Customer Reviews

Black Hat: Misfits, Criminals and Scammers in the Internet Age

5 star:		(4)
4 star:		(4)
3 star:		(3)
2 star:		(1)
1 star:		(1)

 

 

This is easily one of the best books available today to teach the average person what goes on in the darkest corners of the Internet. Author John Biggs takes the reader on a mind-expanding journey into these areas where questionable characters are more the rule than the exception. Along the way you will learn about port scanning, viruses, spam, spyware, worms, scams, pirates, and hacking. This is one of the very few books that teach the reader what can happen and how to be prepared without becoming a book that teaches malcontents how to become a hacker. This makes it one of the very few books that I could recommend to high schools, youth groups, and adult groups who want to understand the dangers of the Internet.

"Black Hat" is a book that is long overdue for publication. Most books on this subject are too technical for the average reader; this one is the exception. Everyone who surfs the net, for whatever reason, should read a book like this just so they know what can happen. If you are a non-technical user then "Black Hat: Misfits, Criminals, and Scammers in the Internet Age" is the best book available today for this purpose. This book should be considered as a gift for friends and family you love that surf the net and need to be safe.

I recently received a copy of Black Hat: Misfits, Criminals, and Scammers in the Internet Age by John Biggs from Apress. While the information technology professional might not learn anything new from this book, it will serve as a readable resource to help typical computer users to understand the threat to their well-being when they surf the internet.

The chapter selection is as follows: Black Hats: Things That Go Ping In The Night; Y.O.U MAYHAVE ALREDY 1!: SPAM; Deep Cover: Spyware; Shockwave: Worms and Viruses; Dear Friend: Scams; Upload Or Perish: Pirates; Break In: Hacking; Don't Get Burned: White Hats; Glossary; Selected Reading; Index

Biggs has written a relatively short (158 pages) book that deals with most of the major security risks an average user will face on a regular basis on the internet. For example, the chapter on spam starts off with a real-life scenario involving Alan Ralsky, a well-known spammer. You're then taken back to the early days of the 'net when the first generally recognized piece of spam made its appearance in UseNet. The growth of unsolicted mail is tracked to current day levels, as well as the reasons why spammers do what they do. He even takes a typical piece of spam mail and dissects the headers to show the reader how all is not as it seems in terms of where it came from and how it got to you. The current solutions, along with the pros and cons of each are discussed, in addition to where spam seems to be headed in the future. All this is done in a narrative fashion that stays at a level that is understandable to the average "Joe Computer User".

The chapter on scams is also very valuable for helping people avoid getting fleeced. A lot of space is given to the Nigerian 419 scam, where you are asked to help someone transfer money out of their country into your bank account for a cut of the millions. I keep thinking no one would fall for this, but it still keeps sucking people in. Biggs also explains phishing scams, where users end up at web sites which are clever imitations of real sites. The person enters financial or personal information, and then finds themselves the victim of credit or identity fraud. This is definitely a scam on the upswing, and can catch people at all levels of internet expertise.

I personally enjoyed reading it, knowing that there were a number of people I would recommend it to. Like my kids or my parents. :-) If you're not an IT professional but you are an internet user, this book will help you to understand and avoid some very real dangers out there.

This is security for the rest of us. How do worms work? What can we do to keep our information safe? How can we keep hackers, spam, and spyware off the family computer? This book as answers.
It's fun: there are little stories for each chapter and a lot of helpful info.

"Black Hat: Misfits, Criminals, and Scammers in the Internet Age" is an entertaining and informmative book for people who wonder about the less savory elements of the internet. This book is not for IT security professionals. Instead, it is for the casual net surfer who needs the most basic elements of protection.

One interesting aspect of this book is the cultural discussions of hacking and piracy. While many books may go into the technical characteristics of hacking, this text interviews some important players in the hacking world and explains their motives. In a similar vein, the book doesn't just explain how file sharing services (and more blatant piracy operations) work, but rather it delves into the incentives to share files and pirate and why so many of the key players see themselves as modern Robin Hoods, stealing from wealthy and insensitive media conglomerates.

Some of the criticisms levelled at this book claim that many other texts cover these topics in much more detail and that is undoubtedly true. But a buyer who pays attention to the Amazon Product Details section will see that "Black Hat" is 158 pages long and should realize that this is an introduction to the subject, not an exhaustive review. When I read the book, I was looking for an interesting, high-level discussion, not a doctoral dissertation. And that's exactly what this book delivered: an enjoyable, entertaining, and informative discussion for beginners. On that level, "Black Hat" is a definite success.

This is a very readable journey into the smarmy underside of the Internet. In straightforward, nontechnical prose, it explains the basic ideas behind spam and viruses and worms. Plus ostensibly benign spyware. And outright scams, that are a particularly pernicious subset of spam. Space is given to explaining about the Nigerian 419 and of phishers.

Then there is the explanation of downloading of copyrighted material (usually music). This differs from the others in that here millions actively participate. Whereas the others are pushed out to millions, most of whom decline.

The book is ideal for a person still new to the Internet, and worried about snares. It eshews a sensationalistic or preachy tone.

The only unfortunate thing is that it is pessimistic about defeating spam. The reasons give reflect the current consensus in the antispam field. But a few others, like myself, believe, based on our own works, that spam can indeed be crushed.

Black Hat is an excellent, enjoyable read that tells the computer layman just about everything he needs to know about the dangers of online computing. If you've ever used a computer, you'll already be familiar with some of the topics discussed here - spam, viruses, online scams, etc. John Biggs takes you much further into these dire subjects, however, and I can almost guarantee that you will learn something you didn't already know - which is especially good, in that it can translate into better computer security for you. This isn't just a "what they are, what you can do" kind of book, though, as Biggs also takes you some way into the hacker community and lets you take a gander at the kind of mindset that drives all these script kiddies and outright criminals making our online experiences much less enjoyable than they could and should be. Hackers weren't always the spawn of Satan, and you will find a measure of respect in these pages for the hacker purist community, but that reflects the feelings of many computer experts. Your original hacker did it for the challenge, and I daresay software designers learned a great deal from these intellectually-oriented hackers - and what they learned has been incorporated into tighter, more secure software than we would have seen otherwise. There is a difference between these guys and the unscrupulous minds working their scripting magic to bring down networks or steal your personal data. The book ends on a positive note, as Biggs talks about the White Hats out there working silently to offset the dangers posed by today's Black Hats.

The book opens with an illuminating look at spam and some of the Spam Kings making money off what they consider to be a legal business method. This is the best overview of spam I've ever read; it gets a little technical in places, but it's a truly informative read. From there, Biggs is off to spyware and adware, those increasingly pernicious programs that install themselves silently on your hard drive, bombard you with unsolicited pop-up ads and slow down your system's performance speed significantly. I take care of the public computers in a university library, and these malicious programs are a constant thorn in my side. As many precautions as you take and as many sites as you block, these things just multiply like rabbits and keep coming at you thanks to users who have no qualms about clicking on anything and everything they see online. If you are an online user of any kind, you really need to know all you can about protecting your computer from spyware and adware, and the author tells you all about it in this book. Lest we forget viruses, these are also covered in some detail.

Call me crazy, but I actually enjoy getting ye olde "Nigerian" scam emails; they are a constant source of amusement, and you have to wonder if anyone actually takes these things seriously. They do, and they come out much poorer for their mistake. Biggs tells you all about the most popular scams in perpetual online existence - including phishing, which is becoming increasingly sophisticated these days. Music companies will surely be pleased by Biggs' chapter on the pirating of movies, music, and the like. File-sharing and peer-to-peer networking have spread like wildfire across the Internet, and you had better know what's what unless you want to wake up one day to find the FBI knocking at your door. The book closes with chapters on the many different types of hackers and the White Hats working to protect you from the bad guys' exploits. Biggs really gives you a good idea about where these guys are coming from.

I deal with many of the problems detailed here on a daily basis, and I learned some really good and useful things from this book. Thus, I would heartily recommend Black Hat to computer novices. If you spend any time online, you really need to learn how to protect your data and identity, and Black Hat provides a great deal of helpful information in a very engaging manner.

While reading this breezy introduction to the unlikely but inevitable cloak and dagger cyber world of hackers and spammers, encryption and "things that go ping in the night," I had a terrible sense of estrangement mixed with fear and loathing simply because I knew and know jack diddly about hacking and how to protect myself against it. So I suppose this book is a start, lesson one in Cyberspace judo.

