Secrets of Computer Espionage: Tactics and Countermeasures

Consider the book required reading if you run any flavor of Microsoft Windows and need to keep private information private, and especially if your computers support external data connections (read: internet or external access).

McNamara covers a wide range of possible computer attacks from the mundane to the geeky-obscure. And he discusses the reasonable likelihood of each different type of attack along with how to identify and defend against them.

He also keeps the book common-sense, such as don't invest tens of thousands of dollars in attack-hardened hardware and software if you leave your building unlocked. He talks about physical access restrictions, company security policies, and other considerations regarding the ultimate goal of keeping the contents of your computer system safe - points that some computer security books overlook.

Finally, I love that McNamara injects humor, a conversational tone and many case studies into his book. It turns a potentially dry topic into an enjoyable read.

Rating:
Summary: Critical information, readable style
Review: As co-owner of a small business I read "Secrets of Computer Espionage" with interest, particularly since I thought that running a firewall and virus protection made my system fairly safe from intrusion. Hardly.

Consider the book required reading if you run any flavor of Microsoft Windows and need to keep private information private, and especially if your computers support external data connections (read: internet or external access).

McNamara covers a wide range of possible computer attacks from the mundane to the geeky-obscure. And he discusses the reasonable likelihood of each different type of attack along with how to identify and defend against them.

He also keeps the book common-sense, such as don't invest tens of thousands of dollars in attack-hardened hardware and software if you leave your building unlocked. He talks about physical access restrictions, company security policies, and other considerations regarding the ultimate goal of keeping the contents of your computer system safe - points that some computer security books overlook.

Finally, I love that McNamara injects humor, a conversational tone and many case studies into his book. It turns a potentially dry topic into an enjoyable read.

Rating:
Summary: Good but already outdated
Review: Book comes with many urls by different source
that expand on his coverage. One needs to have
an internet connection to review these urls to
fully appreciate the scope and depth that
McNamara attempts bring to this subject. Reading
this books has been slower than normal for me
because I did checkup on the urls - some didnot
work - e.g. the urls that start off with
packetstormsecurity.org is now packetstormsecurity.nl
for some reason. The book's strength lies in describing
the tools and the physical environment of electronic
intelligence gathering. However, often the compilation
of security tools often reads off more like a
product description or specification sheet (which
reminds me of the old 8-bit McGraw-Hill Osborne
Microprocessor Handbooks which were more of reprint
of the manufacturers specs than a guide or manual).
The book's coverage of the legal and social
environment of electronic intelligence gathering
is concise and accurate; it is still up-to-date
as far as I know. While the McNamara does
cover extensively the software tools of the trade,
it is basic and falls short in adequately describing
the risk especially with respect to the Internet
and Windows XP/2000/NT. One glaring omission is that
McNamara fails to cover how a ILoveU/Blaster-type
worm can use Remote Procedure Calls (RPC) Services
to completely bypass passwords/firewalls/NTFS
accounts and takeover a Window XP/2000/NT computers
(which happen in mass during July to August of 2003
in the USA ). I like McNamara's use of spy vs.
counter-spy hypothetical examples to describe
how these technologies and methods worked together.
I hope he revises his book to include ways
to increase Windows XP/2000/NT security
(which it sorely needs) and describe in detail
how a security breach is detected using some
of the more complex Intrusion Detection Systems
(aka Snort) that he describes. If one is going
to spend alot of money on such security tools
it would be very useful to know more about
how these tool work to solve security problems
so one can justify spending the money.
IMHO the best advise in the book is to get
on a security mailing list and keep uptodate
on security patches/warnings.

Rating:
Summary: Who's James Bond?
Review: Joel McNamara first off is a GENIUS! I cannot put into words what a great book this is. I have learned more about my computer then any school could begin to teach on this subject-not to mention the fact how much it would cost. This is a must have book. Move over James Bond!

Rating:
Summary: Wow! Absolutely a great, great book!
Review: Joel McNamara's book is one of the very, very, few books that I classify as a "Must Read" for anyone involved in business or technology. This book does an amazing job of avoiding the "paranoia for paranoia's sake" tone seen so often in computer security books while still taking the issues seriously and discussing them intellegently.

The conversational tone is fun and often quite funny while not making the user feel talked down to. And Mr. McNamara does an equally great job of explaining very complex topics in way that works for both extremely sophisticated computer technology professionals and non-techies alike. I've brought this book around for side-discussions in the seminars I've given since it came out and my students, ranging from small business owners to 30+ year professional tech veterans in Fortune 50s have learned new and important lessons from it. For a book to address all these audiences is rare. For a book to succeed and be invaluable for all of them is virtually unheard of. This book succeeds amazingly well.

