3 comments about Understanding and Managing Cybercrime.

1. This is an intelligent, informative and entertaining (love the cartoons!) text dealing with cybercrime from a sociological perspective.



2. This is a unique book. I would have liked the book anyway, as I work at the same university as Dr. McQuade, and we talk on occaision about information security. So I want you to know my bias. But I am not talking about liking it, I am talking about being astonished.
   
   Dr. McQuade wrote the book because he needed a really good book for his Computer Crime class. He was squirreled away for a couple of years, and now I know why.
   
   The book motivates the average reader and student through being real and relevant.
   
   The book calls to the aspiring and excellent student to do deeper, as deep as they want. The references, indexing, and especially "Critical Thinking" questions at the end of each chapter are amazing.
   
   Dr. McQuade also leads by example. He cites frequently from his groundbreaking research. He leads in 2 areas, first he shows what rigorous social science research is about. He also inspires by giving an example of doing research, when there is not much to build on.
   
   For information security professionals that know the law, but might not know it as deep as someone outside law enforcement, the chapter on relevant law is worth the price of the book.
   
   Also, as an information security professional, I often forget to ask the question "Why?" The "Theoretical and Social Perspectives on Cybercrime" took me deeper than I have been before. It is a bit chilling to understand that a generation has been left alone with computers with little or no guidance on the ethics of responsible computing.
   
   And if that weren't enough, the "CyberTales" and the cartoons actually make the book fun.



3. Note: I waited until I had completed Dr. McQuade's courses before posting my comment, so as to avoid as much bias as possible.
   
   I purchased Understanding and Managing Cybercrime as the required textbook for my class. Having said that, it's the only book I purchased this quarter that I actually read. This book is a resource for anyone involved in network security, systems administration or computer consulting. And while it packs in alot of topics into its 490 pages, it's not written over the head of the casual computer user. In fact, the chapters on malware and computer attacks as well as victimization are pertinent to anyone who uses computers in either a personal or business manner.
   For the scholar, this text is broken down into 3 main portions: What there is to attack; Who attacks and why; How they attack and what is/can be done to prevent it. From firewalls to FISA, from Critical Information Infrastructure to the history of Cybercrime laws... it's in there. Dr. McQuade is not an IT person at all, and will profess this to all who ask. He conducted research with experts in the field and combined it with his own criminal justice background to create a book that hits on all of the important topics while giving some personal insight.
   The book is a bit difficult to read sometimes. Chapter 8 is very long, with a lot of historical information! And while the text is a little on the small side, it is delightfully broken up by "Cybertales" and cartoons.
   The part I enjoyed most about this text, and which has shaped my view the most about managing cybercrime, was the section on Theories of IT-Enabled Abuse and Crime. Although no one can predict when a crime will occur, the "tools" in this chapter when combined with the lessons in the rest of the book will help the IT professional plan thier prevention of cybercrime.
   As Dr. McQuade was oft to say: "Eventually, you're all going to get sued" Perhaps with the knowledge from this book, I will win.

5 comments about To Catch a Predator: Protecting Your Kids from Online Enemies Already in Your Home.

1. If you have the internet,if you have kids (THIS IS A MUST READ FOR PARENTS!), if you love kids, if you work around kids, if you hate the actions of pedophiles that become sexual predators and feel they should be incarated unitl Jesus comes back, or you think hey should get treatment and that is the best solution, get the freakin book!
   It covers all of these issues and all of the operations and catching these sexual predatory dirtbags. ( Ofcourse I'm a "locker upper!")It is a great read, Chris Hansen is well spoken on all issues, and just does a great job with this one! Its full of information and sometimes will make you say "What" and sometimes "HMMMMM." It is probably the best beginners book for reading on the issue of online predators. There are more explicit and problably more scientific ones but this should be on every internet crimes against children bookshelf. GET THE BOOK!!!



2. I think every person that has a child in their home should read this book. I also think children over 14 years of age should read this book.



