Please create an account to participate in the Slashdot moderation system


Forgot your password?
Books Media Security Book Reviews

High-Tech Crimes Revealed 114

Alex Moskalyuk writes "When reading about the computer crimes, we are usually told the victim's point of view. We learn about the thieves stealing thousands of credit card numbers and identity theft victims, who lost their credit history with the wallet they lost at the mall. But how do criminals ever get caught? Who performs the forensic search and participates in sting operations?" Read on for Alex's review of High-Tech Crimes Revealed, which addresses these questions.
High-Tech Crimes Revealed
author Steven Branigan
pages 448
publisher Addison-Wesley
rating 9
reviewer Alex Moskalyuk
ISBN 0321218736
summary Cyberwar Stories from the Digital Front
Steven Branigan is a cop, a system administrator, an Internet security consultant and network security researcher. Ex-employee of Bell Labs now is a founder of a company that "specializes in solving leading edge computer and network security issues."

The book is a collection of high-tech investigations performed by Branigan in cooperation with the police force and sometimes the Feds. Generally Branigan would be involved in forensic research of the evidence and be on the scene as the "computer expert" that cops would refer to when dealing with cybercrime.

Twelve chapters take us through some of the high-tech crimes that the Western world faces today. An attack on the telephone network (unauthorized access to the switches), backdoors left at the former employer, hacking into university networks and the well-publicized identity theft are all covered in the book. Branigan brings up anecdotal evidence from his own career, describes some of his cases in great detail, and provides advice for practitioners in the forensics field.

The author is a Linux/Unix/BSD guru, and he shares his methods for retrieving telltale data from the equipment that the criminals leave behind. He also talks about the generic problems that law enforcement faces when investigating a high-tech crime - how do you obtain a warrant, what's a proper way to conduct searches, how do you work with the confiscated computer so that all the data is left intact?

However, don't expect some secrets to pop-up in regards to data collection - Branigan uses commonly available Linux tools like grep for searching the suspect's hard drive for needed data. More often that not, the investigator, it turns out, depends on his experience, not the book knowledge - one has to recognize the network sniffer log when they see it, and be capable of recognizing the tools freely downloadable from security sites.

Thus it's not surprising that there are some chapters in the book dedicated purely to the author's experience in the field. He describes working with the hackers who have been arrested, discusses how rootkits are spread around, discusses the motivation behind the network attacks (it's not always money, to say the least), describes the structure of a hacking ring and their potential revenues and also talks about ways to unravel the networks. His motto? No crime is too small, and sometimes things so little as missing the rent can lead to more discoveries and tie-ins into bigger crimes.

If you're thinking about becoming a security consultant, a law enforcement officer or just a sysadmin with better than average knowledge of security, this book is an interesting read. It's not a textbook, nor it is technical by nature. It reads more like a detective story, except the stories are real, the culprits are real and so are the victims. One can read the book on two levels - as a forensics tutorial (however, don't expect extended technical tutorials and tools overview) or as an autobiography of a cop, who had to deal with high-tech crimes all his life. If you liked Art of Deception or Hacking: The Art of Exploitation , this title would be a perfect complement.

Chapter 3, If Only He Had Paid the Rent, is available online from Addison-Wesley.

Alex enjoys reading programming, technology and business tech books in his spare time. He also keeps a list of free books available on the Internet for tech readers on a budget. You can purchase High-Tech Crimes Revealed from Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

This discussion has been archived. No new comments can be posted.

High-Tech Crimes Revealed

Comments Filter:
  • Double-edged? (Score:5, Interesting)

    by fembots ( 753724 ) on Monday November 01, 2004 @05:31PM (#10692463) Homepage
    I wonder if the author left out some "secret methods" he used in the field, since his now owns a company that specializes in solving leading edge computer and network security issues, those methods can be valuable trade secrets.

    And high-tech criminals can also learn from others' mistakes and be more careful next time if the author detailed enough of how he traced a criminal.

    So do slashdotters have any of these "secrets" to share?
    • Re:Double-edged? (Score:5, Insightful)

      by lukewarmfusion ( 726141 ) on Monday November 01, 2004 @05:44PM (#10692667) Homepage Journal
      I'm sure he doesn't give the farm away, but like most people he isn't averse to sharing something. People tend to enjoy talking about themselves. And when there are book royalties involved, the flood gates open.

