Product Description

Internet crime keeps getting worse...but it doesn’t have to be that way. In this book, Internet security pioneer Phillip Hallam-Baker shows how we can make the Internet far friendlier for honest people—and far less friendly to criminals.

The dotCrime Manifesto begins with a revealing new look at the challenge of Internet crime—and a surprising look at today’s Internet criminals. You’ll discover why the Internet’s lack of accountability makes it so vulnerable, and how this can be fixed —technically, politically, and culturally.

Hallam-Baker introduces tactical, short-term measures for countering phishing, botnets, spam, and other forms of Internet crime. Even more important, he presents a comprehensive plan for implementing accountability-driven security infrastructure: a plan that draws on tools that are already available, and rapidly emerging standards and products. The result: a safer Internet that doesn’t sacrifice what people value most: power, ubiquity, simplicity, flexibility, or privacy.

Tactics and strategy: protecting Internet infrastructure from top to bottom

Building more secure transport, messaging, identities, networks, platforms, and more

Gaining safety without sacrificing the Internet’s unique power and value

Making the Internet safer for honest people without sacrificing ubiquity, simplicity, or privacy

Spam: draining the swamp, once and for all

Why spam contributes to virtually every form of Internet crime—and what we can do about it

Design for deployment: how to really make it happen

Defining security objectives, architecture, strategy, and design—and evangelizing them

How to Build a Safer, Better Internet

You’ll find yourself deeply concerned, then fascinated, then hopeful as you read about

•    Building an Internet that resists online crime

•    Phishing, botnets, and spam: tactical, workable, immediate countermeasures

•    Establishing the “Accountable Web”: a strategic, long-term solution to Internet crime

•    Improving security without sacrificing what people love about the Internet

The Internet is today’s Wild West: too much lawlessness, too little accountability. Now, one of the Internet’s leading pioneers shows how we can build a more trustworthy Internet: one that resists crime without frustrating honest people or compromising privacy and civil liberties. Drawing on years at the cutting edge of Internet and security research, Phillip Hallam-Baker offers a complete plan for reinventing the Internet: a plan that addresses everything from technology to politics and culture. Whether you’re a technology professional, policymaker, or citizen, this book will show you how we can make the Internet better, smarter, and above all, safer.

informit.com/aw

Preface xix

Acknowledgments xxiv

About the Author xxviii

Chapter 1: Motive 1

Chapter 2: Famous for Fifteen Minutes 37

Chapter 3: Learning from Mistakes 51

Chapter 4: Making Change Happen 81

Chapter 5: Design for Deployment 107

Chapter 6: Spam Whack-a-Mole 119

Chapter 7: Stopping Spam 135

Chapter 8: Stopping Phishing 155

Chapter 9: Stopping Botnets 175

Chapter 10: Cryptography 199

Chapter 11: Establishing Trust 215

Chapter 12: Secure Transport 227

Chapter 13: Secure Messaging 251

Chapter 14: Secure Identity 277

Chapter 15: Secure Names 311

Chapter 16: Secure Networks 323

Chapter 17: Secure Platforms 343

Chapter 18: Law 355

Chapter 19: The dotCrime Manifesto 377

Further Reading 383

References 387

Index 395

Customer Reviews (2)

Understanding the roots of Internet insecurity
Dr. Hallam-Baker has written a very interesting book that clearly explains the history associated with the development of the Internet and why it is inherently insecure.Dr. Hallam-Baker's insights comes from the fact that he was involved in the creation of the technologies and standards that have become the Internet.He also provides interesting information on the types of Internet based crime and explains how much of what passes for cyber-crime has its roots in other criminal activities - (e.g. the Nigerian Advanced Fee Scam has been around since the middle ages).He provides behind-the-scene interactions that led to some of the decisions that helped create the standards for the Internet.All of this data is interesting for people who haven't lived this for 20 years.The concepts advanced in the book are described in ways that people can understand them well, such as the analogy that Internet security is similar to fire safety standards.The style of the book is readable and enjoyable, without being simple.After discussions of the crimes and threats associated with the Internet, Dr. Hallam-Baker provides many possible ways that security problems, such as SPAM, can be stopped.The weakness in the presentation is that most solutions advanced are best handled by large entities, like ISPs and enterprises.There is much less on what individuals can do to protect themselves.Many of the solutions require the development of standards that will make the Internet secure.Interestingly in the final chapter, Dr. Hallam-Baker stated this wasn't the book he set out to write, but the one he had to write before he could do the second.Given the insight and enjoyable conversational style of this book, I look forward to the next book.Additionally I recommend anyone who wants to understand the roots and threats of cyber-crime, and how the Internet adjusted or didn't adjust to these, to read this book.

Dot Crime Manifseto
This comprehensive book describes in great detail the state of internet crime today and what can be done about it. It gives a complete history that covers hacking and associated crimes beginning with the birth of the internet. In the dot Crime Manifesto, Dr. Hallam-Baker describes the advent and growth of crime on the internet in a way that only someone who has been there and observed it first hand is able to do.

