Product Description

Sidestep VoIP Catastrophe the Foolproof Hacking Exposed Way

"This book illuminates how remote users can probe, sniff, and modify your phones, phone switches, and networks that offer VoIP services. Most importantly, the authors offer solutions to mitigate the risk of deploying VoIP technologies." --Ron Gula, CTO of Tenable Network Security

Block debilitating VoIP attacks by learning how to look at your network and devices through the eyes of the malicious intruder. Hacking Exposed VoIP shows you, step-by-step, how online criminals perform reconnaissance, gain access, steal data, and penetrate vulnerable systems. All hardware-specific and network-centered security issues are covered alongside detailed countermeasures, in-depth examples, and hands-on implementation techniques. Inside, you'll learn how to defend against the latest DoS, man-in-the-middle, call flooding, eavesdropping, VoIP fuzzing, signaling and audio manipulation, Voice SPAM/SPIT, and voice phishing attacks.

• Find out how hackers footprint, scan, enumerate, and pilfer VoIP networks and hardware
• Fortify Cisco, Avaya, and Asterisk systems
• Prevent DNS poisoning, DHCP exhaustion, and ARP table manipulation
• Thwart number harvesting, call pattern tracking, and conversation eavesdropping
• Measure and maintain VoIP network quality of service and VoIP conversation quality
• Stop DoS and packet flood-based attacks from disrupting SIP proxies and phones
• Counter REGISTER hijacking, INVITE flooding, and BYE call teardown attacks
• Avoid insertion/mixing of malicious audio
• Learn about voice SPAM/SPIT and how to prevent it
• Defend against voice phishing and identity theft scams

Customer Reviews (3)

Lots of interesting info, but mostly about enterprise VoIP (not carrier/hosted VoIP)
This book has a lot of good background info on VoIP systems. It covers Cisco Call Manager, Avaya, and Asterisk VoIP systems in depth.

It's definitely focused on SIP and RTP, and focused on Enterprise VoIP deployments. The authors appear to be unaware of hosted / carrier VoIP, such as used by Verizon. The authors don't mention anything about BroadSoft BroadWorks, MetaSwitch, Acme Packet, Sylantro, or others, though their general technology coverage certainly relates to these systems. I also wish they had considered some of the very popular SIP phones -- e.g., Linksys and Polycom.

They give examples of using numerous VoIP security-scanning / exploit tools. The theoretical attacker in the book likely has physical access to the target network, or at least layer-2 (Ethernet) access. Many of the attacks are much more difficult or impossible if you're attacking across the Internet.

Still, coverage of the tools is very useful to a Carrier VoIP researcher.

Invaluable VoIP Security Handbook
In this book David Endler and Mark Collier have pulled together a vast wealth of material about hacking VoIP networks at every possible level. More than this, they have also created new value in the form of software test tools, which they have published on an accompanying website. It really is a must-have reference book for anyone working in VoIP.

Chapter 1 talks about Google hacking, or in other words, using the Internet to find out things about a target network. They show that Google can be a crucial tool in finding out what type of hardware and software you use in your VoIP networks, and in some cases will give vital clues even about how to login to the management systems of your network from the Internet. If this doesn't scare the bejesus out of you, then proceed on to further chapters about more VoIP-specific issues.

Chapters 2 and 3 detail the kind of tools a hacker might use to scan your network and enumerate all the devices, i.e. build their own map of how your network is laid out, right down to the telephone numbers and MAC addresses of desktop phones. Chapter 4 talks about Denial-of-Service, and the kind of attack resources that hackers might use to cripple a telephony network.

Chapter 5 is on VoIP eavesdropping, talking about some existing tools that can be used for this (Oreka, Wireshark and the unpleasantly named vomit), and as in the earlier chapters, some suggestions on how to defend against such a type of threat. Chapter 6 goes further to explain how a VoIP man-in-the-middle attack might be mounted, giving the possibility not just to listen, but to modify, replace or remix the audio stream.

Chapters 7, 8, 9 talk about specific platform threats, namely to Cisco Unified CallManager, Avaya Communication Manager and the Asterisk PBX. The vendors have added their own comment to these chapters, at the request of the authors. Chapter 10 takes in Softphones, including Google Talk, Gizmo, Yahoo and of course the ever popular Skype.

Chapter 11 describes VoIP fuzzing, or in other words, testing protocol stacks for flaws, so this is useful for those developing VoIP systems and applications. Chapter 12 talks about disruption of networks using flooding techniques and chapter 13 talks about Signaling and Media Manipulation.

The final section of the book is entitled Social Threats, and talks about SPAM over Internet Telephony (SPIT) in Chapter 14, followed by Voice Phishing in Chapter 15. Neither of these threats are in frequent use yet, but their use is certain to increase in the future, so this is a good moment to get to grips with what this means.

This is a highly technical book, but for managers responsible for IT security but not immersed in the details I would say this: buy the book, and read the case studies. There are five sections to the book, and each starts with a short case study. Invest 20 minutes in reading these, and you will start to get an appreciation for how important VoIP Security will be in the future. Then pass the book on to your hands-on security guy and tell him to read it from cover to cover.

A great Hacking Exposed and VoIP security book
Hacking Exposed: VoIP (HE:V) is the sort of HE book I like.It's fashionable to think HE books are only suitable for script kiddies who run tools they don't understand against vulnerable services they don't recognize.I like HE books because the good ones explain a technology from a security standpoint, how to exploit it, and how to defend it.I thought HE:V did well in all three areas, even featuring original research and experiments to document and validate the authors' claims.

HE:V is a real eye-opener for those of us who don't perform VoIP pen testing or assessments.It's important to remember that the original HE books were written by Foundstone consultants who put their work experience in book form.HE books that continue this tradition tend to be successful, and HE:V is no exception.Good HE books also introduce a wide variety of tools and techniques to exploit weaknesses in targets, and HE:V also delivers in this respect.HE:V also extends attacks beyond what most people recognize.For example, everyone probably knows about low-level exploitation of VoIP traffic for call interception and manipulation.However, chapter 6 discusses application-level interception.

HE:V goes the extra mile by introducing tools written by the authors specifically to implement attacks.In at least one case the authors also provide a packet capture (for the Skinny protocol) which I particularly appreciate.HE:V also looks ahead to attacks that are appearing but not yet prevalent, like telephony spam and voice phishing. Taken together, all of these features result in a great book.You should already be familiar with the common enumeration and exploitation methods found in HE 5th Ed, because the HE:V authors wisely avoid repeating material in other books (thank you).

If you want to understand VoIP, how to attack it, and how to defend it, I highly recommend reading HE:V.The book is clear, thorough, and written by experts. ... Read more

Product Description
We're not just playing games. You love your PSP. You loved the first edition of this book. If you're ready for more fun, here it is. Check out: Networking hacks that let you IM and speed up multiplayer game action. Awesome audio, video, and image hacks. Game hacks that let you use a single UMD cartridge for multiplayer games. The ever-popular homebrew applications, with secrets for sneaking them past the firmware. We're taking playtime to a whole new level.

Let the fun begin with complete instructions on how to do all this and more with your PSP, including:

• Speeding up Web surfing.
• Getting maximum quality when moving video or audio to your PSP.
• Using your PSP like an iPod.
• Transfering DVDs to your PSP.
• Getting more power.
• Playing multiplayer games with a single UMD.
• Writing homebrew apps, even if you've never programmed before.
• Learning to fool, and even downgrade, your firmware.
• Running Linux? and Windows?.

Visit hackingpsp.com to post your questions on the author's forum, download any files you need, get updates to the book, and check out new hacks the moment they're available. ... Read more

Customer Reviews (22)

Good and interesting book
This book is really interesting and full of informations to extend the usage of this fantastic device.
I liked the continuos reference to Internet sites and links in order to keep the contents always up-to-date.

Useless with current edition of PSP
This book is useless.

Sony's 3000 series PSP cannot be hacked to do what author writes about.

This book was good in its day...now it's just something to put in the fireplace as obsolete / worthless.

One caveat
At the time of the writing of this review, there is no hack to downgrade PSP firmware V2.81 or higher. Downgrading your PSP's firmware is essential for many (but not all) of the hacks provided in the book; e.g. running homebrew software won't work under V2.81+.
PSP firmware V2.81 was, I believe, released in the fall of 2006. The current version is V3.80. Thus, if you bought your PSP only recently, you may not be able to use a lot of the stuff in the book unless a hack for the newer versions becomes available.

tech book
This is a good book, but it is not from folks who are not techies

Lots of interesteing info.
Even if you think you know it all, you're bound to learn something here. Some of the info is pretty basic, but there's a lot of stuff I didn't know you could do. There's also interesting mod projects and whatnot. The only drawback is just the nature of print media in a constantly evolving area like this (example, the firmware roll back stuff has changed a lot in the past few months.) Still a recommended book for PSP fans. ... Read more

Product Description

Handmade Electronic Music: The Art of Hardware Hacking provides a long-needed, practical, and engaging introduction to the craft of making - as well as creatively cannibalizing - electronic circuits for artistic purposes. With a sense of adventure and no prior knowledge, the reader can subvert the intentions designed into devices such as radios and toys to discover a new sonic world. At a time when computers dominate music production, this book offers a rare glimpse into the core technology of early live electronic music, as well as more recent developments at the hands of emerging artists. In addition to advice on hacking found electronics, the reader learns how to make contact microphones, pickups for electromagnetic fields, oscillators, distortion boxes, and unusual signal processors cheaply and quickly.

This revised and expanded second edition is extensively illustrated and includes a DVD featuring eighty-seven video clips and twenty audio tracks by over one hundred hackers, benders, musicians, artists, and inventors from around the world, as well as thirteen video tutorials demonstrating projects in the book. Further enhancements include additional projects, photographs, diagrams, and illustrations.

Customer Reviews (11)

the bese book ever.
This book is what every IC Bender needs it goes from the simple project to various experimental projects and the vidoes are a huge help. A must have for those who want some new ideas in beding.

Great way to get your hands charged for the first time
This book is, apparently, compiled from course materials for what must be a very fun class.It mostly covers two broad topics.First, producing unexpected sounds from radios and the circuit boards in toys, and modifying those devices in simple ways, such as adding photoresistors or new circuit board connections.Second, building simple synthesizers from scratch.The skills taught are basic, and form the building blocks for infinite exploration.The tools and parts needed are all inexpensive (often costing mere pennies).The included CD is great fun, but best saved for later listening, since it contains "spoilers" of what some of the projects might sound like.

Because of the book's origination in a class situation, the explanations and pictures are not always ideally clear.There are a lot of typos. However, the writing is so engaging and the book is so much fun that it still deserves 5 stars.Where the book is incomplete ("how to I de-solder something?"), the Web is there.

The book is clearly aimed at musicians without any electronics experience.Nonmusicians might still enjoy it, but a joy in playing with sound is absolutely required.I suspect the book would be way too basic for people with any significant experience in electronics.

As sidebars, the book includes a considerable amount of history of electronic music -- who's who and what they've been up to.