      As for learning from your mistakes, sometimes it's a mistake - and sometimes it's simply impossible. You leave a trace behind you on the internet, on your network, and on your computer. It's hilarious to me how many low-tech criminals get caught for crimes they thought were untraceable. A deer in headlights (or whatever your favorite cliche is).
    • by Frymaster ( 171343 ) on Monday November 01, 2004 @05:46PM (#10692712) Homepage Journal
      from the article:
      Branigan uses commonly available Linux tools like grep for searching the suspect's hard drive...

      by double-edged:
      I wonder if the author left out some "secret methods" he used in the field

      yes. fgrep []

    • by weinrich ( 414267 ) on Monday November 01, 2004 @05:47PM (#10692719)
      "...criminals can also learn from other's mistakes and be more careful next time..."

      We should be advocating secrecy around how these crimes are solved because the next criminal might learn, and won't make the same mistake as the last one?


      I don't know the exact statistics, but I am certain the clear majority of criminals are caught and convicted because they made the same mistake that millions of criminals before them made. Mistakes that have been publicized, written about, memorialized in songs, even had entire TV shows made out of them (think Law & Order, COPS, CSI, etc.).

      You can tell criminals over and over: "Don't leave behind finger prints when you break and enter." But do they listen? NoooOOOOoo!

      Error: .sig not found, using /etc/passwd instead
      • Well it could be that you are ignoring the criminals that don't get caught because they have watched the TV shows... :-)

        • The criminals you see in crime shows on TV are the sucky ones. The smart criminals don't get caught, or illude the authorities for 20-30 years.
      • Re:Double-edged? (Score:3, Interesting)

        by sjames ( 1099 )

        We should be advocating secrecy around how these crimes are solved because the next criminal might learn, and won't make the same mistake as the last one?

        One might think that, but apparently most criminals just aren't all that bright. I suppose most people bright enough to stand a decent chance of getting away with it are bright enough to get a real job that will have better hours, less risk, and better pay on average than crime.

    • I think he is pretty safe with telling in general how things are done but there are certain things that just can't be taught. A lot of what he does is "intuition" meaning that he recognizes things subconciously based on years of experience. You can't learn to drive or even program a computer by reading a book.
    • There's little incentive to withhold information, really, because I doubt there are any real "trade secrets" to worry about. Many tech books are written more as a way of increasing the author's (or his company's) profile in the field. If you're a consultant, it's another way to get leads and to impress potential clients. You don't do it for the money, trust me...

      Why I hate Bell Mobility []

    • Re:Double-edged? (Score:5, Insightful)

      by MoralHazard ( 447833 ) on Monday November 01, 2004 @06:00PM (#10692926)
      Investigative work has VERY little to do with proprietary methods, for a couple of reasons:

      1) Every investigation, especially when dealing with computer crime, is going to be different. There aren't really any super-secret methods that ANYone who does normal work in the field (networking, programming, sysadmining) wouldn't already know.

      2) Most investigative work has to hew to legal standards for evidence, even if the issue probably isn't going to court, because it MIGHT go to court. Meaning that all of your methods as an investigator have to meet standards for scientific evidence, which requires (among other things) that those methods be widely accepted in the field and peer reviewed. It's hard to keep things secret when they have to be peer reviewed to be useful at all.

      3) Good investigators get that way through experience, not training. I've met people with significantly less pure technical skill than I have who can make me look like a fool on the investigative front. The difference is that these kinds of people have years or decades of experiential learning, closed cases, and lessons learned behind them. Skill and method is important, but it's far from being the whole story. And besides, you can always learn new skills by picking up a book/taking a class and then applying them, but you can only get experience from time and getting your ass kicked repeatedly.

      (As I've noted elsewhere, I ought to disclose that I work for Steve, so take as you will.)
    • If I remember correctly, grep can hardly be called a Linux tool.

      The first time I saw it was on a Unix system - a very big box with about 50 serial terminals and the brains of a Palm Pilot (a 68020 or 030) that predated Linux by almost a decade. I am not aware of any previous incarnations of it, but I am not old enough to remember any.