It is well written with many illustrations that make it simpler to understand the difficult and often mind numbing tasks that are a part of the day to day combat known as internet security. One example of how the author gives scope to this complexity is found beginning on page 191. Here, Dr. Hallam-Baker gives an example of what type of man power would have been required to defend similar formations in the past. He starts by describing how the Great Wall of China was originally constructed and how it grew in size over a period of time as more and more invaders circumvented it. He also describes how difficult it was to defend. To quote him, "The wall could not prevent the raiding parties from entering China, but could stop them from escaping with the loot. It is one thing for a few hundred bandits to sneak over an unwatched stretch of wall in the middle of the night, but it is quite another to escape back over a fully guarded wall carrying large quantities of loot with an army in pursuit. - The conventional firewall configuration protects the internal network from external attack. Preventing attacks in the reverse direction reduces the value a captured machine to an attacker." This quote is just one example of how Dot Crime Manifesto surrounds current major issues about security and simplifies the processes that are required to protect systems from attack and penetration.

Dot crime manifesto goes on to describe the most popular processes hackers use to gain access to computer networks and the best ways to defend against them. A good example of the detail and knowledge conferred through Dot Crime Manifesto can be found on page 301. Here the author describes Applied Identity; "When employees require access to valuable assets to perform their jobs, employers need reliable means of controlling access and establishing accountability. Strong authentication is an essential requirement in both cases. - SAML was originally designed to meet the expanding needs of enterprise authentication, authorization, and accountability."

Dot Crime Manifesto also has detailed key points at the end of each chapter, which makes remembering the main points much easier.

Not only does this book include the various means to combat internet crime it includes wealth on information on the history of the internet and the crime it has spawned along the way.

I would highly recommend dot Crime Manifesto to anyone who may be studying for their security certifications or seeking an all-inclusive primer on the processes of internet crime and how to defend against them.
... Read more

Product Description
I-Way Robbery is for security, investigative, law enforcement, and other criminal justice professionals, offering a unique look at the Internet as the new crime environment for the 21st century. The book provides an overview of the Internet, its impact on nations, societies, criminals, security officers, and law enforcement professionals, and includes recommended basic, protective measures.

I-Way Robbery is written in non-technical terms. It is also an excellent reference for business and government agency managers who must understand their responsibilities as they relate to asset protection - especially those who have on and off ramps connected to the I-Way.

Boni and Kovacich start with the basics and teach users about the internet before teaching them about the security risks. This addresses the subject from the non-information systems perspective and educates the average user about the overall risks and appropriate protective measures they should enforce and follow.

This book is a must-have for anyone with an interest in the pitfalls and precautions of doing business on the internet.


I-Way Robbery: Crime on the Internet, uniquely approaches the much talked about topic of Internet Crime and security.It is written for anyone who wants a basic understanding of the Internet crime environment now and into the 21st Century.It covers related Internet business, government, global, laws, politics and privacy issues; techniques being used to commit crimes; what can be done about it; and what challenges the future may hold including topics such as information warfare.

Drawing on their decades of experience in high-technology and Internet crime investigations William Boni and Dr. Gerald L. Kovacich have written not only an excellent reference book for business and government agency managers, small business owners, and teachers, but for anyone who drives along the I-Way.

Addresses the subject of internet security from the non-information systems perspective
Detailed incident reports to fully illustrate the specific issues readers must understand to fully appreciate the risks of I-Way activity
Covers a broad range of issues ... Read more

Customer Reviews (2)

Intellectually Challenging and Practical
I-Way Robbery is an innovative and authoritative guide forprofessionals charged with defending businesses' and governmentagencies' information assests against persons who use the I-Way for criminal, unethical and immoral purposes.Casual and small business users will also be enlightned about some of the dangers they face and what they may do to manage their risks.The authors have carefully identified the most significant problems and issues confronting I-Way users and have provided detailed approaches for their solutions. Emphasis is on "anticipate and prevent" and if something happens the readers of this book will be prepared.

Must read book for security and law enforcment professionals
The "Information System Security Officer's Guide" was a gem which offered the readers sound basic fundamentals on establishing and managing an information protection program.The follow-up "I-WayRobbery" is an equally excellent, easy to read and understandabletreatise on a very complicated, challenging, and sophisticated theme ofInternet crime and security.The authors have provided numerous examplesof illegal intrusion of the of the Internet and have cited recommendedsolutions to prevent and avoid unauthorized and costly attacks by hackers,phreakers, crackers, and even foreign commercial and government agenciestraveling on the I-Way which they analgously compared it to the modernSuperhighways.This book is an excellent companion to the ISSO Guide andshould be included as a reference book for security and law enforcementprofessions.It is also a must read book for executives, managers andsupervisors to understand their responsiblities for effective managementand operation of their connections to the Internet as we head into the newmillennium. ... Read more

Product Description
Computer and network-based crime is a rapidly growing phenomenon and problem for individuals, organizations and society as a whole -- whether in the form of viruses or the distribution of child pornography. There is a broad governmental recognition of the vulnerability of society to attacks against critical infrastructure, which includes computer and communications systems. As a consequence, governments have placed computer crime laws high on the political agenda.