If you can't crack it open, it doesn't really belong to you.
A great guide to taking apart old electronic noisemakers and turning them into something new. Also includes simple DIY electronic circuits with all the steps. The projects are compelling and workable. Give this to a young person and change their whole outlook on DIY.

Excellent Book, Great For Novices & Experienced Alike
This is a really fun book, with lots of projects for budding electronic musicians. But it goes beyond that: It's a solid intro to electronics and CMOS components. I went into this book thinking it might be too basic, yet I walked away with a lot of ideas, and some interesting new techniquess.

I wish that more electronics writers would cover the material with this author's style and accuracy. Also, kudos for providing parts sources and for using easy to find and inexpensive components. (I've seen many people, myself included, become frustrated by hard-to-find parts lists or the use of discontinued items. These projects suffer from neither of those problems.)

In the end, you'll be left wanting to know more about the components and techniques you've picked up. (You'll probably want to add Don Lancaster's classic CMOS Cookbook to your shopping cart. It will give you the details about many of these components.) Highly recommended. I'm looking forward to other books by this author.

so good for electronic musicians and composers
Ah ! this book is one of the best i bought.
I just love it !! ... Read more

Product Description
Put a hacker in a room with a Furby for a weekend and you'll hear a conversation that's fairly one-sided in its originality. Toss in an 802.11b network card, a soldering iron, wire cutters, a logic probe, and a few other carefully selected tools and materials and you'll have potential. Add a copy of Hardware Hacking Projects for Geeks and by the end of the weekend that Furby will be saying things you never imagined.

From How to Hack a Toaster to building Cubicle Intrusion Detection Systems, Hardware Hacking Projects for Geeks offers an array of inventive customized electronics projects for the geek who can't help looking at a gadget and wondering how it might be "upgraded." Beginning with basic hacks, tools, and techniques for those who may not have a background in electronics, the book covers the tools of the hardware hacking trade and basic soldering techniques. Clear step-by-step instructions allow even those with no formal electronics- or hardware-engineering skills to hack real hardware in very clever ways.

Hacks in the book are rated on a scale of difficulty, cost, and duration. Projects range from those that are truly useful to some things you may have never thought to do, but which are really cool, such as:

Building your own arcade game

Making radio-controlled cars play laser tag

Building an automobile periscope

Hacking an 802.11b antenna

Building a building size display

Perhaps you're an electronics hobbyist who likes to learn by doing. Maybe you hack software and want to see how the other half lives. Or, maybe you've never hacked at all, but you'd like to get started quickly with some projects that do something interesting from the start. If you're any of these, then Hardware Hacking Projects for Geeks will indulge your inner mad scientist. Using the projects in this book as a jumping point for other new and clever hacks, it won't be long before you're looking around, asking, "I wonder what I can improve next?" ... Read more

Customer Reviews (11)

For the geeks indeed
I bought this book for one reason:How to hack a furby (and other talking toys).The book is very thorough and I am very satisfied with the explanation.The rest are probably funbut who wants to build an aquarium inside a Mac:-)This is a very interesting book, though.Other topics of interest are How to Hack 80.11b Antennas, Build a PC water-Cooling system, Build an Internet Toaster, Build a Home arcade machine, build a remote Object tacker, build a wearable computer(hmm), build an internet coffeemakerand much, much more.And don't forget to look at Scott Fullam's photo at the back of the book.One look and I could tell its his kind of book.Smile.Cold Eyes

Fun with the Unusual
Useful, fun, or just plain strange projects abound in this book.Some of the unusual but useful projects include creating a portable laptop power supply using regular batteries, setting up a surplus Primestar dish antennae to be a 802.11b wireless system capable of almost ten miles, and creating an advanced digital video system.On the other end of the spectrum is making an aquarium inside a MacIntosh, building an 802.11b antenna from a can, hacking a Furby, and creating a car video periscope.And, of course, there are projects between those two extremes.Each project is classified by cost, time and difficulty level making it easy to determine which ones you might want to tackle.An interesting title for the geek who wants to have the unusual that their friends are not likely to have, Hardware Hacking Projects for Geeks is a fun and unusual read.

Highrise building = LED-style display!?!?
The point of this book is to encourage creative engagement with electro/mechanical technology - to go beyond typical uses - to rediscover the inner inventor and toymaker.
Each project teaches the builder fundamental technologies that can be applied in many situations. Most of the projects can be re-scaled to a range of budgets and available materials.
Well written, illustrated, and resourced. A fun read!

Training the young hardware geek
This is a big, floppy paperback full of projects many geeks or would be geeks already know about.After all, the internet leaks this sort of information all over.However despite some of the projects being a little underwhelming for the geek about town, the fifteen projects would probably be the perfect introduction to hardware hacking for a youngster keen to get into electronics and computers.

Now that there are very few electronic hobbyist magazines around, it is hard to know how any except the most talented youngsters will get started on hacking gadgets, except via books like this.Having a talented toy designer write the book is a great ploy, as many of the best gadgets are derived from subverting toys and general consumer appliances.

Some of the introductory projects are a little wimpy.The author doesn't really make it sufficiently clear that an external battery pack for a notebook computer is unlikely to extend your working time much (alkaline batteries are ill suited to most high current drain computers).However there is an undeniable need for a very simple introduction to the tools and materials you need to use.This is one of six tasks teaching tools and materials.The last couple are hacking Furbys, and making a video periscope for a car.

The advanced section includes digital video recorders, building lighting control, a remote GPS object tracker (just like James Bond).There is a very nice one chapter introduction to making wearable computers.

The book would make a perfect gift for the potential hardware geek.

Very accurate and true to form
After making a few these hacks you learn a couple things about the book.Try to stay with the recommended materials list and you will do fine.It also gets you working on the basics of circuitry.However it is as labeled "projects" not really anything too much to learn from, but great if you just want to have some fun. ... Read more

Product Description

Save yourself some money! This complete classroom-in-a-book on penetration testing provides material that can cost upwards of $1,000 for a fraction of the price!

Customer Reviews (6)

PPT is an excellent and easy read
I have read quite a few books covering the security field and have found most of them very dry and hard to read. Thomas Wilhelm's PPT book is the exception, I found it easy to read and managed to complete it in a weekend. The book will suit both the security professional and those new to the security field. The technical depth of the book will benefit systems administrators who need to gain an understanding of penetration testing. The project management aspects of the book will benefit the security professional moving into a more managerial role.

A Very Good book for the intended Audience
I recently finished going through Professional Penetration Testing by Wilhelm. This book is very good for beginers and advance Pen testers. In the past there have not really been any texts that focused on the entire process of Penetration testing. This is where Professional Penetration Testing excells. It goes over the entire process from start to finish.

For beginners, this text gives a very good overview of the entire penetration testing process from scoping all the way to writing an executive summary. For advanced testers, the most valuable sections are problaby the ones on testing frameworks, scoping, and report writing. I have met many testers who were excellent technically but could not communicate the results effectively to business leaders, this book will help these testers improve in that area. Advanced Pen Testers will probably not learn any technical tricks from this text.

My only complaint about the book is that it doesn't really go into how any of the exploits that one would use in pen testing work. For example, the author gives a listing of different NMAP scan options and very briefly goes over what the options are, but doesn't really explain why you would use one over the other. I am guessing that this omission is primarily due to the space required to add such information and the that the goal of the text seems to be to give the whole view of pen testing without going into too much deatil on any section.

Should be called "Professional Pen Testing Project Management"
I had fairly high hopes for Professional Penetration Testing (PPT).The book looks very well organized, and it is published in the new Syngress style that is a big improvement over previous years.Unfortunately, PPT should be called "Professional Pen Testing Project Management."The vast majority of this book is about non-technical aspects of pen testing, with the remainder being the briefest overview of a few tools and techniques.You might find this book useful if you either 1) know nothing about the field or 2) are a pen testing project manager who wants to better understand how to manage projects.Those looking for technical content would clearly enjoy a book like Professional Pen Testing for Web Applications by Andres Andreu, even though that book is 3 years older and focused on Web apps.

PPT offers 18 chapters, with 12 chapters on project management and non-technical issues, and 6 ostensibly covering technical issues.The technical material is limited to the basics of conducting reconnaissance, running Nmap, Nessus, CORE IMPACT, Ettercap, Aircrack-ng, Netcat for "maintaining access," SSH for an "encrypted tunnel," and trivial file and script changes to "cover tracks."Seriously.I'm sure some review readers are saying "sometimes it's just that easy." That's true, but we don't need a 528 page book with an outrageous price tag to read about these well-known methods.If your experience with pen testing is limited to this book, take a look at Andres Andreu's title to see the sort of material you should expect in a book on pen testing.

I didn't find the project management parts all that helpful, either.Some of it just repeats material published in various guides like the Open Source Security Testing Methodology Manual.Other sections repeat certification descriptions found on vendor Web sites.It is clear the author really cares about project management, so maybe he should have just written a book on project management for security managers?

I gave the book three stars because I didn't find the book to be technically or managerially incorrect.(If that had been the case, I would have rated it two stars.)If you want much better coverage on technical matters not found in Andreu's book, try the core Hacking Exposed titles.They address the same topics that PPT barely introduces.

Must Have
I have been a system administrator for several companies and needed a good way to mirror the networks that I am using to find the security holes in them. The virtualization that is explained and the methodology is wonderful for this. As the author explains, a lot of times you don't or can't test things out on a "live" network, this is one of the better ways to find out where many of the flaws are and correct them. The CD that comes with the book is more than worth the price of the book. It has many of the scenarios and exercises that will help you to understand more about pen testing.

Excellent Read
I'm a Systems Administrator that has been in the business for a little over 10 years.I've been looking for a change of pace and realized that I am married to IT.So I decided to research the Information Systems Security field a bit more.One of the things I wanted to learn more about was how hackers make there way into a network.Found this book on the Ethical Hacker website and the author was nice enough to allow them to host a chapter of the book.I'm about half way through the book and finding it an enjoyable read.The author spends more time focusing on the project cycle of a penetration test rather than how to use the tools.This is great because learning to use the tools can be done with a few google searches.I would highly recommend this book for seasoned IT pros that are thinking about getting into the ISS field. ... Read more

Product Description
In this important new study Ian Hacking continues the enquiry into the origins and development of certain characteristic modes of contemporary thought undertaken in such previous works as his best selling Emergence of Probability. Professor Hacking shows how by the late nineteenth century it became possible to think of statistical patterns as explanatory in themselves, and to regard the world as not necessarily deterministic in character. Combining detailed scientific historical research with characteristic philosophic breath and verve, The Taming of Chance brings out the relations among philosophy, the physical sciences, mathematics and the development of social institutions, and provides a unique and authoritative analysis of the "probabilization" of the Western world. ... Read more

Customer Reviews (5)

Interesting Commentary
This is an extended essay by the distinguished philosopher Ian Hacking on the theme of probability versus determinism.Something of a hybrid, this is not strictly a philosophical work but a historical commentary on how ideas of chance and probability developed in the 19th century.As Hacking points out at the beginning of the book, a deterministic view of the world was demolished by the emergence of quantum mechanics in the 20th century.In The Taming of Chance, Hacking covers the development of statistics as a discipline and ideas of probability to demonstrate the gradual undermining of the notion of determinism in the course of the 19th century.Hacking opens with Enlightenment ideas of causation, very much under the influence of Newtonian mechanics, and concludes with the thought of CS Peirce, whom he sees as exemplifying acceptance of essentially stochastic views of causation.