There are eight chapters, covering such topics as spam and spyware, worms and viruses, scams and counterattacks against the black hats. In one chapter Biggs explores the "Dear Friend," advanced-fee fraud, often referred to as the "Nigerian potentate scam," or simply "419" since it is section #419 in the Nigerian Criminal Code.

You might recognize this con as the outrageous come-on that promises you a nice percentage of some many millions of dollars if you will allow an abused princess (or such) of some African country to use YOUR bank account for a transfer of the millions. (Right!) Of course you'll be asked for a few thousand dollars up front... Biggs writes that "in 2002 over 16,164 Americans, including 74 who reported losses totaling $1.6 million, reported being suckered by 419 scams." (p. 72) Biggs actually found one guy, a Dr. Shahla Ghasemi, who admitted to personally losing $400,000 to the scam. (p. 77) But Biggs also shows how he and some others had a lot of fun by leading these would-be scammers along with encouraging emails and baited bits of information.

Biggs also introduces us to some notorious hackers and spammers, "Ebola Monkey Man," Marc Maiffret aka "Chameleon," and Alan Murray Ralsky, "the spam king of Detroit," for example. There are some black and white photos of Web pages and persons, including one of Patrick Kroupa aka "Lord Digital" caught in dark light in front of his lap top, looking for all the world like a cross between Darth Vader and a young Bobby Fischer. (There is an element of glorification in this book that may be off-putting to some.)

There is also something eternally juvenile about the nether world of Internet "hax0rs" and spammers, something gloriously amateurish about their pursuits and values. Why hack? To make a buck, to gain fame, to win the heart of the prom queen? No. Because it's fun and because it's there? Yes, oh, yes. Why spam? Well, in the case of spam, if somehow the monetary reward could be removed, that is, if somehow people would NOT reply to spammers and their scams, then spam would gurgle to a trickle.

In other words, the nefarious world of black hats and white hats, phreaks and crackers, acne-sprouting adolescents in trailer parks and spam king millionaires in Cancun is an all too human world doing what humans do best. That is, trying to rip each other off while puffing out their chests.

John Biggs draws a distinction between amateurs (e.g., "script kiddies" and "punks"), and the pros who go after Citibank and other places where the money is. Script kiddies create nothing "but are just stupid enough to be dangerous" (p. 125) while the pros can, if they like, toss their black hats and don white ones and become hired guns who hack for the establishment.

He also makes a distinction between "free as in freedom" and "free as in free beer"--a very nice distinction new to these ears. There is freedom of expression, and there are free things worth having. Be sure you know which is which. I should also note that Biggs's mantra throughout is "open source, open source, open source." (As opposed, I imagine, to "Microsoft rox, dude!")

Personally I think somebody like Gilbert and Sullivan ought to make a comic opera of the whole scene with dance numbers and catchy tunes. The Net is in a sense a soap opera in which you can play a part. All it needs is a musical score.

Like many books that have their birth on or about the Internet, Black Hat is full of flashy terminology and tortured syntax, missing words and choppy organization characteristic of quick and easy netstyle communications, featuring not fully professional editing. Nonetheless this book is definitely worth reading if you are, like me, pretty much an amateur Cyberian. A more engaging and professionally accomplished (but more narrowly focused) intro to this world is Spam Kings (2005) by Brian McWilliams, which I also recommend.

This is a review on a book called Black Hat, Misfits, Criminals, and Scammers in the Internet Age.

This is a book on computer security. The book talks about how to
secure your home/office computer from the script kiddies. The book breaks down the different types of security issues that you might be faced with, being online. It covers all types of security from Email to Hacking, (Script Kiddies) to Scams.


The book talks about current security issues (Blaster Worm, Melissa, Mydoom). The book is current, it was published this year (June 2004). The content of the book is good for people just starting out in computers (security). It will not be a real useful resource for the experienced user.

This book covers a lot of topics, but 90% if the information is designed for the novice user. If you have any computer experience at all, this book is good, but a little basic. I liked the book for some of the information it provided, but a lot of it was not new. Most of the security web sites that talk about security will cover this same information.

The author talks about Windows and Linux for the Operating Systems used in the book. Since Mac (OS X) is also a viable operating system,I wish they would have covered it as well. Since it is Unix based.

The book is very readable. It is a very easy read, I was able to
read the entire book in a few days. There are some examples in
the book. I liked most of them, but some (few) had really dark screens. It was not to bad. I wish that he would have lighten them up some. So there where kind of hard to see.
It did help having some of the illuastrations to see the point
that was being made. I wish they would have given a few more.

