy Annoyances. This is pretty much required reading for living in our heavily computerized society.
Contents: Privacy At Risk; Privacy At Home; Privacy On The Net; Privacy At Work; Privacy In Public; Privacy And Uncle Sam; Privacy In The Future; Index
In this Annoyances title, Tynan looks at a wide range of activities and situations that involve a potential unwanted loss of privacy. Using a question and answer format, he effectively shows how seemingly innocent activities (like booking a hotel room or ordering a kosher meal on a flight) can be logged and combined to build a profile of your activities that may not present a very flattering picture of who you are and what you do (and with whom). While there’s the obligatory chapters on spam, online registration sites, and the like, there are also excellent chapters that cover privacy at work (what your employers can and can not do) as well as health record concerns. Things may not be as secure and private as you think they are…
Realistically, there’s already more information out there to be gleaned than you’d probably expect and be comfortable with. But by reading and digesting the contents of this book, you can start to reduce your exposure going forward. Even just the awareness of privacy concerns will start to cause you to question *why* a merchant might want certain information. They may *want* your zip code or phone number, but that doesn’t mean you *have* to give it to them. Even if this book keeps you from making just one mistake that would lead to identity theft, then it’s more than paid for itself. A recommended read…
5 Stars Computer Privacy Annoyances
This book is an eye-opener on privacy invasion, and how it can harm you in countless ways. It is a comprehensive study of the many forms privacy invasion can take, especially as practiced on the Internet, and what you can do to protect yourself. Author Dan Tynan has studied these offensive practices for years, and gives us the benefit of his research and findings. Find out what is going on, and what you can do protect yourself, not only on the internet, but in other aspects of your life as well.
Stealing the Network How to Own an Identity Stealing the Network
Stealing the Network How to Own an Identity Stealing the Network
You Are Who the Computer Says You Are
The first two books in this series, Stealing the Network: How to Own the Box and Stealing the Network: How to Own a Continent, have become classics in the Hacker and Infosec communities because of their chillingly realistic depictions of criminal hacking techniques and strategies. But what happens when the tables turn, and the criminal hackers become the targets of both law enforcement and each other? What happens when they must evade detection by creating new identities and applying their skills to get out fast and vanish into thin air. In Stealing the Network: How to Own an Identity, the hacker crew you’ve grown to both love and hate find themselves on the run, fleeing from both authority and adversary. They must now use their prowess in a way they never expected–to survive…
From the Diary of Robert Knoll, Senior My name, my real name, is Robert Knoll, Senior. No middle name. Most of those who matter right now think of me as Knuth. But I am the man of a thousand faces, the god of infinite forms.
Identity is a precious commodity. In centuries past, those who fancied themselves sorcerers believed that if you knew a being’s true name, you could control that being. Near where I live now, there are shamans who impose similar beliefs on their people. The secret is that if you grant such a man, an agency, this power over yourself through your beliefs or actions, then it is true.
Only recently has this become true in the modern world. The people of the world have granted control of their existence to computers, networks, and databases. You own property if a computer says you do. You can buy a house if a computer says you may. You have money in the bank if a computer says so. Your blood type is what the computer says it is. You are who the computer says you are.
TOC
Part I Evasion
Prologue From the Diary of Robert Knoll, Senior
Chapter 1 In The Beginning
Chapter 2 Sins of the Father
Chapter 3 Saul on the Run
Chapter 4 The Seventh Wave
Chapter 5 Bl@ckTo\/\/3r
Chapter 6 The Java Script Caf
Chapter 7 Death by a Thousand Cuts
Chapter 8 A Really Gullible Genius Makes Amends
Chapter 9 Near Miss
Chapter 10 There’s Something Else
Epilogue: The Chase
Part II Behind the Scenes
Chapter 11 The Conversation
Chapter 12 Social Insecurity
User Ratings and Reviews
4 Stars A good entry into a sometimes difficult subject
This book is a good read for people who are technical, but not information security experts. I see from Amazon that there are other books in the series; I will definitely be reading them soon.
