Computer underground Digest March 12, 2000 Volume 12 : Issue 01

Computer underground Digest    Sun  12 March, 2000   Volume 12 : Issue 01 
                           ISSN  1004-042X

       Editor: Jim Thomas (cudigest@sun.soci.niu.edu)
       News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)
       Archivist: Brendan Kehoe
       Copernicus Editor:      Etaion Shrdlu, III
       Shadow-Archivists: Dan Carosone / Paul Southworth
                          Ralph Sims / Jyrki Kuoppala
                          Ian Dickinson
       Cu Digest Homepage: http://www.soci.niu.edu/~cudigest

CONTENTS, #12.01 (Sun, 12 March, 2000)

Subject: File  1: CuD hasn't gone away (yet)
Subject: File  2: REVIEW: "The Network Press Encyc. of Networking" 
Subject: File  3: REVIEW: "Sams Teach Yourself E-Travel Today", Mark Orwoll
Subject: File  4: REVIEW: "Bad Memory", Duane Franklet
Subject: File  5: REVIEW: "The Cathedral and the Bazaar", Eric S. Raymond
Subject: File  6: REVIEW: "Using Samba", R. Eckstein/D. Collier-Brown/P. Kelly
Subject: File  7: REVIEW: "The Alien Years", Robert Silverberg
Subject: File  8: REVIEW: "Database Nation", Simson Garfinkel
Subject: File  9: REVIEW: "Intrusion Detection", Rebecca Gurley Bace
Subject: File 10: REVIEW: "The Zero Hour", Joseph Finder
Subject: File 11: REVIEW: "The Toyotomi Blades", Dale Furutani
Subject: File 12: Subject: File 7--Cu Digest Header Info (unchanged since 12 Mar, 2000)

Computer underground Digest    Sun  12 March, 2000   Volume 12 : Issue 01 
                           ISSN  1004-042X

       Editor: Jim Thomas (cudigest@sun.soci.niu.edu)
       News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)
       Archivist: Brendan Kehoe
       Copernicus Editor:      Etaion Shrdlu, III
       Shadow-Archivists: Dan Carosone / Paul Southworth
                          Ralph Sims / Jyrki Kuoppala
                          Ian Dickinson
       Cu Digest Homepage: http://www.soci.niu.edu/~cudigest

---------------------------------------------------------------------

Date: Sat, 11 Mar 2000 15:11:50 -0600 (CST)
From: Computer underground Digest 
Subject: File 1: CuD hasn't gone away (yet)

This month marks CuD's tenth birthday (as it really been 10 years
since the "hacker crackdowns" that began it all?). As many have noticed,
CuD  hasn't appeared for about six months primarily because the
non-cyber obligations of the editors have been a bit overwhelming.
Many of you have sent posts, articles, and other information in the
past six months that hasn't appeared, and for which we apologize.
Much of it is no longer timely and won't appear. However, we will
attempt to publish as much of the recent material that remains
"current," starting with the most recent book reviews by Rob Slade,
which many readers missed. We will try to catch up on all of his
reviews in the last six months.

CuD will also be sent out from a new address (cudigest@sun.soci.niu.edu)
beginning with this issue. 

CuD will continue the occasional blurbs on computer crime and security,
but our focus will continue to be computer/techno-culture. Coming issues
will feature online research ethics and especially online/distance
learning.

As always, we encourage substantive discussions, conference news and
notes, and feature articles of between 400-800 K. 

Subscription and other information, as always, is at the end of
each issue.

Jim and Gordon



------------------------------

Date: Wed, 23 Feb 2000 07:59:10 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" 
Subject: File 2--REVIEW: "The Network Press Encyclopedia of Networking", Werner F

BKENCNTW.RVW   20000114

"The Network Press Encyclopedia of Networking", Werner Feibel, 2000,
0-7821-2255-8, U$84.99/C$127.95/UK#60.99
%A   Werner Feibel
%C   1151 Marina Village Parkway, Alameda, CA   94501
%D   2000
%G   0-7821-2255-8
%I   Sybex Computer Books
%O   U$84.99/C$127.95/UK#60.99 800-227-2346 Fax: 510-523-2373
%P   1444 p. + CD-ROM
%T   "The Network Press Encyclopedia of Networking, Third Edition"

Writing an encyclopedia is a difficult job, no question.  It must be
particularly difficult in a technical field.  Feibel has obviously put
a lot of work into the project, but the result remains problematic.

First off, it is rather difficult to see this as an encyclopedia. 
There are a great many short entries simply defining terms, so the
book might be closer to a dictionary.  There are, though, a number of
longer articles on major topics.

The second point to make is that not all of the book is about
networking.  Granted, it is difficult to say where to draw the line
between technologies, but a great number of listings refer to
computers, particularly of the Wintel/PC variety, and have little or
nothing to do with networking or communications.  On the other hand,
"AI" refers only to authentication information, with no mention of the
rather more well known artificial intelligence.

The original title was "Novell's Encyclopedia of Networking," and that
still shows up in entries such as "Access Rights," where the material
is completely NetWare specific.  "//" is defined (Novell owned the
UNIX trademark for a while) but not the Microsoft equivalent "\\." 
However, there is a rather good piece on the Windows NT Administrator
account, among others, so Microsoft is by no means ignored.

