Reviews of Software Piracy Exposed, Phishing Exposed, Stealing the Network: How to Own an Identity, and Insider Threat Posted just posted my four star review of Software Piracy Exposed. From the review:

I loved Software Piracy Exposed (SPE), despite the lack of good technical review, copyediting, and proofreading. I liked SPE because the author did original investigative reporting to gain the trust of the pirate underground. By infiltrating the scene, he brought an unprecedented level of access to the common reader. That is real threat reporting, which for me compensates for rough presentation. just posted my five star review of Phishing Exposed by Lance James of Secure Science. From the review:

Phishing Exposed is a powerful analysis of the many severe problems present in Web-based activities. Phishing Exposed is another threat-centric title from Syngress. The book presents research conducted by Secure Science Corporation as a way to understand the adversary. The author demonstrates his own attacks against multiple popular e-commerce sites as a way to show how phishers accomplish their goals. I was surprised by the extent to which the author could repeatedly abuse high-profile financial sites, and for that reason I highly recommend reading Phishing Exposed. just posted my four star review of Stealing the Network: How to Own an Identity. From the review:

I reviewed the first Stealing book in May 2003, and the second in September 2004. I liked the two earlier books, and the third book -- Stealing the Network: How to 0wn an Identity (STNHT0AI) -- is also a fun read. The book is most impressive when it outlines plausible scenarios for identity theft, penetrating wireless networks, and compromising Hushmail. Although some of the writing is rough, I still recommend reading this book. just posted my four star review of Insider Threat. From the review:

Those who want to understand the nature of internal attackers should read Insider Threat. The book combines general recommendations to detect and thwart internal attackers with case studies discussing fraud, espionage, and other unfortunate events. Insider Threat could benefit from a tighter focus and better presentation of material, but the core message is still noteworthy.


Ryan Russell said…
I'm glad you enjoyed Identity. Yes, Jay Beale seems to be the one with the knack for predicting the near future. In Continent, he wrote about compromising a large university beowolf OS X cluster. A few months later, the real one was compromised in a similar manner. Jay swears he had nothign to do with it. We had a few of the admins for the cluster come by a signing we did at Black Hat. They got a kick out of it, too.
Anonymous said…
"Rough" is an amazingly kind way to put some of the writing. First, I want to say I *did* enjoy this book, especially Jay Beale's contribution which was, as in the other books, amazingly excellent and alone worth the price and time.

Unfortunately, I think this book suffered from lack of proof-reading/copywriting in the finaly 3-4 chapters which were just rife with grammatical errors...and not just "rough" grammar, but outright missing words, grammar that made no sense, hononyms used in place of words that should have been there, etc. In fact, it was so bad that is jarred me out of really getting into those last few chapters as the glaring errors were occurring multiple times per page. I put the book down at the end and wished that it had been cleaned up before publication, as the book truly is a good contribution and a great continuation of the series.

Popular posts from this blog

Zeek in Action Videos

MITRE ATT&CK Tactics Are Not Tactics

New Book! The Best of TaoSecurity Blog, Volume 4