3 comments about Computer Forensics and Cyber Crime: An Introduction.

1. This would have been a superb book if it had been published in 2001 or so. Coverage is wide and quite detailed -- unfortunately, it appears the research for the book was done in 2000 (that's the publication date of the msot recent references in the bibliography)and a lot of things have changed since then.
   The chapters on case law and the actual process of collecting and analyzing evidence are excellent and serve to whet our appetite for an up-to-date book with that kind of detailed coverage.
   Insofar as many of the best principles in evidence collection and anlysis are the old ones, this book is quite useful but it is certainly not a state of current practice presentation.



2. "Computer Forensics and Cyber Crime," written by Marjie T. Britz and, publish by Pearson Education Inc., seems to be a very well balance book, why? It just took me few minutes, between reading the introductory notes and "browsing" to its chapters, to understand that this book is well sequenced and organized.
   
   This author explains in rather a pleasant way this subject and gradually internalizes the students by attracting them to a more extensive regions of Computer forensics, as it is data analysis, reporting or computer investigations.
   
   This is an important and interesting field, that is capturing the
   attention of many professionals and envolves many disciplines, I just read the other day in one of those infamous blogs, "Computer Archeologists are using new and powerful computer forensics tools to examine and gain understanding of 'lifted data' that apparently was written 25 years ago." Nevertheless, this author seems to have made all the efforts to bring comprehensiveness by illuminating fundamental relationships,** not only between computer history and cyber crime, if not among many issues surrounding the applications of the fourth amendment and the understanding of the limits of government decency.
   
   The management of these seemingly intricate relationships is crucial for our immediate future, as a nation, experiencing a yet unexplored global economy which is using extensively and intensively the eCommerce over intranets, internets and the Internet, and as a nation, which some how needs to preserve the individual freedoms and leadership that rightly so, has been acquired through all its years of existence, with hard work, determination and within the framework of its fundamental democratic values.
   
   The author closes this book by looking at the world's future issues with respect to cyber crime and even gives us routes by which we could answers most of the urgent and pressing dilemmas of our digital epoch. Do you want to know the answer, well read the book yourself and find out what this book offers.
   
   In conclusion, this book is readable, manages and balances many aspects of this new subject, besides it seems as a good starting point and a splendid reference, from which any student can continue to build their expertise on computer forensics and Cyber crime.
   
   ** [even the use of technology to commit crimes is well referenced by this book, I observed a photograph of Bonnie and Clyde, who used then the recently invented automobile for outsmart the police of their times, p.
   31]



3. This particular book by Britz, is but one more example of her commitment to detail in all of her works. Like her previous books, this book is both readable and comprehensive. It is one that I myself have adopted in my computer crime course, and I am anxiously awaiting the second edition. The chapters on the legal issues and the history of computer crime are unparalleled in the extant literature. More succinctly, the greatest strength of the book is its' sheer readibility. Designed for undergraduates, this particular text is a must read for any beginner interested in computer crime and computer investigations. Unlike other books in the field which prove to be far too advanced for novices, Britz's book allows even the most unsophisticated reader to appreciate and understand the problems associated with the investigation of computer crime, as well as recognize emerging trends in this area. Please, please, provide a second edition as soon as possible!!

5 comments about Investigative Data Mining for Security and Criminal Detection, First Edition.

1. I read "Investigative Data Mining for Security and Criminal Detection" (IDM) after attending the 2003 Recent Advances in Intrusion Detection (RAID) conference. Researchers at RAID mentioned "self-organizing maps," "neural networks," "machine learning," and other unfamiliar topics. Mena's book helped me understand these subjects in the context of performing data mining. If you steer clear of the author's discussion of intrusion detection in chapter 10, you'll find IDM enlightening and a little scary.
   
   Author Jesus Mena defines investigative data mining as "the visualization, organization, sorting, clustering, segmenting, and predicting of criminal behavior" (p.1). His book strays from this definition, as he also covers simply discovering patterns of activity for responding to events. Accomplishing this task requires investigative data warehousing, link analysis, software agents, text mining, neural networks, and machine learning. Mena addresses each technique in its own chapter, offering descriptions, case studies, and tools. Two types of data mining analysis exist: descriptive, such as a chart, graph, or decision tree; and predictive, obtained via neural networks and machine learning (p.261). Mena also describes mining via "top-down" vs "bottom-up" approaches. The first involves an analyst exploring data to support his theories. The second relies on software to find patterns in data not imagined by a human analyst (p.343).
   
