On Jul 8, 2008, at 2:21 PM, RISKS List Owner wrote:
Date: Thu, 03 Jul 2008 11:06:12 -0800
From: Rob Slade <[EMAIL PROTECTED]>
Subject: REVIEW: "The dotCrime Manifesto", Phillip Hallam-Baker
BKDCRMNF.RVW 20080317
"The dotCrime Manifesto", Phillip Hallam-Baker, 2008, 0-321-50358-9,
U$29.99/C$32.99
%A Phillip Hallam-Baker dotcrimemanifesto.com [EMAIL PROTECTED]
%C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
%D 2008
%G 978-0-321-50358-9 0-321-50358-9
%I Addison-Wesley Publishing Co.
%O U$29.99/C$32.99 416-447-5101 fax: 416-443-0948 800-822-6339
%O http://www.amazon.com/exec/obidos/ASIN/0321503589/robsladesinterne
http://www.amazon.co.uk/exec/obidos/ASIN/0321503589/robsladesinte-21
%O http://www.amazon.ca/exec/obidos/ASIN/0321503589/robsladesin03-20
%O Audience n+ Tech 2 Writing 2 (see revfaq.htm for explanation)
%P 415 p.
%T "The dotCrime Manifesto: How to Stop Internet Crime"
In the preface, the author notes that network and computer crime is a
matter of people, not of technology. However, he also notes that
changes to the network infrastructure, as well as improvements in
accountability, would assist in reducing user risk on the net.
Section one enlarges on the theme that people are more important than
machines or protocols. Chapter one looks at the motive for Internet
crime
(money, just like non-computer crime), and repeats the motifs of the
preface. The text goes on to list various categories and examples of
network fraud. The content of chapter two is very interesting, but
it is
hard to find a central thread. Overall it appears to be saying that
computer criminals are not the masterminds implied by media
portrayals, but
that the problem of malfeasance is growing and needs to be seriously
addressed. What Hallam-Baker seems to mean by "Learning from
Mistakes," in
chapter three, is that security professionals often rely too much on
general
principles, rather than accepting a functional, if imperfect,
solution that
reduces the severity of the problem. Chapter four presents the
standard (if
you'll pardon the expression) discussion of change and the
acceptance of new
technologies. A process for driving change designed to improve the
Internet
infrastructure is proposed in chapter five.
Section two examines ways to address some of the major network crime
risks.
Chapter six notes the problems with many common means of handling
spam.
SenderID and SPF is promoted in chapter seven (without expanding the
acronym
to Sender Policy Framework anywhere in the book that I could find).
Phishing, and protection against it, is discussed in chapter eight.
Chapter
nine is supposed to deal with botnets, but concentrates on trojans and
firewalls (although I was glad to see a mention of "reverse
firewalls," or
egress scanning, which is too often neglected).
Section three details the security tools of cryptography and trust.
Chapter
ten outlines some history and concepts of cryptography. Trust, in
chapter
eleven, is confined to the need for aspects of public key
infrastructure
(PKI).
Section four presents thoughts on accountability. Secure transport,
in
chapter twelve, starts with thoughts on SSL (Secure Sockets Layer),
and then
moves to more characteristics of certificates and the Extended
Verification
certificates. (The promotion of Verisign, infrequent and somewhat
amusing
in the earlier chapters is, by this point in the book, becoming
increasingly
annoying. The author is also starting to make more subjective
assertions,
such as boosting the trusted computing platform initiative.) Domain
Keys
Identified Mail (DKIM) is the major technology promoted in support
of secure
messaging, in chapter thirteen. Chapter fourteen, about secure
identity,
has an analysis of a variety of technologies. (The recommendations
about
technologies are supported even less than before, and the work now
starts to
sound rather doctrinaire.) It may seem rather odd to talk about
secure
names as opposed to identities, but Hallam-Baker is dealing with
identifiers
such as email addresses and domain names in chapter fifteen. Chapter
sixteen looks at various considerations in regard to securing
networks,
mostly in terms of authentication. Random thoughts on operating
system,
hardware, or application security make up chapter seventeen. The
author
stresses, in chapter eighteen, that the law, used in conjunction with
security technologies, can help in reducing overall threat levels.
Chapter
nineteen finishes off the text with a proposed outline of action
that recaps
the major points.
Hallam-Baker uses a dry wit well, and to good effect in the book. The
humour supports and reinforces the points being made. So does his
extensive and generally reliable knowledge of computer technology and
history. In certain areas the author is either less knowledgeable or
careless in his wording, and, unfortunately, the effect is to lessen
the reader's confidence in his conclusions. This is a pity, since
Hallam-Baker is championing a number of positions that would promote
much greater safety and security on the Internet. Overall this work
is, for the non-specialist, a much-better-than-average introduction to
the issue of Internet crime and protection, and is also worth serious
consideration by security professionals for the thought-provoking
challenges to standard approaches to the problems examined.
copyright Robert M. Slade, 2008 BKDCRMNF.RVW 2008031
[EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
http://victoria.tc.ca/techrev/rms.htm
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]