Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Dissecting the hack : the v3rb0t3n network
Street J., Sims K., Baskin B., Syngress Publishing, Waltham, MA, 2015. 306 pp. Type: Book (978-0-128042-78-6)
Date Reviewed: Nov 19 2015

Stop! Do not expect a technical review of a book of which half is a Hollywood story and the other half is a brief explanation of key techniques and tools. In between, there are a few interviews with professional hackers.

The story approach is a good idea, but a more realistic one based on cases actually happening in the world would have been preferred. The tools and techniques would still be the same. Hackers being hired by a government agency indirectly via another one and then getting framed is not that common. In a male-dominated profession, one may welcome a very rich, very beautiful, and very smart female hacker, even if she did not live in a big building on top of World War II bomb shelters. But she would be wise to not trust a couple of foreigners and pay for their travels under false identities. By the way, traveling around the world with fake identities is a good way for white hats to lose their key selling points: their integrity and reputation.

The techniques and tools exist and could be used as described, in theory. In practice, it is more complex than it looks like in the story. For instance, it is easy to understand how proximity-based detection using radio-frequency identification (RFID) can be used to target victims of a bomb. Avoiding false positives would be a major headache as soon as the system is armed. Obtaining RFID tag information for the target requires proximity with the target and identification of a tag that will also be present at the time of the attack, which is anything but obvious.

Part 3 describes about 45 tools and techniques. Each topic gets anywhere from one to five pages, which is more than enough for ROT13 obfuscation but less so for forensics and incident response. The descriptions will be useful for nonsecurity professionals to understand the security jargon in the story and in real life.

I admit I read the story in one go, as I would do with fiction books of the same size. The story is just too far from anything happening in the world of most security professionals to feel connected with it. What is at stake is most often money, not life or death. It is certainly less exciting, but with a longer life expectancy.

More reviews about this item: Amazon

Reviewer:  A. Mariën Review #: CR143968 (1602-0114)
Bookmark and Share
  Featured Reviewer  
 
Security and Protection (K.6.5 )
 
 
Security and Protection (C.2.0 ... )
 
 
General (C.2.0 )
 
 
Security and Protection (D.4.6 )
 
Would you recommend this review?
yes
no
Other reviews under "Security and Protection": Date
CIRCAL and the representation of communication, concurrency, and time
Milne G. ACM Transactions on Programming Languages and Systems 7(2): 270-298, 1985. Type: Article		 Oct 1 1985
Computer security risk management
Palmer I., Potter G., Van Nostrand Reinhold Co., New York, NY, 1989. Type: Book (9780442302900)		 Apr 1 1991
Computers at risk
, National Academy Press, Washington, DC, 1991. Type: Book (9780309043885)		 Oct 1 1991
more...
E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use | Privacy Policy