This text provides a comprehensive legal analysis of the substantive and procedural rules relating to computer crime, and offers a clear explanation of the relevant technical aspects of computer crime -- from types of attacks launched through to forensic techniques. The text places computer crime firmly in its international context, through comparative discussion of laws in other jurisdictions, international harmonization initiatives, and mechanisms for co-operation between law enforcement bodies in different jurisdictions. ... Read more

Product Description
On-line harassment and stalking, security for your e-mail,data security, virus implantation, fraud, credit card access, identitytheft, children and pornography, threats to your privacy - there aredozens of evils lurking out there beyond the monitor screen. Here aresimplified answers to protecting your computer, your family, yourself andyour business from the cyber nasties cruising the Internet and theworldwide web. Cyber Crime is a non- technical guide written in plainEnglish, offering easy-to-implement answers and an indispensable appendix,including a list of online resources and a glossary. You and your computerwill breath a sigh of relief after you've read Cyber Crime and followedthe suggestions it offers.Amazon.com Review
Things can go wrong in cyberspace. There's fraud, stalking,viruses, outright theft, and more. And while the online world is stillnot nearly as dangerous as the physical realm, it pays to takeprecautions against victimization. To that end, Laura Quarantiellooffers a detailed look at what's happening in the world of computercrime, complete with insights into the minds of the perpetrators--fromthe mischievous to the malicious. Her stories include both thedisturbing and the heartening, and the advice she's collected--from"cybercops" and "cybercriminals" alike, is wellworth heeding. ... Read more

Customer Reviews (2)

Too short on solution
I must admit I am disappointed in this book. I expected more.A far better book on Internet safety is "Life and Death on the Internet" by Keith Schroeder."Life and Death" is actually used as a training manual in many police departments and the Criminal Justice Dept at Indiana University, where I first read "Life and Death"."Life and Death" is helpful to parents while "Cyber Crime" spends too much time preaching about the problem without providing adaquate solutions.

Wonderful
Ms. Quarantiello has truly written a masterful work on computer crimes, and prevention thereof that can be understood easily by even the worst computer users (as a collective group) in the world... The police!. I am quite impressed, and will be using this book to teach the police to teach the public ... Read more

Product Description
Technological advances continue to make your clients more vulnerable to computer fraud, counterfeit goods, data theft, trademark and copyright infringement, securities fraud, and economic espionage. Moreover, the maze of federal and state laws governing the prosecution of cyber-related crimes is a complex, vast, and ever-changing body of statutes. Which laws apply? What violations have occurred? Is the unscrupulous conduct in question even a crime in the state in which your case is being tried?

Computer and Intellectual Property Crime gives you detailed federal and 50-state coverage of cybercrime law by examining each statute to provide text and analysis of key statutory language, then examine elements of the crimes, classifications of offenses under each statute, penalties, remedies available to victims, sentencing guidelines for corporate defendants, seizure of data and files, triggers of other liability, federal enforcement tools, restitution, and case law developments. ... Read more

Customer Reviews (1)

Great book, bad timing.
In 2001 the Patriot Act changed quite a bit of the computer crime laws and this book was published in 1999. Enough said? Almost. If the Patriot Act hadn't changed computer crimes law (and erroneously made the president think he was infallibly above international law and even domestic law) then this book would be the best there is for the subject. Sadly, it was published only one year before its information became almost completely useless. If you're into computer crime history then this book is great for getting you up to 1999, then you need to fill in the gaps up to the current time (whatever that may be). ... Read more

Product Description
Does using the Internet increase the risk of identity theft, crimes against children, and other crimes, or have the media exaggerated the risk? Can law enforcement deal effectively with cybercriminals and "black hat" hackers? Pro and con viewpoints evaluate the importance of Internet crime and the effectiveness of measures used against it. (20020801) ... Read more

Product Description
Whether you are a criminal lawyer seeking guidance on intellectual property issues, or a civil lawyer with questions about certain areas of criminal law, you will find "Intellectual Property and Computer Crimes" an invaluable reference. It will also be a valuable resource to in-house lawyers and computer security professionals who are concerned about the protection of proprietary information and computer networks. In addition to coverage of laws aimed specifically at intellectual property violations, you'll find discussion of other general criminal laws that are also sometimes used as well as specific recommendations to lower the risk of a company becoming the victim of a theft of trade secrets or of a computer intrusion. This book is updated as needed, generally two times each year. ... Read more

Product Description
"Cybercrime and cyber-terrorism represent a serious challenge to society as a whole." - Hans Christian Krüger, Deputy Secretary General of the Council of Europe
Crime has been with us as long as laws have existed, and modern technology has given us a new type of criminal activity: cybercrime. Computer and network related crime is a problem that spans the globe, and unites those in two disparate fields: law enforcement and information technology.

This book will help both IT pros and law enforcement specialists understand both their own roles and those of the other, and show why that understanding and an organized, cooperative effort is necessary to win the fight against this new type of crime.

62% of US companies reported computer-related security breaches resulting in damages of $124 million dollars. This data is an indication of the massive need for Cybercrime training within the IT and law enforcement communities.
The only book that covers Cybercrime from forensic investigation through prosecution.
Cybercrime is one of the battlefields in the war against terror. ... Read more

Customer Reviews (17)

<Yawn> Tell Me Something I Don't Already Know
Littlejohn Shinder writes a fairly topical analyses of various facets of cybercrime -including several- what can only be described as Computers 101 sections but if you're a typical n00b then it will all seem like a glorious epiphany.In Ch 4 she gets a little on the didactic side where she attempts to debunk the various stereotypes and cliched mindsets associated with the hacking community but she falls far short of any real insight.