3. Based on the popular "To Catch a Predator" series, Chris Hanson wrote this book. This is an informative book that all parents should read. About 30% of it is about the TV program and the rest is written like a guidebook. Chris Hanson includes other stories from families and experts, as well. I have watched "To Catch a Predator" from the beginning and really enjoy it. It's great to watch these weasels (my apologies to all weasels) get arrested and I know that this show is doing a lot of good. There is also a spin-off of sorts that started on MSNBC recently called "Predator Raw" which includes extra clips from passed shows. Some have even whispered that because of Chris Hanson's immense popularity on "Dateline" he was partly behind Stone Phillips getting the axe. I don't know if that's true or not; but I'm always happy to see a man with a multi-million-dollar contract who does absolutely nothing get his walking papers. My only complaint about Chris Hanson is that he has done some "To Catch a Predator" parodies which are rather inappropriate and tasteless. In my opinion, he is in no position to bite the hand the feeds him because he should know more than anyone how serious this is.



4. Very informative information in regards to the type of people that are in our society. When it comes to children, you can never be too careful.



5. Especially for anyone with children, a must read! A lot of us think we know how to protect our children but we must be honest with ourselves and admit we don't know everything!

4 comments about Computer Evidence: Collection & Preservation (Networking Series).

1. It seems that a lot of books on forensics concentrate on making a disk image of the hard drive being examined, filtering the information on the disk, and presenting it in proper format for court use. However, collecting and preserving the evidence is much more than imaging the hard disk. If the computer is still on then evidence may be in memory, potential evidence may be on routers, proxy servers, etc. This book details this part of forensic evidence gathering, an area often just skimmed over in other computer forensics texts. This is a critical aspect of investigation because it does not matter how well your filtering works and how much evidence you obtain if your data preservation was not done correctly and the evidence is inadmissible in court.
   
   Evidence dynamics is covered in detail and the author does a better job of this than any other forensics book I have read. Evidence dynamics is how to keep the evidence from disappearing or changing. Just the act of shutting down a computer changes temporary files, open processes, swap file information, and many other items that may be necessary for a thorough investigation. Even the appendixes are valuable and contain several excellent sample forms including chain of custody, evidence collection, and evidence access worksheets. If you are involved in either the collection or the maintenance of data for a potential court case then you will be interested in this book. Alternatively, if you are trying to discredit an expert witness then the information presented here may also provide areas of attack. Either way Computer Evidence Collection and Preservation is highly recommended.



2. This is a timely book as we are hearing more and more about the U.S. military and intelligence agencies collecting the computers used by terrorists. This same trend is appearing in conventional law enforcement. The amount of information that can be stored on a computer is, of course huge, also important is the transient: What web site is the computer viewing? What e-mail system is on-line? What can be gotten from the router being used?
   
   This book goes into every aspect of getting forensics information off of a computer. It starts with examining the computer, if it is on, then extracting the information from places like temporary internet storage. Of course there's a lot that needs to be done with the hard drive, and if you can find back up disks, tapes or memory devices.
   
   In addition, there are hardware and software tools that can be used to extract information from the system. A general coverage of these is given, along with sources. Some of these are included on the CD-ROM included with the book.
   
   This book is intended for use in a legal environment, so there is discussion on maintaining the chain of evidence to ensure that it doesn't get thrown out of court. Should you be on the other side in a trial, this gives you something to ask of the investigators to be sure that they have followed the rules.
   
   Basically this is the most complete, most thorough book on the subject written by one of the experts in the business.



3. Are you a law enforcement officer, system administrator, IT professional, legal professional or a computer forensics student? If you are, this book is for you! Author Christopher LT Brown, has done an outstanding job of writing a great book by focusing on the first two phases of the computer forensics process: computer evidence collection and preservation.
   
   Brown, begins by introducing the reader to the essential elements of computer forensics.
   Next, the author discusses the rules of evidence, existing computer-related case law, and regulation as a basis of understanding the nature of computer evidence in court. Then, he provides information about evidence dynamics, which is defined as anything that effects evidence in any way. The author continues by presenting the key components to knowing where data can be found within an organization's infrastructure. In addition, the author shows you how an organization's information architecture can be as diverse as a city's street's. He also examines the volatility of digital data in physical memory and storage. Next, the author explains the key components of the IDE,SIDE, and SCSI standards as they pertain to evidence collection. Then, he describes advanced physical storage methods in use today. The author also examines some of the many types and formats of removable media including flash cards and optical media. In addition, the author next describes one of the most important components of any computer forensics investigation: tools preparation and documentation. He also shows you how volatile data can be difficult to capture in a forensically sound fashion. Next, the author describes how methodologies used in computer forensics can be as varied as the systems being imaged. Then, he shows you how the collection of evidence from large computer systems can be challenging to any investigator. The author continues by walking the reader through different design options to get the most out of their hardware configuration in the field and back in the lab. In addition, he shows you how today's computer evidence investigators rarely work from a single forensics workstation. Finally, he discusses areas for further study in computer forensics such as analysis and presentation of evidence in court.
   
