Amazon.co.uk
The Art of Deception is about gaining someone's trust by lying to them and then abusing that trust for fun and profit. Hackers use the euphemism "social engineering" and hacker-guru Kevin Mitnick examines many example scenarios.
After Mitnick's first dozen examples anyone responsible for organizational security is going to lose the will to live. It's been said before, but people and security are antithetical. Organizations exist to provide a good or service and want helpful, friendly employees to promote the good or service. People are social animals who want to be liked. Controlling the human aspects of security means denying someone something. This circle can't be squared.
Considering Mitnick's reputation as a hacker guru, it's ironic that the last point of attack for hackers using social engineering are computers. Most of the scenarios in The Art of Deception work just as well against computer-free organizations and were probably known to the Phoenicians; technology simply makes it all easier. Phones are faster than letters, after all, and having large organizations means dealing with lots of strangers.
Much of Mitnick's security advice sounds practical until you think about implementation, when you realize that more effective security means reducing organizational efficiency--an impossible trade in competitive business. And anyway, who wants to work in an organization where the rule is "Trust no one"? Mitnick shows how easily security is breached by trust, but without trust people can't live and work together. In the real world, effective organizations have to acknowledge that total security is a chimera--and carry more insurance. --Steve Patient, amazon.co.uk
Book Description
The world's most infamous hacker offers an insider's view of the low-tech threats to high-tech security
Kevin Mitnick's exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. Now, in The Art of Deception, the world's most notorious hacker gives new meaning to the old adage, "It takes a thief to catch a thief."
Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. With the help of many fascinating true stories of successful attacks on business and government, he illustrates just how susceptible even the most locked-down information systems are to a slick con artist impersonating an IRS agent. Narrating from the points of view of both the attacker and the victims, he explains why each attack was so successful and how it could have been prevented in an engaging and highly readable style reminiscent of a true-crime novel. And, perhaps most importantly, Mitnick offers advice for preventing these types of social engineering hacks through security protocols, training programs, and manuals that address the human element of security.
Customer Reviews:
The Art of Humanity.......2007-09-13
Probably one of the very best books I've ever read in my life. This book follows through some of the life of hacker Kevin Mitnick. A lot of good laughs and some surprising and eye opening admissions that are full of lessons for anyone who uses a computer.
Without being condescending or preachy, Kevin shows people the ways around the easiest element of security to break, the user themselves. For anyone who's been involved with computers from the beginning of the first pre-PC's it's like a page of reminiscences from your own brain 20 years ago.
To newer users it's bordering on the insanity that is hacking lol.
This book is worthy of any home user or even IT professionals attention. Mitnick reveals many of the flaws in the human personality that allow people to abuse them, be it verbally, socially or even physically. I can't recommend this book enough to anyone who's had a problem with a hacker or spyware. It will show you, your and everyone else's major character flaw that can be managed effectively to eliminate the naivety that is the Internet.
Essential Reading.......2007-07-06
This is a book everyone should read. It is not only fascinating, but is an essential lesson in self-protection against those who would prey on the trust and vulnerability of honest and kind people.
Hits the nail on the head, but management won't be able to comprehend the implications!.......2007-06-28
Although many of the examples detailed in this book are dated , the concepts are still as easy to leverage as ever.
Mr. Mitnick offers some possible solutions in this book, however he wasted his effort. As any security expert knows, getting upper management buy in to security is difficult at best. Management pays lip service to security, but they are typically more concerned about privacy issues than taking meaningful steps to address known security risks.
When my organization tasked my team to perform a social engineering assessment of their network, that's what they meant. Over and over, we tried to suggest processes that would be easy to manipulate for even the most amateur attacker, only to be immediately cut off and told no. If there is no technical attack to guard against, management can't begin to process the implications.
Good book to share with staff.......2007-01-31
This book served as a great reminder of why we need to be thoughtful about sharing information. I am buying extra copies to share with our staff. The offered advice was especially useful for large organizations with distributed sensitive information.
Fun read.......2007-01-28
If you are intreased in this, good book. Not a lot of detail, but good read.
Customer Reviews:
Excellent Source of Information.......2005-10-14
As a relative amature in the subject of computer viruses, this book was very helpful. With a little background in basic computing, you can easily understand this book. The book starts off simple virus from back in the day, describing the first viruses to appear. The book then goes into detail about the more advanced forms of virus infections and viruses to appear on more modern systems. After reading the book, i came away with a new respect for the art of self replicating code (aka Virus), and the techniques that virus researchers use to develop software to protect your PC from these threats.
A Must-Read on Computer Virus .......2005-08-12
I was wondering in the bookshop trying to find some in-depth books on Computer Virus and Network Security and suddenly I came across this book. In a few pages the book lit up my eyes and the author successfully attracted my attention and I was simply amazed by his solid background and rich knowledge and also his effort in presenting all the materials in an orderly and logical way that has successfully flatten the learning curve for people fresh to the area.
