Profile for Ben Rothke > Reviews


Ben Rothke's Profile

Customer Reviews: 439
Top Reviewer Ranking: 2,864
Helpful Votes: 3719

Community Features
Review Discussion Boards
Top Reviewers

Guidelines: Learn more about the ins and outs of Your Profile.

Reviews Written by
Ben Rothke "Information security professional" RSS Feed (USA)

Page: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11-20
The Terrorists of Iraq: Inside the Strategy and Tactics of the Iraq Insurgency 2003-2014, 2nd Edition
The Terrorists of Iraq: Inside the Strategy and Tactics of the Iraq Insurgency 2003-2014, 2nd Edition
by Malcolm W. Nance
Edition: Hardcover
Price: $56.95
24 used & new from $51.58

2 of 2 people found the following review helpful
5.0 out of 5 stars Definitive book by one of the greatest experts on the topic, May 18, 2015
The infinite monkey theorem states that a monkey hitting random typewriter keys for an infinite amount of time will eventually be able to create the complete works of Shakespeare. Various scientists such as Nobel laureate Arno Penzias have shown how the theorem is mathematically impossible.

Using that metaphor, if you took every member of United States Congress and House of Representatives and wrote their collected wisdom on Iraq, it’s unlikely they could equal the astuteness of even a single chapter of author Malcolm W. Nance in The Terrorists of Iraq: Inside the Strategy and Tactics of the Iraq Insurgency 2003-2014. It’s Nance’s overwhelming read-world experiential knowledge of the subject, language, culture, tribal affiliations and more which make this the overwhelming definitive book on the subject.

Nance is a career intelligence officer, combat veteran, author, scholar and media commentator on international terrorism, intelligence, insurgency and torture. In 2014 he became the executive director of the counter-ideology think tank the Terror Asymmetrics Project on Strategy, Tactics and Radical Ideologies (TAPSTRI).

While it’s debatable if most members of Congress could elucidate the difference between the Sunnis and Shiites; Nance knows all of the players in depth. He understands and describes who there are, what they are and how their methods work. His unique analysis provides an in-depth understanding of who these groups are and what they are fighting about.

The book details how the many terror groups formed to create the Iraqi insurgency that led to the rise of the Islamic State of Iraq and Syria (ISIS). Nance places the blame on the Bush administration’s 2003 invasion of Iraq that lead to the destabilization of the country. While the war was based on faulty evidence, the insurgency was created by myriad mistakes, misperceptions and miscalculations by L. Paul Bremer, who lead the occupational authority of Iraq during the war.

A common theme Nance makes throughout the book is that the US ignored history and didn’t learn the lessons of the Iraqi revolt against the British in 1920 or the events of the Vietnam War. Those lessons being that insurgents and foreign terrorist operations were much more effective despite the enormous manpower and firepower that the US troops brought to bear in Iraq.

Nance details how much of the coalition’s strategy was based on wishful thinking. He writes that Washington never had a realistic plan for post-war Iraq. Only Saddam Hussein, Abu Musab al-Zarqawi and the ex-Ba’athists has a definitive strategy for what to do in post-war Iraq. Unlike the Americans, they mobilized the right resources and persons for the job, with devastating and horrifying effects.

The book writes of the utterly depravity and evil nature of Saddam Hussein and his sons Uday and Qusay. Following the first Gulf War. Qusay revealed a brutality to match both his father’s and brother’s. The Hussein family was responsible for the death and torture of hundreds of thousands of innocent Iraq’s and others. All of this while the United Nations make threats but took little action to stop the killing. Hussein was repeatedly deceptive and duplicitous against the naïve UN. The UN was without power and did nothing, while simultaneously being clueless to how incompetent they were.

The insurgency was and is made up of countless different groups. Some of these groups number under a hundred members, others in the tens of thousands. Nance details who these groups are, their makeup and leadership structure and what they hope to achieve.

Nance quotes Donald Rumsfeld and General Tommy Franks who described the insurgency as dead-enders; namely small groups dedicated to Hussein, and not large military formations or networks of attackers. Yet the reality was that Hussein started creating the insurgency in the months before the invasion. Rather than being a bunch of dead-enders, the insurgency was a group that was highly organized, heavily armed, with near unlimited funds based on looting hundreds of millions of dollars.

