REVIEW: "Stealing the Network: How to Own a Continent", Ryan Russell

Discussion in 'Computer Security' started by Rob Slade, doting grandpa of Ryan and Trevor, Aug 9, 2004.

  1. BKSTNHOC.RVW 20040721

    "Stealing the Network: How to Own a Continent", Ryan Russell, 2004,
    1-931836-05-1, U$49.95/C$69.95
    %E Ryan Russell
    %C 800 Hingham Street, Rockland, MA 02370
    %D 2004
    %G 1-931836-05-1
    %I Syngress Media, Inc.
    %O U$49.95/C$69.95 781-681-5151 fax: 781-681-3585 www.syngress.com
    %O http://www.amazon.com/exec/obidos/ASIN/1931836051/robsladesinterne
    http://www.amazon.co.uk/exec/obidos/ASIN/1931836051/robsladesinte-21
    %O http://www.amazon.ca/exec/obidos/ASIN/1931836051/robsladesin03-20
    %P 402 p.
    %T "Stealing the Network: How to Own a Continent"

    This book is fiction (more a series of short stories or scenarios than
    a novel), but, like Winn Schwartau's "Pearl Harbor Dot Com" (cf.
    BKPRHRDC.RVW, and "Terminal Compromise" before it, BKTRMCMP.RVW), the
    authors intend the book to be taken as a serious addition to security
    literature.

    Chapter one is basically about hiding and paranoia. The central
    character seems to be using a considerable amount of money to hide
    while setting up some kind of crime, and then abandons everything.
    The points in regard to ensuring computers and data are unrecoverable
    are interesting, and probably workable. The more important aspects of
    the plot which involve creating a team, employing cutouts, and
    disappearing are left almost completely undetailed. If, therefore, we
    are supposed to learn anything either about crime, or how to detect or
    prevent it, the content and information simply aren't there. The
    claim that the "technology" is real, and would work, is unverifiable
    because we haven't had any technology yet. (The writing is edgy,
    interesting, and mostly readable. However, it's also difficult and
    confused in places.)

    The story continues, via another character (two, actually) in chapter
    two. This time the technical aspects are more detailed (and fairly
    realistic) although the community factors are questionable (and the
    story has some important gaps). (I can personally vouch for the fact
    that the description of the physical attributes of that specific hotel
    are bang on, although the ... umm ... social amenities are not.) An
    "Aftermath" section is at the end of every chapter. In some instances
    the segment provides a little advice on detecting the attacks
    described in the story, but this is by no means true in all cases.
    Nothing much is added in chapter three: a wireless network is
    penetrated for a second time. Man-in-the-middle attacks, some IP, and
    UNIX cracking are added in chapter four, phone phreaking in five, and
    sniffing and rootkits in six. Chapters seven and eight describe
    software analysis and exploits. Malware is used in chapter nine,
    although there are the usual unresolved problems with directing
    attacks and limiting spread. The lack of particulars on the intent of
    the attack makes the chapter quite perplexing.

    As with any volume where multiple authors work on separate chapters,
    the quality of the writing varies. (That the authors did strive
    together on the overall plot is evident from a few subtle ties between
    different stories. An appendix lists some of the discussion in this
    regard: for those interested in the process of writing and
    collaboration it is an interesting piece in its own right.) One
    specific point is that a few sections have very stilted dialogue.
    Overall, most of the book is readable as fiction, although it is
    hardly thriller level plotting.

    Since it is fiction, the story has to be a story, and interesting, and
    therefore contain elements that are not related to the technology
    under examination. It is difficult to draw the line between not
    enough and too much, but the authors do seem to have included an awful
    lot of material that is unimportant either to the security functions
    or to the plot. A number of these digressions are simply confusing.

    The characters used in the stories are frequently stereotypes,
    although not always of the same type. (I was very amused by the note
    that the book attempted to remain true to geek culture, including
    "swearing, boorishness, and allusions to sex without there being any
    actual sex.") If you watch a lot of movies with somewhat technical
    themes you can recognize where quite a number of personae come from.

    Basic editing is the province of the publisher rather than the
    author(s), but it must be noted that spelling, grammatical, and
    typographical errors are surprisingly common. Not enough to be a real
    annoyance, but a proper copy edit would have improved the book quite a
    bit.

    This book is certainly interesting enough (albeit rather disjointed)
    as fiction, and technical enough for everyone tired of the usual
    Hollywood view of computers. The security risks noted are real, and
    therefore a read through the book could be used to alert non-
    specialists to a number of security issues and vulnerabilities
    (although you'd hardly want to use it for training). I enjoyed it and
    I think it's got a place, although I'm having difficulty in defining
    where that place is.

    copyright Robert M. Slade, 2004 BKSTNHOC.RVW 20040721

    --
    ======================

    ============= for back issues:
    [Base URL] site http://victoria.tc.ca/techrev/
    or mirror http://sun.soci.niu.edu/~rslade/
    CISSP refs: [Base URL]mnbksccd.htm
    Security Dict.: [Base URL]secgloss.htm
    Security Educ.: [Base URL]comseced.htm
    Book reviews: [Base URL]mnbk.htm
    [Base URL]review.htm
    Partial/recent: http://groups.yahoo.com/group/techbooks/
    Security Educ.: http://groups.yahoo.com/group/comseced/
    Review mailing list: send mail to
    or
     
    Rob Slade, doting grandpa of Ryan and Trevor, Aug 9, 2004
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Silverstrand

    Review: A.C.Ryan Blackfire4™

    Silverstrand, Jun 20, 2005, in forum: The Lounge
    Replies:
    0
    Views:
    2,055
    Silverstrand
    Jun 20, 2005
  2. Silverstrand
    Replies:
    0
    Views:
    734
    Silverstrand
    Feb 21, 2006
  3. Guest
    Replies:
    10
    Views:
    8,004
    Bexley
    Sep 6, 2003
  4. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Wireless Security Essentials", Russell Dean Vines

    Rob Slade, doting grandpa of Ryan and Trevor, Nov 21, 2003, in forum: Computer Security
    Replies:
    0
    Views:
    490
    Rob Slade, doting grandpa of Ryan and Trevor
    Nov 21, 2003
  5. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Wireless Security End to End", Brian Carter/Russell Shumway

    Rob Slade, doting grandpa of Ryan and Trevor, Nov 24, 2003, in forum: Computer Security
    Replies:
    0
    Views:
    638
    Rob Slade, doting grandpa of Ryan and Trevor
    Nov 24, 2003
Loading...

Share This Page