Well, some people may complain that this is a disappointing book in that it hasn't gone far enough to illustrate the necessary virus writing skills and they believe only in this way can one speciallized in virus defense benefit most. Again, this is not the truth as far as I see. If one simply want to write virus by following existing codes he can only gain a narrow horizon by focusing upon one or two popular virus. But as the old idiom goes, you will miss the forest by seeing a tree only. New virus are produced by those high-intelligent poeple everyday and promises to continue to come in the forseeable future. New technologies too, emerge and then disapper with the patch or hot fixes. But as long as you have a comprehensive knowledge of the basic of virus research and defense you will never lose in this battle against virus. I think the author has trying to model his book to be some thing beyond the mere technology collection but to present to us how one might equip himself with the fundamental knowledge of the virus's history, main ideas, or even try to give definition in some places. So this is why the author names his creation to be "Virus research & defense" instead of "virus writing & defense". And as far as I see, his attempt has been a huge success.
And what's more, even for people who are crazy about writing virus this book is not such a disappointment. It incorporate many code snippet into the book and these code has actually reveal the dark side of the virus and one smart enough and with some knowledge in coding will be able to rebuild the complete viruses. Those who complain about the lack of virus writing skills might better try to figure out the reason in themselves. Anyway, there are a lot of sample virus within your easy reach on the internet. So why take the trouble to reproduce it here?
And finally I would like to show my thanks for the great effort Peter has spent on this book. For me this book has brought to me great pleasures and it has helped to orgnize my knowledge about computer virus in a more systematical manner. For those either new to the area or those professionals this is a must read and you shouldn't miss it.
Well written book about analyzing malicious software.........2005-08-10
If you are interested in historical details about viruses/malware, if you are searching for details about various techniques getting used by malicious software and if you are interested how people in the AV industry work... This book is definatly THE reference. Peter, a very competent virus researcher, who is known through his various articles in the Virus Bulletin magazine shows you all the techniques you need to analyse, to detect and to remove malicious software. His technical overview includes the entire history of computer viruses and is written in a very impressive and entertaining style. While I have read many books and articles about exploiting software, he also serves the most understandable definition of exploiting techniques like the classical stack overflow etc. I must say that his style impressed me so much that I read through the book in one day, something normally happening to me when reading thrillers of James Patterson. But this book is so well written, that you can rarely lay it out of your hands. You just want to know where Peter leds to, the next step in the voyage through the malicious world of computer viruses and malware. This book is geared through everybody trying to understanding what's happening in the malicious code polluting the Internet. For me well worth the money I spent on it.
Disappointing.......2005-08-06
The book is very disappointing in that the author does not show explicitly how to create and code viruses. The author explains in the preface that he does not include such code because of its obvious dangers. This reviewer believes however that the more understanding we have of viruses the better we can deal with their threats. We need to understand just what is possible, and this can only be done by creating viruses that may or may not be hazardous to computer systems. The more viruses that we create and then study the more we can guard against their infection. This goes for computer viruses as well as biological ones. Yes, there are dangers involved in doing this, but these dangers are nullified by the tools and artificial immune systems that we create in the process of studying viruses.
The book of course is not without its merits, one of these being the discussion of the history of computer viruses, which the author includes in the first chapter of the book. The designation "computer virus" was done in 1984, at which time a formal mathematical model was created for computer viruses. The author defines a computer virus as being a program that can recursively and explicitly copy a possibly evolved version of itself. This definition he says covers the notion of a `companion virus', which does not necessarily modify the code of other programs.
The author is also very thorough in his treatment of the different viruses and their association with specific computer platforms. In addition, he gives a detailed treatment of how to analyze a computer virus using disassemblers, debuggers, emulators, virtual machines, virus test networks, and unpackers, along with various other tools. Readers will definitely benefit from knowledge of assembly code.
For non-experts in virus research (such as this reviewer) but who have a strong mathematical background, a natural question to ask is whether one could develop a highly sophisticated computer immune system that would be able to detect any kind of computer virus within a reasonable time scale. The author believes that this cannot be accomplished, quoting a result by the mathematician Frederick Cohen (the inventor of the term "computer virus") indicating that such an immune system is not possible. The Cohen proof is not included in the book unfortunately, but a perusal of the literature will reveal that the proof is based, as expected, on the theory of computability and Turing machines. What Cohen showed was that the detection of generic computer viruses is undecidable by showing that if such a procedure existed, it would solve the halting problem for Turing machines.
Given the Cohen result, it is appropriate to ask whether viruses can come in such a wide variety as to make their detection and annihilation unique to the actual virus. In addition, it would appear that after a reasonable amount of time, it would become more difficult for virus writers to come up with `exotic' viruses that elude detection. Have most of the effective or interesting viruses already been invented, and therefore countered, by anti-virus programs? When reading this book one gets the impression that this is the case. However, the author shows that such a judgment would be premature, and he spends a fair amount of time in the book discussing possible future developments in computer viruses, particularly in distributed environments.