From a reporting perspective, the book details how the US government made the same mistakes in Iraq as it did in Vietnam. Underreporting US casualties, over reporting enemy losses, and obfuscating how terrible the situation on the ground was.

The term IED (improvised explosive device) became part of the vernacular during the Iraq War. The book details how the insurgency used the many different types of IED’s (including human-based IED) at specific times and places for their political and propaganda goals.

Nance writes that the biggest gift the US gave to Osama bin Laden was to invade Iraq. The invasion provided him with an opportunity for inspirational jihad. bin Laden envisioned a holy war with heroic men fights against desperate odds in the heart of historic Islam, just like the first battles of the Prophet Mohammed.

Nance spends a few chapters dealing with ISIS and how it came to be. There are multiple iterations of the group, which developed as the Iraq mess evolved.

The book closes with a disheartening overview of the current state. Nance writes that the Middle East is in far more danger from destabilizing collapse of states due to the effects of the American invasion today than it has ever been.

As ISIS is currently the dominant force in Iraq; Nance states that he fears ISIS will have no intention of going back to being a small insurgent group. It will attempt to consolidate captured terrain. It will offer the Sunni a chance to rule under it at the technocrat level, but that is when the pogroms will start.

In the end, Nance writes, the Islamic caliphate will attempt and fail at creating a popular Iraqi-Syrian nation out of stolen governorates. But unless confronted quickly and forcefully, it may become an isolated jihadistan from which no end of terror will spawn.

For those that want to truly understand the Iraq conflict, Nancy is eminently qualified and this book is uniquely superb. There is no better book than The Terrorists of Iraq: Inside the Strategy and Tactics of the Iraq Insurgency 2003-2014 on the subject.

CSA Guide to Cloud Computing: Implementing Cloud Privacy and Security
CSA Guide to Cloud Computing: Implementing Cloud Privacy and Security
by Brian Honan
Edition: Paperback
Price: $56.84
53 used & new from $43.87

2 of 2 people found the following review helpful
4.0 out of 5 stars Solid guide for understanding security and privacy in the cloud, May 16, 2015
Full disclosure: this book is sponsored by the Cloud Security Alliance of which I am a founding member. I am also friends with 2 of the authors.

Even though cloud computing is mainstream such that even the Federal Government is on board; it’s not necessarily so that it will always make computing cheaper and faster. And all the more so when it comes to security and privacy.

The challenge is how to reap the benefits of the cost savings and agility of cloud computing, without throwing security and privacy out the door.

In the CSA Guide to Cloud Computing: Implementing Cloud Privacy and Security, authors Raj Samani, Jim Reavis and Brian Honan provide a good overview of the core areas around cloud security and privacy.

The books starts with an introduction of what cloud computing is. And then gets into key areas such as security considerations for the cloud, privacy imperatives, compliance and regulatory issues, and more.

Chapter 9 on Dark Clouds: What to Do in the Event of a Security Incident is of particular interest, as it is inevitability that there will be security incidents in the cloud. The problem is that many organizations don’t plan for that and when the incident occurs, are completely unprepared on how to deal with it.

At just under 200 pages, the book provides a good overview of the topic. For those looking for a solid introduction to the issue around the security and privacy of cloud computing, the CSA Guide to Cloud Computing: Implementing Cloud Privacy and Security is a solid guide in which to use.

Phishing Dark Waters: The Offensive and Defensive Sides of Malicious Emails
Phishing Dark Waters: The Offensive and Defensive Sides of Malicious Emails
by Christopher Hadnagy
Edition: Paperback
Price: $24.92
58 used & new from $18.50

1 of 2 people found the following review helpful
4.0 out of 5 stars Great resource that can be part of an information security awareness program, April 29, 2015
All encryption (with the exception of a one-time pad) can be broken. Bruce Schneier likes to use the analogy of a pole in the ground for encryption. You can try to break the pole (encryption); or simply go around the pole. Rather than finding problems with a proven encryption algorithm, attackers will try to go around it via how it’s implemented, and other similar attacks.