   Mena is most effective when he writes about what he knows best. I loved chapter 9, where he explains cell phone, insurance, and financial frauds. Much of what he wrote applied directly to my interest in network security monitoring and intrusion detection. Chapter 10 (Intrusion Detection), however, is best ignored. Mena does not appear to understand computer security, and neither do his editors. He calls Snort a "freeware site-based system IDS," in contrast with "network-based IDSs such as RealSecure" (p.306). He labels tcpdump an "attack" tool and says "this is utility for eavesdropping for passwords" (his typos) (p.307) and describes "rhosts" in a "stealth" attack phase as "this utility will evaluate hosts and lists hosts and users who are trusted by the local host" (p.308). Mena isn't a "security guy," either; he lumps "threats and vulnerabilities" together as "weaknesses or flaws in a system, such as a hole in security or a back door" (p.14). A threat is one or more entities with capabilities and intentions sufficient to exploit vulnerabilities in information resources, while a vulnerability is a weakness in design, configuration, or deployment which allow threats to abuse, subvert, or break information resources.
   
   Overall, I really enjoyed IDM. Mena makes numerous fascinating insights. While his prose is somewhat repetitive, he explains the key points needed to get data mining newbies up to speed. In light of the recent revelations of jetBlue sharing data with the government, the techniques Mena describes are both powerful and disturbing.



2. Are you interested in IDS's?
   
   If yes, perhaps you may already know that there are two main kinds of IDS's: based on "known bad behavior or abuse" or based on "behavior deviation".
   
   The first kind is very well known after several popular implementations like SNORT.On the plus side they are not prone to "false positives" but, however,on the minus side they are almost useless with new forms of attacks.
   
   The second kind, in turn, is very prone to false positives and not yet well implemented, but eventually can handle quite well unexpected or new forms of attacks.
   
   If you are interested in this second type of IDS's then "Investigative Data Mining for Security and Criminal Detection" is a MUST.
   
   From basic definitions to a case study, you are leaded through a wonderful tour that includes among others:
   
   Intelligent Agents
   Text Mining
   Neural Networks
   Machine Learning
   Criminal Patterns
   Intrusion Detection
   
   So, if you are just casually interested in "behavior deviation" based IDS's or a true researcher in related areas, this book undoubtedly will be useful and of great help.



3. I was very excited when I bought the book, but was somewhat disappointed. The reason for that is the book is very light on details and tends to talk about things rather then on how things are done and how they work. The book does cover some tools but with no connection to concepts and with few details on how the tools do what they do. It does contain a lot of interesting material and s generally well written.

   Of the most interest to me was the intrusion detection chapter, but in addition to a well-known facts on IDS technology it provided few details on how exactly data mining helps. MITRE case study seems to mostly hint at things rather then show how they were done in this project. I did pick up some ideas from it.

   Anton Chuvakin, Ph.D., GCIA, GCIH is a Senior Security Analyst with a major information security company. His areas of infosec expertise include intrusion detection, UNIX security, forensics, honeypots, etc. In his spare time, he maintains his security portal info-secure.org




4. It's the second book of Jesus Mena that I read. The subject of this new one is a little bit opportunistic in the world and US actuality. The book is a sort of general presentation of applications in fraud investigation in terms of models, tools and usages. Of course to build such models the book is not enough detailed to do it but all the elements are given to you to go deeper in the subject. In cas this book is to read absolutly.



5. This easy to read book is about the prevention of crime using Advanced Data Mining technologies, tools and techniques. The book explains in plain English the technologies, how they work and how they can be used to prevent crime or terrorism. The audience can be anybody interested in the prevention of crime or terrorism such as security specialist, law enforcement, intelligence agents, fraud investigators and public in general since no intricate math is involved. White House's national strategy for homeland security involves Data Mining.
   
   There is a huge amount of disperse information that needs to be gathered, integrated and analyzed. Data mining can assist analysts in sorting through hundreds of thousands of records and can help investigator to reach conclusions in less time. This amazing book covers the latest data mining technologies including Data Integration, Link Analysis, Software Agents, Text Mining, Neural Networks and Machine Learning. Throughout the book there are many case studies, references and Web links to illustrate real world applications of Data Mining. This is a excellent reference book.

5 comments about Malware: Fighting Malicious Code (The Radia Perlman Series in Computer Networking and Security).

1. One of the most comprehensive books I've seen lately on malware is the title Malware: Fighting Malicious Code by Ed Skoudis with Lenny Zeltser (Prentice Hall).
   
   Chapter list: Introduction; Viruses; Worms; Malicious Mobile Code; Backdoors; Trojan Horses; User-Mode Rootkits; Kernal-Mode Rootkits; Going Deeper; Scenarios; Malware Analysis; Conclusion; Index
   
   In each of these chapters, the authors give a brief history of that malware type, an in-depth explanation as to how they work, and complete coverage on how you can help prevent getting damaged by it. Each chapter wraps up with a conclusion, a summary, and the list of references for the chapter. For readers looking to find detailed information, they won't be disappointed. For readers looking at receiving their first exposure to the material, the writing style is easy to follow and doesn't overwhelm.
   
