"Trust No One" appeared at the beginning of most X-Files
episodes, but it could also be the sub-title for "Steal This Computer Book" by Wallace Wang; comedian and technical author.by Robert Earls
"Trust No One" appeared at the beginning of most X-Files
episodes, but it could also be the sub-title for "Steal This Computer Book" by Wallace Wang; comedian and technical author.
Go into any major book store and you will see a large section on crime. Biographies of gangland bosses, drug-dealers and serial-killers fill the shelves and I think this book will appeal to the same people who read books from this section, albeit those with an interest in all things technical. It's a journey into the seedy underbelly of the Internet, with a little social commentary thrown in for good measure.
It starts of with a brief history of hacking which, surprisingly, started long before the PC was on everybodies desk. Phone-Phreakers, as they were called, discovered ways of getting free phone calls via a combination of home made electronics connected to a telephone socket and social engineering. i.e. Tricking people into handing over useful information.
With the mass acceptance of the PC, trojan horses, worms and virusus became possible and this book covers them in more detail than you would normally expect to see, but never becomes too technical. There is a good balance of letting you know, in general terms, how things work and how to protect your computer from such threats. For every resource given discussing virus creation there is one to discuss it's neutralisation. And this is the style of the book. It never suggests you use the techniques discussed, or promotes their use in any way. What it does is to give you the information because if you don't fully understand how can you be confident that your protection is as good as it can be. The information given is fairly up to date with a section on the hot topic of rootkits, why they work and how to discover if you have one on your PC.
A section on Warez, the illegal copying and use of unlicensed and copyrighted software, discusses the various techniques and tools use by people to firstly obtain software and secondly to remove or bypass any copy protection. Serial number generators, cracks (programs which modify software to skip over the copy protection checking code) and production activation. Warez websites, file sharing networks, FTP sites and usenet newsgroups are all touched on.
A good chapter on password cracking covers how to get someone password. i.e. Watching over someone shoulder (maybe obvious but quite common), password recovery programs, running keyboard logging programs and remote access trojans (RATs) which allow complete control of your PC from another PC anywhere in the world, via the Internet. A discussion about password recovery programs reveals the techniques used: Dictionary attacks, where a program tries every word in the dictionary plus common names, towns, star trek and star wars character name and even pet names. Brute force attacks, when a dictionary attack fails, say a password is "HS2YDI6L" a program may be used to try every combination of letters and numbers starting with AAAAAAAA, AAAAAAAB, AAAAAAAC all the way to 99999999. Somewhere along the way it will come across HS2YDI6L. The problem with brute force attacks is that they take a huge amount of time although as computers get faster and faster this becomes less of an issue. Suffice to say that it's much better your password is something like HS2YDI6L than "gandalf".
China, Saudi Arabia, and Cuba are a handful of the countries around the world who routinely censor areas of the Internet or simply (in Cuba's case for example) bans it's use by non-approved citizens. People from Saudi Arabia are unable to access websites which support Judaism or Israel. China is probably best known for it's censorship of any website which may critisise the communist regime in any way. Of course you may want to censor your own access, to protect younger members of your family from unsavory sections of the Internet. The various methods of protection are discussed but, as always, a discussion about the avoidance of censorship using methods such as anonymous proxies and accessing banned website via email.
Chapters on the use of propaganda both in standard politics and it's use by terrorists and hate groups, such as the Ku Klux Klan, holocaust deniers, anti-gay activists are a little out of place in this book, but still very interesting reading. Of more relevance are the topics on spyware, pop-up adverts adware plus home-page and browser hijacking. Par for the course it starts by giving you the HTML and JavaScript code to generate your own pop-ups, plus mentioning software which claims to generate pop-ups which cannot be blocked. But moves swiftly on to recommending software to prevent pop-ups and anti-spyware software.
Finally the book covers protecting yourself and your data by installing a firewall, anti-phishing tools how to ensure data is wiped clean from a hard disk before you dispose of it or sell it. Formatting is not enough.
Steal This Computer Book 4.0 is highly readable and highly informative. It wont turn you into a hacker. But it will prepare you against being attacked by one and will entertain and delight you along the way. Despite what you may think, it's not a highly technical book, it's certainly not a security manual. But it does do what it sets out to do and that's to educate you about the some of the underground activities of groups using the Internet.
I would return my review copy, unfortunately my dog ate it, probably.
"Steal This Computer Book 4.0" is written by Wallace Wang, and published by No Starch Press. The book ia available from No Starch Press's European distributor, Computer Books, for £20.99. You can also find it on Amazon.co.uk, and at all good bookshops.
About the Author
Robert Earls has worked for many years as a Technical Consultant in the IT industry. He now runs a successful online business
www.argentice.co.uk.
Send a comment about this article to editor@itwales.com.