Even if virus writers are exhausting the possibilities for effective viruses, they can still find ways of evading the detection programs, using encryption for example. The author discusses several different approaches to the encryption of viruses, all of these having varying degrees of success, depending of course on the resources and knowledge base of the virus analyst. An interesting topic discussed in this connection is the origin of `oligomorphic' viruses, which change their decryptors in new generations. The `polymorphic' viruses, which are the next stage in complexity, are also discussed in this context, these allowing the mutation of their decryptors in possibly millions of different forms. When a virus is able to create new generations of itself that look different, it is called a 'metamorphic' virus. The author gives examples of these, how thay are detected, and the possibility of using them to construct a virus generator able to create new virus mutations on the fly without any human intervention. One of the metamorphic viruses, named W95/Zmist, is described by the author as being one the most complex binary viruses ever created. For that reason it is discussed in detail in the book. This discussion is fascinating reading, and one would have hoped that the source code was supplied in the book in order to allow responsible and curious individuals to create the W95/Zmist virus and study its behavior in real systems under controlled laboratory conditions.
The author does not distinguish between computer worms and viruses, except to say that the former are sometimes distinguished from the latter in the way they infect networks. A worm does not usually need to infect files but can propagate as a standalone program. However, the author gives examples of worms that do propagate by the infection of files. Illicit information gathering is the purpose of most worms, and the author discusses several different techniques that worms use to obtain this information. Particularly interesting to read about are the different techniques that computer worms are used to propagate themselves. One of these involves instant messaging, which because of its popularity will certainly be one that is given more attention by future attackers.
Virus writers will become more creative in the future, and their efforts will no doubt be discussed in future editions of this book. But it is the more subtle approaches that remain undiscovered that are the most devastating to both individuals and businesses. One gets the impression when reading this book that most of the viruses are created by pranksters who gain emotional reinforcement by the success of the exploits. The antivirus defense techniques work in the latter but not the former.
definitive text on antivirus methods.......2005-07-12
Szor's book appears to be the current definitive text on antivirus methods. The breadth of coverage of methods is good. So too is the level of detail.
The book makes you appreciate how hard the task is of finding these darned viruses. In general, you are trying to discern malware intent in an arbitrary file. Where this file is often binary. But, as Szor is careful to explain, there can certainly be source code viruses as well. These could be in Postscript, PDF or scripting files. He also points out that the Microsoft Office data files are really binary programs, that run under the Microsoft Office applications.
The book shows the considerable level of ingenuity on both sides of this struggle. As in how antivirus companies like Symantec often run a suspected virus in an emulator, stepping through the code. But in response, some viruses try to detect if they are being run inside an emulator. How they do this is very crafty and simple. (Shades of the "Matrix"!) It is examples of tactics like this that give the book its worth.
Average customer rating:
- 5 stars
- Comprehensive Discussion of Computer Security
- Fails as an Intro book for Students
- A Service to Duplicate!
- Very detailed reference
|
Computer Security: Art and Science
Matt Bishop
Manufacturer: Addison-Wesley Professional
ProductGroup: Book
Binding: Hardcover
 Encryption
| Security & Encryption
| Web Development
| Computers & Internet
| Subjects
| Books
Network Security
| Networking
| Computers & Internet
| Subjects
| Books
General
| Networks, Protocols & APIs
| Networking
| Computers & Internet
| Subjects
| Books
General
| Programming
| Computers & Internet
| Subjects
| Books
General
| Computers & Internet
| Subjects
| Books
General
| Software
| Computers & Internet
| Subjects
| Books
Mathematics
| Professional Science
| Professional & Technical
| Subjects
| Books
| Applied
| Chaos & Systems
| Geometry & Topology
| Mathematical Analysis
| Mathematical Physics
| Number Systems
| Pure Mathematics
| Transformations
| Trigonometry
General
| E-commerce
| Industries & Professions
| Business & Investing
| Subjects
| Books
Look Inside Business Books
| Trip
| Specialty Stores
| Books
Look Inside Computer Books
| Trip
| Specialty Stores
| Books
All Titles
| Qualifying Textbooks - Fall 2007
| Stores
| Books
Business & Investing
| Qualifying Textbooks - Fall 2007
| Stores
| Books
Computers & Internet
| Qualifying Textbooks - Fall 2007
| Stores
| Books
Professional
| Qualifying Textbooks - Fall 2007
| Stores
| Books
Similar Items:
-
Security Engineering: A Guide to Building Dependable Distributed Systems
-
Effective Oracle Database 10g Security by Design
-
Introduction to Computer Security
-
Cryptography and Network Security (4th Edition)
-
Network Security: Private Communication in a Public World, Second Edition
ASIN: 0201440997 |
Customer Reviews:
5 stars.......2007-07-13
Great Book! I had to buy for my class ... happy that we are using this :-)
Comprehensive Discussion of Computer Security.......2006-11-11
Excellent book describing both the technical aspects of Computer Security as well as the heuristic methods used to secure computer networks. Helpful to everyone who is trying to understand how computer security works.
Fails as an Intro book for Students.......2005-12-01
This book was used in my Intro to Computer Security class, which I thought was going to be an interesting until I had to read the book. This book is suited more for those already in the field or have knowledge about computer security.
The way the book is writen makes it a hard read as it is full of theory and hardly any application. Complex theories are not explained in a way that allows somebody new to the field the chance to understand them.
Examples are more or less useless as they are either complex or not explained in full. Most of the examples cause more confusion then understanding. This is not just my opinion but the majority of my the class.
