Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Silence on the Wire", Michal Zalewski

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKSLNOWR.RVW 20050603 Silence on the Wire , Michal Zalewski, 2005, 1-59327-046-1, U$39.95/C$53.95 %A Michal Zalewski lcamtuf@coredump.cx
    Message 1 of 1 , Jun 27, 2005
    • 0 Attachment
      BKSLNOWR.RVW 20050603

      "Silence on the Wire", Michal Zalewski, 2005, 1-59327-046-1,
      %A Michal Zalewski lcamtuf@... lcamtuf.coredump.cx/silence/
      %C 555 De Haro Street, Suite 250, San Francisco, CA 94107
      %D 2005
      %G 1-59327-046-1
      %I No Starch Press
      %O U$39.95/C$53.95 415-863-9900 fax 415-863-9950 info@...
      %O http://www.amazon.com/exec/obidos/ASIN/1593270461/robsladesinterne
      %O http://www.amazon.ca/exec/obidos/ASIN/1593270461/robsladesin03-20
      %O Audience s- Tech 2 Writing 1 (see revfaq.htm for explanation)
      %P 281 p.
      %T "Silence on the Wire"

      I don't know why, exactly, the phrase "self-taught information
      security researcher" (in "About the Author") should give me such a
      sense of foreboding. (The phrase could apply to me, and to many
      colleagues, although we tend not to use it.) And even before I read
      it, a number of people had warned me I wouldn't like it.

      Well, I did like it, once I figured out what it was. I think a lot of
      people don't understand it. It is not a security text, by any means,
      but rather a series of explorations that take our "professional
      paranoid" mentality and examine some issues we seldom consider.

      The subtitle states that the book is about passive and "indirect"
      attacks. Although passive attacks are well defined, indirect does not
      have a formal distinction, and the introduction does not help in
      explaining what the author intends.

      Part one covers activities that occur at the origin of data and
      processing. Chapter one is titularly about typing, but spends a lot
      of time dealing with the problems of pseudo-random number generation,
      and seed data acquisition, and finally outlines an unlikely and very
      complex attack, heavily dependent upon specific functions and data
      availability, and seemingly directed at finding out if someone is
      typing at the computer. (The attack is also active, not passive.) A
      discussion of digital electronics, boolean algebra, and processor
      architecture, in chapter two, eventually leads to a brief discussion
      of the timing and power attacks that are well known in cryptology
      circles. (There are also odd and careless errors: readers are asked
      to contrast figure 2-4 with figure 2-4. There is a difference, it
      just isn't explained.) Chapter three reviews a few random and
      unrelated vulnerabilities. It is very difficult to determine what the
      point of chapter four might be, but it seems to be a screed against
      the use of Web crawling bots.

      Part two appears to address local communications links. Chapter five
      provides a brief review of data communications 101, and then notes the
      "flickering modem LED" vulnerability. The ethernet frame padding
      problem is described in chapter six, while chapter seven lists some
      other networking difficulties, and eight briefly mentions
      miscellaneous topics such as identification by keystroke analysis and
      war driving. (It should be noted that chapter length varies widely:
      chapters one, two, and five average twenty-five pages each, while the
      rest are closer to five.)

      Part three moves out to the Internet. Chapter nine reviews most of
      the TCP/IP protocol, and then discusses how the ways that different
      systems populate fields of the IP header can be used to identify
      operating systems without a direct connection. The discussion in
      chapter ten starts with passive mapping of an inaccessible network,
      but the attack described seems to be intended for sequence number
      guessing (and session hijacking). Chapter eleven addresses weaknesses
      in various types of firewalls. Dissection of an odd packet is in
      chapter twelve, a method of third party scanning in thirteen, some
      possible metrics for identifying software in fourteen, and some ways
      of recognizing attacker machines in chapter fifteen.

      Part four supposedly attempts to relate these disparate elements,
      apparently without much success. Chapter sixteen describes a storage
      method using packets bouncing around the net, seventeen looks at
      different methods of mapping the net and some possible uses, and
      eighteen considers the discovery of worms and other malware via the
      capturing of unusual packets.

      The material in the book is fascinating in places. However, the work
      is not structured in a way that makes the security implications
      obvious (the writing is not very direct, and the narrative or topical
      thread tends to wind around subjects), and, in fact, the security
      implications aren't very powerful at all. Yes, in the end, the author
      has written mostly about passive and indirect attacks, but the methods
      covered are unusual, and probably not very useful. Most of the
      material concentrates on rather weak covert channels. In this regard
      it can have some uses in a minor way: covert channel examples are not
      abundant in the general security literature. The attacks suggested
      are interesting thought experiments, but have limited uses either in
      attack or defence. As "Trivial Pursuit" (meaning the game of oddball
      facts) for the tech crowd it's great, but the author never intended
      the text to be a vulnerability warning.

      copyright Robert M. Slade, 2005 BKSLNOWR.RVW 20050603

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      Success usually comes to those who are too busy to be looking for
      it. - Henry David Thoreau
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.