   I personally enjoyed the chapters on Malware Analysis and Scenarios. The Analysis chapter gives you an excellent outline for setting up a malware analysis lab. You'll learn how to set up the hardware, protect yourself against leakage to other networks, and what software is needed to do your analysis. Following this outline, you'll be well-prepared to track down bugs like a pro. The Scenario chapter is also excellent. The authors set up three malware scenarios with actual people and configurations, and show how certain choices and mistakes can lead to disaster. There's lots of good learning material here.
   
   Great book, excellent material, and a definite must for your security bookshelf.



2. This book provides the best review of malicious software that is presently available. If you need a comprehensive reference then this is the book for you. The author is a well-known and respected security analyst and this book provides solid information at a level suitable for the system administrator. Unlike so many books of this type, it is not a camouflaged endorsement of some vendor's products or a simplistic and alarmist text.
   
   Topics covered include:
   - viruses, with a brief history and description of the various types and their mechanisms;
   - worms, again with a brief history and description of the various types and their mechanisms;
   - mobile code, including browser scripts, ActiveX controls, Java applets and mobile code as it occurs in email clients and distributed applications. Given the increasing amount of mobile code, this is particularly valuable;
   - backdoors, particularly Netcat and VNC but covering some others as well;
   - trojans inlcuding wrappers, source poisoning and browser co-option;
   - rootkits for Unix andWindows;
   - kernel-mode rotkits for linux and Windows;
   - possible modes, including BIOS and microcode attacks.
   
   "Encyclopediac" is the only description I can give, but be warned that it's not for the general reader, or for newbies.



3. I am fortunate to have an autographed copy from when Mr. Skoudis taught a SANS class I attended; and have had to take a lot of time getting it read in the meantime. This is the book that I would recommend to anyone that would learn the workings of worm, virus, trojan horse and other malware - not how to write them, but how to understand and deal with them. The information on setting up a lab to examine these critters is a good start for those wanting to understand attacks - but like other reviewers have said, this book is not for one without a grounding in computer security.



4. This is a good book. Ed has become a master in this filed and he put tons of good stuff in the book.



5. Great book explaining all the different types of malware out there. Skoudis helps to understand the technical details of each malware type without going into too much detail. The links provided, altough a few years old, are all still relevant.

3 comments about Windows Forensics: The Field Guide for Corporate Computer Investigations.

1. Just read through my copy of this book. I do Cisco work as a CCSE and SANS certified network security specialist, but have been called on to do some investigations at work as the resident "security geek".
   I read Brian Carrier's book on file system forensics, which is much deeper into data structures and is a very good book, but this book gives a better holistic look at investigations. We run a mostly Windows shop, and I'm happy to see a book that doesn't just cover Unix stuff. I want to pick up Windows Forensics and Incident Recovery next and see how they compare.
   
   Definitely recomment!



2. I have to say, like the next geek, I get frustrated by the lack of Linux/Unix use on the desktops of the corporate world; however, the fact is that Windows desktops outnumber Linux/Unix desktops by way more than 100:1. For this reason, it has been very frustrating to me that so many security books focus on Linux/Unix. I don't care if it's the best platform (though I agree); it's not the most common and we need tools on and for Windows.
   
   This book tells you how Windows file systems work and how to perform forensic analysis on these systems. However, it's more than this - it is a great all around book on forensics analysis and the computer crime investigation process. I highly recommend this resource.
   
   Tom Carpenter - Author: CWSP Certification Official Study Guide



3. I decided to read and review three digital forensics books in order to gauge their strengths and weaknesses: "File System Forensic Analysis" (FSFA) by Brian Carrier, "Windows Forensics" (WF) by Chad Steel, and "EnCase Computer Forensics" (ECF) by Steve Bunting and William Wei. All three books contain the word "forensics" in the title, but they are very different. If you want authoritative and deeply technical guidance on understanding file systems, read FSFA. If you want to focus on understanding Windows from an investigator's standpoint, read WA. If you want to know more about EnCase (and are willing to tolerate or ignore information about forensics itself), read ECF.
   
   In the spirit of full disclosure I should mention I am co-author of a forensics book ("Real Digital Forensics") and Brian Carrier cites my book "The Tao of Network Security Monitoring" on p 10. I tried to not let those facts sway my reviews.
   