I've not only read the book through in one sitting, I keep referring back to it and it's incredibly useful web site on a regular basis.

Joel, thank you for writing one of the key books of the year!

Rating:
Summary: Wow! Absolutely a great, great book!
Review: Joel McNamara's book is one of the very, very, few books that I classify as a "Must Read" for anyone involved in business or technology. This book does an amazing job of avoiding the "paranoia for paranoia's sake" tone seen so often in computer security books while still taking the issues seriously and discussing them intellegently.

The conversational tone is fun and often quite funny while not making the user feel talked down to. And Mr. McNamara does an equally great job of explaining very complex topics in way that works for both extremely sophisticated computer technology professionals and non-techies alike. I've brought this book around for side-discussions in the seminars I've given since it came out and my students, ranging from small business owners to 30+ year professional tech veterans in Fortune 50s have learned new and important lessons from it. For a book to address all these audiences is rare. For a book to succeed and be invaluable for all of them is virtually unheard of. This book succeeds amazingly well.

I've not only read the book through in one sitting, I keep referring back to it and it's incredibly useful web site on a regular basis.

Joel, thank you for writing one of the key books of the year!

Rating:
Summary: Secrets of Computer Espionage
Review: The "Secrets of Computer Espionage" by Joel McNamara unveils what every PC user should know before they hop on to the internet Bandwagon. If you can read this review, then you need to purchase this book. Cyber Crime is the number one precursor to identity theft and the simple thruth is -- Internet Security is YOUR responsibility.

Joel McNamara makes you walk a mile in the bad guys shoes, forcing you to see both sides of the story. You will learn the real threats behind internet worms (such as Sasser) and trojan horses (like MyDoom). Discover why Windows(tm) isn't safe and learn who's after your PII (Personally Identifiable Information).

View the world through the eyes of an internet private eye and see that everything really is an open book, it just depends on where you look. Let Joel be your guide. Buy the ticket, take the ride... then go to www.pcpitbull.com and see what's really inside.

Rating:
Summary: Secrets of Computer Espionage
Review: The "Secrets of Computer Espionage" by Joel McNamara unveils what every PC user should know before they hop on to the internet Bandwagon. If you can read this review, then you need to purchase this book. Cyber Crime is the number one precursor to identity theft and the simple thruth is -- Internet Security is YOUR responsibility.

Joel McNamara makes you walk a mile in the bad guys shoes, forcing you to see both sides of the story. You will learn the real threats behind internet worms (such as Sasser) and trojan horses (like MyDoom). Discover why Windows(tm) isn't safe and learn who's after your PII (Personally Identifiable Information).

View the world through the eyes of an internet private eye and see that everything really is an open book, it just depends on where you look. Let Joel be your guide. Buy the ticket, take the ride... then go to www.pcpitbull.com and see what's really inside.

Rating:
Summary: A side of computer security seldom seen
Review: Warning: This book will make you paranoid.

It shows you just what kind of problems you face in securing your computers and life in the current legal climate. it shows just what can be done to you legally without papers being served on you. The current laws concerning wiretaping and gathering of evidence. How black bag operations are planned and committed. How your systems can be monitored in many many ways.

The book is current as of 2003 and includes information on the oxymoronically named "Patriot Act", as well as CALEA and other laws that remove your privacy from people with guns and an excuse.

And then there are the illegal ways.

The book does into a level of depth that the current law enforcement community would not want you to know. And you do want to know, even if you don't have anything to hide. (And everyone does have things to protect. Your reputation, your credit information, where you keep your money, not to mention those things that may be unpopular with someone somewhere.)

Well worth getting if you have any interest in security, computers or otherwise.

Rating:
Summary: A side of computer security seldom seen
Review: Warning: This book will make you paranoid.

It shows you just what kind of problems you face in securing your computers and life in the current legal climate. it shows just what can be done to you legally without papers being served on you. The current laws concerning wiretaping and gathering of evidence. How black bag operations are planned and committed. How your systems can be monitored in many many ways.

The book is current as of 2003 and includes information on the oxymoronically named "Patriot Act", as well as CALEA and other laws that remove your privacy from people with guns and an excuse.

And then there are the illegal ways.

The book does into a level of depth that the current law enforcement community would not want you to know. And you do want to know, even if you don't have anything to hide. (And everyone does have things to protect. Your reputation, your credit information, where you keep your money, not to mention those things that may be unpopular with someone somewhere.)

Well worth getting if you have any interest in security, computers or otherwise.