A Service to Duplicate!.......2005-09-05
Excellent service! The book arrived within five days of placing the order, and I was totally blown away when it arrived, considering the fact that it was a text book that I needed to have in a timely manner. Thanks again Amazon! I'm now hooked more than ever, and I'm telling my friends about the wonderful shopping experience.
Very detailed reference.......2005-05-10
I used this book for a graudate-level introductory computer security class and it was very detailed and explained concepts well. I took a security and privacy course in undergrad and Bishop's book is much better than the book I used last fall. If you have strong math skills and strong coding skills, this is the book for you. It is even helpful to people studying for the CISSP and Security+ certifications in information security.
Book Description
Fully addressing the most critical WLAN and Wireless IP issues in the industry today, this practical new resource focuses on the areas of security, mobility, and QoS improvement. The book gives you a solid understanding of IEEE 802.11 standards and presents solutions discussed by the IEEE 802.11 standardization committee, including those that can be provided at the IP layer.
Moreover, the book provides guidance on deployment, insights on interworking with 3G mobile communications systems, and discussions on the market and business aspects of WLANS. From basic WLAN and Wireless IP concepts and the current status of IEEE 802.11, to WLAN deployment and integration with GPRS and UMTS and the future role of WLAN in beyond 3G and 4G systems, this authoritative reference presents a thorough overview of the key issues and possible solutions for WLANs from layer-1 to layer-3 and higher protocol layers, wherever necessary. The book is generously supported with over 120 illustrations.
Download Description
This newly revised edition of the Artech House classic, Phased Array Antenna Handbook, offers the most up-to-date and broadest view of array antennas and systems. You find complete design details that allow you to size an array system with a speed and confidence. The second edition offers you a wealth of new material, including a detailed treatment of antenna system noise, sections on antenna pattern synthesis, developments in subarray technology, and in-depth information on array architecture and components.
Book Description
Addressing the fast-growing need to integrate effective security features into wireless communication systems, this cutting-edge book offers a broad overview of wireless security, so engineers can choose the methods and techniques that are most appropriate for their projects. Professionals gain a solid understanding of critical cryptography techniques, such as private/public key encryption, digital signatures, and block and stream ciphers. The book provides expert guidance on how to evaluate cryptography deployment impact on current wireless network architectures and implement an effective cryptography architecture for any organization. This forward-looking resource offers the technical know-how practitioners need to understand and work with the security concepts and techniques used for 2nd, 3rd, and 4th generation mobile networks.
Book Description
The FIX Guide was developed for professionals in the fixed income market to understand how to implement a system utilizing the FIX protocol. Written for business and product managers, the Guide is a high level view of the resources and skills necessary to exploit the preeminent global standard for the electronic trading of fixed income. Highlights include choosing FIX engines, network choices, testing, the rules of engagement and the FIX process for fixed income. As more trading partners and platforms develop FIX messaging capabilities, firms are looking for an understanding of the most efficient way to implement FIX. The second edition of the FIX Guide draws on the expertise and resources of over 30 industry participants.
Customer Reviews:
Using FIX for fixed income trading.......2005-06-13
The FIX Guide was written by 30 financial services professionals. It details the methods of connecting to counterparties, choosing FIX engines and networks, testing an implementation, training and a model "rules of engagement" for use with counterparties. Diagrams are included that outline the message flow for fixed income. This Guide was written for business managers, trading desk personnel, IT and back office staff. More information is available on the FIX website fixprotocol.org.
To receive the book right away order one from the used section which are new from the publisher. Otherwise the books are printed when ordered and take 3-4 weeks to arrive. Disclaimer: I am one of the editors of the FIX Guide.
Book Description
Best-of-the-best guidelines for handling low voltage wiring
The A-Z reference on designing, installing, maintaining, and troubleshooting modern security and fire alarm systems is now fully up-to-date in a new edition. Prepared by Terry Kennedy and John E. Traister, authors with over three decades of hands-on experience apiece in the construction industry, Low Voltage Wiring: Security/Fire Alarm Systems, Third Edition provides all the appropriate wiring data you need to work on security and fire alarm systems in residential, commercial, and industrial buildings. A CD-ROM packaged with the book conveniently puts at your fingertips sample forms, checklists, a fully-searchable glossary, and hot-linked industry reference URLs. In addition, you get:
*Important safety tips
* Lists of regulations
* Explanations of emerging technologies
*Useful treatments of estimating and bidding
* Much more
Download Description
The A-Z reference on designing, installing, maintaining, and troubleshooting modern security and fire alarm systems is now fully up-to-date in a new edition.
Customer Reviews:
Don't waste your money.......2005-02-14
I bought this book hoping to at least learn how to connect wires for an alarm system. I was highly disappointed. Do not waste your money.
totally useless!.......2003-10-04
I thought it`s a good book. But unfortunatly useless. Dont` spend money and time for this book!
Difficult to navigate!.......2002-02-15
Well this is my first EBook and I must say the EBook Reader program interface is horrible. I would much rather read the book with the standard Acrobat reader which has thumbprints and other ways to jump from location to location rather than the limited EBook navigational tools. I am very dissapointed with this purchase.