      And, most probably, we are talking about GNU grep, which is as much Linux as it's Hurd or Cygwin
  • Find the expert (Score:5, Interesting)

    by BWJones ( 18351 ) * on Monday November 01, 2004 @05:32PM (#10692495) Homepage Journal
    So, one of the important things I hope this book demonstrates (not read the book, yet) is that for proper scientific or forensic analysis, you find the right/relevant talent or subject matter expert to examine your data. For instance, some years ago I was stunned to find out that the FBI had been shipping hard drives from Apple Macintosh systems to the Royal Canadian Mounted Police for investigation. Apparently, the RCMP had established themselves as the subject matter experts and were the right folks to send data to from Apple systems. Of course this brings up all sorts of International issues, but that is only one example.

    My point is simply that forensic agencies should not always attempt to do it all themselves. Rather it would be appropriate to build a network of subject matter experts and then approach the problem by having the best "eyes" examine the problem rather than always presuming your local agency/facility has all of the tools.

    • Re:Find the expert (Score:5, Interesting)

      by Apreche ( 239272 ) on Monday November 01, 2004 @05:44PM (#10692678) Homepage Journal
      A computer forensics guy came to talk to my computer crime class last year. He showed us this windows tool they use to look at confiscated drives. Pretty much first they make a bit for bit copy of a drive onto a drive of equal or greater size using a hardware device. Then they put the original drive away in the evidence box without touching it again.

      Then they use this software tool, which I forget the name of, which is the only tool that holds water in a court of law. It examines the whole drive one piece at a time to recreate every file on all partitions and filesystems even if the files are "deleted". His example was how he caught a bunch of kiddy porn perverts.

      Well that's great for catching those guys, but against someone using out of the ordinary stuff this guy is screwed. I've got serial ATA drives and reiser4 and xfs file systems. I'm willing to bet that he doesn't have a hardware drive copier that supports SATA. And his software doesn't recognize reiser4 or xfs. He would either need a different tool or he would have to send the drive someone higher up to be examined. And if the case is too small they wont bother. The real problem is that the average nerds and the hackers are so far ahead of the forensics guys in terms of knowledge about modern technology and software that they can't keep up. Hackers will always have bleeding edge tools, and police budgets can't
      • Microscopy and electron microscopy are also used to image the surface of the hard drive platters. Patterns of data can be reconstructed this way to determine the nature of deleted data believe it or not.

        • Microscopy and electron microscopy are also used to image the surface of the hard drive platters.

          This is, of course, true. My guess is that these techniques would be too time consuming and/or expensive to justify their use in 'everyday' cases.
      • Re:Find the expert (Score:3, Interesting)

        by tomhudson ( 43916 )

        It examines the whole drive one piece at a time to recreate every file on all partitions and filesystems even if the files are "deleted".

        ... which is SO lame - all it does is

        1. replace every deleted filename that begins with an "*" with a letter (file now shows up) - whoop-de-doo
        2. for unallocated or de-allocated fragments, add an entry into the table with a random string, and pointing to the first sector - voila - a new file

        Their "toolkit" is just a bunch of perl scripts and

        dd if=/dev/hdc1 of=hdd1

        ... a

        • Not that easy. It seems you are more gearing your arguement toward FAT or some similar filesystem, Ill gear my retort torwards it. The file name is in fact marked that it is deleted, but the chain in the file system is broke. It all has to be removed from the table so the driver knows that those sectors can be used. In the case of FAT, the best you have from the filesystem entry is the first cluster.
          • but the chain in the file system is broke.

            Most modern file systems don't work that way - clusters are put in a pool for re-use, but the elevator algorythms for most *modern* file systems don't use the first one available - that's why, for example, you don't have to defrag an ext2 file system, and why it's possible to recover a LOT more than you'd think, even on a drive that's got a lot of data re-written.

