[funsec] REVIEW: "The dotCrime Manifesto", Phillip Hallam-Baker

Rob, grandpa of Ryan, Trevor, Devon & Hannah rmslade at shaw.ca
Thu Jul 3 14:06:12 CDT 2008


BKDCRMNF.RVW   20080317

"The dotCrime Manifesto", Phillip Hallam-Baker, 2008, 0-321-50358-9,
U$29.99/C$32.99
%A   Phillip Hallam-Baker dotcrimemanifesto.com hallam at gmail.com
%C   P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario  M3C 2T8
%D   2008
%G   978-0-321-50358-9 0-321-50358-9
%I   Addison-Wesley Publishing Co.
%O   U$29.99/C$32.99 416-447-5101 fax: 416-443-0948 800-822-6339 
%O  http://www.amazon.com/exec/obidos/ASIN/0321503589/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/0321503589/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/0321503589/robsladesin03-20
%O   Audience n+ Tech 2 Writing 2 (see revfaq.htm for explanation)
%P   415 p.
%T   "The dotCrime Manifesto: How to Stop Internet Crime"

In the preface, the author notes that network and computer crime is a
matter of people, not of technology.  However, he also notes that
changes to the network infrastructure, as well as improvements in
accountability, would assist in reducing user risk on the net.

Section one enlarges on the theme that people are more important than
machines or protocols.  Chapter one looks at the motive for Internet
crime (money, just like non-computer crime), and repeats the motifs of
the preface.  The text goes on to list various categories and examples
of network fraud.  The content of chapter two is very interesting, but
it is hard to find a central thread.  Overall it appears to be saying
that computer criminals are not the masterminds implied by media
portrayals, but that the problem of malfeasance is growing and needs
to be seriously addressed.  What Hallam-Baker seems to mean by
"Learning from Mistakes," in chapter three, is that security
professionals often rely too much on general principles, rather than
accepting a functional, if imperfect, solution that reduces the
severity of the problem.  Chapter four presents the standard (if
you'll pardon the expression) discussion of change and the acceptance
of new technologies.  A process for driving change designed to improve
the Internet infrastructure is proposed in chapter five.

Section two examines ways to address some of the major network crime
risks.  Chapter six notes the problems with many common means of
handling spam.  SenderID and SPF is promoted in chapter seven (without
expanding the acronym to Sender Policy Framework anywhere in the book
that I could find).  Phishing, and protection against it, is discussed
in chapter eight.  Chapter nine is supposed to deal with botnets, but
concentrates on trojans and firewalls (although I was glad to see a
mention of "reverse firewalls," or egress scanning, which is too often
neglected).

Section three details the security tools of cryptography and trust. 
Chapter ten outlines some history and concepts of cryptography. 
Trust, in chapter eleven, is confined to the need for aspects of
public key infrastructure (PKI).

Section four presents thoughts on accountability.  Secure transport,
in chapter twelve, starts with thoughts on SSL (Secure Sockets Layer),
and then moves to more characteristics of certificates and the
Extended Verification certificates.  (The promotion of Verisign,
infrequent and somewhat amusing in the earlier chapters is, by this
point in the book, becoming increasingly annoying.  The author is also
starting to make more subjective assertions, such as boosting the
trusted computing platform initiative.)  Domain Keys Identified Mail
(DKIM) is the major technology promoted in support of secure
messaging, in chapter thirteen.  Chapter fourteen, about secure
identity, has an analysis of a variety of technologies.  (The
recommendations about technologies are supported even less than
before, and the work now starts to sound rather doctrinaire.)  It may
seem rather odd to talk about secure names as opposed to identities,
but Hallam-Baker is dealing with identifiers such as email addresses
and domain names in chapter fifteen.  Chapter sixteen looks at various
considerations in regard to securing networks, mostly in terms of
authentication.  Random thoughts on operating system, hardware, or
application security make up chapter seventeen.  The author stresses,
in chapter eighteen, that the law, used in conjunction with security
technologies, can help in reducing overall threat levels.  Chapter
nineteen finishes off the text with a proposed outline of action that
recaps the major points.

Hallam-Baker uses a dry wit well, and to good effect in the book.  The
humour supports and reinforces the points being made.  So does his
extensive and generally reliable knowledge of computer technology and
history.  In certain areas the author is either less knowledgeable or
careless in his wording, and, unfortunately, the effect is to lessen
the reader's confidence in his conclusions.  This is a pity, since
Hallam-Baker is championing a number of positions that would promote
much greater safety and security on the Internet.  Overall this work
is, for the non-specialist, a much-better-than-average introduction to
the issue of Internet crime and protection, and is also worth serious
consideration by security professionals for the thought-provoking
challenges to standard approaches to the problems examined.

copyright Robert M. Slade, 2008   BKDCRMNF.RVW   2008031


======================  (quote inserted randomly by Pegasus Mailer)
rslade at vcn.bc.ca     slade at victoria.tc.ca     rslade at computercrime.org
Do not go where the path may lead, go instead where there is no
path and leave a trail.                        - Ralph Waldo Emerson
http://victoria.tc.ca/techrev/rms.htm


More information about the funsec mailing list