Download Description
This comprehensive engineering-level resource provides you with an excellent introduction to electronic warfare (EW) for communication systems. Extensively referenced with over 600 equations, it details the components, systems, and operations of electronic warfare systems dedicated to protecting and attacking military communications networks. You are provided with a complete understanding of how modern direction finders for communication signals work, along with their limitations. The book also helps you acquire a working knowledge of hyperbolic emitter location technologies, and shows you how to measure performance, defining the basic operations necessary for communication EW systems. You are provided with a technique for geolocation of low probability of intercept/anti-jam targets. Use this book to identify state-of-the-art EW technology, understand basic processes that EW systems need to accomplish in their operations, and gain insight into the future direction of these systems.
Average customer rating:
- Not Completely Original, But Quite Useful
- how Much IS Big Brother Watching?
- Good, but lacks other side of the story...
- Rapidly increasing technologies invade our rights to privacy
- Would have been better without the science fiction
|
Database Nation : The Death of Privacy in the 21st Century
Simson Garfinkel
Manufacturer: O'Reilly Media, Inc.
ProductGroup: Book
Binding: Paperback
Culture
| Business & Culture
| Computers & Internet
| Subjects
| Books
Privacy
| Business & Culture
| Computers & Internet
| Subjects
| Books
Network Security
| Networking
| Computers & Internet
| Subjects
| Books
Internet
| Home Computing
| Computers & Internet
| Subjects
| Books
| Internet & Education
| Online Searching
| Web Browsers
| Web for Kids
General
| Computers & Internet
| Subjects
| Books
General
| Databases
| Computers & Internet
| Subjects
| Books
General
| Computer Science
| Computers & Internet
| Subjects
| Books
Civil Rights & Liberties
| Current Events
| Nonfiction
| Subjects
| Books
Technology & Society
| Communication
| Social Sciences
| Nonfiction
| Subjects
| Books
General
| Arts & Photography
| Subjects
| Books
Social Aspects
| Technology
| Science
| Subjects
| Books
Internet Security
| O'Reilly
| By Publisher
| Books
Look Inside Art Books
| Trip
| Specialty Stores
| Books
Look Inside Computer Books
| Trip
| Specialty Stores
| Books
Look Inside Science Books
| Trip
| Specialty Stores
| Books
Similar Items:
-
The Digital Person: Technology and Privacy in the Information Age
-
No Place to Hide
-
The Transparent Society: Will Technology Force Us to Choose Between Privacy and Freedom?
-
Technology and Privacy: The New Landscape
-
The Unwanted Gaze: The Destruction of Privacy in America
ASIN: 0596001053 |
Amazon.com
Forget the common cold for a moment. Instead, consider the rise of "false data syndrome," a deceptive method of identification derived from numbers rather than more recognizable human traits. Simson Garfinkel couples this idea with concepts like "data shadow" and "datasphere" in Database Nation, offering a decidedly unappealing scenario of how we have overlooked privacy with the advent of advanced technology.
According to Garfinkel, "technology is not privacy neutral." It leaves us with only two choices: 1) allow our personal data to rest in the public domain or 2) become hermits (no credit cards, no midnight video jaunts--you get the point).
Garfinkel's thoroughly researched and example-rich text explores the history of identification procedures; the computerization of ID systems; how and where data is collected, tracked, and stored; and the laws that protect privacy. He also explains who owns, manipulates, ensures the safety of, and manages the vast amount of data that makes up our collective human infrastructure. The big surprise here? It's not the United States government who controls or manages the majority of this data but rather faceless corporations who trade your purchasing habits, social security numbers, and other personal information just like any other hot commodity.
There's a heck of a lot of data to digest about data here and only a smidgen of humor to counterbalance the weight of Garfinkel's projections. But then again, humor isn't really appropriate in connection with stolen identities; medical, bank, and insurance record exploitation; or the potential for a future that's a "video surveillance free-for-all."
In many information-horrific situations, Garfinkel explores the wide variety of data thievery and the future implications of larger, longer-lasting databases. "Citizens," Garfinkel theorizes, "don't know how to fight back even though we know our privacy is at risk." In a case study involving an insurance claim form, he explains how a short paragraph can grant "blanket authorization" to all personal (not just medical) records to an insurance company. Citizens who refuse to sign the consent paragraph typically must forfeit any reimbursement for medical services. Ultimately, "we do not have the choice [as consumers] either to negotiate or to strike our own deal."
The choice that we do have, however, is to build a world in which sensitive data is respected and kept private--and the book offers clever, "turn-the-tables" solutions, suggesting that citizens, government, and corporations cooperate to develop weaker ID systems and legislate heavier penalties for identification theft.
