BKBDMMRY.RVW 20000122 "Bad Memory", Duane Franklet, 1997, 0-671-00066-7 %A Duane Franklet %C 1230 Avenue of the Americas, New York, NY 10020 %D 1997 %G 0-671-00066-7 %I Simon & Schuster %O +1-212-698-7541 %P 408 p. %T "Bad Memory" I liked this book. The plot is gripping, right up to the end. (The ending isn't exactly satisfying: you would think that Franklet, having dragged the reader through all manner of mayhem, would relent a bit and lighten up.) The central character is very sympathetic, as well as being very real. One part of the plot makes no sense, and doesn't fit with anything else, but it isn't essential, and doesn't necessarily detract from anything. The technology is generally pretty good, too. A lot of things are right, or almost so. (There is one piece of communications technology that seemed rather stupid to begin with, but turns out to be quite valid. Except that to discuss it would be to give the game away, and that wouldn't be fair.) Let's start with the technology parts that are right. The computer industry and work background is great. Realistic, not too far off the beam either way. The computers are authentic, if just a little bit dated for the time the book was written. The fact that computers would have different versions, levels, and configurations is true, though. The description of technical support is quite accurate. Even the undelete capability is used to good advantage. The specifics of various of the cracker attacks are unclear (not detailed), but don't work as well. The configuration of most machines that are described rely on DOS (possibly with Windows 3.x on top) and probably a Novell network. An H: drive is therefore probably not a local drive. An error message given at one point is for a floppy drive, not for a hard drive. "Address unavailable" wouldn't show up when doing low level packet sniffing on an Ethernet network. An Ethernet address could quite easily disappear from the net without a trace: all it would have to do is stop transmitting. (On Ethernet you don't want extraneous transmissions.) Windows, DOS, or Novell patches generally aren't distributed in the manner described, and certainly most of the patches so distributed would *not* immediately be implemented. A data security specialist would probably not hold an executive position at the level described. A company of the size and type described would probably have, at most, a handful of security people, rather than the department that seems to be available in the book. An outside security team of the type described would probably not be feasible: security is more of a management than a technical task, and having a bunch of outsiders come in and turn your company upside down would likely do more harm than good. One final note: cellular call detail definitely would be available to the account holder of record. Call detail, according to American law, must be made available to the paying party, and cell calls both made and received by the cell phone generate an airtime charge. Most people probably aren't aware of this, but even if you block caller ID, a call to an 800 number means the owner of the 800 number gets your number. copyright Robert M. Slade, 2000 BKBDMMRY.RVW 20000122