Hacking presents this change in world view as driven by a number of intersecting, complex, and unexpected phenomena.A major one was the expansion of the state and systematization of government, particularly associated with Napoleonic France.This leads to the generation of large demographic and social datasets that often reveal unexpected regularities, such as the persistent uneven male to female birth ratio.These datasets not only require new methods of analysis but led to the idea of the idea of statistical 'laws.'Hacking emphasizes that the collection and analysis of this kind of data was driven in part, and in turn fed, by a desire to achieve a higher level of social control.The emergence of social statistics combines with a number of other trends, such as the idea of organ pathology in medicine, the increasingly physiological orientation in biology, and a general emphasis on quanitification in the sciences, to generate a set of new attitudes towards data and ideas of causation.In several aspects, Hacking presents a series of apparently paradoxical or perhaps ironic events, such the desire for improved social control contributing to recognition of stochastic causation, which ultimately transform ideas of causation.

In many respects, this is a somewhat exploratory essay and Hacking's narrative is not laid out smoothly.This book presupposes some prior knowledge of 19th century science and philosophy.It is also dense in the sense that Hacking has compressed a great deal of analysis into a relatively short book.Nonetheless, its worth taking the effort to read it carefully because of Hacking's insightful analysis and knowledge of a broad range of 19th century intellectual history.His reconstruction of how we got from the Enlightenment to Peirce is really impressive.

This book is notable also for Hacking's interesting comments on a number of other features.He has an interesting discussion, for example, of the development of the concept of normality and its consequences.His brief comment about the relationship between Peirce's pragmatism and 19th century idealism is really illuminating.

A fascinating chapter in the 'history of the present'.
This is a fascinating book, which charts the gradual development of statistical ideas in the nineteenth century, along with associated concepts, such as normalcy, chance, and determinism.

However, a few criticisms are in order. Hacking reports that there was a certain conceptual incoherence surrounding ideas relating to statistics in the 19th century, especially concerning ideas relating to determinism and chance. But I'm not quite sure that Hacking has been able to find the thread out of this confusion, as some confusions appear to remain rather resistant in spite of the narrative, which in general is admiringly clear. Three points will serve as examples:

Eastern and Western: Hacking describes two broad classes of reaction to the development of statistical reasoning; 'Western' (U.K. and France) and 'Eastern' (centred on what was then Prussia) approaches. Western thought, which was largely open to statistical reasoning, is described by Hacking as 'atomistic, individualistic, and liberal'. Eastern thought on the other hand was 'holistic, collectivist, and conservative', and critical of the developing trends of statistics.

Geographical and political issues aside, this characterization almost at once falls apart. For instance, slightly later in the book we are told that statistical methods were resisted in (French) medicine, as medicine was concerned with the individual case, not the average or normal, and hence statistical data was of no use. Immediately after reporting this, Hacking queries, without irony, 'how then could there be a use of statistics in human affairs? In the very institution designed to strip away the individuality of man, namely the court of law'. To add to the confusion, we later find outthat Engel, the Prussian apparatchik, and hence 'Eastern' thinker, considered statistical reasoning to be part of a certain mentality he wished to avoid, that of determinism, which denies individual freedom. Likewise, the economist Wagner, Hacking reports, also adhered to this view. In fact there appears to have been a general resistance to statistical methods in the 'East' precisely because the so-called individualistic methods of the statisticians were seen as a threat to the concept of human freedom and individuality.

Durkheim, the French sociologist, whom we are at one point told was 'immersed' in the Western mentality, nevertheless ascribed the functioning of statistical laws to 'collective tendencies', in fact to 'social forces', rather than to the'underlying little independent causes' of Quetelet, the French pioneer of statistical methodology.

No doubt there was some sort of difference at play here between East and West, but it strikes me that trying to distinguish these two cultures by calling one individualistic and the other collectivist does little to help.

The Title of the book: 'The Taming of Chance', especially if one recalls the title of Hacking's earlier book, 'The Emergence of Probability' which dealt with the preceding era, leads one to think that there are two parts to the development of the ideas mentioned in the book - initially, the emergence of ideas relating to chance and probability, and later their gradual 'taming'. But that would be a mistake. Hacking makes it quite clear that probabilistic and statistical laws were not initially seen to be in conflict with necessity or determinism. Hume, and other enlightenment thinkers, regarded chance as unreal, as merely an illusion caused by lack of knowledge. There was simply no chance around to be tamed, before the nineteenth century. It would appear instead that chance and its 'taming' emerged at the same time - the book then might have been more aptly titled 'The Emergence of Chance'. The idea of 'taming' seems to have slipped in from one of the book's sub-themes, the idea that statistical methods led to greater institutional control of human affairs, or from a certain conception of causality that I shall mention below.

Multiple causality, or causal sets: Quetelet, the French astronomer turned statistician, proposed a theory of 'little independent causes' to explain statistical regularity. The causes of individual cases of, say, suicide, or coin tosses, work independently of each other, but taken as a group, over all cases, they total up in a way predictable by probabilities. As far as Hacking is concerned this explanation 'does not hang together'. Be that as it may, it strikes me that there is an important aspect of Quetelet's purported explanation that deserves attention, and that is the idea that causes are best understood as existing in sets or groups. This idea is reinforced by similar attempts to explain the workings of statistical regularity later mentioned in the book - the holism of Boutroux and Durkheim, as well as the ideas of Peirce and Nietzsche. The latter two, for instance, tried to accommodate probability within causality by claiming that while causality itself may act in a determinate manner, the existence of specific causal laws themselves are a matter of chance. This explanation is not meaningful, it seems to me, unless one brings a prior notion of possibility to play in the existence of particular causal laws -not simply their actuality - as is done with the contemporary notion of possible worlds.To say that laws p, q, and r are possible in certain situations, but only p is actual in this case, is to use the idea of sets or classes of laws which are compossible with certain situations.

There is certainly an ambiguity in the concept of chance; there are at least two ideas involved: chance as opposed to causality, as pure chaos; and chance in consort with causality, 'tamed' chance, so-to-speak, chance that can '[bring] order out of chaos', chance that can support 'laws of chance' (quoted from the book's chapter summaries). Perhaps the idea of causal sets can bring some clarity to a familiar but nevertheless obscure concept, and to help to distinguish between different kinds of indeterminism that are often conflated.

Probable cause to read
Some works of non-fiction manage to be engaging throughout. Others, like the Taming of Chance, are important but can be tough to read through much of the text.Hacking takes on the history of probability; which he describes as "the philosophical success story of the first half of the 20th century."The taming of chance refers to the way apparently irregular events have been brought under the control of natural or social law.

Hacking takes us through the 19th century intellectual battle between adherents of determinism and probability's champions.The book devolves at times into more of a history of thought than a discussion of the implications of these changes in thinking.In fact, the author admits late in the book, "My chapters have become successively more removed from daily affairs."

He describes chance first as a concept that had no place in reasonable discourse during the Enlightenment. With the development of measures of probability around 1830, chance is condemned by "statistical fatalism" to irrelevance. Finally, with the development of quantum mechanics in 1930, chance becomes the critical element of life with which we are all too familiar.

Along the way, we learn that some proponents of probability helped create the idea that free will existed only in theory (from 1830 until 1930).Thus, criminals are behaving predictably and the degree of their personal responsibility is at issue.Hacking concludes, "we have not made our peace with statistical laws about people.They jostle far too roughly with our ideas about personal responsibility."

While I would not consider this book as light summer reading, it will reveal to the determined reader changes in historical thought with which he is not likely to be previously familiar.

not for everyone, maybe
but a mind-opener for those who are ready, an awesomely rewarding book for those who are willing to make the extra effort

Why bother?
If, somewhere, deep within the tortured bowels of this book, there is a central thesis that could be stated in a few short sentences and comprehended by most educated English-speaking peoples,I have yet to find it. Endless restatement,obfuscated in painfully cultivated strings of verbiage, of trivial fact is used to document an hypothesis that if stated clearly could be supported or refuted in about a page-and-a-half and then likely consigned to thegraveyard of such endeavor. The prose is atrue caricature of Derrida's; the logic is a laTour de force. Typical of such works, the authorbegins with a premise and then selectivley seeks textual support.Of course, such an approach can be conveniently utilized to support any premise and if writtenwith sufficient opacity will pass for scholarship and great insight.

The book is an unreadable bloody bore; its value is restricted to its caloric content relative to the market price of a barrel of Texas sweet. ... Read more

Product Description

• From the garage to the living room, Geek House provides hackers with 10 PC-based hardware hacking projects that are not for the faint of heart!
• Taking the DIY mentality to a whole new level, this book teaches techies how to hack, customize, and modify everything-from their sprinkler systems to the temperature of their barbecues
• Adventurous readers will feast on such projects as installing a bar code inventory system for DVDs or CDs, converting RS232 to wireless, scheduling recording from any television in the house, and creating a remote control finder
• Companion Web site includes the custom software and source code needed to power these geeky creations

Customer Reviews (2)

Not realistic
I'm interested in X10 projects as well as other home automation projects throughout the house but I thought this book was a little out of tune to what you realistically would do. I was captured by measuring the temperature of a grill and adjusting the heat. This is showing you a control for a "smoker." Other items you can easily find on the internet such as X10 devices, sprinkler control, etc.

Great Project Frameworks and Ideas
This book is by the authors of PC Toys.The PC Toys projects are relatively easy to implement and spoon feed the reader all the material needed to complete the toys.

I think this is an excellent book.I'm very comfortable with software and coding, but not that great with electronics.

This book is more ambitious, provides good road maps for the different project areas, but the book is written with the intent of the reader branching out and developing their own solution.My interests are X-10 and Wireless based projects.

The companion website provides alot of source code that can be tweeked, or rewritten for your own particular project.

Negatives: not for beginers, could be insufficient for "experts".These statement may be contrary, but instructions lack detail for a complete novice.At the same time, if you have a particular interest in a given area, this book might not be providing you with anything new.

Check out the contents before buying to ensure your going to get a book that gives you the amount of detail you need.A look at the contents page and a quick skim should help decide if it is right for you.