Some articles have a depth that is hard to find even in specialized
books on the topic.  For example, I have reviewed texts dedicated to
firewalls that only describe packet filters, with no mention of proxy
servers, let alone the two different types.  There is an excellent
essay on application proxy servers (albeit with lousy examples) in
here, but it is followed by two rather shoddy pieces on circuit level
proxies and firewalls respectively.  And that, unfortunately, seems to
be a rather big problem.  For every good bit, there are several parts
that are misleading, poorly explained, or flat out wrong.

Some mistakes can be put down to pure carelessness, such as calling
Corel "Lerel," or Teledesic "Teledisc."  Other times the wording or
explanation is negligent, such as the assertion that, in 7-bit ASCII,
the eighth bit is used for parity.  (This depends entirely on the
situation.)  Bang path addressing seems to be conceptually understood,
but poorly illustrated, whereas it is hard to say whether the concept
of "store and forward" is understood at all.  It is difficult to see
how listings like "DS" (as in the bandwidth levels of DS-1, DS-3, and
so forth) explain anything.  And I'd defy anyone to justify the
definition of HTML (HyperText Markup Language) as a scripting
language.

The article on 56K modems has a number of errors, and even a logical
fallacy.  The discussion of agents makes no distinction between
viruses and mobile code.  (On the other hand, Fred Cohen might like
that.)  "Algorithm" contains a rather odd grab bag of examples.  Lots
of words and examples still fail to properly explain either the
complete function or the usage syntax for anchor tags.  The
description of an antivirus confuses the various types of antiviral
software with modes of operation.  The entry for archie isn't too
realistic, and is probably dated.  The illustration for graded index
fibre optic cable is completely backwards.  "Hit" makes no reference
to Web sites.

Part of the problem is that Feibel seems quite willing to include his
own, or at least very non-standard, terminology.  "Cathedral" is used
to refer to proprietary software, and, while Eric Raymond's piece on
"The Cathedral and the Bazaar" is very good, I'm sure that even
Raymond would agree that "open source" is more widely understood than
"bazaar."  "Optimistic security" is fairly easily construed, but it is
not a term that is used in the security field.  Since the entry for
"typewriter" is obviously a joke, you have to peruse the Jargon File
to find out that somebody wasn't having Feibel on about "bytesexual."

Many extremely specialized terms get very brief entries that don't
explain much.  Ordering of the numbers section goes by the size of the
number, not alphabetic ordering, so that 802.2 comes before 1000 which
comes before 3780 which comes before 6611 which comes before 41449. 
Cable refers only to twisted pair, except that there are also separate
listings for "cable, coaxial" and "cable, fiber-optic."  Many
protocols are not listed as themselves but as "protocol, ...," and,
combined with the format for cross references, this appears to make
"CHAP" refer to "Challenge Handshake Authentication Protocol" which
refers to "CHAP" without ever telling you what it is.  Cross
references are also spotty: ADSL (Asymmetric Digital Subscriber Line),
DSL (Digital Subscriber Line), SDSL (Symmetric Digital Subscriber
Line), and VDSL (Very-high-speed Digital Subscriber Line) don't refer
to each other, and none refer to HDSL (High-speed Digital Subscriber
Line)--which refers to them all.

The article on ActiveX is good, reasonably fair and complete.  The
definition of freeware is much better than in most dictionaries. 
Instant messaging is right up to the minute (as opposed to PGP, which
hasn't been updated since the second edition, and BITNET which was
probably out of date when the first edition came out).  The listing
for viruses is much better than I have come to expect.

Overall, however, the work is simply not as reliable as one needs an
encyclopedia to be.  It might be handy as a reference to trigger a
reminder, but if you don't already know the technology you cannot be
sure that what you find here is the straight goods.

copyright Robert M. Slade, 2000   BKENCNTW.RVW   20000114

------------------------------

Date: Fri, 25 Feb 2000 08:09:49 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" 
Subject: File 3--REVIEW: "Sams Teach Yourself E-Travel Today", Mark Orwoll

BKETRAVL.RVW   20000119

"Sams Teach Yourself E-Travel Today", Mark Orwoll, 2000,
0-672-31822-9, U$17.99/C$26.95/UK#12.99
%A   Mark Orwoll askmark@amexpub.com
%C   201 W. 103rd Street, Indianapolis, IN   46290
%D   2000
%G   0-672-31822-9
%I   Macmillan Computer Publishing (MCP)
%O   U$17.99/C$26.95/UK#12.99 800-858-7674 317-581-3743 info@mcp.com
%P   302 p.
%T   "Sams Teach Yourself E-Travel Today"

This guide would appear to be aimed primarily at those who are
completely comfortable with the Internet, but are totally new to
travel planning.  There isn't much material on the net and its tools,
but more pointers of the "oh yes, you will want to find out this type
of information" type.

Part one starts out with basic facts.  Chapter one is a sampling of
travel tools on Web sites, starting out with the suggestion that you
learn how to use a search engine.  (On your own.)  How to bookmark Web
sites is explained in chapter two.  That might be just a tad
patronizing, but chapter three's points on how to evaluate the
reliability of a Web site are actually very good.  Chapter four
introduces the major tour guide sites.  Web sites for foreign
newspapers are mentioned as a good source of pre-travel info in
chapter five, but Orwoll doesn't mention the fact that a very large
number of foreign radio stations now also broadcast over the net. 
Government tourism sites are discussed in chapter six.

