Information security specialists Cannings (Google) and Dwivedi and Lackey (both, iSEC Partners) provide a lively, interesting collection of stories and exploits that exist in the current atmosphere of the Web. The topics include injection attacks, cookie security issues, phishing, cross-domain scripting, and malicious code embedding, and the book addresses all of the major platforms and issues from Flash to Internet Explorer. Each section takes an unabashed look at either a specific vulnerability or a specific exploit without flinching from the actual code and technical issues. This is an excellent work for Web designers and security experts, but it requires familiarity with programming in general and the ability to read code. An exceptionally well-written section of this savvy book addresses the MySpace Samy worm, covering the reasoning all the way through the execution and deconstruction of how the attack was implemented. This is a sharp reminder that security professionals need to think like outlaws to keep the borders secure. The security expertise in this book is evident and much needed, but readers are never just left in the dust as long as they can meet the authors at the foundational level. Summing Up: Recommended. Upper-division undergraduates through professionals.
This three-volume encyclopedia is edited by Bidgoli (California State Univ., Bakersfield), who has been responsible for several other IT-related encyclopedic works along with numerous books, manuals, and articles. The 202 articles in this handbook are written by over 270 experts from academia and industry and cover areas related to computer networks and telecommunications. All articles have been peer-reviewed, and each has a consistent format that includes an outline, introduction, conclusion, glossary, cross-references, and a bibliography of print/online resources. The three volumes are divided into major topic areas: "Key Concepts," "Hardware, Media, and Data Transmission," "Digital and Optical Networks," "LANs, MANs, and WANs," "The Internet, Global Networks and VoIP," "Cellular and Wireless Networks," "Distributed Networks," "Network Planning, Control, and Management," and "Computer Network Popular Applications and Future Directions." Each volume has its own detailed subject index. A single index to the entire set would have provided better access, and indexing the glossary terms would have been helpful. The articles are generally 10-40 pages long and written at several levels of expertise, from basic to advanced. Well written and well edited, they provide readers with a state-of-the-art-report. Numerous illustrations reinforce the text, and cross-references allow readers to follow threads of similar topics. An encyclopedia of this nature would benefit from being available online; however, an online version was not available at the time of this review. This work will be useful for libraries that support programs in computer science, computer engineering, information technology, or management information systems. Summing Up: Recommended. Lower-level undergraduates through professionals/practitioners.
Every computer user who has an e-mail account or who has surfed the Internet is undoubtedly aware of the many dangers that exist in cyberspace. Familiar terms such as viruses, worms, spyware, and firewalls can be abstractly envisioned but are hard to understand. Barile (Symantec) has written a useful, easy-to-read manual on PC security that runs the gamut from malware to adware. It starts gently with a convenient overview and analysis of the reader's (computer user's) current state of affairs. Computer security is defined and its importance to the user is stressed. Malware is then thoroughly addressed, and many links to related sites are provided. Hackers are particularly dangerous to any computer system, and the author allots several chapters to home networks and how to stop the hacker onslaught. Next, Barile takes a close look at the Internet and the many steps needed to effectively protect one's computer and children from the dark side of the Web. The book finishes with sections dedicated to system maintenance and information protection. An excellent resource for computer users of all ages and experience. Summing Up: Highly recommended. All levels.