Don't bother reading this book if you have even a modicum of tech savvy - the writer won't be telling you anything that you don't already know or figured out for yourself hands on.BTW, most of the URLS provided as reference in this book are 404, which is only to be expected given its 2002 publication date, however I include the comment here in this review because if you're like me, then you like to check out the resources the writer used.

Lastly, by no stretch of the imagination should this title be considered a computer forensics book.The only audience that will consider said title as such are executive officers and marketing types who don't have a clue.

Handy little book
Overall, a very good book.

At times, tries to be too much to too many.

But good info.

Neither Fish Nor Fowl
This is a tough book to review as it tries to speak to two very different audiences -- corporate information security and law enforcement professionals.
The corporate information security professionals will find the technical details misleading and over simplified but will definitely benefit from the detailed discussions of proper process and procedure.
The author leverages her experience as a police officer and academy instructor to good effect in educating us on the viewpoint of the law enforcement community and the requirements we must meet in collecting and preserving admissible evidence.
My advice would be to VERY lightly skim the "technical" material on vulnerabilities, exploits and defenses while reserving detailed reading for the material dealing with process and procedures as well as the logistics for involving and interacting with law enforcement.

So very good on so many levels...
I'm currently in the middle of the book Scene Of The Cybercrime by Debra Littlejohn Shinder, but I decided to do a review right now.This is a really good book on a number of levels...

Most books on computer and network security are written for the techie trying to secure their assets from outside attack.Obviously, there's a huge need for that information.But it seems that there is virtually nothing written from the law enforcement perspective on computer security.That's a major problem in two ways...For one, there are too few law enforcement personnel that understand exactly what cybercrime is and how it can be detected, fought, and prosecuted.That's probably the audience that would benefit most from this book.Second, most technical personnel don't know what to do in order to successfully build a case and prosecute an attacker once an intrusion has occurred.That's the other audience that will gain the most from reading Shinder's work.

The book includes the following chapters:Facing the Cybercrime Problem Head On; Reviewing the History of Cybercrime; Understanding the People on the Scene; Understanding Computer Basics; Understanding Network Basics; Understanding Network Intrusions and Attacks; Understanding Cybercrime Prevention; Implementing System Security; Implementing Cybercrime Detection Techniques; Collecting and Preserving Digital Evidence; Building the Cybercrime Case

The hardcore network security administrator will probably already know most of the information in the "Understanding..." chapters.But unless they are adept or experienced in forensic analysis, the last three chapters will be crucial information for them.Without the knowledge of how to preserve evidence, there's a good chance that you'll never have the satisfaction of seeing your attacker prosecuted.Higher level managers of a corporate security department will find all of this information useful, as they may not be as hands-on as the administrators and may not understand what threats and risks are present in today's environment.

From the law enforcement perspective, it's all good.Fighting cybercrime is so different than regular law enforcement.This is the perfect volume to give the budding cybercop all the information they need to get up to speed with how crime is conducted electronically.I would recommend that this book be required reading for law enforcement and prosecution personnel.

The book is well written with plenty of real-life examples of criminal activities and legal scenarios.It's one of the most engrossing technical reads I've had in awhile.A definite recommended read...

Generic Information Security reading.
Hi,
This book covers all aspects of information security but the title of the book is kind of misleading as the book only has 2chapters that talk about anything close to Forensics.
Would recommend this book to someone who is new to Information security . This ones certainly not a Forensics book . ... Read more

Product Description

This book constitutes the refereed proceedings of the First European Conference on Intelligence and Security Informatics, EuroISI 2008, held in Esbjerg, Denmark, in December 2008.

The 23 revised full papers and 2 revised poster papers presented were carefully reviewed and selected from 48 submissions. The papers are organized in topical sections on criminal and social network analysis, intelligence analysis and knowledge discovery, Web-based intelligence monitoring and analysis, privacy protection, access control, and digital rights management, malware and intrusion detection, as well as surveillance and crisis management.

Product Description
This special edition of Sweet & Maxwell's Criminal Law Review comprises a number of articles which have crime and the Internet as their focus. Written by a number of distinguished experts in their field, and with an introduction by Professor Clive Walker, the articles cover the following topics:* The governance of the Internet in Europe, with special reference to illegal and harmful content * Computer child pornography - the liability of distributors? * Cyberstalking: the regulation of harassment on the Internet * Criminal law and the Internet: the investigator's perspective * Digital footprints: assessing computer evidence * Policing and the regulation of the Internet ... Read more

Product Description
Terrorist attacks are no longer relegated to airports and federal buildings. Using personal computers as their weapons, hackers and criminals (some only 11 years old) have attacked the Internet, government agencies, financial companies, small businesses, and credit card accounts of unsuspecting individuals. This book/CD package provides a complete overview of computer forensics from its definition to "crime scene investigation," seizure of data, determining the "fingerprints" of the crime, and tracking down the criminal. The book focuses on "solving the crime" rather than information security.