Part two outlines the process of planning a vacation.  Chapter seven
gives you a quiz to determine what kind of traveller you are, although
this doesn't seem to have an awful lot of relevance to the rest of the
book.  Chapter eight is a bit odd, and it tersely reprises a look at a
couple of search engines.  Unusual sources of information, such as the
US State Department, the CIA World Factbook, and personal travel
sites, are suggested in chapter nine.  The sites in chapter ten seem
to have been chosen almost randomly.  There is limited information on
weather and events in chapter eleven.

Part three looks at booking travel online, with respective chapters
discussing online travel agents, travel planning tools, hotels,
airfare (with very good tips), rail, car rentals, and sea transport.

Part four deals with other travel preparations.  Chapter nineteen
covers taking your laptop along, but doesn't mention such areas as
taking along proof of purchase, electrical adapters, and phone systems
and adapters (for modems).  There are sites you can use to obtain
information about required documents, discussed in chapter twenty. 
Digital cameras are recommended in chapter twenty one.  Chapter twenty
two closes with miscellaneous travel tips.

There is a lot of joking around in the writing, to very little
purpose.  The humour does not really support the material under
discussion, and even detracts a bit at times.  The Internet content is
fairly limited, and I found it a bit surprising how few Web sites were
included, among the thousands that are out there.  On the other hand,
Orwoll does seem to go for quality.

For those new to travel planning, this book should provide some
valuable and useful suggestions.  But you'll have to do a lot of work
yourself.

copyright Robert M. Slade, 2000   BKETRAVL.RVW   20000119

------------------------------

Date: Mon, 28 Feb 2000 08:18:47 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" 
Subject: File 4--REVIEW: "Bad Memory", Duane Franklet

BKBDMMRY.RVW   20000122

"Bad Memory", Duane Franklet, 1997, 0-671-00066-7
%A   Duane Franklet
%C   1230 Avenue of the Americas, New York, NY   10020
%D   1997
%G   0-671-00066-7
%I   Simon & Schuster
%O   +1-212-698-7541
%P   408 p.
%T   "Bad Memory"

I liked this book.  The plot is gripping, right up to the end.  (The
ending isn't exactly satisfying: you would think that Franklet, having
dragged the reader through all manner of mayhem, would relent a bit
and lighten up.)  The central character is very sympathetic, as well
as being very real.  One part of the plot makes no sense, and doesn't
fit with anything else, but it isn't essential, and doesn't
necessarily detract from anything.

The technology is generally pretty good, too.  A lot of things are
right, or almost so.  (There is one piece of communications technology
that seemed rather stupid to begin with, but turns out to be quite
valid.  Except that to discuss it would be to give the game away, and
that wouldn't be fair.)

Let's start with the technology parts that are right.  The computer
industry and work background is great.  Realistic, not too far off the
beam either way.  The computers are authentic, if just a little bit
dated for the time the book was written.  The fact that computers
would have different versions, levels, and configurations is true,
though.  The description of technical support is quite accurate.  Even
the undelete capability  is used to good advantage.

The specifics of various of the cracker attacks are unclear (not
detailed), but don't work as well.  The configuration of most machines
that are described rely on DOS (possibly with Windows 3.x on top) and
probably a Novell network.  An H: drive is therefore probably not a
local drive.  An error message given at one point is for a floppy
drive, not for a hard drive.

"Address unavailable" wouldn't show up when doing low level packet
sniffing on an Ethernet network.  An Ethernet address could quite
easily disappear from the net without a trace: all it would have to do
is stop transmitting.  (On Ethernet you don't want extraneous
transmissions.)  

Windows, DOS, or Novell patches generally aren't distributed in the
manner described, and certainly most of the patches so distributed
would *not* immediately be implemented.

A data security specialist would probably not hold an executive
position at the level described.  A company of the size and type
described would probably have, at most, a handful of security people,
rather than the department that seems to be available in the book.  An
outside security team of the type described would probably not be
feasible: security is more of a management than a technical task, and
having a bunch of outsiders come in and turn your company upside down
would likely do more harm than good.

One final note: cellular call detail definitely would be available to
the account holder of record.  Call detail, according to American law,
must be made available to the paying party, and cell calls both made
and received by the cell phone generate an airtime charge.  Most
people probably aren't aware of this, but even if you block caller ID,
a call to an 800 number means the owner of the 800 number gets your
number.

copyright Robert M. Slade, 2000   BKBDMMRY.RVW   20000122

------------------------------

Date: Tue, 29 Feb 2000 08:00:29 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" 
Subject: File 5--REVIEW: "The Cathedral and the Bazaar", Eric S. Raymond

BKCATBAZ.RVW   20000125

"The Cathedral and the Bazaar", Eric S. Raymond, 1999, 1-56592-724-9,
U$19.95/C$29.95
%A   Eric S. Raymond esr@thyrus.com esr@ccantares.scupa.edu
%C   103 Morris Street, Suite A, Sebastopol, CA   95472
%D   1999
%G   1-56592-724-9
%I   O'Reilly & Associates, Inc.
%O   U$19.95/C$29.95 800-998-9938 fax: 707-829-0104 nuts@ora.com
%P   268 p.
%T   "The Cathedral and the Bazaar"

At the top of the front cover, we have a quote from Guy Kawasaki
telling us that this is "[t]he most important book about technology
today, with implications that go far beyond programming."  I'm not
entirely sure that I can unreservedly go along with the bit about most
important, but the far-reaching implications I can agree with
wholeheartedly.