   This most excellent book uses evidence dynamics at the center of its approach to show the reader what forces act on data during evidence identification, collection and storage. What's most important though, is that this book will help guide the computer forensics investigator in ensuring case integrity during the most crucial phases of the computer forensics process.



4. At this time I am about halfway through the book and finding it very informative and very interesting. It covers a lot of technical information which is normally pretty boring but I am having a hard time putting it down. Highly recommend this as require reading for the ameture forensic computer examiner.
   
   CR Flowers CCE

5 comments about The Hacker Crackdown: Law And Disorder On The Electronic Frontier.

1. Sterling's book is a must-read for anyone genuinely interested in the roots of Cyberculture. It documents everything from old-school phone phreaks to the 1990 crash of AT&T. It goes into great detail as to how "cybercops" were established, their training, and the mass-reluctancy a decade ago to utilize their services. While this may sound like a history textbook, it is not. It is a fair and unbiased look at the past from the eyes of one of the greatest cyberpunk authors ever, which is probably why the book is so often quoted in academic research papers and in other works on the subject. The book does not lack charecter nor does it lack accuracy. Those who are looking to find an entertaining yet accurate, if not dated, historical account of hacking need not look any further.



2. I learned more about the telephone in 12 hours than 12 years of school life. The dates and times depicted in this book happened during a time when I'd been 'off-line' with the computer world. I began with AOL (unfortunately) and due to my own reasons gave up computers for a while. It's like going back home and finding out what's happened to everyone after you'd left years back. Historically, this is the place to begin reading about phones and phone systems. To understand at least the fundimentals of the technology we wrap ourselves into.
   Most definitely a must-read book. If you liked this, try At-Large, the Strange case of the world's Biggest Internet Invasion by David H. Freedman and Charles C. Mann.



3. this is an excellent book until the ''underground'' part. But it forgot to talk about the cybergang ''Master Of Deception'' the opponent of Legion Of Doom.



4. A very lively, interesting, and well-written (by Bruce Sterling no less) summer read for those interested in the history of phone phreaking and computer exploration and mischief. Highly recommended.



5. Bruce Sterling of Cyberpunk fame takes a journalistic approach to researching law and disorder on the electronic frontier by examining two specific events in depth : the 1990 Operation Sundevil, a concerted nationwide effort by district attorneys, the Secret Service, the FBI, local authorities and various Telco security to bust and publicize a hacker crackdown; and the resulting trials and creation of the Electronic Frontier Foundation and rise of the civil libertarians.
   
   The book is divided into four parts: crashing the system, the digital underground, law and order, and the Civil Libertarians. Mr. Sterling does a credible job explaining the telco systems and motivations and actions of the people on both sides of the issue - phone phreaks/hackers and law enforcement/district attorneys without succumbing to a lot of jargon or taking sides.
   
   The book is replete with interesting accounts of Alexander Graham Bell and history of telephony, the origins of the Secret Service and its' early battles with "Boodlers", and the dissemination of the E911 document that came to cause grief to many people.
   
   Reading this in 2006 and beyond will cause a few chuckles at his penchant for describing and drooling over advance systems (I have a real urge to drive down to the storage unit for my Commodore 64 and IBM clone), yet the events of the early hacker sub-culture remain relevant to anyone interested in computers, freedom and privacy.

1 comments about Cyber Bullying: Bullying in the Digital Age.

1. If you are a parent of an adolescent or an educator, this book is a must read. As the authors have stated, the impact of students using computers, etc. has had not only a positive but also a negative impact on the learning environment and safety issues within our schools. Cyberbullying in its infancy is creating an epidemic of problems. Awareness of the problem, what schools and parents should do to address cyberbullying, how the different states and schools systems view cyberbullying, and current resources are discussed by the authors. It is a compilation of the most current research.

5 comments about Stealing the Network: How to Own an Identity (Stealing the Network) (Stealing the Network).