In Phishing Dark Waters: The Offensive and Defensive Sides of Malicious Emails, authors by Christopher Hadnagy and Michele Fincher write about those who have mastered the art of going around the security pole, namely phishers. The book defines phishing as the practice of sending e-mails that appear to be from reputable sources with the goal of influencing or gaining personal information.

It would take 1 billion billion years to crack the 128-bit AES key using brute force attack. If one were to assume that a computing system existed that could recover a DES key in a second, it would still take that same machine approximately 149 trillion years to crack a 128-bit AES key. Rather than mounting attacks in the trillions of years, attackers use phishing and spear phishing and often get their results in minutes.

At under 200 pages, the book is a quick and easy read. The book provides a number of real world examples of firms that were breached by phishing attacks; including Coke, Neiman Marcus, Home Depot and more.

The book shares insights on the reasons phishing is so successful, and details ways in which to train end-users to be aware of the tactics. Phishers are successful due to many combinations of factors, primarily the bad decision making on the end-users part. This is due to the fact that phishing plays on the base emotions of end-users, uses their natural curiosity, combined with the fact that many people are way too busy to pay attention to the warning signs in the email. On the other side, the attackers are getting much smarter and significantly more sophisticated. With directed spear phishing attacks; the pretexts detailed in the email are often quite convincing.

The book is a great resource that can be part of a information security awareness program. For those that don’t want their organization to be phished, Phishing Dark Waters: The Offensive and Defensive Sides of Malicious Emails is a good resource.

Migrating Tales: The Talmud's Narratives and Their Historical Context
Migrating Tales: The Talmud's Narratives and Their Historical Context
by Richard Lee Kalmin
Edition: Hardcover
Price: $65.00
47 used & new from $47.35

1 of 1 people found the following review helpful
5.0 out of 5 stars A great book for for those looking to enhance their understanding of the Bavli., April 27, 2015
In academic Talmud, there is to some degree a phenomenon of what I like to call an “ABC” approach, which stands for “anyone but Chazal.” (Chazal is a Hebrew acronym for "Ḥakhameinu Zikhronam Liv'rakha" - "Our Sages, may their memory be blessed". It is a general term that refers to all Jewish sages of the Mishna and Talmud eras. This period lasts roughly from the times of the final 100 years of the Second Temple of Jerusalem until the 6th century CE). ABC is an attempt to portray/depict/view much of Judaism as simply a regurgitation of other religions.

From the title Migrating Tales: The Talmud's Narratives and Their Historical Context, it would appear at first glance that the book would be simply another ABC attempt to separate the Talmud’s teachings from the Talmud’s own claimed sources, and attempt to find the true sources.

But that is not the case. Author Dr. Richard Kalmin takes an analytical, yet conservative approach. He reads the external sources not as a way to disagree with the Talmud, but rather to gain a much more insightful knowledge of the beauty and the depth of the text and underlying storyline.

The reader looking for a revisionist approach will be disappointed in Kalmin’s method and the overall structure of the book. Professors Daniel Boyarin and Peter Schäfer have used such methods when performing textual analysis, to which Kalmin objects to, stating that their claims are not yet justified by the available evidence.

His main argument is that a significant cultural change is evident starting in the 4th-century of Babylonia, due to the incorporation into the Babylonian Talmud (Bavli) of non-rabbinic and non-Jewish traditions deriving from other cultures.

This is a fascinating book that takes a number of stories from the Bavli and attempts to read them in their cultural context against the background of Greek, Syriac, Arabic, Persian, and Mesopotamian literature of late antiquity and the early middle ages. The eight stories and subjects from the Bavli the book analyzes are (according to the chapter titles):
• Manasseh sawed Isaiah with a saw of wood: An ancient legend in Jewish, Christian, Muslim and Persian sources
• R. Shimon bar Yohai meets St. Bartholomew: peripatetic traditions in late Antique Judaism and Christianity East of Syria
• The Miracle of the Septuagint in ancient Rabbinic and Christian literature
• The demons in Solomon’s temple
• Zechariah and the bubbling blood: an ancient tradition in Jewish, Christian, and Muslim literature
• Pharisees
• astrology
• The Alexander romance

While Dr. Shai Secunda’s approach is that the Bavli must be read in its Sasanian context, Kalmin’s approach is that an understanding of the non-Jewish literature derived from the eastern Roman provinces is needed to fully interpret parts of the Bavli.