This is a collection of essays, spanning many years.  I tend to cringe
at essay collections, since all too many of them have problems with
staying on topic, finding a common audience, and presenting consistent
readability.  A single author tends to make a better job of fulfilling
those factors, but doesn't always have much to deliver beyond a single
and fairly unimportant idea again, and again, and again.  Eric
Raymond, however, can be counted upon to say well what he has to say. 
More importantly, he has something to say.  These essays follow the
common thread of the open source movement, but examine it from a
variety of significant angles.

An introduction briefly presents the case for considering open source. 
"A Brief History of Hackerdom" gives a historical background to the
hacker culture, from which the open source movement got its primary
roots.  Ironically, while Raymond demonstrates erudition in his
presentation of historical and social parallels in other fields, he
neglects the non-UNIX computer hobbyist communities, such as Apple
user groups, DECUS, and Fidonet.  The eponymous "Cathedral and the
Bazaar" recounts personal observations of an open source project,
backed up by social analysis of the success.  Drawing from Fred
Brooks' "The Mythical Man-Month" (cf. BKMYMAMO.RVW), Raymond outlines
the conditions under which Brooks' Law (throwing staff at a late
project makes it later) does not apply, and establishes that open
source is not a utopian dream, but a practical reality.  "Homesteading
the Noosphere" recalls the work Raymond has done with the Jargon File
and "The New Hacker's Dictionary" (cf. BKNHACKD.RVW) in documenting
the sociology of hacker culture, and is arguably the most important
article in the book.  One example is the insight that hacker culture
is characterized by openness while the often confused
cracker/pirate/phreak "community" is most definitely closed.  "The
Magic Cauldron" examines the viability and sustainability of the open
source movement, and presents real and logical reasons for its
survival.  Finally, "Revenge of the Hackers" grounds all of this
discussion very much in the real world with the cases of Linux,
Netscape, and other open source examples.  Not all of them are
unqualified successes at this point, but they are evidence that open
source is not just an academic speculation.

As the dust jacket quote says, though, open source has meaning beyond
software development.  As David Brin pointed out the ironies of
privacy in "The Transparent Society" (cf. BKTRASOC.RVW), and Jeffrey
Pfeffer outlined in "The Human Equation" (cf. BKHUMEQU.RVW) the
contradiction of making your staff work like a well-oiled machine by
not treating your employees like machines, so Raymond's examples of
technology development touch on an enormous range of human endeavour
in work, management, and a variety of social interactions.  While the
projects discussed will have the greatest meaning for those who know
programming, the lessons to be learned, and the social experiments to
be explored, have implications for everyone.

copyright Robert M. Slade, 2000   BKCATBAZ.RVW   20000125

------------------------------

Date: Thu, 2 Mar 2000 15:38:44 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" 
Subject: File 6--REVIEW: "Using Samba", R. Eckstein/D. Collier-Brown/P. Kelly

BKUSAMBA.RVW   20000126

"Using Samba", Robert Eckstein/David Collier-Brown/Peter Kelly, 2000,
1-56592-449-5, U$34.95/C$51.95
%A   Robert Eckstein
%A   David Collier-Brown
%A   Peter Kelly
%C   103 Morris Street, Suite A, Sebastopol, CA   95472
%D   2000
%G   1-56592-449-5
%I   O'Reilly and Associates
%O   U$34.95/C$51.95 707-829-0515 fax: 707-829-0104 nuts@ora.com
%P   416 p.
%T   "Using Samba"

Server Message Block (SMB) is a protocol used for simple client-server
networking.  More importantly, however, it is the protocol used in
Microsoft's basic Windows products.  There are Windows clients for
other protocols, such as NFS (Network Subject: File System), but these are not
supplied with the operating system and must be purchased separately. 
As well, these add-on clients are not as tightly coupled with the
Windows operating system and its functions.

Samba is a UNIX server program using the SMB protocol.  This allows
UNIX administrators to set up file and print sharing on UNIX machines,
for access and use by Windows PCs without specialized clients on all
the workstations.

Chapter one is an introduction to Samba and the basic SMB concepts. 
Compilation and installation of Samba on the UNIX server are covered
in chapter two.  Setup of Windows clients is dealt with in chapter
three, as well as some header level information about the protocol
itself.  The material details configuration of Windows 9x and NT
separately, because of the slight differences in menus and dialogue
boxes.  The instructions are quite detailed, even down to the
information that the IP 192.168.x.x address range can be used for
internal LANs, although more time is spent with the 9x versions than
with NT.

Most of the rest of the book is spent on configuration options for
Samba.  Chapter four provides an outline of the smb.conf file and the
basic preference settings.  Browsing (functions advertising and
searching for resources) and advanced file sharing choices are given
in chapter five.  Security related settings are discussed in chapter
six, along with some practical tips.  Chapter seven looks at printing
and name resolution, while miscellaneous functions are presented in
chapter eight.

