Forwarded from: Thor <thor@private> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 As an author of this book, I request that the mods accept this post, particularly since Mr. Slade has made the decision to put words in our mouths (or pens in our hands as the case may be ;) regarding our publication. I ask that you respect my opinions as you have those of the reviewer. > "Stealing the Network: How to Own a Continent", Ryan Russell, 2004, > 1-931836-05-1, U$49.95/C$69.95 > %E Ryan Russell BlueBoar@private > %C 800 Hingham Street, Rockland, MA 02370 > %D 2004 > %G 1-931836-05-1 > %I Syngress Media, Inc. > %O U$49.95/C$69.95 781-681-5151 fax: 781-681-3585 > www.syngress.com %O > http://www.amazon.com/exec/obidos/ASIN/1931836051/robsladesinterne > > http://www.amazon.co.uk/exec/obidos/ASIN/1931836051/robsladesinte-21 > %O > http://www.amazon.ca/exec/obidos/ASIN/1931836051/robsladesin03-20 > %P 402 p. > %T "Stealing the Network: How to Own a Continent" > > This book is fiction (more a series of short stories or scenarios > than a novel), but, like Winn Schwartau's "Pearl Harbor Dot Com" > (cf. > BKPRHRDC.RVW, and "Terminal Compromise" before it, BKTRMCMP.RVW), > the authors intend the book to be taken as a serious addition to > security literature. Regarding this statement, the reviewer either made grand assumptions as to our "intent," or he was sorely mislead. There is no one on the team that I know of who considered this work more than "technology fiction." I can't think of a single author who, for a moment, considered this "a serious addition to security literature." To that degree, I ask that those interested accept my apology on behalf of the errant reviewer. In my opinion, anyone else who reads the book will easily understand this, though it is clear that not all can grasp that concept. Just so that we are all on the same page, we (the authors) don't really intend for you to consider this book a training manual on how to take over a continent. > Chapter one is basically about hiding and paranoia. The central > character seems to be using a considerable amount of money to hide > while setting up some kind of crime, and then abandons everything. > The points in regard to ensuring computers and data are > unrecoverable are interesting, and probably workable. The more > important aspects of the plot which involve creating a team, > employing cutouts, and > disappearing are left almost completely undetailed. If, therefore, > we are supposed to learn anything either about crime, or how to > detect or prevent it, the content and information simply aren't > there. The > claim that the "technology" is real, and would work, is > unverifiable because we haven't had any technology yet. (The > writing is edgy, > interesting, and mostly readable. However, it's also difficult and > confused in places.) <remaining amorphous text snipped> Again, I apologize to the list. As an author, I strive to make plot, intent, and storyline continuity so naturally obvious that one need not think too much to accept the experience; however, at the same time, I try to create content that is unique, interesting, and thought provoking. It is apparent that in the case of the reviewer, I failed in attaining that goal. I accept responsibility for that. But just so that my opinions won't be considered biased, let's assume that my chapter was complete blithering prose. After all, I would not want the list to think I would ever consider being crass enough to review my own work in a public forum. That being said, I want the list to know how much fun we had writing this book. The talent and ability of the other authors stands on its own, and it was an honor to work with them. If you want an engaging storyline with a technical basis, all wrapped around fictional stories of what these amazing people (other than me) could do if they wanted to, then I suggest you pick the book up. For instance, chapter 3 is *not* just about the penetration of yet another wireless network... It is about how easy it is for attackers to compromise the infrastructure of healthcare (and other) facilities given the limitations placed on them by software vendors, and how our private information can be easily compromised or changed. And the methods are real-- in this case, deadly. *ALL* the chapters are like that, and attempting to summarize them (other than mine, of course) in one or two words is an act of futility-- indeed, an act I consider misleading to those who might otherwise enjoy the content. > This book is certainly interesting enough (albeit rather > disjointed) as fiction, and technical enough for everyone tired of > the usual > Hollywood view of computers. The security risks noted are real, > and therefore a read through the book could be used to alert non- > specialists to a number of security issues and vulnerabilities > (although you'd hardly want to use it for training). I enjoyed it > and I think it's got a place, although I'm having difficulty in > defining where that place is. Not withstanding the apparent praise in this paragraph, I remain perplexed by it: The review previously noted our claim of "the technical content being real" as unverifiable, yet here, the "security risks" are noted by the reviewer as real. I'll let you come to your own decision. The reason the reviewer can't define the box in which our book should be card-catalogued is, well, because it is *different.* I think so, anyway. The people I have talked to about the book have really enjoyed it, and have observed that the fictional accounts are a metaphor to the issues we face today, delivered within a setting that offers an interesting plot beyond the mundane. This is not meant to take away from right of the reviewer to offer opinion. I mean for it to represent the right I have to offer mine. Thanks for your time. Tim Mullen -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 iQA/AwUBQRrDWIhsmyD15h5gEQIwhgCfYshhHkreODZne6OPcM6IxMJjqc0AoKWH 5BJ4CzI+c+wOVHFnH/KRCi22 =lqN8 -----END PGP SIGNATURE----- _________________________________________ Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/
This archive was generated by hypermail 2.1.3 : Thu Aug 12 2004 - 00:51:52 PDT