BKHTCRRV.RVW 20041016 "High Tech Crimes Revealed", Steven Branigan, 2005, 0-321-21873-6, U$29.99/C$42.99 %A Steven Branigan steveb@cyanline.com %C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8 %D 2005 %G 0-321-21873-6 %I Addison-Wesley Publishing Co. %O U$29.99/C$42.99 fax: 416-443-0948 800-822-6339 bkexpress@aw.com %O http://www.amazon.com/exec/obidos/ASIN/0321218736/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/0321218736/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/0321218736/robsladesin03-20 %P 412 p. %T "High Tech Crimes Revealed" The title is a wee bit misleading: it is not the crimes that are revealed here as much as it is the investigations, and investigative techniques and tips. As such, the initial material in the book is more valuable than many of those that do concentrate on the crimes themselves. Chapter one deals with an insider attack at a telephone company. Branigan tells the story well (if sometimes a bit flippantly) and also provides "rules" for an inquiry as the account progresses. The narrative points out errors that were made (or fortuitously missed) and notes what might have been done better. A simple case of ISP (Internet Service Provider) banner defacement turns out to have larger ramifications in chapter two. But, the supply of rules seems to dry up, although there are notes reiterating or expanding on them. Some accidental discoveries result in the discovery of a pornographic service, in chapter three. Chapter four outlines a hacker sting operation. Identity theft is superficially reviewed in chapter five, but the "case" is minor, and only used as a lead in. There are interviews with a couple of blackhats (which, if you've read Denning's, Gordon's, or Taylor's work, don't teach very much) in chapter six. Chapter seven examines the motives of different types of blackhats. It is difficult to say that this material will help in understanding attacks or protecting systems. There is a brief history of information technology in chapter eight. The essay on high tech crime in chapter nine is a bit redundant at this point. There is also some questionable material, retailing myths such as Al-Qaida's use of steganography and the salami scam. Chapter ten describes some common mistakes in an investigation, and eleven lists an overall, if simplistic, investigative outline. Chapter twelve finishes off by recapping miscellaneous thoughts. The reports of investigations that begin the book are interesting, particularly since all too many books about computer crime concentrate on technical details, and forget the legal realities (or, like Kovacich's and Boni's "High Technology Crime Investigator's Handbook" (cf. BKHTCRIH.RVW) concentrate on the career and forget the job). It is disappointing that Branigan's work trails off into more vague generalities. copyright Robert M. Slade, 2004 BKHTCRRV.RVW 20041016