Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Black Hat Physical Device Security", Drew Miller

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKPHDVSC.RVW 20050615 Black Hat Physical Device Security , Drew Miller, 2005, 1-932266-81-X, U$49.95/C$72.95 %A Drew Miller jdrewm@gmail.com %C 800
    Message 1 of 1 , Aug 12, 2005
      BKPHDVSC.RVW 20050615

      "Black Hat Physical Device Security", Drew Miller, 2005,
      1-932266-81-X, U$49.95/C$72.95
      %A Drew Miller jdrewm@...
      %C 800 Hingham Street, Rockland, MA 02370
      %D 2005
      %G 1-932266-81-X
      %I Syngress Media, Inc.
      %O U$49.95/C$72.95 781-681-5151 fax: 781-681-3585 amy@...
      %O http://www.amazon.com/exec/obidos/ASIN/193226681X/robsladesinterne
      %O http://www.amazon.ca/exec/obidos/ASIN/193226681X/robsladesin03-20
      %O Audience i- Tech 2 Writing 1 (see revfaq.htm for explanation)
      %P 363 p.
      %T "Black Hat Physical Device Security"

      The introduction asserts that products are insecure, and also tries to
      say something about trust. There is no clear statement in regard to
      the purpose or intent of the book, however. In addition, there are an
      alarming number of grammatical and spelling errors, and this error
      rate doesn't get any better in the course of the text.

      Chapter one notes that it is possible to program safely. Most systems
      have bugs, notes chapter two, but despite the fact that we have to
      rely on insecure systems, the document points out that we can retrofit
      security onto systems. Encryption is covered in chapter three, which
      also contains ten pages of C language source code, which apparently is
      an attempt to convince you how simple encryption is. There is also
      some discussion of standard authentication forms and biometrics: it
      seems rather odd, but is tied in towards the end of the chapter with a
      discussion of how encryption can protect authentication data. Chapter
      four describes a number of attacks involving input, and suggests
      mitigating procedures. Monitoring of data submitted is recommended in
      chapter five. Various hardware security devices are considered in
      chapter six. Chapter seven is mostly authentication, and a little bit
      of cryptography. There is more on monitoring in chapter eight.
      Chapter nine closes off with discussions of notification.

      Given no stated purpose for the book, it is very difficult to say
      whether it reaches its own, or any other, objective. There are scraps
      of useful information contained in these pages, but little structure
      and no apparent purpose.

      copyright Robert M. Slade, 2005 BKPHDVSC.RVW 20050615

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      If a train station is where a train stops, what happens
      at a workstation? - Frederick Wheeler
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.