Category: Information Security

Book Review: Darkmarket. How Hackers Became the New Mafia


By Misha Glenny, Vintage, 2012 It seems like we hear about some incredibly brazen breach of computer security every week. Still, I tend to think of these events as anomalies, the work of rogue hackers and the like. I never really understood just how organized so much of this criminality was. After reading Misha Glenny’s

REVIEW: The Reader of Gentlemen’s Mail. Herbert O. Yardley and the Birth of American Intelligence


By David Kahn. New Haven, CT: Yale University Press, 2004. 242 pages Few authors have so successfully mined the history of codebreaking. In Kahn's latest book, he explores the life and times of Herbert Yardley, one of the forgotten figures of U.S. intelligence. Yardley's achievements had less to do with his talents as a cryptanalyst,

Review: Hack the Stack: Using Snort and Ethereal to Master the 8 Layers of an Insecure Network


by Michael Gregg (principal author), Stephen Watkins, George Mays, Chris Ries, Ron Bandes, Brandon Franklin Pages: 442 pages Publisher: Syngress ___________________________________________________________________ Like many books with multiple authors, it's a mixed blessing. I would also like to suggest to Syngress that they hire an editor. This book would have benefited from a stricter hand. It would

REVIEW: Spies Among Us How to Stop the Spies, Terrorists, Hackers, and Criminals


by Ira Winkler 2005, 0-7645-8468-5, U$27.50/C$38.99/UK#16.99 Ira Winkler 5353 Dundas Street West, 4th Floor, Etobicoke, ON   M9B 6H8  2005 0-7645-8468-5 John Wiley & Sons, Inc. 416-236-4433 fax: 416-236-4448 _________________________________________________________________________________________________ Ira Winkler's "Spies Among Us" finally cleared my head on the subject of … oooh, so horrible … " cyberterrorism." Intuitively, when you read about "cyberterrorism" you instantly

REVIEW: Secrets of Computer Espionage


by Joel McNamara.  John Wiley & Sons, Inc.  362 p. ________________________________________________________________________ I suppose one might be able to make a case that this book is about computer espionage, but the contents are hardly secret. The fact that the introduction is decidedly vague about the audience–anyone concerned that someone might want to spy on their data–would

REVIEW: Biometrics for Network Security


by Paul Reid.  Prentice Hall  252 p. _____________________________________________________________________________________ In the preface, Reid presents biometrics as the cure for all network security ills. Given his employment, with a company that sells biometric systems, this enthusiasm is understandable, if not totally compelling. Part one deals with introduction and background. Chapter one is the introduction–mostly to the book.

REVIEW: Information Warfare and Security


by Dorothy Denning. Addison-Wesley Publishing Co. 522 p. ______________________________________________________________________________________________________ Denning has chosen to take an inclusive approach to the topic of information warfare, not limiting the material to attacks on "military" targets. Given the state of physical warfare, this seems to be quite realistic. It does mean that the book tends to read like a

REVIEW: Information Security Policies, Procedures, and Standards


by Thomas R. Peltier, Auerbach Publications. 297 p. ____________________________________________________________________________________________ Chapter one provides vague meanderings about information protection fundamentals. The author's opinion about how to write is given in chapter two. In the ultimate triumph of style over substance, this drafting advice is given before any examination of actual policy development. Chapter three defines policy and

REVIEW: Cryptography Decrypted


by H. X. Mel/Doris Baker, 2001, Addison-Wesley Publishing Co. , 352 p. ______________________________________________________________________________________________________________________________ The book seems to be rather ambitious, since the preface says that it is addressed to any (and therefore all) audience(s), without any limitation on the stated purpose. In general, it is an attempt to portray the basic concepts of cryptography, without

Review: Handbook of Applied Cryptography


by Alfred J. Menezes, Paul C. van Oorschot, Scott A. Vanstone. CRC Press ___________________________________________________________________________________________________________________________ The Scenario CRC Press has been building a series of books on discrete mathematics and its applications. Doug Stinson wrote the theory book on cryptography (Cryptography: Theory and Practice (ISBN: 0-8493-8521-0, if you don't like this book you'll vomit when you

REVIEW: A Practical Guide to Managing Information Security


by Steve Purser, 2004, (Artech House Technology Management Library) Artech House, Inc. Norwood, MA, USA ©2004 – ISBN:1580537022 ____________________________________________________________________ After years of reviewing security books there were a number of red warning flags in the preface: the perception that a book was needed to address the "entire" subject of security, an insistence on a "pragmatic"

REVIEW: Internet Cryptography


by Richard E. Smith, Publisher: Addison-Wesley Professional, Copyright 1997 _______________________________________________________________ According to the preface, this book is aimed at non-specialists who need to know just enough about cryptography to make informed technical decisions. As an example, Smith suggests systems administrators and managers who, while not formally charged with security, still have to use cryptographic techniques

REVIEW: Practical Cryptography


by Bruce Schneier/Niels Ferguson. Wiley, Apr 3, 2003 – 410 pages ___________________________________________________________________________________________   The preface points out that cryptography has done more harm than good in terms of securing information systems, not because cryptography fails in and of itself, but, rather, due to the improper use or implementation of the technology.  This book is intended

Review: The New School of Information Security


by Adam Shostack and Andrew Stewart. Publisher: Addison-Wesley Professional, March 26, 2008, Pages in Print Edition: 288 _______________________________________________________________________________________________________________________________________ Hi everyone and welcome to another post in my favourite blog entry category: Book Reviews. I'm happy to announce that for the first time ever I have actually managed to read a book and write a review

REVIEW: Brute Force: Cracking the Data Encryption Standard

brute force

By Matt Curtin Springer, 2005 ISBN: 0387201092   Reviewed by Ben Rothke ____________________________________________________________ Brute Force: Cracking the Data Encryption Standard is the story of the life and death of DES (data encryption standard). In the early 1970s, the U.S. government put out an open call for a new, stronger encryption algorithm that would be made

REVIEW: Malicious Cryptography: Exposing Cryptovirology


  by Adam L. Young/Moti Yung, John Wiley & Sons, Inc. 2004 ___________________________________________________________________________________ Both the foreword and the introduction are turgid, and bloated with excessive verbiage, while never giving a clear indication of what the book is actually about.  Does it have to do with viruses at all?  Is it about the use of cryptography

REVIEW: Modern Cryptography: Theory and Practice


by Wenbo Mao, 2004, 0-13-066943-1, U$54.99/C$82.99 ___________________________________________________________________________________________________________   A "Short Description of the Book" states that it is intended to address the issue of whether various crypto algorithms are "practical," as opposed to just theoretically strong.  This seems odd, since no algorithm is ready for implementation as such: it must be made part of a

REVIEW: Cryptography and Network Security: Principles and Practice. 2nd edition


by William Stallings. Prentice Hall. 1999. 569 pages. Appendix, glossary, bibliography, index. $73.00 ISBN 0-13-869017-0 LoC TK5105.59.S713 reviewed by Bob Bruen —————————————————————————————————————————————————————– This textbook is a second edition of Network and Internetwork Security: Principles and Practice (1995) which was reviewed here just about three years ago. This edition is a substantial update of the first