Secrets of Computer Espionage: Tactics and Countermeasures – Book Reviews
Some reviews of the book that I've stumbled upon
or have been told about...
Globe and Mail
July 28, 2003
Andrew Allentuck
http://www.globetechnology.com/books/0764537105.html
On the theory that the best way to knock out an enemy is to
exposure, security expert Joel McNamara has written an impossible to put down,
compelling page turner that shows how easy it is to compromise any awful lot of
existing security systems.
There’s a broad review of who spies on whom, the U.S.
laws that are supposed to protect computer security, the odds of getting caught
(small), spy tactics and vulnerabilities, searching for evidence, levels of
encryption, snooping with keyloggers and detecting keyloggers, use of Trojan
horses, eavesdropping on networks, eavesdropping on Wi-Fi networks,
electromagnetic eavesdropping and much more.
Mr. McNamara provides backdoor passwords. He explains that
there is no need to understand the nuances of high level encryption to get into
a password-protected hard drive - just steal it, plug it into another computer,
and see what’s there. Trojans that are blocked by conventional anti-virusware
can still be sent, he notes, during instant messaging exchanges. On AOL, just
enter “netstart - n at the command line and the address associated with port
5190 is the IP address of the person at the other end of the line. And you are
in.
You don't have to be paranoid to appreciate the danger of the password cracking utilities that are available online, the availability of password dialog box cracking tools and cryptosystem cracking. A 128-bit key can be cracked by brute force, though current technology continues to suggest that it will take more years to do it than there are atoms in the universe. But with some understanding of the character sets that most folks use and a little luck, it can be done in days - as some labs have shown.
This is a security manual you’ll stay awake at night
reading. It may even make you tremble. It’s that good.
IEEE Cipher: Electronic Newsletter of the Technical
Committee on Security and Privacy
August 1, 2003
Robert Bruen
http://www.ieee-security.org/Cipher/PastIssues/2003/E55.Aug-2003/E55.Aug-2003.html
Forensics, privacy, vulnerabilities and black bag jobs all
meet in this practical and comprehensive spy oriented security book. The spies
we are used to seeing in movies from years past had a tendency to meet in dark
alleys and exotic places. They met to exchange secrets. Today's spies can sit at
a computer almost anywhere there is net access to do their work, just like the
rest of us. The difference is that the spies want something. They are not
hackers and crackers per se, but they will use whatever they need to use to get
what they want. Hackers may want to use your system as a team member in a DDoS
attack, but the spy really wants to get from you is information.
Spies come from a wide range of motivations, some from
governments, both friendly and unfriendly, some come from businesses trying to
discover trade secrets and other useful business information and some are just
nosy neighbors. While we have all read about the people who are trying to pry
into our private affairs and how to protect ourselves, we now can read how to go
about doing the spying. There is a lot a familiar material in Secrets, such as
recovering erased files, protecting your laptop on while on the road, packet
sniffers and keyloggers, there is new material as well. The wi-fi world is
covered, including topics like the Pringle can antenna, MAC spoofing and WEP
attacks.
The chapter on electronic spy devices runs the gamut from
fax machines and digital cameras, with a few good stories like the cameras
inside of Xerox photocopy machines which kept copies of what was copied. It
seems that most of the spy gear is now in the consumer electronic marketplace.
The homing devices stuck on your car by the some spy agency can be purchased by
anyone. Moreover, a do-it-yourself jamming device to defeat is available on the
net.
The last chapter covers advanced espionage, for example, Echelon, Carnivore and Magic Lantern on the Fed side and the latest worms used for intelligence gathering on the spy side. Given the latest bank robberies techniques used in South Africa and Nebraska, this use of worms is particularly insightful.
This book is full of interesting and useful digital spy techniques. It provides some extra points for security and forensics professionals, as well. It is comprehensive, well written and up-to-date. It is easily worth the price to extend your knowledge in a practical way. Recommended.
Linux Journal
August 22, 2003
Frank Conley
http://www.linuxjournal.com//article.php?sid=7011
As I sat one morning working on some loose ends, my e-mail
inbox signaled the arrival of some new message. Experience is the best teacher,
and my experience told me this was a new worm or virus.
The attachment was zipped, so I saved it to my Windows
desktop and then FTPed it to one of my Linux boxes. Once there, I was safe to
play with it the way a cat plays with a small mouse it caught. Such is the
nature of security today. What I once loathed, I now treat as a daily component
of handling information.
The security layer is not as static as other parts of the
information infrastructure; it changes and evolves new countermeasures
constantly. I don't try to keep up with everything, but I do pay attention. Two
books have caught my attention, one because it is a cookbook for Linux security,
a time saver, and the other because it covers other things I don't deal with,
but having the knowledge helps one make connections. My third and more personal
reason is I do not like being surprised. When you have enough bad experiences
with security issues, you come to understand this.