KEY FEATURES

* Comprehensive overview of the subject from definitions to data recovery techniques to auditing methods to terrorist cyber-attacks

* Case studies and vignettes of actual computer crimes

* Selected Topics: Computer Forensics Fundamentals; Data Recovery; Evidence Collection And Data Seizure; Duplication And Preservation Of Digital Evidence; Electronic Evidence Reconstructing Past Events; Deterrence through Attacker ID; Destruction of e-mail; Is the US Government Prepared for Information Warfare; The Dark World of the Cyber Underground; Protection against Random Terrorist Information Warfare Tactics; The Cyber Foot Print and Criminal Tacking; The Individual Exposed; Case Studies and Vignettes

* CD includes tools, presentations, and demos of the latest computer forensics software, including partition images from The Forensic Challenge

On the CD-ROM:

The following forensic tools, demos, and presentations are included on the accompanying CD-ROM.

The Forensics Challenge Partition Images
- The HoneyNet Project
FW-1 Specific Network Intrusion Detector
- Lance Spitzner
RecoverNT v3.5(demo)
Recover98 v3.5 (demo)
FILERECOVERY for Windows v2.1(demo)
PHOTORECOVERY for Digital Media 1.5(demo)
- LC Technology International, Inc.
The Coroner's Toolkit (TCT)
- Dan Farmer and Wietse Venema
Free Hex Editor v1.1
- Raihan Kibria
WinHex 10.45(demo)
- X-Ways Software Technology AG
TCPurify 0.9.6
- Ethan Blanton
Protect2000 Security Suite (product presentation)
- Computer Security Products Inc.
Mazu Enforcer (product presentation)
- Mazu NetworksAmazon.com Review
The mightiest fortresses in the world can fail, and when that happens all you can do (you being the person responsible for castle security) is figure out what went wrong, what damage was done, and by whom. If the castle was located in the right kind of kingdom--to take a metaphor too far--you can hope to prosecute the perpetrator. Computer Forensics: Computer Crime Scene Investigation explains how to gather evidence of computer crimes in such a way that it will be more likely to lead to a conviction in a criminal court. It's an interesting legal area--after all, it's almost always you, and not any law enforcement agency doing the surveillance and evidence-gathering on your computer systems--and John Vacca has done a fair bit of research. This book will probably expand your thinking on the subject of information security.

On the other hand, though Vacca gives good general advice (don't lose volatile information by shutting a compromised machine down midattack; do be prepared to translate memory dumps into jury-readable form), he sometimes meanders into generalizations and irrelevancies. The fact that terrorists distribute their plans via public Web sites is certainly scary, but hardly helpful to someone wanting to prosecute the guy who vandalized the corporate Web site. Similarly interesting, but practically irrelevant to most of us, are discussions of high-energy radio frequency (HERF) and electromagnetic pulse (EMP) weapons that can knock out information systems from a distance. More focus on evidence collection in organizational computing environments would make this book useful, rather than just generally informative. --David Wall

Topics covered: How to gather evidence of a hack attack after the fact, and a lot of general-interest information on the state of crime and law enforcement in computer technology. Coverage is almost all general in nature, dealing with how to formulate a strategy and deal with events without getting into details of any operating system or computing environment. ... Read more

Customer Reviews (42)

Deceptive title, very little forensic information
My first question is, does the author know what the title of his own book is?I ask this because I was very disappointed with this work since the title simply does not match the content.The initial chapters do capture some essence of forensic investigation, but there is very little technical detail.It is mostly a "how to" guide for investigative teams in that it offers advice as how to organize, plan, and manage investigations--without getting into the specifics of how to do so. This book may be best for those with no understanding of the subject--like people who know almost nothing about computers.

A third of the way into the book, the author starts talking about cyberwarfare, information warfare, and attacks by hackers and terrorists without making any connection whatsoever to computer forensics and crime scene investigation. The information given is so broad with such little specific, useful examples it appears to be an effort to cover everything which ends up covering nothing.

Also, I did not like how the author pontificated about terrorism/counterterrorism policy issues where he is obviously out of his league as when issuing such sophmoric statements that terroists are increasingly focused on urban areas because cities are important. I thought it was because the world is increasingly urbanized with the majority of the global population-which is the terrorists' audience-now living in cities. Guess I was wrong. Finally, the author makes political statements in this work about U.S. political parties and representatives making certain decisions about missile defense strategy. Again, he is clearly out of his league and these examples only underline how far he has strayed off the title of the book--computer forensics and crime scene investigations.

In sum, this is a long book suffering from a lack of focus which only superficially addresses the issue of computer forensics and crime scene investigation.I suggest you look elsewhere for a detailed work on computer forensics. I bought this book on ebay for $5.00 and was I glad I did...it's not worth a penny more.

In the field of computer forensics
This is an excellent book. I will tell you that it is not for beginners. This book is like a field book telling you the ins and outs of the legal side of computer forensics. It does tell you about some of the technical aspects of the Computer Forecsics field.

Little or nothing for the practitioner or serious student
Vacca appears to have edited rather than written this, and none too well at that.Some chapters use British spelling and some US, some talk of Pounds Sterling and others Dollars.(For each of the five star reviews, examine that writer's other reviews see if you detect a pattern emerging.)

Having said that, the book does present a fairly decent overview of computer forensics for those who want general information about it, and had it been advertised as such I'd have graded it higher.It offers little or nothing, however, to the practitioner or serious student.