Garfinkel's argument does give one pause, but his paranoia-laden prose and Orwellian imagination tends to obscure the effectiveness of his argument. Strangely, for all his talk about protecting your privacy, he never mentions how to remove your personal information from direct mail and telemarketing groups. And while he would like for Database Nation to be as highly regarded (and timely) as Rachel Carson's Silent Spring, the fact remains that we're not going to perish from having our privacy violated. --E. Brooke Gilbert
Book Description
Fifty years ago, in 1984, George Orwell imagined a future in which privacy was demolished by a totalitarian state that used spies, video surveillance, historical revisionism, and control over the media to maintain its power. Those who worry about personal privacy and identity--especially in this day of technologies that encroach upon these rights--still use Orwell's "Big Brother" language to discuss privacy issues. But the reality is that the age of a monolithic Big Brother is over. And yet the threats are perhaps even more likely to destroy the rights we've assumed were ours. Database Nation: The Death of Privacy in the 21st Century shows how, in these early years of the 21st century, advances in technology endanger our privacy in ways never before imagined. Direct marketers and retailers track our every purchase; surveillance cameras observe our movements; mobile phones will soon report our location to those who want to track us; government eavesdroppers listen in on private communications; misused medical records turn our bodies and our histories against us; and linked databases assemble detailed consumer profiles used to predict and influence our behavior. Privacy--the most basic of our civil rights--is in grave peril. Simson Garfinkel--journalist, entrepreneur, and international authority on computer security--has devoted his career to testing new technologies and warning about their implications. This newly revised update of the popular hardcover edition of Database Nation is his compelling account of how invasive technologies will affect our lives in the coming years. It's a timely, far-reaching, entertaining, and thought-provoking look at the serious threats to privacy facing us today. The book poses a disturbing question: how can we protect our basic rights to privacy, identity, and autonomy when technology is making invasion and control easier than ever before? Garfinkel's captivating blend of journalism, storytelling, and futurism is a call to arms. It will frighten, entertain, and ultimately convince us that we must take action now to protect our privacy and identity before it's too late.
Customer Reviews:
Not Completely Original, But Quite Useful.......2006-06-01
I have been reading books about privacy, notably from Australia where they first got worried about this, and am an admirer of the Electronic Privacy Information Center (EPIC) based in Washington, D.C. so I can say with confidence that this book is not completely original, but I can also say that it is quite useful. The single best and most original book in this area that I am aware of with my own limitations, is Jeffrey Rothfeder's 1992 classic, "PRIVACY FOR SALE: How Computerization Has Made Everyone's Private Life and Open Secret" (Simon & Schuster).
The author captured my immediate interest when he posited early on that it is capitalism, not totalitarianism, that is the really grave threat to privacy, and then goes on throughout the book to demonstrate how capitalist innovation--and capitalist retribution--can find so many more profitable uses for stolen or insufficiently protected personal information including information about one's precise movements, Internet access, payments, and so on.
I credit the author with providing us with a really SUPERB discussion of an expanded definition of privacy and why it matters for the future, to include how a lack of privacy stifles free speech and individual voting or engagement.
The book is of course timely with the recent revelation of widespread NSA access to telephone records and widespread domestic telephone interceptions without warrants. I am quite certain NSA has full access to all travel and credit card records, and relatively certain that NSA is also obtaining full access to all banking transactions both within and passing through the USA. Eventually, as the dollar collapses and foreigners realize their financial transactions are not private, I suspect that the NSA intrusions will lead directly to a substantial reduction in what people are willing to transfer via US channels, and in this way deprive the US of interest and assets.
The author merits credit for anticipating in 1999 that terrorism would one day be used to justify extensive intrusions against privacy.
Most interestingly, the author reveals, for the first time to my knowledge, that NSA is in the phone card business. All those phone cards that terrorists and criminals have been using evidently have tracking information, and the testimony in the McVeigh case that the author illuminates makes it certain that this source and method will dry up for NSA with those who really matter: literate terrorists and criminals who, like Bin Laden, understand the value of open sources of information and make it their business to follow the literature.
Although the author's information with respect to credit card errors is somewhat dated, it merits comment that in 1991 there were errors in fully 43% of the files of the three main credit bureaus and--this I did NOT know--even if one corrects errors with those three credit bureaus, the corrections do NOT pass down to the 187 independent industry or localized credit bureaus that have purchased the incorrrect data prior to correction. More recently the industry claims a 1% material error factor, but in my own experience, the credit bureaus are quick to post liens or claims, and not at all interested in posting lien cancellations or settlements.
The author spends quite a bit of time, very usefully, in focusing on the fact that identity theft occurs due to lax banking and postal procedures (I for one am very upset over the countless offers of credit I receive in the undefended mail, offers that can be "hijacked" by anyone cruising for such mail before I collect it), and then denouncing the fact that victims of identify theft do not have "standing" in the courts--it is treated as a banking issue.
The book concludes with several scares and big ideas. Car have computers that can communicate--the day is coming when cars will report their owners for speeding, and a husband driving a wife bleeding to death from a farm accident will not be able to override the computerized speed limit. The author concludes that technology is eliminating the expectation of privacy, but I am more concerned by his documentation that we are becoming slaves to computers programmed by morons in bureaucracies.
The author suggests that a major challenge is how to create self-healing systems and I am curious as to why he did not know of Eric Hughes anonymous banking encryption protocols, in which only the bank and the client can see their banking data, which is otherwise constantly encrypted.
