REVIEW: "Hiding in Plain Sight", Eric Cole

Discussion in 'Computer Security' started by Rob Slade, doting grandpa of Ryan and Trevor, Mar 4, 2004.

  1. BKHDPLST.RVW 20031205

    "Hiding in Plain Sight", Eric Cole, 2003, 0-471-44449-9,
    U$35.00/C$53.95/UK#24.50
    %A Eric Cole
    %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
    %D 2003
    %G 0-471-44449-9
    %I John Wiley & Sons, Inc.
    %O U$35.00/C$53.95/UK#24.50 416-236-4433 fax: 416-236-4448
    %O http://www.amazon.com/exec/obidos/ASIN/0471444499/robsladesinterne
    http://www.amazon.co.uk/exec/obidos/ASIN/0471444499/robsladesinte-21
    %O http://www.amazon.ca/exec/obidos/ASIN/0471444499/robsladesin03-20
    %P 335 p. + CD-ROM
    %T "Hiding in Plain Sight"

    Part one explores the world of covert communication. Chapter one
    suggests that covert communication is all around us, but weakens its
    case by providing only fictional examples. The author also states
    that he has detected huge numbers of files which contain embedded
    steganographic materials. He doesn't seem to understand that this
    hurts his argument: what good is steganography if you can detect its
    effects? There is a confused and incomplete introduction to
    cryptography in chapter two. To be fair, it does make some good
    practical points, such as the difference between an algorithm and an
    implementation. The basics of steganography are provided in chapter
    three but the explanations and examples may not make clear the
    distinction between steganography and covert channels or codes. The
    definition and illustration of digital watermarking, in chapter four,
    does not present a rationale as to why the invisible marking data
    cannot be removed. The example is confused and unconvincing.

    Part two is supposed to take us into the hidden realm of
    steganography. Chapter five outlines miscellaneous computer crimes
    and intrusions with only the most tenuous ties to steganography,
    fabricated by the author. A list of steganographic programs (almost
    all of the insertion type) are provided without details in chapter
    six. There are more examples of the same illustrations, a couple of
    related programs, and some mislabelled figures (a graphical layout of
    an IP header rather than the promised sniffer example) in chapter
    seven. Cole uses an instance of hiding a virus with steganography,
    but the dangers of inventing your own cases becomes evident: the
    virus, as described, wouldn't work anymore.

    Part three purports to show you how to make your own communications
    secure. Chapter eight lists cryptanalytic and steganalytic
    techniques, but does not delineate them well. A rehash of previous
    ideas and weak examples substitutes for the strategy promised in
    chapter nine: the main illustration has a complete failure of forward
    secrecy. Chapter ten pledges that steganography will get better.

    Although Cole is more entertaining than Katzenbeisser and Petitcolas
    manage to be in their "Information Hiding Techniques for Steganography
    and Digital Watermarking" (cf. BKIHTSDW.RVW), his information is
    sketchy and suspect. In comparison, his work is little more than a
    pamphlet.

    copyright Robert M. Slade, 2003 BKHDPLST.RVW 20031205

    --
    ======================

    "If you do buy a computer, don't turn it on." - Richards' 2nd Law
    ============= for back issues:
    [Base URL] site http://victoria.tc.ca/techrev/
    or mirror http://sun.soci.niu.edu/~rslade/
    CISSP refs: [Base URL]mnbksccd.htm
    Security Dict.: [Base URL]secgloss.htm
    Security Educ.: [Base URL]comseced.htm
    Book reviews: [Base URL]mnbk.htm
    [Base URL]review.htm
    Partial/recent: http://groups.yahoo.com/group/techbooks/
    Security Educ.: http://groups.yahoo.com/group/comseced/
    Review mailing list: send mail to
    or
     
    Rob Slade, doting grandpa of Ryan and Trevor, Mar 4, 2004
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jackie

    Than ;you Eric <Eric>

    Jackie, Jun 22, 2004, in forum: MCSD
    Replies:
    0
    Views:
    553
    Jackie
    Jun 22, 2004
  2. Replies:
    10
    Views:
    669
    David H. Lipman
    Jun 29, 2006
  3. gangle7

    e cole eye

    gangle7, Sep 27, 2006, in forum: Computer Support
    Replies:
    3
    Views:
    559
    Minister Rennasaince Faire-A-Con
    Sep 29, 2006
  4. Stacey Chuffo
    Replies:
    0
    Views:
    432
    Stacey Chuffo
    Oct 6, 2008
  5. Stacey Chuffo

    TREVOR COLE ORDERED A PIZZA FROM DOMINO'S

    Stacey Chuffo, Oct 6, 2008, in forum: Computer Support
    Replies:
    0
    Views:
    444
    Stacey Chuffo
    Oct 6, 2008
Loading...

Share This Page