Chapter nine outlines not just troubleshooting tools, but also
detailed procedures.  Appendices list information on the use of SSL
(Secure Sockets Layer), performance tuning, daemons and commands, as
well as a command reference.

The book is aimed at experienced UNIX administrators.  The
explanations of how Windows works will definitely be of help to these
people.  However, it is a bit of a pity that slightly more information
wasn't included about UNIX for those not familiar with the system. 
While there certainly are good references for UNIX administration
available (many of them coming from O'Reilly), it is arguably the case
that the greater "market" for Samba is among those who administer
Windows networks, and need the basic and reliable server functions
that UNIX can provide.

copyright Robert M. Slade, 2000   BKUSAMBA.RVW   20000126

------------------------------

Date: Tue, 7 Mar 2000 08:49:21 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" 
Subject: File 7--REVIEW: "The Alien Years", Robert Silverberg

BKALNYRS.RVW   20000130

"The Alien Years", Robert Silverberg, 1998, 0-06-105111-X
%A   Robert Silverberg
%C   10 East 53rd Street, New York, NY  10022-5299
%D   1998
%G   0-06-105111-X
%I   HarperCollins/Basic Books
%O   212-207-7000 fax: 212-207-7433 information@harpercollins.com
%P   488 p.
%T   "The Alien Years"

Silverberg is an experienced novelist.  He has some fairly complex
characterization in this book, although the attempt to make this a
multigenerational work strains the personae a bit.  And, despite an
early disparaging of H. G. Wells' cop out in "War of the Worlds,"
Silverberg's deus recidivus machina is every bit as forced.

The titular aliens come among us with a highly advanced technology,
about which little is said.  Even though almost nothing can be
inferred from the information that is given, there are still a number
of contradictions in the book.

Some of the contradictions seem to be simple carelessness.  One
section of the book, having given numbers for the population of a
specific area, thereafter asserts a number of vehicles that means
there are more cars running around than there are people to drive
them.  Having said that the world's population has been cut in half
(with minor local variations) another section has the number down to
about one percent.  In regard to the population drop, the book
outlines a collapse of government, communications, commerce, and
transport (which even the book finds strangely extreme), and yet only
a relative handful of people die in the kind of disruption that an
event like that would create.  Technology and production plummets,
with car parts and even cloth becoming impossible to obtain, and yet
intermittent times in the book find advanced weaponry, advanced
computers, and advanced car models suddenly appearing.

Let us start with some fairly basic technical problems.  The alien
technology is said to be able to stop electrical devices, including
generators, batteries, and even simple light bulbs, from working.  In
regard to our own technology, this interference with electrical
circuitry is said to stop any kind of transport.  Diesel engines, as
only one example, have electrical systems but do not require
electricity to run: the ignition part of the diesel cycle relies on
compressed air, and not an electric spark.  However, the aliens are
also able to be selective about this electrical impediment.  Modems
are specifically said to be forbidden, while telephones still work. 
(Mind you, later in the book everyone seems to be communicating via
email, so this is yet another careless contradiction.)  Since almost
all telephone switches are digital, this means that codecs
(coder/decoders) work while modems don't.  A. C. Clarke and his
comments about a sufficiently advanced technology to the contrary,
this kind of "magic" still has to obey the laws of logic.  The kind of
differentiation required here strains the limits of the ability to
determine intent in technical devices, which the work of Fred Cohen
indicates is not reliably possible.

Finally, we have a cracker breaking into the aliens' computer system. 
Given the ability to control electricity remotely for an entire
planet, we have to figure that these guys know enough about TEMPEST
technology to shield their computers from transmitting through the
sewer pipes.  Our lone cracker is also able to succeed where thousands
of others, working in concert, with access to more technology, and
knowing that it is possible, fail to follow in more than fifty years
of trying.

But that is probably to be expected.  The computer technology in this
book is Tekwars technology, Lawnmower Man technology, Sneakers
technology: all graphics, flashes, and feeling.  No function.  The
description of being able to "see" over a serial link, "feel" unknown
systems at a distance, and "get behind" access controls that guard the
only connection demonstrate a rather wilful ignorance of the realities
and necessities of computer and communications technology, regardless
of who builds it.

copyright Robert M. Slade, 2000   BKALNYRS.RVW   20000130
:
------------------------------

Date: Thu, 9 Mar 2000 07:50:20 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" 
Subject: File 8--REVIEW: "Database Nation", Simson Garfinkel

BKDBSNTN.RVW   20000201

"Database Nation", Simson Garfinkel, 2000, 1-56592-653-6,
U$24.95/C$36.95
%A   Simson Garfinkel simsong@vineyard.net
%C   103 Morris Street, Suite A, Sebastopol, CA   95472
%D   2000
%G   1-56592-653-6
%I   O'Reilly & Associates, Inc.
%O   U$24.95/C$36.95 800-998-9938 fax: 707-829-0104 nuts@ora.com
%P   312 p.
%T   "Database Nation: The Death of Privacy in the 21st Century"

This is a very hard book to define.  The title would indicate that it
is a technical work, but databases do not figure either centrally or
prominently in the work, and, while the technical material is not
wrong, it is not always either significant or advanced.  The subtitle,
plus the dust jacket comments, plus the definition of privacy as
"fundamentally about the power of the individual" (p. 5), would
indicate that this is a political text.  Indeed, the central
recommendation of the book is that the US government should promulgate
legislation regarding privacy.  (This proposal, plus the very strong
focus upon the situation and history of the United States will
seriously limit the interest that the volume might have for those
outside the US.)