            ... and, of course, you can re-create the file chain based on the contents (a bit of manual work, but

      • That would be EnCase from Guidance Software, and yes it does support Reiser. Even if it didn't, it can still make a bit-for-bit image copy, then its a simple matter of mounting it in Linux via loopback.
        • Oh, and EnCase isn't the only product that "holds water in court". It's one of the only commercial products that have been tested over and over that produce secure, reliable results. You *could* do the same with TCT or TASK provided that you follow the rules of evidence, the chain of custory, and document everything you do.
      • The tools are nothing particularly complicated, generally a boot CD, a spare hard drive slightly larger than the original, and any reasonably modern PC are all you need. I've never seen anyone use a hardware-based disk copier, they all just use PCs with linux boot disks and "dd". Maybe I'm just seeing people with a lower budget...

        Some common tools:

        SANS [] offers a really nice class on computer forensics (track 8), if you have about $

  • CSI:Geek (Score:5, Funny)

    by Underholdning ( 758194 ) on Monday November 01, 2004 @05:33PM (#10692508) Homepage Journal
    In a related story, a new spin-off of a popular series has just been announced. We're pleased to give you CSI:Geek starring Rick Moranis as Gil "Open Source" Grissom.
    • but he loves bugs!
    • If not CSI we could go Law and Order: cyber crimes unit. They put a former rapper that promoted cop killing as a regular in one version (ice T). Perhaps they could put known hackers on the squad. That would really draw the crowd, well at least a percentage of /.ers.
  • by AcidFnTonic ( 791034 ) on Monday November 01, 2004 @05:34PM (#10692522) Homepage
    I think its great to finally strip away the bull and finally get a true report of whats happened. We dont need words like malicious, evil or anything else like that in a news story. That show bias and is an obvious suggestion of whos in the right. Im not all saying hackers are good, but at least point out the other group who actually go out to bring in the bad guys.... or what about the "hackers" back from the homebrew computer club days... we owe alot to hackers and its great that finally we get an unbiased source from the neutral perspective
  • False positives? (Score:4, Interesting)

    by Anonymous Coward on Monday November 01, 2004 @05:37PM (#10692554)
    If someone being suspected of a software security crime, can the defendent ever be convicted? After all, there were a couple of cases in UK that child porn possessors become free because they claimed the offending files come from 'self-destruct trojans'. Wouldn't criminals get away with that as well?
    • Going Phishing... (Score:2, Interesting)

      by gandell ( 827178 )
      I can't say what the answer is in all cases, but in some security violations such as phishing, there's an easy to follow audit trail. Setup of servers, tracable IP addresses, etc. Yes, most hackers worth their salt spoof their IP, but that doesn't mean that they don't make mistakes. The ones who get caught and pay a stiff penalty usually have larger targets (as in And when they do get caught, sometimes the book is thrown to make an example (Mitnick). Claiming self-destructing trojans is a
  • by Andr0s ( 824479 ) <> on Monday November 01, 2004 @05:38PM (#10692577)
    Seems like a rather interesting subject - sure to give it a shot. Though it does make me wonder a certain something: Considering the rate of cybercrime is growing at astronomical rate, and causing stellar amounts of damage on a daily basis, how come there are no private cybercop agencies?

    You know, companies you could hire to protect your bank clients from fraud or track already committed frauds, with proverbial cyberspace license to kill? After all, as so many net-renegades and rebels love to point out, cyberspace is free, and refuses to conform to laws of individual countries. That means a cyber-protection company stationed in some of more lawless countries, such as parts of Asia or former USSR could 'execute' ISPs who tollerate fraud originating from their servers or users or companies who actively engage in fraud and spam through well tested methods of DDoSing, server hacking etc?

    I know, not completely on-topic... that's why I waited for someone else's first post :)

    • Not only is this a good idea, but I don't think the threat of hackers suing the attack company is a big one. The hacker would have to make their identity known in order to file suit, therefore admitting responsibility for dozens of felonies. As for an ISP that gets attacked for permitting fraud or spam, they could face a countersuit if they tried to sue. They could be sued for facilitating fraud and theft of bandwidth. At the very least, they wouldn't have the resources to fight in court, given what these t
    • Very interesting, but probably not entirely passable in a court..