1. Good story, followed through pretty well from STN:Continent, which I haven't read in quite some time, so I didn't really do much cross-referencing, so take that comment for what it's worth. My two major issues with the book were:
   1) Apparent lack of proofing whatsoever. In some cases it appeared that the author had stopped typing mid-sentence and picked up some time later, forgetting what exactly they had said because they had previously stopped typing mid-sentence. (re-read for example) At one point a whole paragraph was in there twice in a row. This sort of thing frazzled me a bit as I was reading it, and took away from the immersion to an extent. Each chapter was written by a different author so this is not a consitant trend through the entire book. There is some good writing in there as well.
   2) More story, less technical stuff. This seemed a bit more 'novel-y' than the previous books, I kind of didn't like that aspect of it. That was just me though. Some of it was pretty good though, and a fun read, like the chapter about Knoll Jr. as well as the Blacktower chapter. All-in-all, I'd have to say that I liked the first STN [:box] the best, but that's just me. The cohesiveness of the story between chapters seemed to be better in this one [Identity] than STN:Continent, though.
   
   Overall I give it three stars because I am a grammar nazi but you might enjoy it more. I recommend it if you've read the previous ones.



2. I reviewed the first Stealing book in May 2003, and the second in September 2004. I liked the two earlier books, and the third book -- Stealing the Network: How to 0wn an Identity (STNHT0AI) -- is also a fun read. The book is most impressive when it outlines plausible scenarios for identity theft, penetrating wireless networks, and compromising Hushmail. Although some of the writing is rough, I still recommend reading this book.
   
   I'd like to point out a few aspects of the book that hooked my attention. First, Ch 3 explains how to assume a college student's identity. 1. Steal pre-approved credit card applications from neighborhood mailboxes. 2. Identify a likely target, and find that person's date of birth and parent's names using online family tree databases. 3. Buy NetDetective and obtain the target's SSN. 4. Get a real driver's license from a thief who stole DMV equipment. 5. Intercept at mail box the credit card applied for in step 1. 6. Apply for a real birth certificate using the credit card obtained in the previous step. 7. Intercept at mail box the real birth certificate mailed to the target's home. Aside from the SSN acquisition, that scenario is plausible and incredibly scary!
   
   The second scenario that left a lasting impression appears in Ch 8. Jay Beale explains how to compromise and read mail exchanged through Hushmail. The crux of the matter is obtaining control of Hushmail's DNS servers. At the end of his chapter, Jay notes that Hushmail's DNS servers were compromised in April 2005. I thought his chapter contained the best mix of story and clear technical explanations found in STNHT0AI.
   
   It is very helpful to have read at least the previous Stealing book prior to STNHT0AI. At times it felt like I was watching the second Back to the Future movie, where Marty sees different aspects of events that took place in the first movie. I was also completely shocked by the hints left at the end of the book, and the abrupt ending left me waiting to resolve the cliffhanger. I look forward to reading Stealing the Network: How to Own a Shadow later this year.



3. This book is hard to put down! It was like looking into a window of the underground world that most people, even those in the Information Security Industry, are unaware exists. The technical aspects in thoe book gave the storyline a credibility that other books lack. The characters were colorful and well developed. The book opened my eyes to the very real threat of identity theft and how identities are "harevsted" and used as currency on the blackmarket by organized crime and malicious entities such as terrorist organizationa. Great read that will not diassapoint you.



4. I give it 5 stars because not only is it a great hacker thriller but the use of character names from the 80s movie Real Genius cracks me up. Its like the movie's sequel.



5. This book is a good read for people who are technical, but not information security experts. I see from Amazon that there are other books in the series; I will definitely be reading them soon.
   
   It is a fictionalized account of people (on both sides of the enforcement/criminal side) who are dealing with identity theft and forgery. I would recommend that anyone who has questions about identity theft gives this book a look - it's definitely opened my eyes.
   
   The technical sections are useful illustrations for those who understand them, but the main thrust of the book is in the concepts applied. Anyone who does not understand the details of the technical approaches would still be able to understand the plot movement and basic areas where they may want to bolster their own identity security.

2 comments about Cyberbullying and Cyberthreats: Responding to the Challenge of Online Social Aggression, Threats, and Distress.

