Desktop Witness: The Do's and Don'ts of Personal Computer Security [Paperback]

Michael A. Caloyannides (Author)

Book Description

ISBN-10: 0471486574 | ISBN-13: 978-0471486572 | Publication Date: July 2, 2002 | Edition: 1

Are you aware of every track, trail, and trace you leave behind every time you use your PC? Are you sure that you really deleted that confidential information from your hard drive?

If not - read this. This book describes the ways in which computer and online privacy can be compromised and gives practical guidance on how to prevent private information from being accessible or retrievable by outside parties or agencies.

This book covers:
* The types of information which are retrievable from a computer and how to prevent leaving sensitive data behind
* How privacy is compromised on the internet (email, web browsing, profiling) and how to combat it
* Full technical details on software for doing computer forensics, defeating computer forensics, encryption, steganography, keystroke capture and detecting keystroke capture

Editorial Reviews

Review

"...Desktop Witness is a wake-up call to all computer users, and certainly essential reading for anyone travelling to unfamiliar countries...In this case, if you don't read it, you could well regret it..." (New Scientist, 22 June 2002) 

"…this book is fascinating…will provide some very valuable information, and an alternative perspective…" (M2 Best Books, 29 August 2002)

From the Back Cover

Do you trust your computer?
You shouldn't.

Personal computers are now part of the furniture in homes around the world. We use them for generating, storing and communicating documents and images; we talk to friends and family via email and surf the Web without giving too much thought to the security of our personal information. Unfortunately hacking and computer security are issues which affect all computer users, not just big corporations.

What is a desktop witness?
Your computer stores a record of every document you create, every e-mail you write or receive, which sites you visit on the Internet, even attachments which you don't open.

An unattended computer may reveal your secrets if you leave security vulnerabilities unattended to. It may 'let in' outsiders through your IR port. It 'whispers' behind your back when you are online. Detectable radiation gives away the contents of your screen. Eavesdroppers can hear conversations through your microphone. Your computer remembers everything.

What can you do?
This straight-talking guide, with its easy-to-follow instructions will enable you to regain control and protect your personal information. It will show you the virtues of computer-anonymity, by making you aware of what might motivate people to access your computer in the first place, and it will help you free-up valuable memory by showing you how to really delete the files your computer stores without your knowledge.

A valuable read for any computer user and absolutely essential for any individual, company or practice with information to protect.

See all Editorial Reviews

Product Details

• Paperback: 384 pages
• Publisher: Wiley; 1 edition (July 2, 2002)
• Language: English
• ISBN-10: 0471486574
• ISBN-13: 978-0471486572
• Product Dimensions: 9.4 x 7.3 x 0.9 inches
• Shipping Weight: 1.8 pounds (View shipping rates and policies)
• Average Customer Review: 3.5 out of 5 stars  See all reviews (2 customer reviews)
• Amazon Best Sellers Rank: #1,505,012 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

10 of 11 people found the following review helpful:

3.0 out of 5 stars Good for the paranoid, not so good for the newbie, September 10, 2002

By 

Ben Rothke "Author of 'Computer Security: 20 ... (USA) - See all my reviews
(REAL NAME)   

This review is from: Desktop Witness: The Do's and Don'ts of Personal Computer Security (Paperback)

It used to be said that the most secure computer was one that was powered off. But with dial- up technology that can remotely start up a computer, such an approach is no longer sufficient. The old approaches must be modified to deal with the current computer security threats; and with that, Desktop Witness - The Do's & Don'ts of Personal Computer Security attempts to enable the reader do the unthinkable - both use their personal computer, and have security and privacy. While many technologically proficient com readers may not be intimidated by command- line interfaces or regular expressions, mainstream computer users are intimidated by their computers. Not only that, they often have an implicit trust in their computers, and will do anything it, or a Trojan horse suggests.

The reality is that for the most part, the term "personal computer security" is an oxymoron. Since the vast majority of personal computers are running versions of Windows 98/95/3.1, and given that Windows 98/95/3.1 has little to no security, personal computer security is indeed a contradiction in terms. Author Michael Caloyannides admits this in chapter 4 of Desktop Witness when he writes that "making a Windowbased computer immune to hostile computer forensics is an impossible task unless you do this for a living day and night." But for those that may be using operating systems with security features (Linux, Windows NT/2000/XP, Solaris, etc.), the problem is how to use the systems in a manner that protects their personal security and privacy. This is made more difficult in that nearly every activity performed on a computer and network leaves evidence.

The book is called Desktop Witness because personal computers keep logs and records of every document created, every email sent, every Web site visited, and much more. All of that personal information is a digital eyewitness to the activity in that specific computer. In the physical word, Newton's Third Law of Motion states that "For every action, there is an equal and opposite reaction." In the digital world, every data request or action also creates another reaction, and it is those reactions that often compromise personal privacy and security.

The book comprises seven content- heavy chapters. After the perfunctory introduction, the book spends chapter 2 discussing encryption. While encryption is crucial for security, for the average reader (who may be uninformed about computer security), dealing with encryption algorithms on page 21 is too much, too soon. Chapters 4 and 5 comprise the bulk of the book and deal with protection of computers connected to and not connected to the Internet or other networks. While a plethora of good ideas and tools are mentioned, the typical end users will not be able to keep up with all of the necessary system changes and configuration modifications.

While the book presents a lot of things that end users can do to secure their computers, and is written in a straightforward manner, the reality is that there is so much to constantly do so that most users will simply be unable to regain control of their computers. Even with such a predicament, Desktop Witness still figures out a way to enable end-users to have security and privacy.

A quick read through the book proves that the author has his paranoid meter set on high. While that may be fine for more sophisticated users, the overall tone of the book follo ws that level of paranoia and many of the suggestions may be unfeasible for most end users. One idea that Caloyannides repeatedly suggests is to not use Microsoft Internet Explorer because of its own security risks and the fact that it's so tightly coupled with the Windows operating system. Another idea that the author suggests is to put special security screws on a PC to identify surreptitious activity.

Finally, the author also suggests not using any ISP installation software (Earthlink, AOL, etc.) that comes on a CD-ROM. The author's rationale is that ISPs often have spyware on the CD-ROMs that will be surreptitiously installed with their connectivity software. Parts of the book are written for people who live under repressive regimes and need to protect themselves against possible death and torture. While such suggestions have merit, most people living under repressive regimes can't afford a computer, or even $50.00 for a book such as this.

Readers with technical expertise won't be intimidated by Desktop Witness. However, readers who aren't as technically inclined may find this book to be a bit daunting. Those readers may want to consider a less onerous title such as Have You Locked the Castle Gate?: Home and Small Business Computer Security by Brian Shea (Addison Wesley, ISBN: 020171955X 2002). The focus of Desktop Witness is on personal and individual computers, so readers needing a more corporate and global look on how to secure large systems should consider Security Engineering: A Guide to Building Dependable Distributed Systems by Ross Anderson (John Wiley and Sons, ISBN: 0471389226 2001).

For those readers who share a level of paranoia such as Caloyannides, the book will have a lot of good suggestions and valuable references. But for the general public, who often struggle just to get their computers powered on, the myriad suggestions in the book may prove overwhelming and impractical.

4 of 6 people found the following review helpful:

4.0 out of 5 stars Good, but I wish it had more details, February 28, 2005

By 

David Trube (Pekin, IL) - See all my reviews

This review is from: Desktop Witness: The Do's and Don'ts of Personal Computer Security (Paperback)

This is a great subject area, but I wish that it had more details. I prefer the cookbook style that walks you through actual examples of implementation rather than the general descriptions in this book.