The book is concerned with how narratives traveled from one culture to another, and how the meaning of these narratives changed from one literary and cultural context to another.

Kalmin writes that the Bavli, unlike the Jerusalem Talmud was particularly open to traditions and motifs deriving from the literature and cultures of contemporary religious groups.

As to the connections between the rabbis of the Bavli and their surrounding cultures, Kalmin takes a conservative approach and avoids overly sweeping conclusions that would suggest close cultural connections between the Mesopotamian Jews and Christians. With that approach in chapter 7 on astrology; he notes that while astrology was an international phenomenon, it requires one to exercise caution in distinguishing between the contributions of Christianity, Judaism, Zoroastrianism, and Greek and Roman paganism to the Babylonian rabbinic attitudes toward astrology.

An important point he makes is that commonality within the stories does not necessarily indicate that the rabbis borrowed these motifs from the Mesopotamian Christians.

A fascinating area which Kalmin discusses, which would make an absorbing book in its own right, is the notion of language-switching in the Bavli. Language switching, something Dr. Shamma Friedman stresses in his research, is obvious to any reader of the Talmudic sugya; who will quickly observe the switching between Hebrew and Aramaic. Kalmin writes that when a single statement in a sugya comprises both Hebrew and Aramaic, the statement is often divisible into an early core and a later explanatory addition.

For those looking to enhance their understanding of the Bavli, Migrating Tales: The Talmud's Narratives and Their Historical Context is a most welcome addition.

Leaving the Jewish Fold: Conversion and Radical Assimilation in Modern Jewish History
Leaving the Jewish Fold: Conversion and Radical Assimilation in Modern Jewish History
by Todd M. Endelman
Edition: Hardcover
Price: $39.50
14 used & new from $31.88

3 of 3 people found the following review helpful
5.0 out of 5 stars Fascinating exploration of why Jews in Europe left the fold, April 13, 2015
Between the French Revolution and World War II, hundreds of thousands of Jews left the Jewish fold. Many did this by becoming Christians or in liberal states by intermarrying. A challenging question is why some did that and others not. In Leaving the Jewish Fold: Conversion and Radical Assimilation in Modern Jewish History, author and historian Todd Endelman (Professor Emeritus of History and Judaic Studies at the University of Michigan) has written a masterpiece that attempts to answer the question. The book focuses on the Ashkenazim of Europe and their milieu, and is as fascinating as it is tragic.

The book examines the specific reasons why Jews in Europe left the fold. The social setting for European Jews was often that of a second-class citizen, with atrocious living conditions, careers hard to come by and rampant antisemitism.

Endelman writes that Jews left the fold predominantly for reasons of survival and practicality, not necessarily those of belief. Being baptized in the Christian faith meant that many doors were open to them. Very rarely did Jews leave Judaism for what they perceived was a place of greater spirituality.

Endelman uses radical assimilation as an umbrella term to refer to all routes Jews traveled to lose their Jewishness. It’s not that those who left Judaism only became Christians. The book details how Jews were (and still are) involved in new age and universalist movements, such as the many ethical culture movements, communism, Marxism and more.

The book opens with the observation that there was split between conservative and liberal Christians about which should come first for the Jews – emancipation or acculturation. The conservatives believed that emancipation was a reward for the Jews only after they had proved themselves worthy (i.e., less Jewish) of incorporation into the nation-state. While the liberals believed that that the removal of legal disabilities against the Jews was a prerequisite for acculturation, a precondition that would enable the Jews to become more like their neighbors.

The book notes that much of European and especially German society was closed off to socially ambitious, university educated young Jewish men. Access to academic positions, appointments to administrative, judicial and academic positions were closed to unconverted Jews. As it became clear that baptism was a prerequisite for a public career, many young Jewish men made the decision to convert before seeking employment.

