REVIEW: "Desktop Witness", Michael A. Caloyannides
- BKDSKWTN.RVW 20030819
"Desktop Witness", Michael A. Caloyannides, 2002, 0-471-48657-4
%A Michael A. Caloyannides
%C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
%I John Wiley & Sons, Inc.
%O 416-236-4433 fax: 416-236-4448
%P 366 p.
%T "Desktop Witness: The Do's and Don'ts of Personal Computer
The title and the subtitle of this book are somewhat at odds. Is this
text about the evidence that can be extracted from desktop machines?
Or is it about protecting yourself and your personal computer or
information? Caloyannides would seem to be making the point that the
answer is both: that there is an overwhelming need to ensure that your
computer isn't finking on you, and that you must make every effort to
ensure that the government cannot obtain the information on your
desktop. While he is clearly on the personal side of the privacy
versus national security debate, even those who agree with him may
find the arguments shrill and extreme.
The subtitle of chapter one; indicating that the material is the
author's opinion; should warn the reader that the discussion is
editorial rather than closely reasoned. Caloyannides may, however,
have hurt his own case by taking an anarchistic and almost paranoid
position in stating the need for privacy against government
encroachment. He does make a number of valid points, but misses other
grounds that might have been convincing to a much wider audience, such
as the point that the responsibility of protecting your own
information is recognized in such legal areas as the difference
between patent and trade secret. (A patent offers control over a
device for a limited time as long as the technology is disclosed,
whereas a trade secret offers protection for unlimited time as long as
reasonable efforts are made to protect the information from
disclosure.) The major point of chapter two appears to be that the
use of encryption could, in and of itself, land you in trouble, and
you should prepare to either hide the fact that encryption is taking
place, or have a diversionary explanation ready for the authorities.
(The recommended use of one-time-pad technology and variant keys is
technically interesting, but is unlikely to survive beyond a first
use. Ironically, it seems to support a point that the author made
earlier: "clever" tricks that rely on obscurity provide very poor
protection.) The types of information that might be available from
your computer, or Internet connection, are discussed in chapter three.
The material ranges over a number of topics and has a difficult
structure: some points are raised more than once and there are a
number of related issues that are not mentioned at all. Means of
recovering some of the data, and of getting rid of it, are reported,
but not consistently.
Chapter four lists a vast array of protective measures. Most are very
useful. Depending upon your situation, many will be considered
overkill. Some are questionable: Caloyannides makes a blanket
recommendation to install all operating system patches, but notes that
doing so for some versions of Windows requires you to give away a lot
of information. He does not, though, detail the times that official
patches have made the situation worse rather than better, nor the
complexity of some patches: by mid-2002 one expert noted that an
effective installation of the Windows NT operating system required
twenty nine steps, including no less then three separate installations
of the latest service pack at different points. Oddly, while this
section is supposed to review measures for computers not connected to
networks, some of the points relate to activities on the Internet.
Protection for connected machines is discussed in chapter five, with a
heavy emphasis on the usage of the PGP encryption system. There is
also an interesting insistence that steganography *is* an effective
means of hiding communications: while Caloyannides points out a number
of pitfalls in the use of the technology he does not mention detection
measures, such as the ease of determining excessive entropy in the
low-order bits of graphic images used to hide files. Secure telephony
is discussed in chapter six. The legal issues reviewed in chapter
seven are mostly related to recent legislation providing for
additional search authority. The author does include material and
actions from outside the United States. The editorial finish in
chapter eight warns against a society where everything must be
homogenized in order to be safe.
In many places the book suffers from very poor copy editing. There
are a great many instances of improper punctuation, sentence
fragments, and words or phrases dropped into apparently unrelated
text. Generally speaking one can discern the meaning, but deciphering
the organization and intention of a section can be difficult. (Given
the thrust of the book, is the author embedding hidden messages?)
While there are issues of general security in the book, it is, first
and last, about privacy, and primarily personal privacy. The material
could have been structured more usefully, and written less stridently,
but a great deal of helpful content is included. Those interested in
privacy will find it interesting, and computer forensic specialists
may also find it to be a handy reference.
copyright Robert M. Slade, 2002 BKDSKWTN.RVW 20030819
====================== (quote inserted randomly by Pegasus Mailer)
rslade@... slade@... rslade@...
If you like laws and sausage, you should never watch either being
made. - Otto von Bismarck
http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade