REVIEW: "Desktop Witness", Michael A. Caloyannides

Discussion in 'Computer Security' started by Rob Slade, doting grandpa of Ryan and Trevor, Sep 9, 2003.

  1. BKDSKWTN.RVW 20030819

    "Desktop Witness", Michael A. Caloyannides, 2002, 0-471-48657-4
    %A Michael A. Caloyannides
    %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
    %D 2002
    %G 0-471-48657-4
    %I John Wiley & Sons, Inc.
    %O 416-236-4433 fax: 416-236-4448
    %P 366 p.
    %T "Desktop Witness: The Do's and Don'ts of Personal Computer

    The title and the subtitle of this book are somewhat at odds. Is this
    text about the evidence that can be extracted from desktop machines?
    Or is it about protecting yourself and your personal computer or
    information? Caloyannides would seem to be making the point that the
    answer is both: that there is an overwhelming need to ensure that your
    computer isn't finking on you, and that you must make every effort to
    ensure that the government cannot obtain the information on your
    desktop. While he is clearly on the personal side of the privacy
    versus national security debate, even those who agree with him may
    find the arguments shrill and extreme.

    The subtitle of chapter one; indicating that the material is the
    author's opinion; should warn the reader that the discussion is
    editorial rather than closely reasoned. Caloyannides may, however,
    have hurt his own case by taking an anarchistic and almost paranoid
    position in stating the need for privacy against government
    encroachment. He does make a number of valid points, but misses other
    grounds that might have been convincing to a much wider audience, such
    as the point that the responsibility of protecting your own
    information is recognized in such legal areas as the difference
    between patent and trade secret. (A patent offers control over a
    device for a limited time as long as the technology is disclosed,
    whereas a trade secret offers protection for unlimited time as long as
    reasonable efforts are made to protect the information from
    disclosure.) The major point of chapter two appears to be that the
    use of encryption could, in and of itself, land you in trouble, and
    you should prepare to either hide the fact that encryption is taking
    place, or have a diversionary explanation ready for the authorities.
    (The recommended use of one-time-pad technology and variant keys is
    technically interesting, but is unlikely to survive beyond a first
    use. Ironically, it seems to support a point that the author made
    earlier: "clever" tricks that rely on obscurity provide very poor
    protection.) The types of information that might be available from
    your computer, or Internet connection, are discussed in chapter three.
    The material ranges over a number of topics and has a difficult
    structure: some points are raised more than once and there are a
    number of related issues that are not mentioned at all. Means of
    recovering some of the data, and of getting rid of it, are reported,
    but not consistently.

    Chapter four lists a vast array of protective measures. Most are very
    useful. Depending upon your situation, many will be considered
    overkill. Some are questionable: Caloyannides makes a blanket
    recommendation to install all operating system patches, but notes that
    doing so for some versions of Windows requires you to give away a lot
    of information. He does not, though, detail the times that official
    patches have made the situation worse rather than better, nor the
    complexity of some patches: by mid-2002 one expert noted that an
    effective installation of the Windows NT operating system required
    twenty nine steps, including no less then three separate installations
    of the latest service pack at different points. Oddly, while this
    section is supposed to review measures for computers not connected to
    networks, some of the points relate to activities on the Internet.
    Protection for connected machines is discussed in chapter five, with a
    heavy emphasis on the usage of the PGP encryption system. There is
    also an interesting insistence that steganography *is* an effective
    means of hiding communications: while Caloyannides points out a number
    of pitfalls in the use of the technology he does not mention detection
    measures, such as the ease of determining excessive entropy in the
    low-order bits of graphic images used to hide files. Secure telephony
    is discussed in chapter six. The legal issues reviewed in chapter
    seven are mostly related to recent legislation providing for
    additional search authority. The author does include material and
    actions from outside the United States. The editorial finish in
    chapter eight warns against a society where everything must be
    homogenized in order to be safe.

    In many places the book suffers from very poor copy editing. There
    are a great many instances of improper punctuation, sentence
    fragments, and words or phrases dropped into apparently unrelated
    text. Generally speaking one can discern the meaning, but deciphering
    the organization and intention of a section can be difficult. (Given
    the thrust of the book, is the author embedding hidden messages?)

    While there are issues of general security in the book, it is, first
    and last, about privacy, and primarily personal privacy. The material
    could have been structured more usefully, and written less stridently,
    but a great deal of helpful content is included. Those interested in
    privacy will find it interesting, and computer forensic specialists
    may also find it to be a handy reference.

    copyright Robert M. Slade, 2002 BKDSKWTN.RVW 20030819


    "If you do buy a computer, don't turn it on." - Richards' 2nd Law
    ============= for back issues:
    [Base URL] site
    or mirror
    CISSP refs: [Base URL]mnbksccd.htm
    Security Dict.: [Base URL]secgloss.htm
    Security Educ.: [Base URL]comseced.htm
    Book reviews: [Base URL]mnbk.htm
    [Base URL]review.htm
    Security Educ.:
    Review mailing list: send mail to
    Rob Slade, doting grandpa of Ryan and Trevor, Sep 9, 2003
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.