It is a fictionalized account of people (on both sides of the enforcement/criminal side) who are dealing with identity theft and forgery. I would recommend that anyone who has questions about identity theft gives this book a look – it’s definitely opened my eyes.
The technical sections are useful illustrations for those who understand them, but the main thrust of the book is in the concepts applied. Anyone who does not understand the details of the technical approaches would still be able to understand the plot movement and basic areas where they may want to bolster their own identity security.
5 Stars Great continuation of the series
I give it 5 stars because not only is it a great hacker thriller but the use of character names from the 80s movie Real Genius cracks me up. Its like the movie’s sequel.
5 Stars One of the most innovative adn unique books on the mindset of a hacker
This book is hard to put down! It was like looking into a window of the underground world that most people, even those in the Information Security Industry, are unaware exists. The technical aspects in thoe book gave the storyline a credibility that other books lack. The characters were colorful and well developed. The book opened my eyes to the very real threat of identity theft and how identities are “harevsted” and used as currency on the blackmarket by organized crime and malicious entities such as terrorist organizationa. Great read that will not diassapoint you.
4 Stars More fun from the most imaginative security writers on the scene
I reviewed the first Stealing book in May 2003, and the second in September 2004. I liked the two earlier books, and the third book — Stealing the Network: How to 0wn an Identity (STNHT0AI) — is also a fun read. The book is most impressive when it outlines plausible scenarios for identity theft, penetrating wireless networks, and compromising Hushmail. Although some of the writing is rough, I still recommend reading this book.
I’d like to point out a few aspects of the book that hooked my attention. First, Ch 3 explains how to assume a college student’s identity. 1. Steal pre-approved credit card applications from neighborhood mailboxes. 2. Identify a likely target, and find that person’s date of birth and parent’s names using online family tree databases. 3. Buy NetDetective and obtain the target’s SSN. 4. Get a real driver’s license from a thief who stole DMV equipment. 5. Intercept at mail box the credit card applied for in step 1. 6. Apply for a real birth certificate using the credit card obtained in the previous step. 7. Intercept at mail box the real birth certificate mailed to the target’s home. Aside from the SSN acquisition, that scenario is plausible and incredibly scary!
The second scenario that left a lasting impression appears in Ch 8. Jay Beale explains how to compromise and read mail exchanged through Hushmail. The crux of the matter is obtaining control of Hushmail’s DNS servers. At the end of his chapter, Jay notes that Hushmail’s DNS servers were compromised in April 2005. I thought his chapter contained the best mix of story and clear technical explanations found in STNHT0AI.
It is very helpful to have read at least the previous Stealing book prior to STNHT0AI. At times it felt like I was watching the second Back to the Future movie, where Marty sees different aspects of events that took place in the first movie. I was also completely shocked by the hints left at the end of the book, and the abrupt ending left me waiting to resolve the cliffhanger. I look forward to reading Stealing the Network: How to Own a Shadow later this year.
3 Stars How about some proofreaders?
Good story, followed through pretty well from STN:Continent, which I haven’t read in quite some time, so I didn’t really do much cross-referencing, so take that comment for what it’s worth. My two major issues with the book were:
1) Apparent lack of proofing whatsoever. In some cases it appeared that the author had stopped typing mid-sentence and picked up some time later, forgetting what exactly they had said because they had previously stopped typing mid-sentence. (re-read for example) At one point a whole paragraph was in there twice in a row. This sort of thing frazzled me a bit as I was reading it, and took away from the immersion to an extent. Each chapter was written by a different author so this is not a consitant trend through the entire book. There is some good writing in there as well.
2) More story, less technical stuff. This seemed a bit more ‘novel-y’ than the previous books, I kind of didn’t like that aspect of it. That was just me though. Some of it was pretty good though, and a fun read, like the chapter about Knoll Jr. as well as the Blacktower chapter. All-in-all, I’d have to say that I liked the first STN [:box] the best, but that’s just me. The cohesiveness of the story between chapters seemed to be better in this one [Identity] than STN:Continent, though.