      Who knows! Could well be a cool career to get into :)
  • by kc8jhs ( 746030 ) on Monday November 01, 2004 @05:42PM (#10692630)
    That's not that big of a deal, we all know that Clifford Stoll started his famous chase [] after a mere 75 cent discrepency in the accounting system of Lawrence Berkley Laboratories. []

    -Mikey P
  • by Marxist Hacker 42 ( 638312 ) * <> on Monday November 01, 2004 @05:43PM (#10692665) Homepage Journal
    At the end- this guy pled guilty just two months before all the evidence was destroyed in the 9-11 attacks....what a trippy ending!
    • I especially liked the part in the sample chapter where he says "after all, why would the police ever arrest an innocent person?" What a great attitude!
      • What I learned most from that chapter- ALWAYS encrypt your hard drives. Of course- I learned this way back in the Hacker Crackdown of '92- even had a friend who wrote me a great virus for this (one of these days, if I ever need it again, I'll pull out that boot sector virus and recode it for XP- but I haven't needed it since DOS days).
  • cat * | grep 'hack'

    :) - Phixxr

  • NYLUG meeting (Score:5, Informative)

    by MoralHazard ( 447833 ) on Monday November 01, 2004 @05:50PM (#10692767)
    Steve also gave a presentation a couple of weeks ago to the NYLUG, which any of you New Yorkers might have caught. I think they have video footage of the talk on the website, The talk was better-than-average for this kind of thing.

    The book has some great war stories, too. The entertainment value is worth something. ...Although I should disclose that I work with him, so you'll probably want to judge for yourself.
    • The parent story says, "The author is a Linux/Unix/BSD guru...", which makes one wonder why the website for his company [] is written with Microsoft Front Page.

      meta name="GENERATOR" content="Microsoft FrontPage 6.0"
      meta name="ProgId" content="FrontPage.Editor.Document"

      /me shrugs... Guess I should write a book too, since I've been doing this for a while.

  • by revery ( 456516 ) * <charles&cac2,net> on Monday November 01, 2004 @06:03PM (#10692969) Homepage
    This is nothing more than a promo for CBS's new CSI spinoff: CSI: Silicon Valley

    From the make-believe press release:
    Almost all of the shows will take place in chat rooms and virtual reality environments. There, the cast will be represented by their chosen avatars, ranging from a hulking Atlas mech to Yuna from FFX to a beatifully rendered Ulala look-alike avatar. "It's not just about the crimes either" says Berny Phillips, one of the lead produces, "there's a lot of character development, too. There is one particular espisode where a characters avatar is threatened and the Atlas mech nearly sacrifices himself to save her. It's very sweet."

    Of course, in real-life, all of the cast members are males.

    I am joking. This is a joke. You have been joked with.
  • by serutan ( 259622 ) <(moc.nozakeeg) (ta) (guodpoons)> on Monday November 01, 2004 @06:18PM (#10693160) Homepage
    The computer crimes this guy talks about seem to be mainly the identity theft type. But when people inside companies skim off rounding errors, create phony accounts, that type of thing (e.g. Office Space), I have read that the crime itself usually goes undetected. They get caught when they do stupid things like associating with bookies and drug dealers, getting involved in some unrelated investigation where their mysterious wealth gets noticed.

    There was one guy at Microsoft who made a couple $million selling software that he ordered internally for his department. His mistake was that he put up a website full of photos showing off his lavish house and collection of cars and expensive motorcycles. If the idiot had just kept his big mouth shut and retired he probably would have gotten away with it.
    • Actually, in the sample chapter, the author speaks of arresting someone who was running what appears to be a child porn ISP out of his apartment, in addition to having stolen workstations and passwords from local universities. Not ID theft at all in this case.
    • Right, what I should have said was crimes of the hacking-other-people's-computers type, which seem to be law enforcement's main focus nowadays. The "original" computer crimes, the inside jobs, seem to be at the same time the most profitable and the ones with the greatest chance of success.
  • by John Sokol ( 109591 ) on Monday November 01, 2004 @06:29PM (#10693341) Homepage Journal
    The problem is isn't the hackers stealing people identity. There have always been unscrupulous people and there aways will be.

    Most peopel that do ID theft I'd hardly qualify as a hacker. There is nothing high tech required, none ever need a computer to do it. A computer can't even really help to commit these illegal acts.