Chapter one starts out with a number of rather nasty scenarios, but
the problems appear to refer more to bad design than they do to
privacy as such.  Indeed, this foreshadows the content of the book as
a whole, since the technical material, when it does appear, points out
shoddy engineering and insufficient planning rather than attacks on
confidentiality.  (On the other hand, as a harangue against poor
preparation the work presents some excellent examples.)  The statement
that "unrestrained technology ends privacy" is made somewhat baldly. 
Since the political definition of privacy previously cited is the only
one given in the book this is almost true by definition, but it is, as
such, uninteresting.  No support is made to give the assertion any
other depth.

The penultimate section of the opening chapter talks about opposing
informational intrusions, but neither there nor at the few other
points in the book that touch on the subject are we given a serious
discussion of how this might be done.  The last section is entitled
"Why This Book" and makes reference to the wake up call that "Silent
Spring" was for the environmental movement.  However, the case being
made against technology as necessarily the enemy of privacy would not
seem to justify this position.

Chapter two is a history of US record keeping and credit reporting,
and the problems reported generally relate to authentication and
integrity.  One interesting point is that Garfinkel appears to be
strongly in favour of a national combined database for the United
States, a proposal that gives most other privacy analysts hives. 
Various problems with biometric systems are reviewed (quite well) in
chapter three, but although the fact that UPS collects digitized
signatures is mentioned, the point is weakened (as in a number of
other areas of the book) by not including the proposed sale of this
database.  Automatic data collection is discussed, but the proposed
alternatives are very weak, in chapter four.  Chapter five looks at
satellite, video, and other sensors.  Medical records, and the special
problems thereof, are covered in chapter six.  The ideas of David
Brin's "The Transparent Society" (cf. BKTRASOC.RVW) are opposed here
(as in some other sections of the text), but the suggested alternative
sounds very much like the "reciprocal openness" that Brin proposes. 
Chapter seven reviews direct marketing.  Ownership of personal
information is discussed in chapter eight, with a heavy emphasis on
the debate over genetic data.  A long overview of terrorism is
followed by a brief, but very intense, examination of surveillance in
chapter nine.  (This includes a rather forced look at brain mapping as
a forerunner of mind reading.)  Chapter ten raises various points in
respect of artificial intelligence and agent technology, but is
confusing to follow.  A call is made for more legislation in regard to
privacy in chapter eleven.  As well, Garfinkel tries to argue that
technology is *not* privacy neutral, but the example used does not
support the point: again we are looking at a clear case of poor
design.

Most of the writing is good, but there are numerous small and sloppy
errors that are annoying.  Sentences are misplaced, anecdotes are
started but not finished, and arguments are not followed to
completion.  Garfinkel strives for balance in the material presented,
but his own points seem weak.  This debility is not a function of
fairness, though.  For instance, in chapter nine a table seems to
clearly indicate that wiretaps play no role in counterterrorism, but
this point is never pursued in the text.

As far as making the case that privacy is under attack, other works
seem to have done a better job.  "The Electronic Privacy Papers"
(cf. BKELPRPA.RVW), for example, presents far more evidence of US
government action against privacy.  "Privacy on the Line"
(cf. BKPRIVLN.RVW) gives a better background, although it doesn't
provide much in the way of direction.  "Technology and Privacy"
(cf. BKTCHPRV.RVW) is more advanced and has the benefit of an
international overview.  "The Transparent Society," previously
mentioned, not only provides a good framework, but its counter-
intuitive reversal of perspective ensures a thorough analysis.

"Database Nation" is certainly readable and probably thought-
provoking.  It may not, however, be the book that the promotion is
making it out to be.

copyright Robert M. Slade, 2000   BKDBSNTN.RVW   20000201

------------------------------

Date: Fri, 10 Mar 2000 07:57:16 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" 
Subject: File 9--REVIEW: "Intrusion Detection", Rebecca Gurley Bace

BKNTRDET.RVW   20000202

"Intrusion Detection", Rebecca Gurley Bace, 2000, 1-57870-185-6,
U$50.00/C$74.95
%A   Rebecca Gurley Bace
%C   201 W. 103rd Street, Indianapolis, IN   46290
%D   2000
%G   1-57870-185-6
%I   Macmillan Computer Publishing (MCP)
%O   U$50.00/C$74.95 800-858-7674 317-581-3743 http://www.mcp.com
%P   339 p.
%T   "Intrusion Detection"

Bace's take on this topic (and title) provides a solid and
comprehensive background for anyone pursuing the subject. 
Concentrating on a conceptual model the book is occasionally weak in
regard to practical implementation, but more than makes up for this
textual deficiency with a strong sense of historical background,
developmental approaches, and references to specific implementations
that the practitioner may research separately.

(Look, guys, can we give the reviewers a break here and work on *some*
variation in the title?)

