You think you've got problems, Ovid? Check out our script kiddy melodrama. My poor author (not a terrorist, he assures us) ended up writing up his life history to explain why he was not, in fact, wanted by any law enforcement areas.
--Nat
What a mess. It almost sounds like those people who attacked "The Passion of the Christ" as anti-semitic, even though they hadn't seen it and it hadn't been released yet (I've not seen it, so I can't comment).
Hopefully, this will fall under the "no press is bad press" category.
Re:Nobody here but us terrorists ... uh ... chicke
rjray on 2004-03-10T00:24:16
Funny, I was going to make the same comparison. The fact that so many of the people were acting as though they had bought the book and felt gypped, when the book hasn't even left the warehouses, was a real tip-off.
As it is, I'm more likely to buy the book, now. Even if only out of spite:-). gnat has made another indirect sale... Re:Nobody here but us terrorists ... uh ... chicke
Ovid on 2004-03-10T00:35:19
Well, I'll certainly pick it up now that I know about it. Woo Hoo! gnat's made two whole sales! They're going to make him a marketing exec now
:) Re:Nobody here but us terrorists ... uh ... chicke
gnat on 2004-03-10T01:34:28
Oh man, what did I ever do to you to deserve that?!They're going to make him a marketing exec now:-) --Nat
Re:well....
mock on 2004-03-09T21:40:13
He's got a pretty poor reputation, and deservedly at that. That said, the GOBBLES and phc people can be real assholes.Re:well....
hfb on 2004-03-10T07:28:56
Yeah....the people I know don't think much of him either. Even the 2600 crowd aren't all that keen on him as I remember. Most people in this business can be real assholes:) It's worse than Hollywood. Re:well....
gnat on 2004-03-10T19:48:51
And yet he's friendly, prompt, and write us a good book. Weird, huh?--Nat
Re:well....
mock on 2004-03-12T00:02:45
We'll see. I'll probably pick this book up, like I pick up every other security book, but it looks like it will suffer from the same flaw too many other security books suffer from. Too much high level wanking, and not enough hacking. I'm open to being pleasantly surprised though.Re:well....
gnat on 2004-03-12T05:07:59
I'll send you a copy, no need to take the risk. (email sent).So what security books would people want to see?
--Nat
Re:well....
chromatic on 2004-03-12T06:36:37
I speak for a thousand silent brethren when I say High Volume Website Security Hacks! (I don't personally care, though.)
Re:well....
jhi on 2004-03-12T07:14:04
While to someone it may be kewl to read a book written by someone poking in from the outside, that is at worst pretty one-sided, and I think tells you little of what to do to harden your security. While it's often parroted that to catch a criminal you have to think like one to really get a balanced view you would need to have both sides covered. Those outside do what they do out of maliciouness/greed/boredom/intellectual challenge/fame in their own circles/financial gain, but those inside do have equally valid reasons to defend themselves.
For example, how do you train your people about security, how do you prepare against social engineering? As long as people click-through their virus-laden emails or answer on the phone "sure, it is..." to a phone call asking for their password, I wouldn't bother overly much talking about e.g. firewall rules or encryption. Re:well....
mock on 2004-03-13T00:26:46
Thanks, already sent you a reply.
I'd really like to see a good reverse engineering book with more of a pragmatic bent. If someone from LSD, teso, or ADM could be convinced to write it with real examples for a technical audience it would be killer.
A good pragmatic book on code auditing would be nice as well. Something with plenty of real examples ideally written by someone who has published plenty of exploits (openbsd team would be nice, but unlikely).
Other than that, someone should talk to shok at w00w00 about.net code auditing, someone should talk to Halvar about some of the cool reverse engineering tools and techniques he's been pioneering, and someone should make a deal with the guys over at MISC magazine, collect up their stuff and translate it into english, and publish it as a book (http://www.miscmag.com).
but that's just off the top of my head;)