    What the problem is, is that a simple 16 digit Credit Card number can be used as cash by anyone who knows those numbers. There is no protection what so ever! None, nada, nill, nothing what so ever! I it's almost like leaving a wallet full of cash on the sidewalk. Can you blame the person who finds it and doesn't turn it in?

    Same thing for Identity theft anyone who knows your address, birthdate and SSN# , Mother maden name, birth place can be you! They can empty your checking account, buy a house, or a car and you have to pay the price. These several facts are totaly unacceptable on the part of those who accept this totaly unprotectable data as proof positive evidence of your ID.

    Currently you can get a credit card is some one else's name easier then you can get a job in there name. When getting a job they require at least 2 to 3 forms of ID and make copys of it for verification of work elegablity and Fine a company heavily for failing to do so.

    The Credit origanization are happy to give you credit without checking it's really you. Then can take a Guilty until proven innocent stance with almost no recourse what so ever! Any you stay punished until proven otherwise. Meaning your cash is seized, credit runied, house lost etc...

    As a matter of fact it so easy for them to go after you, even when it wasn't you who they made the loan with, that they have little incentive to fix the problem! Why should they?

    The burden should be put on those who are lending or providing money. If they said they had loaned me money, the burden to prove that they gave it to me should be them. If they couldn't produce adaquate proof and whould have to eat that lost money, I'm sure they would fix the ID theft problem overnight.

    There is a real need to come up with more secure form of identification. Something that requires more then a 3rd Grade Education to crack.

    The reason that I don't point at the goverment is that it against the LAW to use a SSN as a form of ID, although almost all Credit/Banks do use it as such. This needs to be enforced! Maybe if you want a Credit card or a Bank loan, you need to get a specialy issued ID card from some consortium of banks, where they finger print of you, take a photo and meet you in person, it's harder lie to someones face! This ID Card could use a DES/AES or some other harder to break system that required more then a pen and paper of photo copy machine to break.

    At least that's my humble opinion.
    • One solution that would greatly reduce the amount of fraudulent credit card use, and this may be in the works at the moment, is to assign a PIN to each credit card, just like ATM cards. When you pay by card in the store, you enter your PIN into a keypad, like you currently do to pay with a debit card. Assuming you don't do something stupid like write it down on the back of your card, someone who steals your wallet can't use the card. This is much better protection than the non-protection you get with a sign
      • This might help with stolen CC's but that's not what identity theft is.

        If I apply for and receive a brand new CC in your name, you'll never know what my PIN will be :)

        actually it will be 1234. OK?
      • A pin still isn't good enough.

        I have DeCash [] a scheme where I don't use encryption but unguessable one time pads of sorts to secure cash.

        I think of it as limited exposure. Right now I get your card and I have you for $5K or what ever your limit is.

        Same thing if I get your ATM and Pin I can get you for $20,000 or more at $450 per day or what ever the daily limit is.

        I had a taxi take me to an ATM in Tijuana Mexico once. Well the ATM looked real but wasn't. I must have been a phony machine with a person o
        • is this a scam? the website you linked has only a mailto link to your email address. there's no description of the business, location of business, or anything that might make me think it was a legitimate business. I call scam.
          • Wouldn't I need to make some kind of profit or be asking for or tryin to get something for this to be a scam!

            I have a patent in the filling process on DeCash, not that it's all that complicated.

            It's not a bussiness yet never said it was, I call it a project. I need to get some bussiness people for that project to become a bussiness. Hell maybe I'll try to opensource that too. Since it was really about doing cash on Cell Phones with Harex/Zoop.

            Since I already have several startups in the pipe I can't a
        • Yep, it's a scam. If you click through enough of the sites you can see that "John Sokol" also takes credit for some of the amazing video compression scams and somehow creating a CPU with 1/1000th the transistors of an Intel CPU but twice the computing power.

          In fact I doubt your Mexican story altogether.
      • One solution that would greatly reduce the amount of fraudulent credit card use, and this may be in the works at the moment, is to assign a PIN to each credit card, just like ATM cards.

        This is currently being rolled-out across the UK. Magnetics strips and signatures are being replaced by smart-cards and PINs. Card readers with keypads on the customer side of the till are appearing all over the place.