If you liked PC toys, could manage the projects and want something more challenging the chances are you'll like this book.I think it's an excellent source of inspiration for projects. ... Read more

Product Description
How safe is your network? Intrusion Alert: an Ethical Hacking Guide to Intrusion Detection provides an in-depth look at the intrusion detection systems that are currently available to help protect your networks from cyber criminals. The book begins by explaining various security concepts and the basics of security attacks, and then goes on to provide an introduction intrusion detection systems (IDS), how these systems work, and principles of IDS and the IDS architecture. The second section of the book deals with the installation and configuration of various IDS tools including tcpdump, ISA Server 2004 and Snort. Readers learn to implement these products, understand essential administration and maintenance tasks, and fine tune and use the data they provide appropriately. ... Read more

Product Description

Lock down next-generation Web services

"This book concisely identifies the types of attacks which are faced daily by Web 2.0 sites, and the authors give solid, practical advice on how to identify and mitigate these threats." --Max Kelly, CISSP, CIPP, CFCE, Senior Director of Security, Facebook

Protect your Web 2.0 architecture against the latest wave of cybercrime using expert tactics from Internet security professionals. Hacking Exposed Web 2.0 shows how hackers perform reconnaissance, choose their entry point, and attack Web 2.0-based services, and reveals detailed countermeasures and defense techniques. You'll learn how to avoid injection and buffer overflow attacks, fix browser and plug-in flaws, and secure AJAX, Flash, and XML-driven applications. Real-world case studies illustrate social networking site weaknesses, cross-site attack methods, migration vulnerabilities, and IE7 shortcomings.

• Plug security holes in Web 2.0 implementations the proven Hacking Exposed way
• Learn how hackers target and abuse vulnerable Web 2.0 applications, browsers, plug-ins, online databases, user inputs, and HTML forms
• Prevent Web 2.0-based SQL, XPath, XQuery, LDAP, and command injection attacks
• Circumvent XXE, directory traversal, and buffer overflow exploits
• Learn XSS and Cross-Site Request Forgery methods attackers use to bypass browser security controls
• Fix vulnerabilities in Outlook Express and Acrobat Reader add-ons
• Use input validators and XML classes to reinforce ASP and .NET security
• Eliminate unintentional exposures in ASP.NET AJAX (Atlas), Direct Web Remoting, Sajax, and GWT Web applications
• Mitigate ActiveX security exposures using SiteLock, code signing, and secure controls
• Find and fix Adobe Flash vulnerabilities and DNS rebinding attacks 
  
  

Customer Reviews (6)

Not enough content for the price
I have to agree with the other 3-star reviews of Hacking Exposed: Web 2.0 (HEW2).This book just does not stand up to the competition, such as The Web Application Hacker's Handbook (TWAHH) or Web Security Testing Cook (WSTC).I knew this book was in trouble when I was already reading snippets mentioning JavaScript arrays in the introduction.That set the tone for the book: compressed, probably rushed, mixing material of differing levels of difficulty.For example, p 8 mentions using prepared statements as a defense against SQL injection.However, only a paragraph on the topic appears, with no code samples (unlike TWAHH).

Despite having 4 fewer contributors than TWAHH (which had 10), HEW2 showed the signs of overlap common in books by large teams of authors.I also severely disliked the authors' use of their company's SecurityQA Toolbar.Better to advertise the book as a guide to using SecurityQA Toolbar for Web assessment than as a regular Hacking Exposed title.

You can safely skip HEW2.It's likely the next good Hacking Exposed titled on Web security will be Hacking Exposed: Web Applications 3.0.

Great Book.Focused, Concise, and To the Point
The book is a practical guide where every topic is covered completely and succinctly.It does not waste your time with fluff and focuses on cutting edge issues related to Web 2.0 security.This book is not meant to be the end-all for web security.As the title states, it is focused on Web 2.0.If you are an experienced security professional and are looking for a book which will get you up to speed on Web 2.0 security, this is the book for you.

Reliance on author's tool detracts from books potential
Thanks to McGraw-Hill for my review copy.

Based on my review criteria this book should have easily been a 4 or 5 star book, but I gave it 3 stars for its major flaw. Its major flaw is that it only talks about iSec partner's SecurityQA Toolbar as a tool for testing for the different types of web application vulnerabilities. Only discussing one closed source, for pay tool, that only runs on Windows is really disappointing from a security professional standpoint. I really expected a good snapshot in time on the DIFFERENT tools and techniques for doing web 2.0 auditing. There are tons of "for-pay" and more importantly FREE web application scanners and tools that look for the same vulnerabilities discussed in the book and the fact that they don't mention any other tools or methods is very disappointing.

Now that the above is out of the way...lets get on with the likes and dislikes.

Likes:
-The analysis of the samy worm is excellent. They break the code apart and really analyze what's going on and why it worked at the time.
-The chapter on ActiveX security is excellent. It covers a lot of ground on why ActiveX controls are bad, how to fuzz them and how to defend against them.
-The whole first part of the book on Web 1.0 vulnerabilities is well written, I had just finished XSS attacks and having that background helped a lot with the relevant chapters in HE Web 2.0.

Dislikes:
-The book is short, about 246 pages, that's probably too short for the price for a security book.
-A good chunk of the chapters cover over and over installing and using their SecurityQA Toolbar, I only need it once, if that.
-I think the book stops a bit short of actually exploiting Web 2.0 vulnerabilities. It talks a lot about identifying which 2.0 framework an application was built with and identifying different methods in that application, if debug functionality is enabled, and finding hidden URLs but how I exploit SQL injection issues or XPATH injection or LDAP injection issues IN web 2.0 applications is missing. That was the core problem with web 1.0, its still a valid and dangerous entry point for web 2.0 and should have been covered. Hacking Exposed is generally about exploiting vulnerabilities and not stopping at identifying them which is where the book seems to have stopped.

Overall the authors are obviously very knowledgeable about the subject. One of the other reviewers mentioned that it goes from technically very easy to very difficult even within chapters and I think this is true. The code sample for the examples they give are great and their explanations of web 1.0 and the web 2.0 threats is very well written with good examples. Like I said, had it not been for their fixation with their own tool as the only option we have for web 1.0 and 2.0 testing this would have easily been a 4 star book. For those a bit more interested in web 2.0 I would recommend checking out Shreeraj Shah's Web 2.0 Security and Hacking Web Services books and his website which has free web 2.0 auditing tools.

Disappointing sibling of the Hacking Exposed Series
Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions (Hacking Exposed)

The Hacking Exposed Web 2.0 book has proven to be a fairly huge disappointment for me. After some quality technical books in this series, the publisher has released what amounts to a sales tool for the author's software.

The front cover states "Web 2.0 Security Secrets and Solutions" but the inside of the book hasn't really lived up to that hype. Normally, when it comes to books by McGraw Hill with the Hacking Exposed title, I can expect a decent amount of technical detail on the topic at hand. With this book, it was a bit different. Now, before you think I'm blasting this book entirely, I want to make perfectly clear that there is valid information in this book, but in my opinion, it's pretty basic stuff. If you're a beginner in the world of web hacking, then this book might be worthwhile. However, if you've done much web hacking at all, I think you'll be discouraged at the basic nature of the information included.

The sales pitch starts right in Chapter 1 as the iSec Partners push their Security QA toolbar for web assessments. If you visit their website, they have two separate sections that contain potential software you can download and use. The Products section will allow you to download the trial version of this toolbar, but you have to talk to a sales person to get pricing on the software. But a good deal of the content they discuss in the book is based on this tool.

Now, with that said, there are good points for the book as well. For example, McGraw-Hill sticks to the tried and true format formula that provides readers with an overall Risk Rating for each topic, which is based on the popularity, simplicity, and impact of each vulnerability. Some of the topics in the book do have a better amount of detail on the vulnerability than others. They do a decent job of covering the basic security models in play when a web browser is loaded, even including information on the Flash security models.

All in all, this book isn't awful, but it's certainly not going to give you a lot of information that you couldn't already get online. Because the book is so thin, the actual desk reference value of this book is a bit thin as well. You would do better to purchase a more comprehensive book that you can use as a desk reference later, as you work through your various projects.

Good Info, some weak points
Hacking Exposed Web 2.0 is comparable to many of their series, Great information on getting started securing your box, but not without its drawbacks.

I dislike - the thin book, only about 220 useful pages (used to much fatter books). It also often jumps from quite difficult to quite easy often. The difficulty to setting up a test environment, this book would be quite easy for someone who developed all of these environments (from simple HTML and JavaScript to XML and SQL and more) to complete, but it is quite difficult to have these environments readily available to you for testing purposes.

The information is this book is extremely valuable, For a security enthusiast the information gives the reader a great starting point to build on. It has small, short projects (like the rest of the series) that can be completed in reasonable amount of time. It should be noted that this book (once again, like the rest of the series) does require a bit of a commitment, setting up the environment takes time, understanding the text, and doing the proper research will be what makes or breaks the experience for you and what you will gain from it. I would recommend it to anyone with a good understanding of web languages or a strong desire to learn about their security (or lack thereof). ... Read more

Product Description
This serious, but fun, down-and-dirty book will let you make Tiger purr, ensuring that your Mac?s appearance, speed, usability, and security settings are what you want. Author Scott Knaster:

• Shows you how to speed it up, lock it down, or pull back the curtains.
• Dives into default system settings, unlocks hidden gems, and includes original Mac OS X programs with full source listings and explanations.
• Shows heavyweight hackers the tricks and modes of OS X booting, tweaks for login screens, and how to customize or even kill the Dock.
• Offers the inside scoop on Dashboard and Spotlight, including two sample widgets and one Spotlight importer, all with fully annotated source listings.
• Demonstrates how to install and use Unix and X11 applications, take advantage of command line tools, and create system services and active Dock badges.

Order your copy today. ... Read more

Customer Reviews (5)

Empowering your Mac in steps.
This book is most effective if you are sitting in front of your Mac system whether it's a laptop or desktop. Work your way through the examples from start to finish, reading the chapter introduction before embarking on each adventure. While hacking is generally viewed as a more skilled or extremely geeky term, this book is clearly useful to experienced beginners who want to gain expertise in the functionality/usability of their Mac (as well as those who want to explore modifying their Mac more extensively).

Part I of the book is dedicated to a gentle introduction to the components that make up Mac OS: the finder, dashboard, dock, preferences, user interface, startup, iTunes, utilities, unix applications, terminal, and shell commands.

Part II is strictly for those ready for the "Advanced Mac" training.

Although most people see the GUI portion of the OS, keep in mind that the "engine" underlying the GUI is Unix and 'hacking' the Mac will at some point descend into command line editing. Rather than be daunted by exposure to typing in your commands instead of having your desires constrained by what some application interface designer decided you could change with a GUI, embrace the power of the OS. Knaster slowly prepares the reader for the more advanced adventures as he introduces the Terminal in the "Quit the Finder" example. Seeing each following example you can build an idea of what you are doing by looking at the similarities of the commands. Rather than just limiting you to what he knows, Knaster is building up your understanding of how the underlying secret functionality works. For example if you look at the first few examples in Chapter 1 you will see the following pattern:

defaults write com.apple.finder Function optional flag yes|no
(for non geeks the | stands for OR ..)

If we translate this to English, defaults is clearly talking about the "default way I want this done", com.apple.finder is how to refer to the finder application, and then it finishes with a toggle for turning the function on or off. We see that this formula is consistent as we follow through with the next chapter with

"defaults write com.apple.Dock function toggle"

Part II of this book may be too advanced for beginners, but gives expert users exposure to more of these building blocks to understanding the power of the OS.