1. Willard addresses something of concern to educators and parents, who might be worried about kids being menaced via a computer network. Which these days essentially means the Internet, through myriad modalities like Instant Messaging, email, Internet Relay Chat etc. Nor is the concern necessarily limited to young users. Adults too might encounter many of the same problems.
   
   Certainly, there have been well publicised cases of stalking and physical accosting, initiated over the net. So Willard's text should be taken seriously. But don't go overboard, worrying that the net is full of stalkers or creeps. Most users, whatever their ages, have perfectly ok experiences. While you can perform some or most of the precautions described in the text, try not to let a fear of dangers inhibit you from pursuing your interests.



2. [This review first appeared in my column in the July-August issue of The National Psychologist.}
   
   National research studies have found that children and teenagers spend six hours and 21 minutes per day, nearly 45 hours per week, using digital media including television, the Internet, music and video games. A nationwide Kaiser Family Foundation study discovered that if you take into consideration that most kids multitask, the actual media diet is an astounding eight hours and 33 minutes per day or 60 hours per week. With children and adolescents spending more hours using media than they spend sleeping, eating or going to school, parents are becoming increasingly concerned.
   
   Nancy Willard, an educator, lawyer and expert on cyberbullying has written a fascinating book entitled Cyber-Safe Kids, Cyber-Savvy Teens: Helping Young People Learn to Use the Internet Safely and Responsibly (Jossey-Bass, 2007). Nancy's approach is to provide parents and educators valuable information about online risks and how to keep children and teens safe in cyberspace. Covering such issues as cyberbullying, violent video games, online pornography, gambling, Internet addiction, privacy and social networking, this book is a comprehensive overview of the darker side of technology. However, unlike television shows like To Catch a Predator, it does not simply accentuate the negatives, but gives parents an array of strategies for helping their children avoid pitfalls or deal with problems when they arise. Nancy's work can also be found at the Center for Safe and Responsible Internet Use (www.csriu.org).
   
   [Postscript: Nancy Willard's book is a must read for any parent of a Net Generation child. It is too easy to believe that cyberbullying will never happen to your tween or teen. Sadly, that is not the likely case. Buy this book. Read it and share it with your children. That way, everyone wins.]

5 comments about Hacker's Challenge 2: Test Your Network Security & Forensic Skills.

1. Amazon auto-recommended this book to me when I was buying another book. I bought it allthough I was shure that this will be anotherone of the books you buy, leaf through for 30 minutes and then burry in your bookshelf forever ...
   The book arrived on friday - helloween. I decided to "leaf it quickly through" before diving into the helloween chaos in my city ... Now it is sunday ... I have skipped helloween completely and sucked up the book completely, played a bit with the new knowledge in my LAN and definitely had a lot of fun.
   I'm nor a hacker nor a sysadmin, just a programmer. But the challenges are easy enough for me (As a programmer I'm not so experienced in networking ...). Not too easy to be boring, not to hard to be "work". You can compare it better to a funny short-story-book than to a laborious brain-teaser-book. I learned a lot and had much fun. It is the first IT-book I ever read completely from the beginning to the end. Have you ever been laughing loudly when reading an IT-book ? I did often during this wheekend :) And additionaly I _did_ learn a lot. It's magic ...



2. Mike Schiffman has always been a really funny guy (see what he's written in phrack loopback for examples) so I was really dissappointed with the lack of humour in the first volume of the Hackers Challenge series. That has gotten better in the second volume. There is a lot more humor in this one.

   Aside from that it reads just like the first volume and is just as good in almost every way. But for the fact that in this volume the editors decided not to tell you which author wrote which chapter which I would have like to have known.




3. Besides being very entertaining this book offers a great deal of knowledge. If you are able to recognize all the concepts inside, it will serve as a perfect reference and starting point book.
   
   Very, very nice book.



4. Hacker's Challenge 2 is a sort of practical exam for the Hacking Exposed series. Hacker's Challenge was a terrific book for putting some incident response and forensic skills to use and practicing for the real thing. Hacker's Challenge 2 continues the tradition and should be a must read for anyone who works with network security and incident response. The style of the challenges is fairly entertaining and the plots are so engaging you may not want to put the book down. Its like a best-selling mystery novel for network security techies. It may not affect the quality of the book overall, but I preferred having the authors of the individual challenges identified as they were in Hacker's Challenge. However, you should definitely buy this book!
   