The federal government is clearly avoiding accountability, not only with respect to data privacy, but with respect to being accountable for who knew what when. The White House and the Senate clearly knew in 1974-1979 that Peak Oil was upon us (see my review of TWILIGHT IN THE DESERT and also of CROSSING THE RUBICON), and deliberate decisions were made to conceal the facts from the public in order to keep the bribes coming and the easy elections going. We wasted 30 years because of decisions that can now be judged to be treasonous and retrospectively impeachable.
The book has acceptable coverage of biometics, RFID, public video, and commercial space imagery. In the latter, the book has a mistake SPOT Image likes to take credit for many things, and they evidently claim credit for creating a C-130 portable ground receiving station. This is not true. Colonel "Snake" Clark in the office of the Chief of Staff of the U.S. Air Force, conceptualized and oversaw the development of that capability which made a major difference to air operations in Bosnia among other places, as it made possible near real time seasonally accurate wide area imagery feeds directly into the Air Force mission rehearsal systems.
To end on a positive note, I point to page 108 of the book, where the author discusses inexpensive discreet video surveillance systems that can be used to keep an eye on kids, cats, baby sitters, realtors showing one's home, and so on. Technology does have its uses for the individual, and I will end by saying that I found this book to be a very professional and useful overview of the implications of both digital technology, and the personal information that technology can capture, store, manipulate, share, and exploit.
how Much IS Big Brother Watching?.......2005-02-08
This is an older book, but one that I specifically requested after reading books like Myth of Homeland Security by Marcus Ranum and Beyond Fear by Bruce Schneier. While those books related directly to homeland or national security in the wake of the 9/11 attack this book predates the attack but describes an Orwellian society where Big Brother monitors everything and privacy is a facade.
When I was in high school I read George Orwell's 1984. It is a work of fiction, but in many ways present society and technology have surpassed Orwell's vision. Simson Garfinkel paints a chilling picture of the complete lack of privacy today because we have the technology to store and retrieve almost every transaction and occurrence that goes on in our lives.
When you make a cell phone call records are kept of the area you called from and the number you called. When you make a purchase with a credit card or ATM/Debit card you create a record of where you were at a specific time and date as well as what you purchased. Medical records tell a lot about a person and are not as protected as people believe. A recent Supreme Court decision essentially states that an ISP can legally intercept and view your email without violating wiretap laws. Common, everyday activities capture and store minute details about your life.
This book offers few solutions, but does an excellent job of describing the problem in a compelling way. Everyone should read this book to learn what a facade your privacy really is.
(...)
Good, but lacks other side of the story..........2004-11-11
Good book, especially for someone living on the other side of the world... From European point of view, such privacy violations are something unbelievable. Garfinkel's book simply shows us the hazards of modern technology, and convinces us that our European privacy protecting laws are a good thing, despite sometimes being used to cover bribery or theft.
Sometimes `Database Nation' seemed so naïve, but to understand it, we must notice it was written few months before attack on WTC. Now we can see how governments are trying to know everything about everybody and the only reason for that is protecting us from terrorism. Nice idea, but Garfinkel has already predicted it - he wrote that a big terrorist attack would happen, even if we maximize security and privacy violations cannot stop really bad people.
As I wrote before - I have never been in the States, so sometimes I was reading this book as some kind of `weird guide to the USA'. Some of described pitfalls can be seen in Europe as well, but usually we do not expect our medical records to be seen by anybody... maybe because in most European countries medical insurance is run mainly by the government. And here is the point, where this book lacks some kind of perspective. What do you think is better: having your medical record sold, or die because funds of some emergency stations are so low, that only one ambulance in fifty-thousand-people-city is on duty? Is it better to protect privacy, or to highlight crooks? The highly illegal under Polish law so-called `Jachnicki list' was a list of people who cheated and deceived a lot of honest citizens. Giving detailed information including name, adress, birthdate and PESEL (unique number every Pole is assigned at birth) about those people, the creators have broken Personal Data Protection Act, and were forced by government officials to stop publishing that list. This is the other side of fighting for permanent privacy - and Garfinkel doesn't write anything about it...
Rapidly increasing technologies invade our rights to privacy.......2004-09-02
As we embark on the 21st century, advances in technology endanger our privacy in ways never before imagined. Database Nation: The Death of Privacy in the 21st Century, by Simson Garfinkel is the compelling account of how invasive technologies will affect our lives in the coming years. It's a timely, far-reaching, entertaining, and thought-provoking look at the serious threats to privacy facing us today.
Garfinkel's book does cover a lot of familiar ground, making the issue of privacy more personal to the average person. For example, he describes how cell phone networks can be used to track preferences and physical movement. He also goes into significant detail about advanced identification technologies, including retina scans and DNA analysis, that can be used to identify and track individuals, but those technologies only serve as a lead-in to the issue Garfinkel seems to regard as the most serious: medical privacy.
Chapter 6 provides strong details of the Medical Information Bureau. The MIB collects medical information entered on insurance forms and into personal records and sells that information to companies that need to set insurance premiums for applicants. What gives the MIB the right to collect that information? Garfinkel reveals that patients give them that permission when they consent to receive treatment.