Overall, a very well written book with great introductions to topics and well thought out examples to modifying the Mac from beginner to advanced techniques. I highly recommend it to individuals who are interested in becoming more Mac proficient.At a bargain price of ~$17 on Amazon, compared to many technical books that sell at over $30 a piece this is a must have.

Good, Bad, Ugly
I found the first two sections of this book very useful. ie, I have come to LOVE Mac OS's zoom feature, which I use all the time now to make small video boxes 'fill' my 17" screen. There are other fun trick and tips in those first two sections.
It's the third section that bewilders me. Without any transition, the book goes right hardcore into coding. I ended up having to use the 'help' menu in Apple's XCode developer application just to understand how to do some of the things the book instructs you to do. Then I spend all this time entering a bunch of tedious, rote code. Then what do I do? I don't know. The book doesn't tell you how to actually turn all that code you wrote in XCode into a useful application. Is there some icon I'm supposed to double-click now? I don't know and the book doesn't tell me.
Blah... Even in those first two sections, come to think of it, I would have been totally lost if I did not already read the "Missing Manual" guide to MacOSX and get an understanding of Terminal and Unix. Geez, would it have killed the author to have taken just a little bit of time and offered readers an explanation of what Terminal is, what Unix is, and how to use those to follow the instructions given in the book?
That's my take and I'm sticking with it.

Great for Code Writers ONLY
I had to return this book, only because of my unfamiliarity with UNIX.Long gone are the days when I used to knock out code.I've been spoiled (ruined some might say) by years of GUI and the heavy use of utility programs.

If you like using Console on your MAC you'd probably get a kick from using this book.

I wanted to leave my review 'unrated' because I consider myself unqualified to judge its utility, not because it is necessarily a poor manual, but the Review form required I supply some rating so I chose 'middle of the road' 3 stars.

The perfect blend of tips and technique
I love clever tips, and Scott Knaster delivers a ton of them here, many seen nowhere else. But this tome goes way beyond tips, diving into the gnarly details of Tiger that others have glossed over, such as application internals, Widget construction, and Unix command language. So many Mac books are just a rehash of the surface of the user interface. Scott's book is way ahead of the pack.

Decent collection of stuff including source code
I was looking for a book with medium to advanced info on Tiger and this one seemed to fit the bill. I was a little concerned at first when it started off with user tips which were handy, but I wanted more technical stuff. The latter parts of the book really delivered. There's well done sections on Automator and Quartz Composer. The best part is the last chapters which have programs with source for Dashboard, Spotlight, dock badging, and a few more. My advice is skim the first few chapters and pay attention to the rest. ... Read more

Product Description
This is a lively and clearly written introduction to the philosophy of natural science, organized around the central theme of scientific realism. It has two parts. 'Representing' deals with the different philosophical accounts of scientific objectivity and the reality of scientific entities. The views of Kuhn, Feyerabend, Lakatos, Putnam, van Fraassen, and others, are all considered. 'Intervening' presents the first sustained treatment of experimental science for many years and uses it to give a new direction to debates about realism. Hacking illustrates how experimentation often has a life independent of theory. He argues that although the philosophical problems of scientific realism can not be resolved when put in terms of theory alone, a sound philosophy of experiment provides compelling grounds for a realistic attitude. A great many scientific examples are described in both parts of the book, which also includes lucid expositions of recent high energy physics and a remarkable chapter on the microscope in cell biology. ... Read more

Customer Reviews (4)

Classic treatment: both a pleasure to read and an education
Ian Hacking's books are a model of clear, persuasive writing on difficult topics and this is one of his best books. In this book, he lays bare the central issues in philosophy of science (realism and rationality) in a way that makes them accessible to a non-specialist reader.

Almost unique among scholars, Hacking is equally skilled with history, concepts, and traditions, and uses these skills together well to paint a well organized and compelling picture of science; capturing both its beauty and its warts.He also does an admirable job capturing the various ways we have tried to *explain* science over the years.

This is not the usual simplistically "balanced" presentation of philosophy of science that treats all perspectives as having equal votes.Hacking makes his own moderate realist view on the issues clear at each point while he always appears to me to do justice to other viewpoints.One of the things I find most useful and special about Ian Hacking's arguments is that he seems to put great effort into successfully finding the real strengths of each viewpoint before evaluating it.He also often finds instructive points of difference between seemingly almost identical viewpoints.

Hacking discusses both realism and rationality, to place them both into perpsective in philosophy of science.We need at least a rudimentary idea of the role reasoning plays in scientific work in order to be able to speak productively about the reality of the things we are talking about.His focus is however consistently on realism: the question of the reality of theories and the question of the reality of entities and substances.This book is not yet another jeremiad on the "logic of science," or the lack thereof, it is a careful discussion of specifically the *ways* in which things are considered real in science, and the *significance* of treating things as real.

Hacking understands well the complex relationship between theory and experiment, giving us a superbly nuanced but easily understandable summary analysis of important concepts like incommensurability and the "theory boundness" of data.He then applies the results of these analyses back to the larger issues to support his own realist perspective.

The result is a view that strongly emphasizes experimentation. Entities and substances become real in science as they become a practical part of engineering and experimentation, rather than as a result of a verified theory or a long-lived theory.

Hacking is lukewarm about the reality of scientific theories compared to the reality of experimentally useful entities.He says: "Scientific realism about theories has to adopt the Peircean qualities of faith, hope, and charity.Scientific realism about entities needs no such virtues."This is one example of how Hacking uses the philosophical viewpoints of positivism and pragmatism throughout to illustrate the different ways of thinking about scientific reasoning.It would be hard to find a better, more understandable summary of the ideas of Kuhn or Feyerabend, including the specific ways their ideas have been used (or sometimes misused).

I consider this book a classic overview of the philosophy of science that accurately captures both the history of its ideas and the central conceptual issues that make it interesting and important.Hacking's lucid, clear prose and relentless attention to detailed real examples (without ever losing the larger picture) make this book both a pleasure to read and a splendid education in the topic.

An Introduction That's Not Just for Neophytes
This book, which is among my all-time favorite philosophy books, is a paradigm of how the subject should be introduced.It succeeds in introducing readers to many of the most important issues and ideas in contemporary philosophy of science; it's informed by a thorough knowledge of the history of both science and philosophy; it advances a unique perspective, one emphasizing the importance of experimentation as opposed to theorizing, on debates about scientific realism; and it is written in a straightforward and engaging style.In other words, this is an excellent book--one that manages to be both entertaining and informative.

As I mentioned above, Hacking's emphasis here is on experimentation as opposed to theorizing.Naturally, philosophers of science are drawn to the study of scientific theorizing; theorizing is what they do, and it's what they understand.But Hacking argues that the prospects for scientific realism (i.e. for the view that the sciences are objective and reveal the (approximate) truth about the world) are dim if you focus on theory alone, and he thinks this is something that has been borne out by recent philosophy of science.Rather than focus on theorizing, he claims, we should focus on the ways in which science involves intervention in the world.Through experimentation, scientists can step into the world and manipulate and change it.This is the way that science allows us to discover something about the world around us--not by the relatively passive activity of formulating theories, but by action in the world.

Hacking starts his book by giving a brief overview of how the historicism of Kuhn altered the project in the philosophy of science.He argues that earlier philosophies of science, like Carnap's positivism and Popper's falsificationism, had agreed on quite a bit despite their superficial similarities.Kuhn's work came along and upset all of this consensus.He denied that there was any particular method shared by all the sciences across time, that the sciences involved a cumulative process of knowledge acquisition, that observation could be distinguished from theorizing and understood as an independent source of evidence for and against theories, that the sciences could be understood ahistorically, etc.These views also posed some problems for the objectivity of science.The assumptions Kuhn denied were those undergirding the traditional conception of the objectivity of science, of how scientific inquiry arrived at truths about the world.

But does this mean that an understanding of the history of science should undermine our confidence in the objectivity of science and the accuracy of its results?In some ways, Hacking's book is an introduction to these worries and the various possible responses to them.For most philosophers, issues concerning the objectivity of science turn on the question of whether we have good reason to believe that our best scientific theories are true (or approximately true) or that we are making gradual progress towards true theories by doing science.

In the first half of the book, Hacking discusses important arguments for and against the view that we have good reason to believe that our best scientific theories are true.Here he is primarily concerned with what he calls realism about theories:the doctrine that scientific theories are true or false, and that we have good reason to believe that many of our best theories are true (or approximately true).Hacking covers a lot of interesting ground in his discussion of the prospects for this sort of realism.He begins by discussing positivist and pragmatist accounts of the nature of science and the reality that science can reveal to us.He then takes up arguments about incommensurability that have been developed by Feyerabend and Kuhn, and that appear to question our understanding of science as progressing towards the truth about the world.This is followed up by a chapter about causal theories of reference and how they might allow us to avoid arguments from meaning incommensurability.Hacking then takes a bit of detour and considers how Putnam was led from his causal theory of reference to a form of anti-realism; this chapter, while perhaps not central to the argument, is an interesting introduction to Putnam's views around the time of the publication of Reason, Truth, and History.He then discusses Lakatos's methodology of scientific research programmes.

All of this first half of the book is very exciting, and it's somewhat different from the usual introduction to the philosophy of science.It's not that Hacking is discussing material different from what you find in introductory texts of this sort; he isn't.But he is more interested in drawing lessons from the history of philosophy and in appealing to views outside the narrow confines of the philosophy of science.For instance, the chapter on Putnam's internal realism (and its similarities to Kant's epistemological views) would be out of place in most introductory philosophy of science tests, but it's a perfect fit here.This makes this book more interesting to philosophers in general, and it also reflects that fact that individual areas of philosophy aren't wholly separate from one another.While the philosophy of science does have a distinctive subject matter, it is bound to be influenced by developments and trends in other areas of philosophy.

Anyway, Hacking has serious doubts about the plausibility of realism about theories.This doesn't mean he doubts the objectivity of science, however.He thinks we should shift our emphasis, when discussing issues of objectivity, from theorizing to experimentation.So he defends realism about entities:the doctrine that scientific experiments involve the observation and manipulation ofreal entities, and that we have good reason to believe experimentation involves this sort of interaction with the real world.But, he thinks, this doesn't establish that the theories we have about these entities are correct in all their details.The second half of the book is an extended defense of Hacking's realism about entities.

The ideal audience for this book is philosophically sophisticated readers who don't know a great deal about the philosophy of science, though I think much of the book would be useful to anyone interested in the philosophy of science.

A classic in the philosophy of experimentation
I was an avid fan of Feyerabend when I came across a curious little article by a certain Ian Hacking in a Feyerabend reader. This particular article was startling in its down-to-earth approach to the philosophy ofscience. It's insistent mantra mirrored that of my supervisor's,"always go back to the experiment".

That article turned out tobe from a pivotal chapter of Representing and Intervening, a lovely littlebook that I have grown to love. I don't think it's an exaggeration to saythat this book revolutionised the philosophy of science by turning on itshead the role of theory and experimentation (experimentation is kingwhereas I am a lowly theoretical biophysicst!).