   WF is a great guide to forensic investigation of Windows. By this I mean WF presents Windows from the perspective of the important directories, files, and registry entries that help an analyst discover malfeasance. WF also covers some of the core applications one would expect to review during host-based forensics, like email, Web browsing history, and P2P application usage. I expected coverage of popular Windows application formats relevant to investigations, like .doc, .ppt, and .xls, but those were missing.
   
   WF addresses the core operational aspects of host-centric forensics, like forming a team and acquiring evidence from live and dead targets. I did not think these sections were as good as material from what I consider the book best suited for all-around hands-on forensic use -- "Incident Response: Computer Forensics, 2nd Ed" by Mandia, Prosise, and Pepe. Live response is one area where I thought WF didn't shine too brightly. I did like the frequent mini-case studies which shared stories from the author's investigative experiences.
   
   A few other aspects of WF resulted in me offering a four star review. I thought the discussion of "vampire taps" on p 157 revealed a real lack of contact with modern network monitoring methods. I don't know anyone who uses or recommends such a contraption in an era of network taps. I continue to question the need to build so-called "sniffing cables," especially when proper interface configuration serves the same purpose. Furthermore, a remotely managed sensor will not be able to hide its traffic on the network anyway, so savvy intruders can usually find them (unless a completely separate management network is run out-of-band). "Chapter 7" was also way too short -- 2 pages!
   
   Although I liked the case studies, I thought there were far too many "gray box" entries. These contain useful hints, but their frequent appearance sometimes interrupted flow of the book. This indicates a need for better organization. Finally, I felt the recent Syngress book "Winternals" did a decent job explaining how to analyze malware, rootkits, and rogue processes on Windows. WF didn't explore this key aspect of Windows incident response.
   
   Overall, however, I would recommend reading WF if you need to understand data sources from Windows systems. I suggest concentrating on the sections that explain where you'll find quality information on Windows, and rely on other sources for generic forensics guidance. I could see readers using WF as a primer for learning about key Windows artifacts, then searching for them in the image files in "Real Digital Forensics."

5 comments about Photoshop CS3 for Forensics Professionals: A Complete Digital Imaging Course for Investigators.

1. Great resource! Is there another in the offing?
   
   This book both improved my workflow and my abilities to enhance images. The pratical exercises hit home the finer points.
   
   I would compare this book to a "Forensic Photoshop" course costing much more, well done!



2. A lot of work went into this book and it shows. So many of us in this profession are so overwhelmed with casework that we don't have time to publish. I am glad that George found the time to get this out to everyone. Hopefully, this will inspire others to get their ideas in print and help to convince the publishing community that there IS a market for this material.
   Great job George!
   Cheers,
   Jim Hoerricks
   [...]



3. As a former Forensic Video Analyst for a law enforcement agency, I can attest that not only is this the most thorough and easy to understand FVA "Course" book that I have ever read and gained the most from, the author is one of the top Forensic Video Analysts in the country, and even the world.
   Any one who is interested in this profession, law enforcement and private, must have this book. Even if you already are an FVA professional, this book is an excellant reference source.



4. Part 1, "The Essentials", is comprised of six chapters. The first two chapters are not specific to Photoshop, and are a must read for anyone interested or involved in the use of digital images within a legal setting. The remaining four chapters provide an important foundation for analysts and investigators using Photoshop.
   
   Part 2, "The Digital Darkroom", and Part 3, "Image Analysis and Enhancement", are detailed instructions regarding Photoshop's settings, filters, and the multitude of related processes to achieve optimum imaging results. Included with the book is a CD-ROM contianing sample images to work with when going through the tutorials, as well as some free scripts and trial plugin's.
   
   I've been using Photoshop for several years now in my Forensic Video workflow, as well as personally for Graphic and Web design projects. This book has already proven to be the single most valuable reference for me pertaining to the use of Photoshop in either setting. It's also probably the smartest investment I've made in quite some time.



5. Photoshop CS3 for Forensic Professionals is by far the most informative course book for photoshop users. As a college student working towards a criminal justice degree with a concentration in criminal investigations, I highly recommend this book for any professional or student that needs to improve their digital imaging skills. The instructions are easy to understand and the step by step instructions on the companion CD are detailed. After reading Photoshop CS3 for Forensic Professionals and taking the CD course I can honestly say that my imaging skills have been greatly enhanced. This book is an excellent student resource and an invaluable tool for the forensic professional.

5 comments about Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day.

1. This book was somewhat of a let down. I was expecting a great follow up from Winkler's book, "Corporate Espionage." This book was, more or less, a partial retelling of that book. In fact, if you own CE, I would say don't get this one. I rate it a three because it is from Ira Winkler, and by itself it is a good book, but not that good if you already own CE.