Chapter one presents a history of intrusion detection starting with
system accounting, through audit systems, to the most recent research
and experimental systems.  The definitions and concepts focus from
broad security theory to specific intrusion detection principles and
variants in chapter two.  Intrusion detection requires analysis of
system and other information, and chapter three describes the sources
for this data.  Chapter four may be somewhat disappointing to security
managers in that the discussion of analysis is academic and possibly
weak in tone, even though real systems are used as illustrations.  The
review of possible responses, in chapter five, includes warnings
against inappropriate overreactions.  Vulnerability analysis,
including a close look at controversial tools like COPS, SATAN, and
ISS, is dealt with in chapter six.

Chapter seven talks about technical issues that are still to be
addressed.  (The organization of this chapter is a bit loose, with
some sections, such as those on reliability and analysis, seeming to
overlap material.)  Real world challenges are the topic of chapter
eight, along with examples of attacks and intrusion detection system
(IDS) design considerations.  This section seems to reprise much of
the content of the vulnerabilities chapter.  Dealing with legal
issues, evidence, and privacy in chapter nine it is nice to see some
newer examples than the old "berferd" and "wiley hacker" standards. 
Chapter ten's review of intrusion detection systems, and actions to
take if penetrated, addresses the informed user.  Security
administrators and strategists, at the executive level, are presented
with everything from the need for security goals to globalization in
chapter eleven.  Designers get a few general guidelines in chapter
twelve, along with comments from those who have been implementing
exemplary systems.  Chapter thirteen is a realistic look at future
developments in attacks and defence.

Of the other "Intrusion Detection" books, Terry Escamilla's (cf.
BKINTRDT.RVW) is simply not in the same league, being basically a
promotional brochure.  "Network Intrusion Detection," by Stephen
Northcutt (cf. BKNTINDT.RVW), is likewise not as clever as it thinks
it is.  Edward G. Amoroso (cf. BKINTDET.RVW) is very close in both
quality and usefulness, and possibly has the edge in practical terms,
although his book is a bit narrower in focus.  Bace provides a
comprehensive overview and conceptual background that will ensure this
text becomes a basic security reference.

copyright Robert M. Slade, 2000   BKNTRDET.RVW   20000202

------------------------------


Date: Thu, 24 Feb 2000 07:22:01 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" 
Subject: File 10--REVIEW: "The Zero Hour", Joseph Finder

BKZEROHR.RVW   20000118

"The Zero Hour", Joseph Finder, 1996, 0-380-72665-3
%A   Joseph Finder
%C   1350 Avenue of the Americas, New York, NY 10019
%D   1996
%G   0-380-72665-3
%I   Avon Books/The Hearst Corporation
%O   +1-800-238-0658 avonweb@hearst.com
%P   432 p.
%T   "The Zero Hour"

This is a thriller, with the standard financier-driven-mad-by-bungled-
US-attempt-to-kidnap-him-leading-to-his-wife's-death-bent-on-revenge-
by-destroying-US-financial-system-by-ruining-the-computer-network
plot.

Now, Finder seems to have had some pretty high-powered help, given
some of the names in the acknowledgements.  In fact, the book gets an
awful lot of technology right, where most fiction gets it wrong.

There is, for example, some really excellent stuff on bomb forensics. 
The description of recovery of the previous track on a re-recorded
tape is bang on.  The social engineering that goes on, from both
sides, is pretty good, too.  Even bugging technology is more realistic
than usual.

But there are still some problems.  The process of tracking down a
cell phone has good points and bad points.  A cell phone can be
located by localizing the tower it is transmitting to, and you can
even narrow that down by measuring signal strength between towers. 
But that information is available more or less immediately, since the
cell system has to know where the phone is in order to place a call to
it.  In addition, cell phones do transmit even when they are not
actually on the air.  But not, as the book seems to indicate,
continuously.  Every few minutes a cell phone broadcasts its presence. 
Therefore, the cell system would know where the phone is pretty much
all the time, even if a call had not been placed.  (In fact, the
bomber in the story is rather lucky: a cell phone transmission nearby
could very well trigger a complex electronic rig.)

Cryptography gets its ups and downs, too.  The story correctly states
that "open" cryptographic algorithms are probably stronger than
proprietary ones.  However, it seriously mistakes the fact that keys
are more important than algorithms.  At one point the bad guys rejoice
in the fact that they have a copy of crypto software, even though the
passwords (keys) have all been changed.  In another place, the size of
the key space is seriously underestimated.  Finder repeats the old saw
about the NSA having all the crypto keys in the world in a database
somewhere.  As someone has pointed out, for even moderately secure
keys, the key field address space contains more addresses than there
are hydrogen atoms in the universe, and even if the NSA could somehow
hide extra universes inside black holes tucked away in pockets of
Maryland, the resulting gravitational effects would probably give the
game away.  (Also, a book cipher is not a substitution cipher, it's
more of a variation on a one time pad.)

Communication, as usual, gets treated particularly badly.  A US based
pager could not be tested in Europe, since the tower would be just a
tad beyond reach.  Even a satellite pager would be out of the
footprint.  And if a pager system did have connections in Europe, you
could probably get the pagers there.  Microwave telecommunications
signals between towers are *all* digital.  It is possible to tap fibre
optic cable.  (Difficult, but possible.)  And a tap on coaxial cable
does not need to break the cable: a simple vampire tap will do, and
it's a snap to remove.