The question thatdominates the second half of the book, by far the better half, is when doesa entity in science become a real entity. The answer, according to Hackingis "if you can spray it then its real." In one fell swoop,Hacking side-steps thorny and abtruse concepts that have plagued thephilosophy of science such as falsification, induction and paradigms.Hacking re-interprets historical episodes and demonstrates how the finalacceptance of a theory was its experimental reliability, not just in singleinstances, but in a diverse range of applications. The power of hisexamples is that they are drawn from contemporary experiments - somethingthat not many philosophers of science actually do.

As a companion to thebook, I really recommend Bruno Latour's "Laboratory Life". Latourcomplements Hacking by showing just exactly how a single scientific entitychanges shape as the experimental techniques which intersect it areexpanded and improved upon.

Another beautiful quality of the book is thelucid prose. Hacking shows how philosophers don't need to write in aprofound style to convey profound thoughts.

Very important philosophical argument for experimentaion
This book awakens the interest about practice in natural science. So Hacking stresses the singificance of experimentation and criticizes the bias for theory in philosophy of science. Very insightful and challengingtrial for the new direction for philosophy of science. ... Read more

Product Description
Space Invaders and Asteroids are back!

Loved that Atari(r) when you were a kid? So did Ben Heckendorn - so much, in fact, that he successfully resurrected it as a slim, go-anywhere portable. When Playstation(r) and Nintendo(r) aficionados got jealous, he created miniaturized, fully functioning, battery-powered versions of those too. Now it's your turn. Every secret is here - complete instructions, materials lists, tool tips, even advice on finding parts. Just wait 'til they see this at the high school reunion.

Ready? Let's get started

Plans and instructions for building eight handheld, classic video games
* Choosing a game system - Atari(r), Nintendo(r), Super Nintendo(r), or Playstation(r)1
* What you'll spend
* Electronics and soldering 101
* Hacking portable TVs for their screens
* Building the case - CNC or freehand?
* Yank the cord, install the batteries ... Read more

Customer Reviews (10)

Very helpful book
This book has a lot of great information.It's easy to understand and gives good cookbook recipes for different types of handhelds.It's mostly geared toward novices, which I don't think is a negative.It has a very conversational style and feels like Ben Heckendorn is there coaching you through the process.

The big complaint I have is that the book only addresses one specific version of each game console.For example Ben only uses the SNES mini and says little about the original SNES.He only uses the toaster style NES for his projects and says nothing about the later top-loading machine (which I have).It would be nice to have more/some discussion on the differences in layout between the various console versions and how they impact potential use in portables.

That complaint aside this is a good primer to get you on your way to chopping and soldering on your game system.If you have any interest in turning an old console into a portable system this book is where I'd start.Also Ben has a website with forums for folks that do this kind of thing which is handy as well.

Nice book for collectors
This book an artefact for everyone, who is interested in modding and oldtime consoles.
Pros: The guide is pretty good, covering all stuff, even soldering skills and working with different materials. You don't have to be a certified electric engineer to reproduce all tasks.
Cons: If you read first 4 chapters of book - you read it all. Expirenece with different consoles does not really differs from each other.
Wishes: Color pictures :-) and all glory to Ben Heck!

Great instructions with some nice humor
Ben Heckendorn definitely knows what he is doing, and he is quite good at explaining the necessary steps.He writes the instructions so well, that anyone can do these projects, with a little bit of effort.

The book gives instructions on how to build a portable Atari 2600, NES, SNES, and PSone.The nice thing is, it illustrates how to build the consoles by hand, or with the aid of a CNC machine.

The only reason that I didn't give the book 5 stars is because it would be better if the pictures were in color.In black and white, it can be difficult to see all of the detail.

I highly recommend this book for anyone who wants to try out some fun electronics projects, or anyone who wants to be able to make their favorite classic gaming consoles portable.If you want to know more about the author and his incredible work, I would also suggest you go to his website at www.benheck.com.

Excellent book, everything you need to know!
Benjamin Heckendorn put his heart into this book. The love I have for my NES and SNES playing days (which still occur about every weekend) is felt from Ben's words, and it makes the in depth details even clearer. Written with a passion and understanding for all things video games, this book is just about all one would need to build a game creation of their own. Fallowing the book step by step is made easy and shameless, but even making your own creation can be easily supported by this book. With photos showing you each step, tips & tricks to get you by, and even corny jokes now and again that lighten the mood (Sorry Ben, but I did laugh at some of them!), this book isinspiration and information at their best.

Tinkerers rejoice!
This book surpassed my expectations.If you are a tinkerer this book will be great for you...if you also like retro-gaming, this book becomes a must have.He is so thorough in his descriptions of the projects, that even if you aren't already handy with electronics you will have no problem completing these projects.I also liked the fact that for each project he has two versions: one full-scale project; and one that can be accomplished without any expensive tools.Highly recommended! ... Read more

Product Description
"The book's science is solid and McCarthy's fervor genuinely infectious. The future never felt so close." --Wired

Programmable matter is probably not the next technological revolution, nor even perhaps the one after that. But it's coming, and when it does, it will change our lives as much as any invention ever has. Imagine being able to program matter itself-to change it, with the click of a cursor, from hard to soft, from paper to stone, from fluorescent to super-reflective to invisible. Supported by organizations ranging from Levi Strauss and IBM to the Defense Department, solid-state physicists in renowned laboratories are working to make it a reality. In this dazzling investigation, Wil McCarthy visits the laboratories and talks with the researchers who are developing this extraordinary technology, describes how they are learning to control it, and tells us where all this will lead. The possibilities are truly astonishing. ... Read more

Customer Reviews (11)

Quantum dots
I have no degrees in physics, just a bit of curiosity and for me this book was wonderful. A very well written (for laymen) brief on a technology that is just over the horizon. If only half the apllications he describes are realized, wellstone will change our lives.
I was left with only one (whimsical) question about wellstone; could you build a ringword with it?

Quantum Dot/Wire , SET , QCA/MQCA , Neural nets
Quantum information encode on each photon; the race is too replace the transistor; quantum dot nanoparticles create entanglement, so that their relative positions determine their effect on another; when arranged in groups of eight, Quantum Celluar Automata (QCA) can carry out binary logic necessary fro today's computer operations.

QCA requires low temperators and the replacement is nanomagnets, 100 nm that mirror the function of transistor-based logic gates and matrix handles the logic operations.
MQCAenvisons a all magnetic computer, operates at room temperature, fabricates easier, and advances magnetic storage industry. Wolfgang Porod created the process of magnetic patterning to produce a chip using arrays of separate magnetic domains.

"For a quantum computer, whose bits can be in two quantum states at once, both on or off at the same time, many solutions can be explored simulataneously.
Quantum dot system exhibits long-lasting coherence.QDOT arrays must be scaleable into large systems. Quantum machine requires large number of quantum switches working together as a group.When two elections occupy the same space, they must pair with oposite spin, one electron with up spin and the other with down. Eight converging wires or gates deposit the electrons in the dot one by one and electronically fine-tune the dot's properties so they would become entangled.The down-up, up-down configuration occurred simulataneously.

1. When a Nlayer istraped between two P layers, it attracts electrons into the middle layer and doesn't let them out.If the N layer is really thin, 10 nanometers, the trap approaches a quantum-mechanical limit, the de Broglie wavelength, and wave-like behavior moves along the vertical axises.Quantum wires can be practically used in optical computers, fiber-optic networks, and lasers.
2. Electrons will arrange themselves into orbitals around the positively charged nucleus; these orbitals and electrons determine the physical and chemical properties of an atom.When the electrons are trapped in quantum dots they will arrange themselves as though they were part of the atom, even though there's no atomic nucleus for them to surround.Which atom they resemble depends on the number of excess electrons trapped inside the dot.Electrons can be confinedelectrostatically, by electrodes, pumping electrons in out by varying the voltage of the fence.Kastner, in 1993 labeled the nanostructure an "artificial atom": single-electron transistor (SET), Coulomb Island, or zero dimensional electron gas, or colloidal nanoparticle or semiconductor nanocrystal."One electron gets you hydrogen, two gets you helium, and so on.Each dot has its own unique periodic table, though; size and shape and composition of the device have a huge effect on how its electrons interact.We can easily call up an artificial, six carbon atom on the chip, buts its structure may or may not resemble that of a natural carbon atom.""Another prediction made by MIT theorist is that there should be quantum dot materials that behave as insulators when they contain an odd number of electrons, and as conductiors whey they contain an even number.""Large collections of quantum dots, along with metals and semiconductor substrate will be referred to as programmable materials."
3. "Quantum scientist have also shown that an array of Single electron Transistor - SETs create a form of neural network."SETs construct computers that use individual electrons to carry information.SET biggest problem is operating at room temperature.Quantum tunneling means the can "interact capacitively rather than by current flow throught the wires.""When their interactions result from the quantum tunneling of electrons, quantum dots can collectively behave as a form of quantum cellular automaton, QCA.QCA computers may show associative memory.If Decoherence can be avoid a qbit can form with a 0 or 1 or superposition state of both at the same time. 5 qbits could handle 32 states (2^n), simulateously; a conventional computer would handle 32 sets of 5 bits, or 160 bits in all.64 bit encryption could be processed with one 64 qubit operation, whereas, a conventional computer requiring 2^64, 1.84 x10^19 operations or 292.5 years, 18 billion billion times more powerful than a 64 bit binary computer.

Is the Replicator from "Star Trek" Soon to Become a Reality?
Despite my intrinsic interest in such futuristic topics as programmable matter, the subject of Wil McCarthy's interesting journalistic account of research underway at laboratories around the world, I never know how much I should believe concerning these possibilities. More likely than not it will turn out to be just as real as speculations about flying cars in the 1930s or jet packs for everyone in the 1950s or...I could go on and on. In "Hacking Matter" McCarthy lays out a story as fantastic as any concocted by a master of science fiction. It has the attraction of ancient alchemy--of Midas turning anything to gold with his touch or Rumplestiltskin's spinning of straw into gold--and may be just about as real.

But there is a serious side to this, and McCarthy does a service by discussing the research underway to manipulate matter at the level of the molecule. Scientists already understand the process, and the very real science of nanotechnology is built on this knowledge. The U.S. Department of Defense, other government agencies, and some corporations are investing in this future technology. Their reasons for doing so are obvious, if we can transform one type of matter into another with the click of a mouse button the potential is incredible. Materials precious and difficult to obtain may be acquired quickly, easily, and safely. The potential to completely change the physical existence of all humanity should be apparent. This is a fascinating story, one that is probably realizable perhaps centuries in the future, that is if it realizable at all. But it is a fascinating line of scientific inquiry nonetheless.