Okay but I was disappointed
I was real excited when I saw this book that looked like the bible of computer forensics and it came with a DVD. The cost of 50 dollars made it expensive but with DVD that I hope would have video that I can watch.

THe book is okay in giving a general idea of computer forensics. It was not very specific in what to do. It has an interactive part in which it give you general answer too not very thorough.

Then, it goes on a tangent about warfare and cyber terrorism. It leaves the forensics behind. And the book goes over 700 pages.

The DVd is intro to some fornesics software, I was hoping it had video
to show people like me that are visual and can learn more this way.

So, the book is okay but I would check others that are more specific and give more thorough details about computer forensics.

New/updated info is spot on!
This edition of the book addresses the most current concerns/issues that every computer professional/layman should be aware of.The sheer amount of information offerd is impressive but, as always, presented in the same easy-to-absorb manner as John's numerous other books. ... Read more

Product Description
An essential reference for scholars and others whose work brings them into contact with managing, policing and regulating online behaviour, the "Handbook on Internet Crime" emerges at a time of rapid social and technological change. Amidst much debate about the dangers presented by the Internet and intensive negotiation over its legitimate uses and regulation, this is the most comprehensive and ambitious book on cybercrime to date. "The Handbook on Internet Crime" gathers together the leading scholars in the field to explore issues and debates surrounding internet-related crime, deviance, policing, law and regulation in the 21st century. The Handbook reflects the range and depth of cybercrime research and scholarship, combining contributions from many of those who have established and developed cyber research over the past 25 years and who continue to shape it in its current phase, with more recent entrants to the field who are building on this tradition and breaking new ground. Contributions reflect both the global nature of cybercrime problems, and the international span of scholarship addressing its challenges. ... Read more

Product Description
With the intense growth of e-business, we hear about an increase in hacking and technology-based criminal incidents. Institutions such as Citibank and Ebay have faced intrusions that have cost them millions of dollars in damages. With the onset of these criminal attacks, there is an increase in demand for products and services that provide more information for people. Tangled Web: Tales of Digital Crime from the Shadows of Cyberspace portrays the shadow side of cyberspace by taking you into the lairs of hackers, crackers, researchers, private investigators, law enforcement agents and intelligence officers. The book covers what kinds of cyber-crimes are going to affect business on the Internet, their cost, how they are investigated, and the motivation of hackers and virus writers. Also covered are the problems faced by law enforcement, corporate cyber security professionals, and real-world examples of cyber crimes and lessons learned.Amazon.com Review
Part true crime, part call to arms, Tangled Web: Tales of Digital Crime from the Shadows of Cyberspace looks over the firewall from both sides to examine the brave new crooks and their pursuers. Author Richard Power, editorial director of San Francisco's Computer Security Institute, is simultaneously engaging and shaky--a rare and lovely combination. Between interviews with hackers and security experts, Power plies the reader with numbers that suggest that the world's networks are swarming with money-sucking leeches, most of which are never even noticed, and certainly not caught. If his voice never quite becomes hysterical, it's to preserve his credibility; after all, Power's Institute needs a strong public awareness of cybercrime in order to stay in business.

This is not to say that Tangled Web is inaccurate or strongly biased. The author gives credit, where it is due, to law enforcement agencies and security consultants who have made some genuine progress in preventing crime and apprehending criminals. Fortunately, it's tough, as of yet, to commit violent crimes over a network, but the reader still will find reason to think twice before glossing over security procedures, even at home. Power provides example countermeasures for all desired levels of connection, value, and privacy; and, while some are out of reach of individuals and smaller businesses, others cost only a little time or convenience. As with health insurance, it's better to take care of it beforehand, and Tangled Web should inspire even the most confident reader to action. --Rob Lightner ... Read more

Customer Reviews (16)

Great Summary...Too Long...Somewhat Outdated
I just finished reading Tangled Web by Richard Power. I thoroughly enjoyed most of it. He presents a very technical, a possibly boring subject in a very realistic and easy-to-read light. Many cyber-crime books either blow the topic way out of proportion and pander to the uneducated and gullible. They would have the same sort of audience that stocked up on supplies in the waning days of 1999 waiting for the Y2K bug to end the world. Powers does not do that. Nor does he play the issue down as some have. His information is backed by statistics, mostly presented in easy-to-read summary charts and tables. He prefaces the discussions of the various aspects of crimes with anecdotes that draw you into the topic, making you want to learn more. Overall, it is a very accurate, informative, and fun read.
My primary two concerns with the book that kept me from the 5-star rating are (1) The chapters are long winded. (2) Some of the information is outdated.
I wish that the author would have cut every section down in size by about 25%. Remember high school, when the teacher assigned a 5-page essay but you only had 4 pages of information? I don't know what the cause is, but this seems to be what Power did for many of the chapters. It takes away from the readability, but not significantly enough for me to suggest against this book.
Simply due to the rapidly changing environment of networking, computer technology, and the internet, this book is necessarily mildly outdated, since it was written in 2000. However, this problem is not great. This is not a technical
"how to stop cybercrime" book. It is more of an overview of what cybercrime is, what it can look like, and what it isn't. Therefore, even if the nuances of the crimes or the nuances of the preventions have changed, the bird's-eye view of them has changed very little. This also should not keep you from this book.
If you are interested in the subject buy this book. Now that so many copies are available so inexpensively by purchasing used, there is nothing to keep from reading this.