Secrets of Computer Espionage is an informative--and if
you're a geek--an entertaining book. My expectation was this book would point me
to a number of security-oriented Web sites, which it does. But as the author
explains, spying techniques and countermeasures also should explore concepts of
what you should protect, risk analysis in making determinations and even who are
potential spies.
It would be enough if all the book covers is computer
security, but it goes beyond that to electronic devices such as faxes,
shredders, cell phones, PDAs and MP3 players. Many of the listed Web sites have
a Windows orientation, but it's not exclusive. Linux and UNIX are included in
this party.
As I'm not a security or "spook" type, I give the topic the time slice I can afford to allocate to it so I can do what I need to do, but this book has pushed security and how I think about it to a different level. My advice is the next time you go to your local bookseller, locate a copy, buy a cup of coffee and spend some time with it. I bet you'll be hooked.
Five stars - Informative and practical, plus a fun read, August 18, 2003
Reviewer: Dean Smith (see more about me) from Redmond, WA
As co-owner of a small business I read "Secrets of Computer Espionage" with interest, particularly since I thought that running a firewall and virus protection made my system fairly safe from intrusion. Hardly.
Consider the book required reading if you run any flavor of Microsoft Windows and need to keep private information private, and especially if your computers support external data connections (read: internet or external access).
McNamara covers a wide range of possible computer attacks from the mundane to the geeky-obscure. And he discusses the reasonable likelihood of each different type of attack along with how to identify and defend against them.
He also keeps the book common-sense, such as don't invest tens of thousands of dollars in attack-hardened hardware and software if you leave your building unlocked. He talks about physical access restrictions, company security policies, and other considerations regarding the ultimate goal of keeping the contents of your computer system safe
- points that some computer security books overlook.
Finally, I love that McNamara injects humor, a conversational tone and many case studies into his book. It turns a potentially dry topic into an enjoyable read.
To paraphrase Humphrey Bogart in Casablanca, "Who’s looking at you, kid?" Your boss? Your competitors? The government? Your ex-spouse’s private investigator? Some kid down the street? Your kid? How paranoid should you be? Secrets of Computer Espionage will tell you. Want to know the latest “spy vs. spy” tricks -- and countermeasures? This book will tell you that, too.
Author Joel McNamara is a leading security and privacy consultant who created Private Idaho -- for years, one of the top Windows email privacy tools. He was among the first demonstrate the risks of Word macro viruses. He also maintains The Complete, Unofficial TEMPEST Information Page, which demystifies secret government techniques for reconstructing data from your PC’s electromagnetic emanations.)
In this book, he systematically reviews the art and technologies of high-tech espionage. He also presents effective countermeasures -- many surprisingly easy and inexpensive. Most important, he teaches you to “think like a spy” -- so you can identify vulnerabilities you’d never have considered before.
McNamara starts with risk assessment. What do you have? Who might want it? How badly? How might they get it? What would happen if they got it? How can it be protected? Is protecting it worth the cost?
There’s a full chapter on the current laws on computer espionage. What are you (theoretically) protected against? If you’re the spy, what can’t you do, and what must you do? How has the USA Patriot Act of 2001 changed things?
Next, there’s a full chapter on “black bag jobs” -- e.g., burglaries designed to steal critical information or plant “bugs” or computer software designed to compromise information later. (The technologies have changed since the ’72 Watergate burglary that sank Richard Nixon, but the tradecraft hasn’t.) McNamara also outlines five sets of countermeasures.
Once a spy gains physical access, there are a laundry list of techniques for getting inside. McNamara covers them all. BIOS attack tools. CMOS zapping. Circumventing screen savers. System password recovery disks. Booting alternate operating systems (e.g., running DOS to access an NTFS drive with NTFSDOS). Even pulling the hard drive.
You’ll go behind the scenes with forensics specialists searching for evidence on your PC. You’ll discover their tools and procedures, and the key files and filesystem locations most likely to be searched (for instance, slack space, Windows swap files, browser artifacts, Sent Mail folders, IM and IRC logs). You’ll also learn what to expect from countermeasures such as encryption and “evidence eliminator” software.
You name it, McNamara covers it: password crackers, Trojan horses, data duplication tools, keyloggers, and anti-spyware such as Pest Patrol and Who’s Watching Me. There’s extensive coverage of network eavesdropping, including a full chapter on wireless vulnerabilities.
McNamara goes beyond PCs to discuss spying on fax machines, PDAs, voicemail systems, cell phones -- even shredders. He concludes with a well-informed chapter on secret government spying programs such as ECHELON.
Ignorance is no longer bliss. Know what’s out there. Know what to do about it. Read Secrets of Computer Espionage. Bill Camarda