Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[CISSP-D] REVIEW: "Steal This Computer Book 4.0", Wallace Wang

from [Rob, grandpa of Ryan, Trevor, Devon & Hannah] Network Security [Permanent Link]
Subject: [CISSP-D] REVIEW: "Steal This Computer Book 4.0", Wallace Wang
Date: Thu, 21 Sep 2006 14:04:23 -0800 
BKSTLTCB.RVW   20060819

"Steal This Computer Book 4.0", Wallace Wang, 2006, 1-59327-105-0,
U$29.95/C$38.95
%A   Wallace Wang bothecat@prodigy.net
%C   555 De Haro Street, Suite 250, San Francisco, CA   94107
%D   2006
%G   1-59327-105-0
%I   No Starch Press
%O   U$29.95/C$38.95 415-863-9900 fax 415-863-9950 info@nostarch.com
%O  http://www.amazon.com/exec/obidos/ASIN/1593271050/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/1593271050/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/1593271050/robsladesin03-20
%O   Audience n- Tech 1 Writing 1 (see revfaq.htm for explanation)
%P   361 p. + CD-ROM
%T   "Steal This Computer Book 4.0: What They Won't Tell You About the
      Internet"

This book is still being promoted as a security text.  The table of
contents lists a bewildering variety of topics, most related to
security breaking.  The introduction doesn't really provide much
information about what the book is about, either, except that it
appears to be big on self-improvement.  It seems to imply that the
book isn't meant as a how-to manual for hacking, but more as a
philosophical statement urging people to think for themselves.  In
response, all that I can say is that neither the promotion of the book
nor the text itself stresses this intention, and I personally cannot
find any utility in the volume for teaching critical thinking skills.

Part one is supposed to be a historical look at "hackers."  Chapter
one says that curiosity is good, and the US government did very bad
things to some of its own people.  Phone phreaking stories are in
chapter two.  Chapter three provides random information about social
engineering (aka "lying") and locks.

Part two turns to early (PC era) computers.  Chapter four tells you
how to write an ANSI bomb (be still my beating heart), and retails
haphazard (old) information about (old) viruses.  Stories about
trojans and misinformation about worms is in chapter five, while tales
of software copyright are in six.

Part three moves to the Internet.  Chapter seven tells you where to
find "hackers," and tries to confuse the distinction between whitehat
and blackhat.  Port scanning and wardriving get an overview in chapter
eight.  Nine lists a few password attacks.  Minimal material on
rootkits makes up chapter ten.  Chapter eleven starts with a
discussion of filtering and DNS (Domain Name Service) poisoning, and
then lists some examples of censorship.  Chapter twelve takes a quick
peek at file sharing networks, without much review of the technology.

Part four looks into "real world" hackers.  Just what this might be is
not clear, but might be intimated by the fact that chapter thirteen
lists Internet frauds.  Fourteen gets into cyberstalking and gathering
information about individuals online.  The fact that corporate news
sources have been caught faking "news" photographs and other items is
used, in chapter fifteen, to suggest that blogs are a better source of
news.  Various hacktivist activities are described in chapter sixteen. 
Chapter seventeen lists some online hate activities.

I am afraid to say that I agree with Wang on part five: the future of
online malicious activity will increasingly involve profit.  Chapter
eighteen looks at identity theft and spam.  Web advertising, mostly of
the pop-up type, is in nineteen.  Chapter twenty reviews spyware.

Part six purportedly provides information about protection.  Chapter
twenty-one suggests how to save money via the Internet (without really
emphasizing the fact that you have to be pretty careful pursuing that
objective).  Chapter twenty-two notes a few things about forensics and
mentions ways to get rid of some information automatically stored in
your computer.  Hardening your computer is a good idea, but the
content of chapter twenty-three is unreliable: it is unlikely to help
secure your computer, and may end up damaging it.

Bottom line?  This book is unfocused in conception and hasty in
execution.  Yes, it is aimed at a technically unsophisticated
audience, but yelling "hey, watch out" is unlikely to be of help to
anyone.  (One suspects that it would be appropriate for this book to
have a "code orange" cover.)  On the one hand, it does not provide the
esoteric information that both the author and publisher promise, so it
isn't any threat.  On the other hand, the author demonstrates no
particular technical skill or knowledge on any topic, so it hasn't any
other value, either.  This random collection of information may
provoke some thought in non-technical computer users, but browsing of
the net for yourself is probably much, much more useful in that
regard.  This edition is much more technically focused than the first
edition, but no more useful.

copyright Robert M. Slade, 1998, 2006   BKSTLTCB.RVW   20060819


======================  (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca     slade@victoria.tc.ca     rslade@computercrime.org
There is nothing in this world constant but inconstancy.     - Swift
Dictionary of Information Security  www.syngress.com/catalog/?pid=4150
http://victoria.tc.ca/techrev/rms.htm


 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> Your email settings:
    Individual Email | Traditional

<*> To change settings online go to:
    http://groups.yahoo.com/group/CISSP-Discuss/join
    (Yahoo! ID required)

<*> To change settings via email:
    mailto:CISSP-Discuss-digest@yahoogroups.com 
    mailto:CISSP-Discuss-fullfeatured@yahoogroups.com

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [CISSP-D] REVIEW: "Steal This Computer Book 4.0", Wallace Wang, Rob, grandpa of Ryan, Trevor, Devon & Hannah <=
Previous by Date:  [CISSP-D] Chennai Meet for CISSP aspirants, pp_anandh
Next by Date:  [CISSP-D] How often are there examinations in Milan, Italy?, Dionisio Zumerle
Previous by Thread:  [CISSP-D] Chennai Meet for CISSP aspirants, pp_anandh
Next by Thread:  [CISSP-D] How often are there examinations in Milan, Italy?, Dionisio Zumerle
Indexes:  [Date] [Thread] [Top] [All Lists]