Really good book to give a manager
This is a really good book to give a manager.

It tells stories of what happens when you don't do security right without getting too technical.

Intriguing, Thought-Provoking, and Compelling!
Advances made in computer and Internet technologies have contributed to the expansion of gathering, storing, processing, and exchanging all types of information. Unfortunately, there are many unscrupulous people around these days who make unlawful attempts to obtain certain information, damage information and computer systems, obstruct services, cause mischief, and otherwise interfere with normal electronic communications.

Tangled Web discusses the roles of computer, Internet, and telecommunications technologies in the realm of computer crime - including pornography, identity theft, hacking, credit card data theft, altering Web pages, deliberate shutting down of services, fraudulent money transfers, worm and virus infections, and sabotage carried out by disgruntled employees. Actual accounts of real people perpetrating such crimes, including interviews, drives home the impact that criminal computer activity can have on the lives of so many other people.

Power describes in detail the kind of people involved in committing computerized crime - their motivations, how they go about their work, some of the law enforcement strategies involved in catching them, and the consequences of their actions - including monetary losses, downtime, and threats to human safety.

The book contains a helpful glossary of terminology specifically related to computer crime. A listing of resources provides readers with a wealth of additional information about computer crime, threats to online privacy, and measures that can be taken to help prevent future breaches of safety and security. Inclusion of the Computer Fraud and Misuse Act and other U.S. laws and treaties spells out the serious nature of criminal computer crime and some of the steps the federal government has taken to discourage further criminal activity.

I found the book quite chilling. I couldn't easily put it down. Anyone familiar with Simson Garfinkel's Database Nation (O'Reilly & Associates), will find this book thoroughly intriguing, thought-provoking, and compelling reason enough to take more serious measures to protect their computer systems and data against possible attack. Extraordinary reading and relevant to our culture today!

Good resources but just okay......
This really is the "topic du jour" and it clearly is an important one, but like some of the other readers I found Schneier's book (Secrets & Lies) to be much more informative, both for senior managers and those involved in the day-to-day issues.For most of the book I got the feeling I was being lectured by a security guard explaining a lot of the concepts, and I found some of the fiscal impact figures to be sketchy at best.I think the proof of this is the readjustment of the demonstrable financial impact when persuing court cases - these numbers tend to be a fraction of those presented within the text.

If one knows nothing on the subject and wants to hear "the inside scoop" on a number of news stories, it is an okay start.To my mind, the best part of the book were the appendices and the references to other resources throughout the book - those other resources are a lot more valuable than the text in the book itself.

A real eye opener on Digital weakness
Just amazing. This book and also the author acknowledges that there are more digital crimes happening every day then reported. I enjoyed this book and would certainly recommend it to all IT people to read this book especially who works in "DIGITAL SECURITY". ... Read more

Product Description
Written by a former NYPD cyber cop, this is the only book available that discusses the hard questions cyber crime investigators are asking.

The book begins with the chapter "What is Cyber Crime?" This introductory chapter describes the most common challenges faced by cyber investigators today. The following chapters discuss the methodologies behind cyber investigations; and frequently encountered pitfalls. Issues relating to cyber crime definitions, the electronic crime scene, computer forensics, and preparing and presenting a cyber crime investigation in court will be examined. Not only will these topics be generally be discussed and explained for the novice, but the hard questions -the questions that have the power to divide this community- will also be examined in a comprehensive and thoughtful manner.

This book will serve as a foundational text for the cyber crime community to begin to move past current difficulties into its next evolution.

* This book has been written by a retired NYPD cyber cop, who has worked many high-profile computer crime cases

* Discusses the complex relationship between the public and private sector with regards to cyber crime

* Provides essential information for IT security professionals and first responders on maintaining chain of evidence ... Read more

Product Description

In less than a decade, personal computers have become part of our daily lives. Many of us come into contact with computers every day, whether at work, school or home.As useful as the new technologies are, they also have a darker side. By making computers part of our daily lives, we run the risk of allowing thieves, swindlers, and all kinds of deviants directly into our homes. Armed with a personal computer, a modem and just a little knowledge, a thief can easily access confidential information, such as details of bank accounts and credit cards. This book helps people avoid harm at the hands of Internet criminals. It offers a tour of the more dangerous parts of the Internet, as the author explains who the predators are, their motivations, how they operate and how to protect against them.

In less than a decade, personal computers have become part of our daily lives. Many of us come into contact with computers every day, whether at work, school or home.As useful as the new technologies are, they also have a darker side. By making computers part of our daily lives, we run the risk of allowing thieves, swindlers, and all kinds of deviants directly into our homes.Armed with a personal computer, a modem and just a little knowledge, a thief can easily access confidential information, such as details of bank accounts and credit cards. This book is intended to help people avoid harm at the hands of Internet criminals. It offers a tour of the more dangerous parts of the Internet, as the author explains who the predators are, their motivations, how they operate and how to protect against them.