2. If you already own Corporate Espionage, save your money. If you don't own Corporate Espionage, buy it instead of Spies Among Us. Large sections of this book seem to be copied and pasted from Corporate Espionage (literally), with the exception of the case studies. Except instead of the eight case studies covering 130 pages that were in Corporate Espionage, this book has only six case studies covering less than 75 pages. This is inexplicable considering that Mr. Winkler repeats several times throughout the book how highly regarded the case studies were in his previous work... so this time instead of giving us more he gives us less. I guess he needed those pages to talk about how he steals billions of dollars from companies every day (I think he repeats this several times, although since he couldn't come up with any additional case studies I wonder if he hasn't spent the intervening years talking about it rather than doing it). We also gain a chapter on "Crimes Against Individuals" which is so clearly out of place in a book that is essentially on corporate espionage, that I'm not sure how the editors didn't cut it. I half way suspect that they asked him to include it, in which case I'm not sure why he didn't object. Either way someone should have axed it. Needless to say I was disappointed in this sophomore effort from Mr. Winkler, since his first book is one of my favorites. If you absolutely can't find a copy of Corporate Espionage, this book is probably worth 4 stars... but in comparison I can only give it two. To put this review in perspective, I'm a Sr. Information Security Analyst for a Fortune 50 company, protecting billions of dollars worth of information every day.



3. In Spies Among Us, author Ira Winkler continues his unique knack for writing on deeply serious topics using his characteristic light and very readable style. This is what makes Winkler different and results in most readers either loving or hating his books. I count myself among the former group. As a long-time security professional, I consider Ira Winkler's work refreshing and informative.
   Throughout the book, Winkler restates some of his pet phrases from his earlier books; but that is simply an indication that he has some very important points to make. What is new in Spies Among Us is the very relevant theme: "Relax - it's not terrorism...but does that really mean it's okay?" Winkler effectively uses this theme to demonstrate that public perception has changed since the terrorist attacks of September 11, 2001. Whenever a large scale incident occurs (e.g., a power outage, computer virus, plane crash, etc.), our first thought now is "terrorist attack." Once we learn that the incident was not terrorist-related, we seem to breathe a collective sigh of relief and say "oh good...no big deal." However, large-scale non-terrorist-related attacks are far more likely to affect our everyday lives - and affect us in a big way, if we are not properly prepared for them.
   Everything from industrial espionage to natural disasters, from malicious computer attacks to major accidents, and from the identity theft epidemic to Internet scams can have a significant impact on our assets - as individuals, corporations, communities or government entities. We must not dismiss threats simply because they are not terrorist threats.
   Through real-world case studies, examples and experiences, Winkler walks the reader through questions such as "who are the adversaries," "how do they target us," and "what can we do about it?" Chapter 13, the final chapter, is appropriately titled: "Taking Action." As the author implies, all the knowledge in the world about threats, vulnerabilities and available protective measures is useless unless you do something about it. In the closing chapter, Winkler lays out a practical starting point for developing a common sense approach to protecting critical assets.
   Like most of Winkler's previous books, Spies Among Us strikes a perfect balance between a traditional security book (practical and useful, but also dry and tedious) and a spy novel (exciting, interesting and fast-paced, but not "real"). This book is the real thing and is packed with information that will appeal to a wide ranging audience - from security pros to novices, to people who simply want to enjoy an interesting read.
   One of the things I respect most about Winkler is that he is one of the very few IT Security experts around the world who truly appreciates the full spectrum of comprehensive security risk management. He doesn't demonstrate the typical tunnel vision of IT Security types who view the entire universe through the eyes of a network connection and believe that the only valid solutions are techie solutions. Winkler takes a "big picture" approach that truly results in effective risk-based assets protection - not just a "feel good" solution. In my opinion, Spies Among Us is clearly another winner from the pen of Ira Winkler, a true professional who knows what he's talking about.



4. I'm an information security professional - I read Ira Winkler because he knows what's what - but I am very annoyed at the editors for choosing such a stupid subtitle. I don't mind "Spies Among Us" by itself, because any InfoSec professional knows that the real spies are among us, but the rest ... garbage.
   
   That being said, I think Ira Winkler has the capability to open anyone's eyes if they simply allow it to happen. This book presents good examples (case studies) that any IT manager or CIO can understand. That's so important these days because managers and CIOs are often hired for some reasons other than their in-depth IT knowledge. When we work for these people, it's important that they see the simplicity of problems that can destroy any security program built by the best and most knowledgable InfoSec pro. This book isn't written for me. It's written for the non-professional, which is a perfect target audience to write in favor of.
   