The book does not come with any software, or any code samples.
I think that it would have been helpful to have a CD in
the book.

The book does give a lot of information on the fact that all the
information you see on TV and in the movies is just not true.
You can not use your computer to play a game of "Nuclear War" on
your computer. As is shown in "War Games" (1983)

In Chapter 1 is about the guys and gals that have been caught
hacking different types of machines. It also gives a basic
over view of what you can expect by having a computer on the
Internet. That the best (Only) way to keep your computer safe
is to cut the cord. I agree that it is safer to not go on the net, but if you want to stay current, or talk to others you need to be on the net. I wish that they would have covered the different types of devices (Router, Firewalls, Switchs) that can be used to help prevent attachs.

When you get to Chapter 2 the book will cover what is happening
with SPAM. He goes over a lot of different items on SPAM. He
tells you that you can not do anything about SPAM. Then he
talks about "The Solution" which he covers what a "Whitelist"
and a "Blacklist" are. He covers the way a Bayesian filter works.
This is one of the ways to protect your machine that he goes into
a lot of detail. He does cover the what kind of messages
look like that are SPAM.

In the next chapter he goes into SPYWARE and what it is
caused by and what kind of software it is in. He does cover
the information about "Gator" and what they have done.
He does cover the how to get rid of it, and what you can
do to be careful and not get it in the first place. It is good
information, and if you follow the advise it help keep it
off your machine.

Each of the chapters cover a different type of security risk.
I wish that some of the chapters would have covered the secuirty topic in more detail. As I have stated above, the second chapter covers spam. The information that they talk about is good, but it could have been better. One of the things that was lightly touched on was a way to discover if the mail that you are getting
is really from the sender. This is one of the chapters that I
was looking really forward to.

One of the other items in the book that could have been covered
in better detail is the Phising section. They talk about how
it is done. I would to like to had it covered in more detail.
With more about the ways to discover it. They talk about how
a user can determine the if an Email is really fake or not.
Most novice users will not have the first clue on what needs
to be done. I wish that it would have been covered in a little
more detail. One of the other items that I wish had been covered
is that all of the major Credit Card companies will never ask
you for this information. It is information that they have on
file already. I wish that he would have done a little better
on explaining what was happening.

You can tell he has done his research on what is going on in
the real Internet. He does a good job at explaining what is happening over all. I wish that the book would have given more detail on what was being covered.

This is a short, but well written, book on the wide variety of nasty things that can harm you when you are on the web; adware, viruses, spam, scams and spyware. There are eight chapters, each covering a different malicious software or activity.

The first three chapters cover the stuff you will encounter the most often; spam, spyware and viruses. These chapters together make up the majority of the book and are the heart of the content.

After that the book goes into scams and then inverts coverage from the malicious stuff done against the average Internet user to covering hacking and fighting the hacking.

This is not a for-dummies book. The content is designed for people of reasonable technical expertise. And the design of the book is a short overview to get you started on securing your computer and yourself on the Internet. This book is an excellent way to get started, but from there you will have to guide yourself or make purchases of books that provide more in-depth coverage of specific topics, like security a Windows box.

When I set up my first e-mail account, I received an e-mail about every three days. That same account now gets over 150 pieces of spam an hour! And most of what comes is worse than the garbage that is handed out in the sleaziest part of Times Square. That's the sort of great problem that the Internet brings along with greater connectivity.

I was intrigued by this book because I wanted to learn more about those who are creating problems on the Internet for the rest of us. If you just want to know a little more about spam, spy ware, worms, viruses, scams, pirates, break-ins and how to avoid the problems, this book is a fairly good introduction that you can read quite quickly. Each chapter is a stand-alone, so you can skip the subjects that don't interest you.

If you are a security professional, this book is much too elementary for you to find it helpful. If you have been effective at avoiding scams, identity theft, spam, viruses and worms through your own diligent effort, you probably won't learn too much of practical value from this book.

The ideal reader is probably someone who started onto the Internet in just the last year or so . . . or doesn't know how to overcome some practical problem related to these nuisances. There is a brief bibliography for those who would then like to learn more.

I was pleased to see that the author appreciates the benefits of the open software movement and can explain the economics of complex battles over piracy quite well. So you are getting a sophisticated view of the on-line world presented in its simplest form. Nice!