        There is a website [] as part of the campaign letting people know about the new system.

        I'm not all that

      • Back when I was in school I got a small (summer project) research grant for "Design and Implementation of a Secure Credit Card Replacement". The system it described was a small embedded device with a keypad (for entering both prices and PINs), a private key, a public identifier, a counter and a one-way hash mechanism.

        The end result is that you'd tell it how much you wanted to pay and put in your PIN, and it's give back a string that could be given to the credit company to process a transaction -- but only
  • You can save almost $5 by purchasing the book here [] instead!
  • Who performs the forensic search and participates in sting operations?

    That's simple. The agents hire film noir detectives to hunt down hackers like Trinity.

  • I don't post on /. frequently... but this one caught my attention. I posted earlier [], and shortly thereafter decided to take a look at the freely available Chapter 3 on the Addison-Wesley site, after having lurked across the author's website.

    Based merely on the contents of the free chapter I am appalled... to think that a BA from Rutgers, a Masters from Rutgers, and an MBA anticipated in May of 2005 from Columbia University... produces such drivel. I don't mean to insult Mr. Branigan, but the whole tone

    • Agree. A five. Childish. Talks down to his readers.

      In the sample chapter, we never learn what Wrongheaded Wesley was doing with those T1 lines. The chapter would have had a satisfying conclusion if Branigan had described the perps businesses, at least in outline.

  • Let's ignore the awful title which sounds like a cross between a formulaic "how-to" computer book and a lazy cash-in.... what I really disliked was the picture on the cover.

    Numerals and/or ASCII projected onto someone's face has got to be one of *the* most overused (and, now that I think about it, dated) effects in computer magazine and book illustration.

    Sure, it was cool when the Internet was becoming big news and it spelled instant hacker-cred (in a 'Hackers'- the movie- type of way); it was probably
  • when (0) other people are doing all of the boring detail work and (1) you are actually allowed to take someone to court (and win). And for you wannabees out there, forensics == boring, painstaking, CYA detail work and internal politics == VIPs surfing kiddie pr0n don't get hauled off to jail. Very, very frustrating.

    But then again, who here watches CSI and thinks it's an accurate representation of an exciting career in criminal forensics?

  • by museumpeace ( 735109 ) on Monday November 01, 2004 @08:26PM (#10694687) Journal
    the standards the feds will use to crack your hard drive if you are ever investigated: from my trove of rejected articles:
    2004.10.11: "the standard for getting evidence from a computer"
    Most of us love, or have at least grown highly dependent upon our computer[s] and PDAs, some of us keep very personal stuff in our computer. So here is a sobering little page [] on how your government plans to interrogate your hard drive if you ever fall afoul of the law. NIST [] is asking for comments by November 1 on a draft proposal of ways and standards [] to prove that a disk imaging tool is accurately dredging up your dirty little secrets. NIST also has a brief article about how it is looking into ways to recover forensic data from PDAs []. The most interesting link there pointed to a PDF describing some tools you may not be aware of []. The DOJ and Homeland Security put NIST up to this task.
    "....Counsel for the defense my now cross examine the FAT."
    • Not sure how it's sobering that criminologists want tools to search computer data. They have tools to identify fingerprints, DNA, hair samples, shoes, clothing fiber, sperm, you name it. If the documents you reference were standards for scanning everybody's hard drive over the Internet, I would understand your reaction, but they aren't.

      If your car got stolen, and the cops found your engine block in somebody's garage along with a pile of other car parts, you might want them to search the guy's computer for
  • the art of deception (by kevin mitnick) was a great read if you're interested in the perspective of the "offender"
  • I just read the sample chapter, and I'm not entirely impressed. What disturbed me was how it played out; this guy (the criminal) goes for six months without paying his rent...okay, so far, so good, he's a scumbag. The landlord finally, after much effort, is able to evict him. So far so good there too. But then the landlord and the cop see......a home network! Oh my god! He must be dealing in stolen goods! Seal the room as evidence! And the author is called in, with the sole basis of suspicion being
  • if you're looking to buy books as howto giudes you'd best pay cash... what happened to shadowcrew should serve as a reminder that "they" may be watching you.

Thufir's a Harkonnen now.