   Winkler also presents the reader with information about differences between the mindsets of people from different countries. That was something that I was not precisely thinking about since most of my clients and their critical people are "local" to the United States; still, it's important to know and remember when dealing with and protecting against International themes of people.
   
   Folks, if you're looking for cyberterrorism and how it works, avoid this book like the plague; however, if you want to get an eye opening view of protecting your information and your infrastructure, look closely and remember what you read.



5. Good work!!!!
   
   And from a REAL LIFE perspective... that anyone can grasp.

5 comments about Hackers: Heroes of the Computer Revolution.

1. SL does a fine job of charting the early history of hacking at MIT and Stanford and beyond. As a member of the 3rd-generation-of-hackers generation (though, regretfully, not a hacker myself), I remember well the first personal computers and computer game systems, and the passion of friends and classmates of mine who were among the first to own and cut their programming teeth on them. It's amazing to think how far computers have come in my lifetime, a true technological revolution. SL's book reminds us not only how very near the beginnings of personal computing history we are, but how very far we've drifted from the intellectual and social ideals that marked those beginnings. What a shame that the Hacker utopias Levy describes are no more, and that computers and computing, today, are so enchained to commerce (granted that there are of course many extraordinary applications of computer technology, today, and many more to expect in the future, as well). I can only imagine how disappointed the Greenblatts, Nelsons, Felsensteins, etc., of yesteryear must be. The passing of the Hacker age -- if, indeed, it has passed -- is no less than the passing of a culture, as Richard ("last of the Hackers") Stallman laments. Reading Hackers, especially the opening chapters about the MIT AI-lab hacking community, I found myself wishing that I, too, had been 'present at the creation' and blessed with enormous hacking talent. SL's book is a long trip down many others' very pleasant -- in equal parts exciting and frustrating -- memory lane. As later chapters explore the computer gaming scene, and subsequent generations of hackerism, the subject-matter of Hackers becomes less compelling, and the writing a bit tiresome. I could, for instance, have done without SL's incessant harping on the social akwardnesses and missed sexual gambits of the gamers he profiles, material that reads sophomorically in the extreme. This aside, Hackers is an entertaining and informative piece of sociological journalism. FYI, "Artificial Life", by the same author, is a far better written first-rate piece of science journalism. Hackers is a could-read; Artificial Life is a should-read.



2. Steven Levy has written a masterpiece, and I will be forever grateful to him for it. Although when I read it (circa year 2001) computers were much more mainstream than the period this book covers (1960s-80s), the book still broke new ground for me. It was before the blogging era, and especially before all the aspiring hackers of the world "united" via a network of blogs, forums, feeds, "planets" (feed collections on specific topics) and link accumulators like Reddit and Digg. In other words, it was much more difficult for me to find people with interests similar to mine.
   
   Or maybe I didn't look hard enough. This is not the point, anyway. The point is that this book took me "out of the closet" as a hacker, proud of my hobby, instead of wondering whether I'm some kind of an autistic freak. Reading it, I understood two things of utmost importance:
   
   1. There were, and there are, many people with my interests and peculiarities. And these are the people that made the computer revolution happen.
   2. Somehow, Steven Levy managed to explain in words the reason people find computers and programming so fascinating. In some sense it was a revelation. I kept saying to myself "yes, exactly!" and "ahh, now I understand" very frequently while reading the book.
   
   Here are a couple of great quotes from the book regarding (2):
   
   " What kept him going was his fascination with the machine, how it let you build complicated systems completely under your control."
   
   I heard people referring to this as instant gratification. Engineering is fun, solving problems is fun, and building solutions is fun - this probably has strong roots in the ancestral humans, shaped by evolution to be smarter than other animals. As opposed to other, more "physical" disciplines of engineering, like electrical, mechanical or structural engineering, programming allows you to actually create real and useful things with a computer as your only tool. An electrical engineer may wait for a long time until his board will be produced, and only then he can "play with it". For a computer programmer, things are much simpler. It is very easy and quick to build systems and use them.
   
   " [...] computers were an infinitely flexible artistic medium, one in which you could express yourself by creating your own little universe."
   
   "Code is art" is a very popular notion these days, perhaps coined by Knuth in his "The Art of Computer Programming" books. People do art for fun - they draw, play and compose music, write and design pretty gardens. In this sense, programming is not much different - it is an act of creation and self-expression. It is fun.
   
   As I said, this book is a treasure chest of insightful quotes like the ones above. Levy interviewed most of the who-and-whos in the world of computing from the 1960s in the MIT labs and through the 1980s in the Californian game development companies. In addition to being explanatory of the "hacker nature", the book is also a great historical reference for the early years of computing. How lucky we are these days to have the opportunity to hack so easily. Just a few decades ago, people interested in computers had to use clanky, slow, terminals or worse, batch-processing machines. There are so much free open-source development tools one really doesn't need to spend money on anything further than the hardware - and PCs are cheap and powerful.
   