Behind the doors of our own homes, we assume we are safe from predators, con artists, and other criminals wishing us harm.But the proliferation of personal computers and the growth of the Internet have invited these unsavory types right into our family rooms.With a little psychological knowledge a con man can start to manipulate us in different ways. A terrorist can recruit new members and raise money over the Internet. Identity thieves can gather personal information and exploit it for criminal purposes. Spammers can wreak havoc on businesses and individuals. Here, an expert helps readers recognize the signs of a would-be criminal in their midst. Focusing on the perpetrators, the author provides information about how they operate, why they do it, what they hope to do, and how to protect yourself from becoming a victim.

Customer Reviews (1)

A 'must' not just for college-level collections strong in social issues or crime prevention
Internet's promises also lead to new threats as terrorists recruit new members and raise money from internet scams and psychological manipulation. THE DARK SIDE OF THE INTERNET: PROTECTING YOURSELF AND YOUR FAMILY FROM ONLINE CRIMINALS helps readers recognize the danger signs of internet threats, from spyware to auctions and cyberstalking. Each topic receives in-depth history, overviews of 'how' and discussions of recovery, fraud, and protection measures. A 'must' not just for college-level collections strong in social issues or crime prevention, but for any general-interest library. ... Read more

Product Description
This book begins by laying out a history of espionage that clearly shows that when a new technology or technique becomes available to the information gatherers in public and private sectors, they can quickly be adopted for Netspionage use. It then moves on to describe how the Internet and associated technologies have already revolutionized the collection and analysis of competitive information. The convergence of dependency on networked and exploitation tools (often propagated by "hackers," "cyberpunks," and even intelligence agencies) has already resulted in several incidents that foreshadow the perilous future. Close study of these incidents demonstrates how difficult yet how important it is to confront the challenges of "netspionage" and its less intrusive cousins. The authors present a set of the known incidents and then outline protective measures that will reduce the potential and consequences of netspionage.

Unlike most security books, this one is written for managers and executives in non-protection roles of the organization, since they are the ones who must take a leadership role in safeguarding the information assets of the networked enterprise.



*Practical guide written from front-line experience
*Explains the evolution of information collection and why it has never been easier
*Highlights the tools of the trade and how they can be put to best use ... Read more

Customer Reviews (7)

Great book!
The threat is real.

Make sure your boss and CIO read this book, tonight!!

How to best protect and secure information
In Netspionage: The Global Threat To Information, William Boni and Gerald Kovacich draw upon there many years of professional experience in corporate security and intelligence to describe and address Internet-based threats to information security. Very highly recommended, essential reading for anyone charged with corporate, government, or personal information security in this age of cyberspace hackers, terrorists, and espionage, Netspionage is a very practical and experience-based guide to the evolution of information collection and how to best protect and secure information from unwarranted and criminal attempts to access and corrupt corporate records, databases, projects, and trade secrets.

Wow, is this book poorly written.
This book reads like the authors' notes for giving presentations - which I'm sure it is. There is a ton of repetition, and it obviously wasn't edited at all. Plus, the grammar and punctuation are what you might get if you asked a third grader to write with the dense verboseness and gobbledygook of a military tech-writer. This is the first book on the subject that I have read, and there was some good, basic information, as well as some unintentional laughs. But surely there are better books out there, at a better price. The hard information in this could have easily been condensed down to a pamphlet.

A waste of money
This is the first book that I have read that originates from a Power Point presentation.You can tell because the original Power Point slides are reproduced (poorly) and intersperced throughout the book.

I would guess that these slides were used to great effect several years ago to stunned senior managers of companies still figuring out what the Internet meant.But in 2001, most people are beyond needing this explained to them.To give an idea of the target audience, one of the slides is titled something like "Historical Development of Information Technology" and includes "Invention of Abacus - 3,000 B.C."Is that big picture and patronizing enough for you? How about page after page explaining what the Internet is and revelations like "Other companies can use the Internet to do bad things.Like gather information about YOUR company." "Other companies may try to STEAL your information".Etc. etc. etc., mostly filler (probably the filler they used to fill out the time giving the presentation)A saving grace would have been if the authors had annecdotes of real instances of "Netspionage", or other "inside" experiences to impart, but most of the concrete examples they give appear to be from published cases.So, if you already know what the Internet is and that IT security is imporant, don't bother.If you don't know either of these things, buy a book about the Internet and remember, IT security is imporant.

I'll bet Tom Clancy read this book.
This book serves as a primer for network espionage identification, control and a future studies. MBA and MIS students should see this on their required reading lists.This is not a technical book with over 2000 pages of source code, or a hacker novel.Yet through case studies and a demonstration of traditional intelligence gathering techniques (ethical and not) Boni and Kovacich prepare us to look into the future, and the present to protect our information assets. ... Read more

Product Description

This book constitutes the refereed proceedings of the Pacific Asia Workshop on Intelligence and Security Informatics, PAISI 2007, held in Chengdu, China in April 2007.

The 18 revised full papers, 14 revised short papers, and extended abstracts of 10 poster papers presented were carefully reviewed and selected from 159 submissions. The papers are organized in topical sections on crime analysis, emergency response and surveillance, intrusion detection, network security, data and text mining, cybercrime and information access and security, intrusion detection, network security, terrorism informatics and crime analysis, network security and intrusion detection.