If you're interested
You can also download this book free at
http://www.wilmccarthy.com/HackingMatterMultimediaEdition.pdf

Incredibly cool and entertaining
I think the previous reviewers have not been keeping up with the leaps and bounds that technology has been making with quantum dots. They exist folks and they are being used as we speak.While the applications for this technology as discribed in this book are not possible at this point in time, they should no longer be considered impossible.Just type 'quantum dots' in your search engine or check out some of the popular science websites.This is real and it is utterly facinating.Definately a good book but you'll need to read up on some basic quantum mechanics first to really enjoy it (the reason I gave it 4 stars and not 5). ... Read more

Product Description
"

With the unusual clarity, distinctive and engaging style, and penetrating insight that have drawn such a wide range of readers to his work, Ian Hacking here offers his reflections on the philosophical uses of history. The focus of this volume, which collects both recent and now-classic essays, is the historical emergence of concepts and objects, through new uses of words and sentences in specific settings, and new patterns or styles of reasoning within those sentences. In its lucid and thoroughgoing look at the historical dimension of concepts, the book is at once a systematic formulation of Hacking’s approach and its relation to other types of intellectual history, and a valuable contribution to philosophical understanding.

Hacking opens the volume with an extended meditation on the philosophical significance of history. The importance of Michel Foucault--for the development of this theme, and for Hacking’s own work in intellectual history--emerges in the following chapters, which place Hacking's classic essays on Foucault within the wider context of general reflections on historical methodology. Against this background, Hacking then develops ideas about how language, styles of reasoning, and ""psychological"" phenomena figure in the articulation of concepts--and in the very prospect of doing philosophy as historical ontology.

Customer Reviews (1)

Socially Constructed Ontology
The possibilities of what can be found to be true or become true have opened up with our advance in technology. There are things that we can make true today that have never been true before. (Idea from Hacking interpreting Foucault). This might also be called Darwinizing Ontology with reference to "Darwinizing Culture: The Status of Memetics As a Science" - by Robert Aunger. So this is still one more the evolution narrative is being used to convert our previous understanding.
... Read more

Product Description
This one-of-a-kind resource contains 500 pages of jaw-dropping hacks, mods, and customizations. These include creating mashups with data from other sources such as Flickr, building a space station tracker, hacking Maps with Firefox PiggyBank, and building a complete community site with Maps and Earth. Now you can map out locations, get driving directions, zoom into any point on the globe, display real time traffic, and much more. ... Read more

Customer Reviews (7)

Got what I paid for
I purchased this book to give me some insight into programming Google Earth solutions, however this book is 85% about Google Maps (the two are completely different). It took me about ten minutes to read the Google Earth content, and I learned essentially the same things I learned from browsing the Internet for a few hours. Disappointed, but at least I got the book for just a couple of bucks.

Hacks hacks everywhere
Google maps has lots of tool and features, some added after this book.But this is still a great book on what kinds of things you can do using Google Maps and Google Earth.

Good book - a bit techie
good book - it was a touch too technical for me.But I learned a good amount - if you have more computer experience - its a great read

Already out of date, but still worth the read
Although I really enjoy this book, it's too bad that it's already out of date (as mentioned in other reviews).

As someone with very little previous experience with JavaScript, I found this book to be really helpful it describing how to make stuff happen.I personally have found the Google Maps API Documentation to be far too terse and difficult to figure out; kinda like reading a dictionary to learn how to write.

This book takes the simplistic Google examples and builds on to them to give you a better idea of how you might actually build an application.

True, "Hacking Google Maps" might not be the best title for the book ("Introduction to Google Maps" might be more appropriate) but it was a very well written and useful book for getting my own Google Maps mash-up going.

Organized, clearly written, but misleading title
While I enjoyed the author's clear writing style, and I was pleased to see that the level of detail and explanation given in each chapter is consistent, I did not find the book's content to be particularly valuable.

The book is organized very well, and it reads like a Google Maps tutorial, rather than a hacks book. The flow from chapter to chapter is similar to the Maps API online documentation, which makes following along with Google's documentation a breeze while reading the book.

The first 100 pages were introductory, describing Google Local, the Maps API, ways to store and share information, and so on in very general terms. This puts all users on equal footing, but it seemed odd to see so much basic information in a book about hacking Google Maps.

One thing that shocked me, especially given the approach taken in the first 100 pages, was to see all of the examples written in Perl. If the introductory lessons are needed by anyone, chances are that programming / scripting is new to him/her, and I don't see Perl as the appropriate language to learn at that point.

Version 1 of the API is used throughout the book, but version 2 was released in April 2006. Version 2 is largely backwards compatible, but Google has asked everyone to move to version 2, saying that v1 support can be turned off at any point. This doesn't take away from the value of the lessons, but it does add some overhead. I consulted Google's documentation and adjusted all of the books examples for the api changes as I read.

Another thing that particularly surprised me was the mention of using scraping techniques to extract geocoding data, without mentioning the drawbacks to doing so. Personally, I avoid scraping like the plague. There's no better way to break an app than to scrape its data. Geocoding is part of the v2 api, btw.

To summarize, the book is a clearly laid out introduction to using the Google Maps API, and it is written well, but I wouldn't recommend it to a friend. For an introduction to maps, I would consult Google's much-improved online documentation, and O'Reilly's "Google Maps Hacks" is a better read for what I would consider hacks (also written to api v1). ... Read more

Product Description
Learn how to use good hacking to prevent your system from becoming the victim of attacks! "The Unofficial Guide to Ethical Hacking, Second Edition" defines the difference between hackers - those who crack a computer system for the sheer challenge of doing so - and crackers - an elusive class of computer criminals who break into systems, release viruses, and deface Web sites. Ethical hackers often help out system administrators by notifying them of loopholes in their systems before crackers can get to them and cause damage. More than just a guide to hacking, this book explores all aspects of computer security in a hands-on and easy-to-comprehend manner - a must-read for any computer user who wants to learn how a system is cracked and how you can better protect yourself. With helpful resources and clear, step-by-step instructions on various hacking techniques, this book features the most up-to-date and comprehensive information and methods, covering file encryption, firewalls, and viruses, as well as new topics such as instant messenger hacking, intellectual property thefts, identity attacks, and much more. ... Read more

Customer Reviews (8)

This book is a joke
I am more than upset with the author of this book.All the material can be found easily by searching the Internet and by doing a search at www.microsoft.com.The zip files that are mentioned in the book are corrupted.Not only that but when I reported the problem to the author, I got nothing from him -- that was almost a year ago, I am not sure about the files as of Oct 1, 2008.

I don't recommend this book -- well, I do.If you have a fireplace and you are out of wood.Other than that, save your money and search for other more serious books online.

Outdated and unoriginal
Outdated and unoriginal material coupled with a poor writing style make this book a waste of time for anyone serious about studying computer security and hacking. Ankit Fadia is a joke. Do not waste your time or money!

Armchair Hacker
Great Book. I read 2600 and similar. Im not a serious hacker but love to
know the cracks. More armchair than doing . Lot of good stuff in this book.
Started reading in Borders then bought on Amazon for better price.

Outdated, Not useful.
This book starts with using Windows 98. 4 versions of windows have been released since then it also has crappy exploits that are outdated and do not work. dont waste your money.

Easy Read; Informative
As an IT professional, I was looking for comprehensive reading to strenghten my network security knowledge.This book fulfilled that goal well.I am very pleased at the value obtained.I would surely recommend this material to those interested.It appears easy enough of a read for a beginner, but even as a seasoned vet I found it very useful. ... Read more

Product Description
Information security is about people, yet in most organizations protection remains focused on technical countermeasures. The human element is crucial in the majority of successful attacks on systems and attackers are rarely required to find technical vulnerabilities, hacking the human is usually sufficient.Ian Mann turns the black art of social engineering into an information security risk that can be understood, measured and managed effectively. The text highlights the main sources of risk from social engineering and draws on psychological models to explain the basis for human vulnerabilities. Chapters on vulnerability mapping, developing a range of protection systems and awareness training provide a practical and authoritative guide to the risks and countermeasures that are available.There is a singular lack of useful information for security and IT professionals regarding the human vulnerabilities that social engineering attacks tend to exploit.Ian Mann provides a rich mix of examples, applied research and practical solutions that will enable you to assess the level of risk in your organization; measure the strength of your current security and enhance your training and systemic countermeasures accordingly. If you are responsible for physical or information security or the protection of your business and employees from significant risk, then "Hacking the Human" is a must-read. ... Read more

Customer Reviews (2)

A very practical psychological thriller!
I enjoyed reading this book far more than I had anticipated, it is a thriller and an amazing window into the humans psyche.
Hacking the Human is a book about Social Engineering Techniques and Security Countermeasures. It should be a must read to all Physical security management, and Information security professionals, I always thought it would be really hard to map the ISO27002 controls with Social Engineering and yet the entire book is written around the ISO27001 standards this alone is worth the price (little high) of the book.

The book is divided into 3 sections
.- The Risks
.- Understanding Human Vulnerabilities
.- Countermeasures
I wish I could tell you which section or what chapter is important so you don't have to read the whole thing, but I couldn't they are all equally important. Except for some deviations away from information security topics the entire book is like a Symphony by Mozart; Mozart's question sums it all up "Which few did you have in mind, Majesty? " when told by Emperor Joseph II "Your work is ingenious. It's quality work. And there are simply too many notes, that's all. Just cut a few and it will be perfect."

You may say "....but I have read The Art of Deception by Kevin D. Mitnick (and William L. Simon)"which was a great book and also a must read to further learn the human behavior, however in comparison to the Hacking the Human they are totally different. Kevin does not dwell on standards simply concentrates on the brain's vulnerabilities, Ian on the other hand wrote the book as a manual for an existing Information Security Management System, he is even almost apologetic for headlining risks identified "which may not be fully ISO 27001 compliant risk assessment" as seen in chapter 12 - Testing.

I seriously recommend this book as a great Information Security learning tool. Can also come in handy for Poker players.

Best Fishes and thank you for reading.

Finally! A comprehensive book on social engineering
As a researcher of the topic, I was glad to find Mann's book on social engineering. It makes a significant contribution to the body of knowledge on the social issues of information security. This is the second book that has been truly devoted to social engineering, the first one being Kevin Mitnick's Art of Deception. Mann takes the issue further with his methodical and systematic approach.

This book has great value, as it frequently refers to standards such as ISO 27001, providing high industry relevance. The book provides a clear view to the topic with sublime clarity, explaining underlying psychological weaknesses exploited by the attackers. Hacking the Human covers all related topics on the issue, from explaining why social engineering has not received the attention it deserves to why your company is at risk, and more importantly, what you can do about it.

As we learned from Mitnick, people are the weakest link in the chain of information security. With Mann's Hacking the Human, you can make it the strongest one, the first line of defense. I gladly recommend this book to everyone interested in the topic. ... Read more

Product Description

• The first book to unlock the true power behind Gmail, Hacking Gmail will immediately appeal to Google and Gmail fans
• This is serious, down-and-dirty, under-the-hood, code-level hacking that will have readers eliminating the default settings, customizing appearance, disabling advertising, and taking control over their Gmail accounts
• Covers turning Gmail into an online hard drive for backing up files, using it as a blogging tool, and even creating customized Gmail tools and hacks
• Shows readers how to check their Gmail without visiting the site; use Gmail APIs in Perl, Python, PHP, and other languages, or create their own; and maximize Gmail as a host for message boards, photo galleries, even a blog

Customer Reviews (1)

Incredible analysis of the Gmail platform...
Gmail rewrote the rules on how online email functions.At the same time, the folks at Google have offered up a platform for some really cool programming tricks.Ben Hammersley explores a number of those tricks and hacks in the book Hacking Gmail.A very enlightening read...

