BKNDRGND.RVW 970723 "Underground", Suelette Dreyfus, 1997, 1-86330-595-5, A$19.95 %A Suelette Dreyfus %C 35 Cotham Road, Kew 3101, Australia %D 1997 %G 1-86330-595-5 %I Reed Books/Mandarin/Random House Australia %O A$19.95 +61-2-9550-9207 fax: +61-2-9560-0334 %O debbie@iaccess.com.au %P 475 %T "Underground" This book is yet another gee-whiz look at teenage mutant wannabe-high- tech-bandits. The stories revolve around a number of individuals with loose links to one particular bulletin board in Melbourne, Australia, all engaged in system intrusions and phone phreaking. An immediate annoyance is the insistence of the author in referring to system breaking as "hacking." ("Cracking" seems to be reserved for breaking copy protection on games and other commercial software.) If any actual hacking takes place--creative, or otherwise sophisticated, use of the technology--it isn't apparent in the book. The descriptions of activities are vague, but generally appear to be simple "cookbook" uses of known security loopholes. This may not accurately reflect the events as they transpired, since the author also betrays no depth of technical knowledge, and seems to be willing to accept boasting as fact. The bibliography is impressively long until you realize that a number of the articles are never used or referenced. At which point, you wonder how much material has even been read. The structure and organization of the book is abrupt and sometimes difficult. Social or psychological observations are arbitrarily plunked into the middle of descriptions of system exploration, and, even though the paucity of dates makes it difficult to be sure, they don't appear to be in any chronological sequence, either. Those who have studied in the security field will recognize some names and even "handles," but the conceit of using only handles for members of the "underground" makes it difficult to know how much of the material to trust. Early chapters foreshadow dire events to overtake "Craig Bowen" and Stuart Gill: Bowen never gets mentioned again, and Gill is only mentioned twice, peripherally. (In combination with frequent allusions to ignorance on the part of law enforcement agencies, one might suspect that a kind of Australian version of "The Hacker Crackdown" [cf. BKHKCRCK.RVW] was planned, but, if so, it didn't come off.) The book's attitude is also oddly inconsistent. In places, the crackers and phreaks are lauded as brilliant, anti-establishment heroes; but, by and large, they are portrayed as unsocialized, paranoid, spineless non-entities, who have no life skills beyond a few pieces of pseudo-technical knowledge used for playing vicious pranks. So thorough is this characterization, that it comes as a total shock to find, in the afterword, that not only do these people survive their court convictions, but also become important contributing members of society. The author seems to feel quite free to point fingers in all directions. The absurdity of giving "look-see" intruders larger prison sentences than thieves or spies is pointed out, but not the difficulty of legally proving intent. After repeatedly hinting at police incompetence, brutality, and even corruption, the book ends with a rather weak statement implying that the situation is getting better. The common cracker assertion that if sysadmins don't want intruders, then they should secure their systems better, is followed up with no discussion of surveys showing only one full-time security person per five thousand employees, and only passing mention, by one of the ex-intruders, of the extreme difficulty in doing so. Poor family situations are used so frequently to justify illegal activities that one feels the need to point out that *most* products of "broken" homes do *not* become obsessive, paranoid loner criminals! It is interesting to see a book written about a non-US scene, and from a non-American perspective. Technically and journalistically, however, it has numerous problems. copyright Robert M. Slade, 1997 BKNDRGND.RVW 970723