Overall I give it three stars because I am a grammar nazi but you might enjoy it more. I recommend it if you’ve read the previous ones.
Steal This Computer Book 3 What They Wont Tell You About the Internet
Steal This Computer Book 3 What They Wont Tell You About the Internet
This offbeat, non-technical book looks at what hackers do, how they do it, and how you can protect yourself. The third edition of this bestseller adopts the same informative, irreverent, and entertaining style that made the first two editions a huge success. Thoroughly updated, this edition also covers rootkits, spyware, web bugs, identity theft, hacktivism, wireless hacking (wardriving), biometrics, and firewalls.
User Ratings and Reviews
3 Stars Not bad
Nutshell review – Not a bad book, fun to read, can learn a few things and worth a read. Listed some good resources but will date quickly in the Internet age.
3 Stars Mildly entertaining and moderately informative.
Upon finishing a book, I always take a moment to reflect on what I’ve learned from the reading of it. Experts/hackers, don’t waste your money. This book is a good primer for the computer-illiterate parent who wants to protect their children, or the new computer owner who wants to keep their machine relatively “safe” from viruses and script kiddies. Professionals will learn nothing new, nor will veteran hackers or even long time computer users. Also, I don’t recommend this book to anyone living in a dictatorship or third world country (for reasons of personal safety).
Wallace Wang’s sense of humor and amusing paranoia kept me from falling asleep on the pages. After all, if the FBI, CIA or NSA is -seriously- after you, I think you have bigger problems than securing your email.
1 Star Couldn’t get past one sentance…
“Hackers are generally lazy but intelligent, which means they don’t like doing something boring that they can program the computer to do for them instead.” and thats as far as I got. It irritates me how someone thinks they have enough knowledge on a subject to write a book, yet blatantly has no understanding of the subculture they pretend to have an expertise in. You can get away with this trashy writing in The Daily Mail, but if you’re trying to educate people then you’re just going to get seen thru straight away.
2 Stars An entertaining read but not much on information.
Definitely a book for beginners, this book is not much more then an introduction to the “dark underside”. It should effectively scare any parents or newbes, but bore anyone who’s been on the net for any amount of time. I’m not very experienced on the subject of security but still this book didn’t have much to offer me. There are a lot of other books out there that provide this information and take it a step or two farther.
The book does present a nice history lesson about hacking and tells about many hacking programs, but most of them are nothing but history themselves. Probably the most informative thing about this book is the web sites it references. It does give you starting blocks to find information you’re interested in but doesn’t do much for providing that information itself.
If your looking for the possible bad things you could encounter on the net this book provides an introduction to them. It’s a good read for someone who only wants the basics. But if you want some more in-depth information don’t waste your time and money.
5 Stars A book for those who want to know the Internet
This is a very interesting book, full of web links, tips and Internet resources. This reminds me of another earlier book on Internet web resources but on different topics. Sharing files seems so harmless, and yet it touches on many aspects of our lives. From downloading the innocent MP3 music, to sharing the pirated software (i.e., warez), to browsing pornographic images, this shows how easy one can cross the line. This is certainly a book for the security professionals who would like to have a better understanding of how the hacking underground works, how the secret trading is done from using newsgroups, IRC chats to how hackers use peer-to-peer file sharing technologies such as eDonkey, Kazza, bit Torrent, to distribute their files/secrets. It is also a book for anyone who simply wants to have an awareness of what is out there.
The book also explains how hacker hides his identity in this digital world. In addition to explaining how these technologies can be used, the author also provides suggestions for readers how to protect their systems from having worm, and/or virus attacks. The author also provides a list of freeware for anti-virus protection for those who cannot afford to buy, as well as providing alterative open software for office and photoshops utilities. Lastly, the author talks about copyright laws and what the future holds, giving his opinion on whether how we could adapt to the file sharing technologies. All in all, this is a very informative book. It certainly is an eye-opener.