   I can't recommend this book enough to anyone interested in computing, and programming in particular. As an aid to discovering your internal motivations, you own yourself to read it.



3. Great read on the early days of computer hackers, only wish it was updated (the book ends in the 80's but does include a small update/list of where the main players are in later years (the 90's))
   
   Very well written, it was easy to follow and understand. From the early days at MIT to the later years with Sierra On-Line, this tells of the early hackers and thier acheivements. There are some especially great stories behind the scenes in the later parts of the book.



4. It's so relieving to see Levy's capture of the positive side of the qualification to be able to hack. I believe the progress in the software and hardware development has been greatly advanced be the qualifications theses people have shown.
   When it later comes to the aspect of what this qualification has been used for, the results are more dubious. It is sad, however, that todays meaning of the term hacker seems to cover only the negative side of the history.



5. As the description mentions, Steven Levy's "Hackers" is not about computer criminals, but refers to the more traditional definition of "someone who delights in having an intimate understanding of the internal workings of a computer and computer network." I purchased this book because I was intrigued with Sierra On-Line, and was interested in learning more about some of the founding software companies and people who became rich from the computer boom of the early 80s. Having just finished Where Wizards Stay Up Late: The Origins Of The Internet about the creation of the Internet, and being bored out of my mind with it, I was hoping "Hackers" would be a little more exciting. Unfortunately, the first half of the book mirrors "Wizards" in a lot of ways and discusses much of the same content. What's more, before purchasing, I had no idea this book was published in 1984 and that it would naturally only discuss computers up to the early 80s.
   
   "Hackers" is divided into three parts:
   
   1. True Hackers - 1946 - mid 70s. This section focuses on the early computer pioneers at MIT, such as the Tech Model Railroad Club, the Lincoln Laboratory, and experimenting with large mainframes such as the PDP-1 and TX-0. It describes in detail how they would spend hours punching in code for these computers to come up with the simplest hacks. I struggled to get through this section. It was so incredibly detailed and filled with minutiae that it took me two months and several breaks to get through the 200+ pages. Some of it was interesting, but there was just so much information I didn't need to know or care about.
   
   2. Hardware Hackers - Mid 70s - 1980. All about the Homebrew Computer Club and the development of early personal computers, focusing on the Altair 8800, TRS-80, development of BASIC, and Stephen Wozniak's creation of the Apple and Apple II Personal Computers. This section was definitely more lively than the first, but there is still nothing that couldn't have been summed up in a 4 or 5 page magazine article or a visit to Wikipedia.
   
   3. Game Hackers - Late 70s - 1982. This section is largely about the development of the game company Sierra On-Line, although the first few chapters spend a lot of time discussing arly game development. This section was the most interesting in the book, especially to gain some insight into the culture that existed in the gamin industry back in its development, but not as exciting as I thought it was going to be. Since the book was published in 1984, there is no mention of the incredibly popular King's Quest series that launched Sierra to the top of the industry.
   
   The main underlying theme of this book is the "hacker ethic," characterized by open access to computers (no passwords), mistrust of authority, computers are beneficial to changing people's lives, and all information should be free. It is very heavily discussed throughout the book and it's implications on the industry and the people in it. If this were a thesis paper about the hacker ethic I would have given Mr. Levy an A+ for staying so on focus. Unfortunately, it's not a thesis paper. If you are purchasing this book for entertainment purposes, make sure you are REALLY interested in early hacker culture. I thought I was but the book was just too dry for me. Not to mention it was hard to keep up with the hundreds of people introduced in the book. On the plus side, it is exceptionally well-researched and hardly seems dated at all. Until I got to the last few chapters, I had no idea the book was over twenty years old.

5 comments about Hide Your Assets and Disappear: A Step-by-Step Guide to Vanishing Without a Trace.

1. This book is for more affluent folks who already have access to this type of information. Outdated, sexist, even insulting to those who believe in paying their fair share. If you are a regular middle class or working class person who is fed up with paying through the nose to make everyone else richer, you are on the right path but this is NOT the book for you.



2. Before 9/11, this was already a joke among people interested in protecting their privacy and assets (e.g., from litigious lawyers). After 9/11, none of the stuff mentioned in this worthless book even remotely works. BTW, the other reviewers are right: he doesn't really tell you *how* to do things anyway!



3. Gave alot of ideas on what you should do, but no real advice on how to do it



4. I have read a number of privacy books and this one is not a great read.
   Dated and not practical.



5. Great book, had lots of useful insights. Book arrived in a timely manner and in condition promised.

3 comments about Computer Forensics JumpStart (Jumpstart (Sybex)).

