REVIEW: "Silence on the Wire", Michal Zalewski

Discussion in 'Computer Security' started by Rob Slade, doting grandpa of Ryan and Trevor, Jun 27, 2005.

  1. BKSLNOWR.RVW 20050603

    "Silence on the Wire", Michal Zalewski, 2005, 1-59327-046-1,
    U$39.95/C$53.95
    %A Michal Zalewski lcamtuf.coredump.cx/silence/
    %C 555 De Haro Street, Suite 250, San Francisco, CA 94107
    %D 2005
    %G 1-59327-046-1
    %I No Starch Press
    %O U$39.95/C$53.95 415-863-9900 fax 415-863-9950
    %O http://www.amazon.com/exec/obidos/ASIN/1593270461/robsladesinterne
    http://www.amazon.co.uk/exec/obidos/ASIN/1593270461/robsladesinte-21
    %O http://www.amazon.ca/exec/obidos/ASIN/1593270461/robsladesin03-20
    %O Audience s- Tech 2 Writing 1 (see revfaq.htm for explanation)
    %P 281 p.
    %T "Silence on the Wire"

    I don't know why, exactly, the phrase "self-taught information
    security researcher" (in "About the Author") should give me such a
    sense of foreboding. (The phrase could apply to me, and to many
    colleagues, although we tend not to use it.) And even before I read
    it, a number of people had warned me I wouldn't like it.

    Well, I did like it, once I figured out what it was. I think a lot of
    people don't understand it. It is not a security text, by any means,
    but rather a series of explorations that take our "professional
    paranoid" mentality and examine some issues we seldom consider.

    The subtitle states that the book is about passive and "indirect"
    attacks. Although passive attacks are well defined, indirect does not
    have a formal distinction, and the introduction does not help in
    explaining what the author intends.

    Part one covers activities that occur at the origin of data and
    processing. Chapter one is titularly about typing, but spends a lot
    of time dealing with the problems of pseudo-random number generation,
    and seed data acquisition, and finally outlines an unlikely and very
    complex attack, heavily dependent upon specific functions and data
    availability, and seemingly directed at finding out if someone is
    typing at the computer. (The attack is also active, not passive.) A
    discussion of digital electronics, boolean algebra, and processor
    architecture, in chapter two, eventually leads to a brief discussion
    of the timing and power attacks that are well known in cryptology
    circles. (There are also odd and careless errors: readers are asked
    to contrast figure 2-4 with figure 2-4. There is a difference, it
    just isn't explained.) Chapter three reviews a few random and
    unrelated vulnerabilities. It is very difficult to determine what the
    point of chapter four might be, but it seems to be a screed against
    the use of Web crawling bots.

    Part two appears to address local communications links. Chapter five
    provides a brief review of data communications 101, and then notes the
    "flickering modem LED" vulnerability. The ethernet frame padding
    problem is described in chapter six, while chapter seven lists some
    other networking difficulties, and eight briefly mentions
    miscellaneous topics such as identification by keystroke analysis and
    war driving. (It should be noted that chapter length varies widely:
    chapters one, two, and five average twenty-five pages each, while the
    rest are closer to five.)

    Part three moves out to the Internet. Chapter nine reviews most of
    the TCP/IP protocol, and then discusses how the ways that different
    systems populate fields of the IP header can be used to identify
    operating systems without a direct connection. The discussion in
    chapter ten starts with passive mapping of an inaccessible network,
    but the attack described seems to be intended for sequence number
    guessing (and session hijacking). Chapter eleven addresses weaknesses
    in various types of firewalls. Dissection of an odd packet is in
    chapter twelve, a method of third party scanning in thirteen, some
    possible metrics for identifying software in fourteen, and some ways
    of recognizing attacker machines in chapter fifteen.

    Part four supposedly attempts to relate these disparate elements,
    apparently without much success. Chapter sixteen describes a storage
    method using packets bouncing around the net, seventeen looks at
    different methods of mapping the net and some possible uses, and
    eighteen considers the discovery of worms and other malware via the
    capturing of unusual packets.

    The material in the book is fascinating in places. However, the work
    is not structured in a way that makes the security implications
    obvious (the writing is not very direct, and the narrative or topical
    thread tends to wind around subjects), and, in fact, the security
    implications aren't very powerful at all. Yes, in the end, the author
    has written mostly about passive and indirect attacks, but the methods
    covered are unusual, and probably not very useful. Most of the
    material concentrates on rather weak covert channels. In this regard
    it can have some uses in a minor way: covert channel examples are not
    abundant in the general security literature. The attacks suggested
    are interesting thought experiments, but have limited uses either in
    attack or defence. As "Trivial Pursuit" (meaning the game of oddball
    facts) for the tech crowd it's great, but the author never intended
    the text to be a vulnerability warning.

    copyright Robert M. Slade, 2005 BKSLNOWR.RVW 20050603

    --
    ======================

    ============= for back issues:
    [Base URL] site http://victoria.tc.ca/techrev/
    or mirror http://sun.soci.niu.edu/~rslade/
    CISSP refs: [Base URL]mnbksccd.htm
    Security Dict.: [Base URL]secgloss.htm
    Book reviews: [Base URL]mnbk.htm
    Review mailing list: send mail to
    or
     
    Rob Slade, doting grandpa of Ryan and Trevor, Jun 27, 2005
    #1
    1. Advertising

  2. Rob Slade, doting grandpa of Ryan and Trevor wrote:

    > %T "Silence on the Wire"
    >
    > I don't know why, exactly, the phrase "self-taught information
    > security researcher" (in "About the Author") should give me such a
    > sense of foreboding. (The phrase could apply to me, and to many
    > colleagues, although we tend not to use it.) And even before I read
    > it, a number of people had warned me I wouldn't like it.


    I'm not sure we disagree all that much (my full review is at
    http://aplawrence.com/Books/silenceonthewire.html ), but I can't imagine
    "not liking" this. Certainly, as you note, this isn't and wasn't
    intended to have much relevance to real day-to-day security concerns,
    but I enjoyed it tremendously for the author's wit and also for the
    excitement of the unexpected: so many times I was ready to surf on
    through something, thinking "yeah, yeah, we KNOW already", only to have
    a complete curve ball come whizzing by me. I enjoyed it tremendously
    and probably will have to buy another copy because the one I lent out
    isn't likely to come back to me soon.


    --
    Tony Lawrence
    Unix/Linux/Mac OS X resources: http://aplawrence.com
     
    Tony Lawrence, Jun 27, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Silverstrand

    Review: Battalion-101~ S Notebook Review

    Silverstrand, Jun 20, 2005, in forum: The Lounge
    Replies:
    0
    Views:
    2,242
    Silverstrand
    Jun 20, 2005
  2. Silverstrand
    Replies:
    0
    Views:
    3,492
    Silverstrand
    Jun 20, 2005
  3. Thad

    DP Review Leica Digilux 2 Review

    Thad, May 11, 2004, in forum: Digital Photography
    Replies:
    9
    Views:
    555
    ArtKramr
    May 12, 2004
  4. Mike McGee
    Replies:
    0
    Views:
    1,119
    Mike McGee
    Dec 4, 2003
  5. Replies:
    0
    Views:
    1,009
Loading...

Share This Page