   (...)



5. As a security specialist and Ethical hacker I've been extremely disapointed by this book. It is too simple and obsolete. History around each challenge are way to detailed compare to the actual incident and technical detail. I just dont quite understand other reviewer rating this book with 5 stars.

5 comments about Acquiring New ID: How To Easily Use The Latest Technology To Drop Out, Start Over, And Get On With Your Life.

1. All the info you will need to change your id, including the equipment need. Writer's info is current and extremely useful. I have read other book on this topic that was to general, this book is much more specific. Highly recommended.



2. a good boo



3. This book is very general. There is absolutely no useful information. Any body could write this book in probably two sentences. I'll give it a try. "Acquire somebody's birth certificate and scan it. Change the necessary information and bingo". There you have it without spending $20.



4. It didn't have anything to do with fake ID's



5. This book had about as much information as a 5 year old on changing your identity. Any fool could figure out the methods the author uses.

5 comments about Black Ice: The Invisible Threat of Cyber-Terrorism.

1. Without a doubt a book of monumental importance to the nation during this time of war and increased threat from terrorism. I recommend this book to anybody who is interested in homeland security and how terrorism may be changing and evolving its strategy against the U.S.

   Well-written, full of intrigue and first-hand interviews with top security officials from both the Clinton and Bush administrations. Verton had unfettered access to those directly involved in the Sept. 11 response, including Richard Clarke.

   You will not find another book on this subject that is this well researched and written. And because Verton is a journalist, he wrote this book so that you don't have to be a computer expert to understand the issues.

   Buy this book. You will not be disappointed.




2. This guy is among the best tech journalists out there and this book is proof. Nobody has documented the cyber-terrorist threat like this. And from the negative comments I've seen here on Amazon it is clear that those people didn't read the book or care to acknowledge the compelling nature of the argument.

   If you're blind to the future, you won't be interested in reading this book or giving it any credit, and that's probably par for the course for you.

   But if you are an independent thinker who understands the nature of the terrorist threat, you will want to read this book and you will undoubtedly benefit and learn something from it.




3. Dan Verton, journalist and author of The Hacker Diaries: Confessions of Teenage Hackers, has written a very enlightening book in Black Ice: The Invisible Threat of Cyber-Terrorism.
   
   The book begins with a fictitious attack that is multi-faceted and very well orchestrated. While it is somewhat sensationalist or alarmist, the point of the story is to show what is possible- not probable. Verton illustrates how cyber-attacks against key communications and critical infrastructure sites can be used in conjunction with conventional attacks to maximize the ensuing damage and confusion.
   
   After capturing your attention with the story of what could be, Verton goes on to describe various government and private sector studies and disaster-preparedness exercises that have proven time and time again what a fragile state the infrastructure is in and how the domino effect of one area can cascade to take out entire regions.
   
   One of the main points of the book is to show how the critical infrastructure is inter-dependent. If a main gas pipeline is destroyed, electrical power plants lose their source of energy. Once the electricity is shut down the telephone, cell phone, Internet and many other industries will shut down. Water treatment facilities will not be able to function. The list goes on and on.
   
   This is an enlightening book that everyone should read. It is important for the powers that be to understand this domino effect and take steps to protect against cyber-terrorism of this sort.
   
   (...)



4. I have read this book and the reviews on Amazon.com. The author makes a good argument for enhanced cyber security in the USA. This is an issue that will be ignored by policy makers and the general public until an attack makes people pay attention to the realities of a computer controlled civilization. While other reviewers blast the writing style and hypothetical situations in the book it seems they have missed the point. It is not if a devastating cyber attack will occur, it is when.



5. Before 9-11 This Book might not be looked at the same way it is today. Black Ice :The Invisible Threat of Cyber Terrororism brings around many misconceptions why an attack on our most important infrastructure could be carried out by Terrorists and not an Impossibilty. While This Book deals mostly with What if Scenerios, It also makes you think of things you thought were impossible. Take for example the sophistication of Hacking and Breaking into Our most Vital Systems. Terrorists know you must have training at a very high level and will Train Them at Schools in the U.S. Itself. Sound Familiar?
   That's the sought of future thinking that this book will have you turning page after page and many ways o limit or stop a future attack on the internet. A great book with insightful information.