1. The book I chose to review was a book on Computer Forensics. Computer forensics is a very helpful easy to read book on investigative techniques for corporate managers or law enforcement. Unauthorized Internet access for employees could potentially grow into a festering tumor for many employers. This book details how someone with basic computer skills could investigate a workstation to see if anything malicious has been occurring.
   The authors do a splendid job of offering real work examples to show the damage of inappropriate access and use by certain individuals. The use of the Internet and emails as a method of destruction is particularly alarming. Criminals and people with a penchant for malice are using emerging and established forms of communication to pervert the original intent of creators. The examples give snap shots into the complexity of the world of 21st century crimes.
   The book is does go into detail about fraud on web based commerce. Thing such as ebay and bargain shopping web sites, seem noticeably missed in the context of crimes committed. The interesting example they use is the theft of website design from one website. Criminals could then use such designs to their own professional credit. It proceeds to tell the audience how to retrace the computer footprints to determine if designs were stolen.
   It surveys overall Internet issues such as domain name services and email servers. The subject matter is daunting to say in the least, but the authors keep an individual grounded in the fact they are a beginner. It gives the feel of becoming a modern Dick Tracy or Sam Spade. The section also covers encrypted passwords, which are becoming more commonplace due to online commerce.
   My main criticism would be the overall simplicity the authors present when entering such a field. It almost smacks of snake oil salesmen bartering cure alls. The work seems admirable but a very vast field, which encompasses everything from the intellectual property rights of web designers to human resource managers keeping tabs on company employees. Other than those points, I would say this is a must read for anyone who plans to enter businesses, which conduct online based exchanges of information or capital. It was a real experience to discover the depth of emerging criminal conduct with technology.



2. Like the previous reviewer I agree that the book does cover a fair breadth of material but not great detail. But, as a quick search will show, there are several hundred books on the subject. Most of those books are very technical and detailed unlike this book which is a great introduction to an incredibly complex industry. If your interested in getting more information about this field before jumping in this is a must have.



3. My Univ is using this as a textbook, and its good so far, even for an experienced computer geek like myself. It is a basic one, but I would say it sets the foundation for advanced training.

5 comments about Digital Evidence and Computer Crime, Second Edition.

1. This text was used for the digital evidence and computer crime class that I just completed. The book is clear and easy to understand. It goes into detail only when needed. I was concerned that this information would quickly become out of date, but the ideas presented are current and provide a solid background for understanding any newer technologies that come down the road. I usually sell my books after the semester ends, but I have decided to keep this one.



2. Sometimes, defense attorneys have it easy: one slip-up by the prosecution and evidence is thrown out. Knowing that, law enforcement goes to great lengths to ensure that evidence is appropriately collected and protected. That works well in the physical world, where law enforcement has many generations' worth of experience. But in the modern world of computers and digital networks, where the simple act of rebooting a computer is enough to wipe out large amounts of evidence, law enforcement clearly needs thorough guidance.

   Such a resource is here: Digital Evidence and Computer Crime, an excellent book that details the elements of digital crime. Author Eoghan Casey does a superb job of applying forensic science to computers. The information presented here is critical to a diverse audience: law enforcement, attorneys, forensic scientists, and systems administrators, for instance.

   While cybercrime law is in some ways similar to other aspects of criminal law, it nonetheless has its own language and categories. For instance, jurisdiction is a key element in both the physical and digital realms, but it is a much trickier concept in the latter. Casey develops this topic and many more. Those new to computers and networks need not worry: the book begins with an explanation of how they function. With the basics out of the way, Casey details how computers can be used in crime and how the evidence created from these activities can be used for later analysis....The accompanying CD-ROM contains simulated cases that integrate many of the topics covered in the text. In all, the book and CD are an excellent introduction to an increasingly important area of law enforcement.




3. If you are new to this world this is where you should begin. Digital Evidence contains all the knowledge one could amass by obtaining PHD in computing. Especially when you don't have time for a Diploma. I have bought 5 books pertain to digital crime from USA and UK. But this is the one and only book I am recommending to any one in any continent who want to learn or new to this arena. All the other books in this field for Attorneys or with similar requirements are some what academic and may be boring. The CD-ROM accompanying the book gives you much needed hands on training, otherwise which will cost you at least US $ 4000, if you are to go to a training centre to do the same.



4. This is an excellent book from a real expert.

   Everyone and their brother are writing books about computer security and digital forensics.

   The difference here is that Eoghan Casey knows what he is talking about.

   Excellent book!




5. It describe all aspects about digital crimes using a clear language. It's very good for neubies.