Contents:
Part 1 - Starting to Use Gmail: Desktop Integration; Integrating Your Existing Mail; Gmail Power Tips
Part 2 - Getting Inside Gmail: Skinning Gmail; How Gmail Works; Gmail and Greasemonkey; Gmail Libraries; Checking for Mail; Reading Mail; Sending Mail
Part 3 - Conquering Gmail: Dealing with Labels; Addressing Addresses; Building an API from the HTML-Only Version of Gmail; Exporting Your Mail; Using Gmail to; Using GmailFS; Long Code Listings; Index

Hammersley has written an entertaining book that delves deep into the inner workings of Gmail, and in the process uncovers a lot of functionality that isn't apparent on the surface.By using Firefox and a few strategic plugins, he's able to dissect the HTML and Javascript used to display the Gmail interface.This hunting trip shows how Ajax grabs data in the background so that screen updates happen without trips back to the server.It also uncovers the URLs that are used to get that data, and he then shows how those URLs can be used for so much more.Many of the hacks he shows use Perl and Python libraries that you can use to interact with Gmail without the Gmail interface.He also shows how you can use a few Greasemonkey scripts to completely change the user interface, or "skin", of Gmail to fit your own preferences.It's all really incredible stuff that you probably won't find from too many other sources.

There's only one "drawback" to this book, and that's the everchanging "beta-ness" of Gmail.All the analysis that Ben's done could easily be wiped out by an update to Gmail by Google.In fact, as I type this, Google has announced a whole new interface that is being rolled out.You could look at that and think this book is already obsolete.I would disagree, however.The fact he was even *able* to get this book published with all the ongoing Gmail changes is amazing.But even with all the changes, the fundamental principles he uncovers will likely *not* change for a long time.He also shows you an interesting set of hacking tools that will serve you well for other projects going forward.To me, those were worth the price of admission themselves.

The sooner you read this book, the more immediate gratification you can get.But even if you buy it six months down the road after a Gmail interface change, you'll still learn more about the service than you thought possible... ... Read more

Product Description
"The most demystifying source of information since Toto exposed the Wizard.Hacking Exposed Windows Server 2003 eliminates the mystique and levels the playing field by revealing the science behind the curtain."--Greg Wood, General Manager, Information Security, Microsoft CorporationFrom the best-selling co-authors of the world-renowned book, Hacking Exposed, comes Hacking Exposed Windows Server 2003. You'll learn, step-by-step, how to defend against the latest attacks by understanding how intruders enter and pilfer compromised networks and weaknesses. All the new security features and exploits in Windows Server 2003 are covered. ... Read more

Customer Reviews (8)

Hacking
Awesome book for information concerning hacking. Very well written and easy to understand. Great seller. Super fast delivery.

Good stuff
If you are working with Windows Server 2003 security, this is pretty good stuff. For one thing, it gives you the background on a lot of the security features that Microsoft has placed in Group Policy as well as their security recommendations in White Papers. By the way, I suggest you download the Threats and Countermeasures guide from the Microsoft web site, if you don't already have it. That would go very well with this book!

Excellent Resource for Windows Server 2003 Admins
Hacking Exposed- Windows Server 2003 is the latest addition to the Hacking Exposed series of books. Joel Scambray and Stuart McClure have teamed up to create another excellent source of information to help you understand the weaknesses in your Windows Server 2003 system and what you can do to defend against them.

It may not be quite as gripping as a John Grisham novel, but the Hacking Exposed books are relatively easy to follow and understand. The use of Tips, Notes and Cautions helps to highlight specific areas that deserve more attentions than others.

As with other books from the Hacking Exposed series, this one walks through how an attacker would locate and exploit your machine. It covers how to footprint and enumerate potential targets and then goes into comprehensive detail for the various attacks and vulnerabilities. Each attack or vulnerability is ranked based on its popularity, simplicity and potential impact to arrive at an overall risk rating.

This book covers the latest exploits and security measures for Windows Server 2003 including Windows-specific services such as MSRPC and IIS6. The authors also provide information on attacks against Terminal Services such as password guessing and privilege escalation as well as the latest DoS (Denial of Service) attacks.

New security features of Windows Server 2003 are covered as well- updates to IPSec, software restrictions and ICF (Internet Connection Firewall).

Anyone with Windows Server 2003 should read this book.

(...)

Not the ultimate Windows 2003 security book, but still solid
"Hacking Exposed: Windows 2000" (HE:W2K) was published in August 2001, eight months after the W2K OS was released to manufacturing (RM) in December 1999."Hacking Exposed: Windows 2003" (HE:W03) was published in October 2003, seven months after the Windows 2003 OS was RTM.Does the shorter gap between OS availability and book publication hurt the successor to the original hit Windows security book?It's possible, but I don't see many contenders for the title of best Windows assessment guide.Because this book delivers the technical goods in a proven format, I give HE:W03 four stars.

I gave the original HE:W2K five stars for finally breaking out Windows-specific security material into its own "Hacking Exposed" title.HE:W03 is mainly an update of its predecessor, a fact I confirmed with a chapter-by-chapter evaluation.HE:W03 has a new foreword and better organization.Ch 1 sports five more pages, and ch 2 offers a new discussion on service accounts and groups.Ch 4 adds an RPC enumeration section while ch 5 provides info on sniffing Kerberos authentication.Ch 6 mentions exploiting the Windows debugger but is short on details.Ch 7 explains psexec and ch 8 explains usage of MDcrack.Ch 10 gives new info on IIS 6, ch 11 mentions SQL Slammer and more defensive strategies, and ch 12 updates remote access methods for Windows XP and 2003.Ch 13 presents a few recent client-side attacks and ch 16 mentions several defensive tools.Ch 17 is mainly original, although the Windows OS roadmap appears as dated as the one first proposed in HE:W2K.Oddly, chs 9, 10, and 16 were missing material, like talk of hiding files via streaming and the "runas" command.Ch 3, 14, and 15 are mostly the same.

HE:W03 is still the best book available if you want to learn how to assess and compromise Windows servers using publicly available tools.It will not teach original exploitation techniques like coding exploits, although this is usually unnecessary when admins deploy stock servers with blank administrator passwords.The authors are experts when it comes to performing pen tests of Windows targets, even though they are unapologetic Windows fans.(Page 195 bears the quote "command-line brain damage of Linux.")Their bias is also apparent as they question the applicability of the word "monopoly" to Microsoft (a legal fact); this isn't surprising given the authors' employers.Their bias also colors their judgment in the introduction, where they propose that security is a zero sum game between security and usability.Attitudes like that can no longer cover for Microsoft's security lapses.

If you're forced to run Microsoft products, it pays to understand how intruders can compromise them.It's also helpful to know how to defend those systems.HE:W03 shows both sides of the coin in the plain language readers have been enjoying since the original "Hacking Exposed" was published in 1999.I recommend this book, especially if you haven't read HE:W2K.

Good place to start, but just a refresh on the 2000 edition
Having read "Hacking Exposed Windows 2000" (and most of the other Hacking Exposed books), and just started using Windows 2003 Server, I ordered this book with an eager anticipation for what it would reveal on Microsoft's supposedly significantly more secure OS.

The opening chapters were a disappointment and in general a lot of the content had been copied from the previous Windows 2000 edition, often with just "Windows 2000" replaced with "Windows 2003", which while sometimes accurate, was more often than not, completely inaccurate.

Many of the example outputs and screen shots didn't match the text and often there were inconstancies in the outputs, suggesting that they had perhaps been hand crafted.

In general the editing was poor and this book didn't really come up to the standard I've come to expect from the Hacking Exposed series.It had all the hallmarks of a book rushed to press.

As for Win2003 specifics, there was actually very little.Weather that's because Win2003 is super secure... or just that the author's (and perhaps the hacking community) hadn't really come to grips with the product....

Even the updated Win2000 content was largely pre SP3, which is odd, since SP4 had gone public, well before this book was released (in fact, some of the virus/worm references in the book are post SP4's release).

If you haven't read the Windows 2000 edition, then don't bother, get this one, it has all the content from that edition, plus a small amount of new Win2003 content.

If you've already read the Win2000 edition recently, then don't bother with this one, especially if you're already playing with Win2003.You've probably got most of the Win2003 info already, from MS and other public sources.

I've just started reading "Microsoft Windows Server 2003: Insider Solutions" (ISBN 0-672-32609-4) written by a team of writers who have been using Win2003 in it's pre-beta and early adopter stages.These guys had been using Win2003 since most of us got Win2000!Hopefully this will cover some of the security aspects that are missing in the Hacking Exposed book. ... Read more

Product Description

• The Certified Ethical Hacker program began in 2003 and ensures that IT professionals apply security principles in the context of their daily job scope
• Presents critical information on footprinting, scanning, enumeration, system hacking, trojans and backdoors, sniffers, denial of service, social engineering, session hijacking, hacking Web servers, and more
• Discusses key areas such as Web application vulnerabilities, Web-based password cracking techniques, SQL injection, wireless hacking, viruses and worms, physical security, and Linux hacking
• Contains a CD-ROM that enables readers to prepare for the CEH exam by taking practice tests

Customer Reviews (6)

CEH Exam Preparation
First of all I received my order in plenty of time before I headed to the class itself.I pressed the vendor a bit for early delivery and they delivered .. greatly appreciated.

The material in the book was well written and easy to follow and understand.I found the example test question at the end of each chapter to not be a great representation of the actual exam.The material did present the concepts and theories of ethical hacking in a clear an concise way my guess is the CEH quiz masters have redesigned the test a bit.

I will keep this book as a reference for future activities in my consulting business.

Well written
As an IT professional, I need to constantly learn new skills, and obtain certifications signifying knowlege of those skills. In todays economy, it's less and less often that I can convince the companies I work for to fund my training, so I've become a master of learning the skills on my own and passing the required tests.
This book is part of my training plan, I also read other books on the subject, and set up a virtual environment to get hands on practice with the many tools the CEH requires knowlege of.
This book seems to be the most organized of the bunch I read, and addresses the test objectives. I'll add to this review after I test.
Just tested this week...scored a 87% and happy with the results. Some areas missing included bluetooth and VOIP.

So far, so good....
I bought Krutz's first book on CISSP prep and found it to be very readable and made difficult concepts more easily understood, at least enough for me to pass my CISSP certification.So far I'm 40% into this text and the same formula is holding true.A good aid for prepping for the CEH.

Covers the Law
Although they admit to not being attourneys this book covers what I suppose is required:Knowing the Law where the internet is in question.It tells of precedure,methods and device of testing for vulnerability.Its a nutshell of getting into the IT security trade.

Good Book
I wouldn't say that it is the best book, but it is a good one to know aboutthe exam. ... Read more