There are more, but I'll stop with my favorite topic.  Viruses, of
course.  Marking a file as hidden would pretty much ensure that it
never got executed: it's not a good way to hide a virus.  Marking a
file as hidden would pretty much ensure that it did *not* get
transferred from disk to the computer, since almost all copy programs
copy files rather than disk images.  If there are millions of copies
of the virus everywhere, it's a pretty good bet that at least one of
them has already been executed.  And a PC virus is pretty much
guaranteed not to have any effect on a mainframe.

copyright Robert M. Slade, 2000   BKZEROHR.RVW   20000118

------------------------------


Date: Thu, 17 Feb 2000 17:05:49 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" 
Subject: File 11--REVIEW: "The Toyotomi Blades", Dale Furutani

BKTYTMBL.RVW  20000108

"The Toyotomi Blades", Dale Furutani, 1997, 0-312-96667-9
%A   Dale Furutani
%C   175 Fifth Ave., New York, NY   10010
%D   1997
%G   0-312-96667-9
%I   St. Martin's Press
%O   212-674-5151 fax 800-288-2131 www.tor.com www.stmartins.com
%P   212 p.
%T   "The Toyotomi Blades"

Furutani's mystery is readable, well-written, and intelligent.  As
only one example of the realism, he has a sleuth who does *not* take
every chance to run off after the crooks himself, while avoiding
giving any information to the authorities.

The central character is a programmer, but technology does not play a
large part in the story.  Computers do get used twice, one time a
little better than the other.

First, the not so good.  At one point in the story, a fax is received
where an image can't be made out because of poor resolution.  So, our
hero suggests that computer enhancement be used to bring out the
details.  There is even some discussion of finding edges in an image,
and all that.

Unfortunately, there are two problems with the computer image recovery
as described.  The first is that computer enhancement of images
requires a lot of understanding of optics, something which the author
doesn't seem to have.  Computer enhancement works well for bringing
out detail in, for example, images where the contrast is very low. 
This has been used to find, for the first time, that Uranus has bands
just like Jupiter and Saturn.  Computer enhancement can also be used
to sharpen fuzzy images.  However, it does this by calculating, and
then subtracting, effects due to optical dispersion and interference. 
In fact, the process described in the book, which eliminates small
"errors," would ruin any possibility of doing this kind of image
enhancement.

The other problem is that the image in question is a fax.  This means
that it has already been digitized, at a very low resolution and
contrast, which would, again, damage the chances for a successful
image recovery.

On the other hand, the computer mapping application used in the book
is quite marvelous.  The images that are of importance in the book
turn out to be parts of a map.  Not just any map: a treasure map.  Our
hero does not have all of the pieces, and the placement of some pieces
that are available is unknown.  But by comparing the possible
arrangements of map pieces against known terrain, the characters in
the book are able to come up with a reasonably short list of potential
sites.  This is quite realistic.  In fact, it has been used in
classical studies, not with maps, but with fragments of text on
papyrus.  By comparing snippets of text (I seem to recall one instance
of four characters on two lines) with known works, researchers have
been able to identify and even reassemble fragments that otherwise
would have remained so much confetti.

Overall, it's quite a delight to find something that uses computers
realistically for once.

copyright Robert M. Slade, 2000   BKTYTMBL.RVW  20000108

------------------------------

Date: Sun, 12 Mar 2000  1:51:01 CST
From: CuD Moderators 
Subject: File 12--Cu Digest Header Info (unchanged since 12 Mar, 2000)

Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.

CuD is available as a Usenet newsgroup: comp.society.cu-digest

Or, to subscribe, send post with this in the "Subject:: line:

     SUBSCRIBE CU-DIGEST
Send the message to:   cu-digest-request@weber.ucsd.edu

DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS.

The editors may be contacted by voice (815-753-6436), fax (815-753-6302)
or U.S. mail at:  Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.

To UNSUB, send a one-line message:   UNSUB CU-DIGEST
Send it to  CU-DIGEST-REQUEST@WEBER.UCSD.EDU
(NOTE: The address you unsub must correspond to your From: line)

The mailing list is automated, so no human lies at the other end.

CuD is readily accessible from the Net:
  UNITED STATES: ftp.etext.org (206.252.8.100) in /pub/CuD/CuD
    Web-accessible from: http://www.etext.org/CuD/CuD/
                  ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/
                  wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
  EUROPE:         ftp.warwick.ac.uk in pub/cud/ (United Kingdom)


The most recent issues of CuD can be obtained from the
Cu Digest WWW site at:
  URL: http://www.soci.niu.edu/~cudigest/

Readers wishing to auto-set their browsers to receive the
latest issue of CuD can point to:
  http://www.soci.niu.edu/~cudigest/latest.html

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.  CuD material may  be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission.  It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified.  Readers are encouraged to submit reasoned articles
relating to computer culture and communication.  Articles are
preferred to short responses.  Please avoid quoting previous posts
unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
            the views of the moderators. Digest contributors assume all
            responsibility for ensuring that articles submitted do not
            violate copyright protections.

------------------------------

End of Computer Underground Digest #12.01

Return to the Cu Digest homepage

Page maintained by: cudigest@cudigest.org