At the end of Database Nation, Garfinkel calls on our nation's leaders and government to establish an executive agency charged with enforcing existing privacy laws and acting as an ombudsman for individual privacy. The new medical privacy standards the White House offered in early 2000 go part of the way to solving some of the problems Garfinkel describes, but in all I believe his solution is far to weak to result in meaningful privacy reform, nor will it be able to keep up with the ever changing technology.
Database Nation continues the growing tradition of books that cast technology in its social context. And as a doctoral student in leadership and technology, I find it heartening to read a book that so thoroughly examines technology's role in society.
Would have been better without the science fiction.......2004-04-07
This book dashed the high hopes I had for it. There are many very good reasons to be concerned about the ways technology can be used to curtail our civil liberties and constrict our freedoms. I had hoped for a serious discussion laying out the problems, their current state of application and misuse, and some thoughts about how to push back.
We do get some of that and to the extent this book is in this scope I like it a great deal (for example, the discussions around eternal copyrights and huge commercial databases gathering everything known about each of us or the sale of drivers license photos to commercial interests). When it is in the middle area of discussing thought crime and brain wiretapping he begins to lose me. It isn't that the issues aren't worthy of discussion, it is simply they way he discusses them has too much of a paranoid science fiction future feel.
When he paints the future of conscious machines and whether they will demand civil rights or not, well, I think he spoils this book. That speculative stuff should be in a different book. For me, the inclusion of this material makes it impossible to take seriously the good stuff he does have. The weird apple spoils the barrel kind of thing.
It isn't that the book isn't worth reading. It's that the serious stuff is so important that we need to focus on that and not be distracted by paranoid delusions about things that don't even exist. There is plenty to be concerned about in the databases already collected and being sold in commercial markets.
Book Description
In Buying Military Transformation, Peter Dombrowski and Eugene Gholz analyze the United States military's ongoing effort to capitalize on information technology. New ideas about military doctrine derived from comparisons to Internet Age business practices can be implemented only if the military buys technologically innovative weapons systems. Buying Military Transformation examines how political and military leaders work with the defense industry to develop the small ships, unmanned aerial vehicles, advanced communications equipment, and systems-of-systems integration that will enable the new military format.
Dombrowski and Gholz's analysis integrates the political relationship between the defense industry and Congress, the bureaucratic relationship between the firms and the military services, and the technical capabilities of different types of businesses. Many government officials and analysts believe that only entrepreneurial start-up firms or leaders in commercial information technology markets can produce the new, network-oriented military equipment. But Dombrowski and Gholz find that the existing defense industry will be best able to lead military-technology development, even for equipment modeled on the civilian Internet. The U.S. government is already spending billions of dollars each year on its "military transformation" program-money that could be easily misdirected and wasted if policymakers spend it on the wrong projects or work with the wrong firms.
In addition to this practical implication, Buying Military Transformation offers key lessons for the theory of "Revolutions in Military Affairs." A series of military analysts have argued that major social and economic changes, like the shift from the Agricultural Age to the Industrial Age, inherently force related changes in the military. Buying Military Transformation undermines this technologically determinist claim: commercial innovation does not directly determine military innovation; instead, political leadership and military organizations choose the trajectory of defense investment. Militaries should invest in new technology in response to strategic threats and military leaders' professional judgments about the equipment needed to improve military effectiveness. Commercial technological progress by itself does not generate an imperative for military transformation.
Clear, cogent, and engaging, Buying Military Transformation is essential reading for journalists, legislators, policymakers, and scholars.
Books:
- The Art of UNIX Programming
- The C Programming Language (2nd Edition)
- The CISM Prep Guide: Mastering the Five Domains of Information Security Management
- The Computer: An Illustrated History
- The DAM Book: Digital Asset Management for Photographers (O'Reilly Digital Studio)
- The Data Warehouse Toolkit: Practical Techniques for Building Dimensional Data Warehouses
- The Data Warehouse Toolkit: The Complete Guide to Dimensional Modeling (Second Edition)
- The Real ACT Prep Guide (The only guide to include 3 Real ACT tests)
- The Spartans: The World of the Warrior-Heroes of Ancient Greece
- The TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference
Books Index
Books Home
Recommended Books
- Industrial Cowboys: Miller & Lux and the Transformation of the Far West, 1850-1920
- Calculated Risk: The Extraordinary Life of Jimmy Doolittle-Aviation Pioneer and World War II Hero
- The Ernst & Young Tax Saver's Guide 1997
- Voyage of the Golden Dragon
- AP Comparative Government and Politics: A Study Guide, 2nd Edition
- Democracy in Iran: History and the Quest for Liberty
- An Uncommon Soldier: The Civil War Letters of Sarah Rosetta Wakeman, alias Pvt. Lyons Wakeman, 153rd
- Century 21 Accounting: General Journal Study Guide and Recycling Problem Working Papers
- Unmaking Goliath: Community Control in the Face of Global Capital
- A Question of Blood: An Inspector Rebus Novel
The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers
Secrets and Lies: Digital Security in a Networked World
Beyond Fear
The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage
Hacking: The Art of Exploitation
