Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Computer Forensics and Privacy", Michael A. Caloyannides

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKCMFRPR.RVW 20020604 Computer Forensics and Privacy , Michael A. Caloyannides, 2001, 1-58053-283-7, U$79.00 %A Michael A. Caloyannides micky@ieee.org %C
    Message 1 of 1 , Sep 9, 2002
      BKCMFRPR.RVW 20020604

      "Computer Forensics and Privacy", Michael A. Caloyannides, 2001,
      1-58053-283-7, U$79.00
      %A Michael A. Caloyannides micky@...
      %C 685 Canton St., Norwood, MA 02062
      %D 2001
      %G 1-58053-283-7
      %I Artech House/Horizon
      %O U$79.00 800-225-9977 fax: 617-769-6334 artech@...
      %P 392 p.
      %T "Computer Forensics and Privacy"

      This book occupies a unique place in the literature of computer
      forensics. Most works in the field, such as Kruse and Heiser's
      "Computer Forensics" (cf. BKCMPFRN.RVW), concentrate on documentation
      of the investigation with a view to presentation in court. The actual
      mechanics of data recovery tend to be left to commercial tools.
      Caloyannides demonstrates how to delve into corners of the computer in
      order to actually get the data out.

      At the same time, this work is inconsistent, on at least two levels.
      The perspective flips back and forth between forensics and privacy,
      alternately emphasizing how to find evidence, and how to hide
      evidence. The technology involved is the same, but the shifts in
      viewpoint can be jarring to the reader. At the same time, the depth
      of technical detail can vary wildly. At one point the book stops shy
      of telling you how to undelete files with a sector editor (an activity
      that could be useful to every computer user), while other sections
      list lengthy and extraordinary measures to secure personal computers.

      Part one concentrates on the data recovery aspect of computer
      forensics. Chapter one is entitled an introduction, but seems to be
      more of an editorial on privacy, with the added statement that the
      book is intended both for law enforcement personnel needing details of
      computer forensic techniques and those wishing to preserve the privacy
      of data. The use of, and factors related to the use of, computer
      forensics is supported by specific cases (rather than vague
      suppositions) in chapter two. One has to agree with the author's
      statement, in chapter three, that "computer forensics can be done--
      and, sadly, is often done--by persons with a minimal amount of either
      education or experience." Therefore it is unfortunate that the
      forensic tools list and book structure are both difficult at this
      point, although there is good material and writing, and Caloyannides
      is not afraid to tackle the social and political aspects of the field.
      Chapter four outlines various places (primarily in Windows) from which
      data may be recovered. It is an odd mix of little known and very
      valuable information, and extremely poor explanations of basic
      functions like manual undeletion and file overwriting. A strange and
      terse look at steganography, US and UK surveillance systems,
      cryptography, and anonymity makes up chapter five. Data acquisition,
      from sources such as key logging and Van Eck radiation, is reviewed in
      chapter six. Chapter seven debunks a short list of measures falsely
      believed to provide privacy protection.

      Part two turns to privacy and security. Chapter eight is a discussion
      of legal and commercial protections of privacy (mostly in the US) and
      their failings. Installing and configuring a privacy protected
      configuration of Windows is covered in chapter nine, in considerable
      detail. Chapter ten's review of basic online privacy is heavy on
      additional software packages. Intermediate online privacy, in chapter
      eleven, looks at browser and email configurations, more packages, and
      has a section on tracing email that would be helpful in dealing with
      spam. (An unfortunate typesetting error seems to have deleted what
      might have been valuable information about PGP [Pretty Good Privacy].)
      Chapter twelve is more advanced, dealing with anonymizing services and
      personal firewalls, but may be beyond the average user. A general
      opinion piece on cryptography, chapter thirteen nevertheless provides
      a good, basic background, albeit with a social and political emphasis.
      Chapter fourteen looks at more practical encryption, detailing PGP and
      specialized cryptographic programs, with a detour into biometrics.

      Part three is a brief look at legal and other issues. Chapter fifteen
      is a brief look at laws, mostly in the US. Chapter sixteen touches on
      security aspects of VoIP (Voice over Internet Protocol) and GSM
      (Global System for Mobility) wireless services.

      Despite the ragged organization and style, and some glaring gaps in
      coverage, this book does contain a wealth of information for both the
      computer forensic examiner, and the user concerned with privacy. For
      anyone beyond the most basic user it is well worth a read.

      copyright Robert M. Slade, 2002 BKCMFRPR.RVW 20020604

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... rslade@... slade@... p1@...
      Don't worry about people stealing an idea. If it's original, you
      will have to ram it down their throats. - Howard Aiken
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.