Endelman writes how the deplorable living conditions made these Jews particularly vulnerable to missionaries. Poor Jews at the end of their rope were always vulnerable Jews. These Jews were targeted by missionaries as they were ripe for conversion given their desperate straits.

Organizations such as the Presbyterian group British Society for the Propagation of the Gospel Among the Jews, founded in London in 1842 preyed on such Jews of Europe. They gave food, shelter and clothes to Jews in need who they hoped would convert.

The book tells the harrowing tale of a man who tried several time to escape the group and make it on his own, but he could not find work and had no friends to whom he could turn for advice or help. In the end, overcome by hunger and despair, he returned to the group. They, like the Anglican-based London Society for Promoting Christianity Among the Jews and other missions offered what Jewish communal bodies were unable or disinclined to provide to every Jew: a helping hand, a sympathetic ear and a welcoming embrace.

One of the book’s main findings is that career choice, age and economic status determined for the most part who within the Jewish community converted.

Chapter 3 provides fascinating insights into those Jews who converted in order to move up the world of aristocracy. He writes that for such Jews, conversion was the last step in their social apotheosis. It was intended to close a gap for them that was small behaviorally, but wide perceptually.

The book also details the experience of 19th century Jews in the United States and what lead to their departures from Judaism. Endelman makes the fascinating observation that American Jews would choose high-status denominations like Episcopalian or Presbyterianism, in that having chosen Christianity for social reasons; they wanted to maximize the social benefit.

Chapter 6 deals with conversions of conviction, and is the most fascinating chapter in the book. Endelman describes Jews who left the fold hoping to find something in Christianity which they could not find in their own religion. Part of the problem was that many of these people viewed Judaism in a negative light long before they received instruction in Catholic doctrine.

Endelman concludes with the observation that the history of conversion and radical assimilation in modern Jewish history is a dispiriting tale, a story of the failure of the enlightenments and emancipations to bestow toleration and respect that they once that to have herald.

This is a remarkably fascinating and enthralling work. Endelman has written a compelling read detailing why the Jews of Europe and the United States abandoned Judaism.

This is an important book that will be of insight to every reader. Those working in Jewish education will find specific interest in the methods that the Christian missionaries used. Using similar methods can ensure that Jews stay within the fold, rather than run out of it.

Those involved in Jewish outreach will find that the best way to draw Jews closer to their faith, is by understanding those forces that often led them to go astray.

Anyone looking to understand some of the reasons for conversion and assimilation in modern Jewish history will find Leaving the Jewish Fold: Conversion and Radical Assimilation in Modern Jewish History a most stimulating narrative.

Statistics Done Wrong: The Woefully Complete Guide
Statistics Done Wrong: The Woefully Complete Guide
by Alex Reinhart
Edition: Paperback
Price: $17.74
29 used & new from $13.74

4 of 5 people found the following review helpful
5.0 out of 5 stars Will forever change the way you view statistics, research findings and those daily radio and TV notices, April 7, 2015
It’s unclear who really said that “there are three kinds of lies: lies, damned lies, and statistics”. But the reality is that statistics are often misunderstood and misused.

In Statistics Done Wrong: The Woefully Complete Guide, author Alex Reinhart, a statistics instructor and PhD student at Carnegie Mellon University, makes the case that most people, even those in the sciences, are misusing statistics and quite frankly don’t know how to do statistics. It’s a bold claim; but this is a bold book, and a fascinating one at that.

The premise of the book is that scientific progress depends on good research, and good research needs good statistics. But statistical analysis is tricky to get right, even for very smart people. His conclusion is that many people, including scientists who should know better (including those who publish in world-class peer reviewed journals such as Nature and Science, are doing statistics wrong. In fact, very wrong.

And it’s not just that the people doing the statistics lack the knowledge. The book notes that there is huge pressure on medical professionals and scientists to get good results.

The books 12 chapters are an enjoyable and relatively easy read. The author tackles such subjects: pseudoreplication: Choose Your Data Wisely, the p Value and the Base Rate Fallacy, Model Abuse and more. The book assumes no prior knowledge of statistics, so it’s a good book for everyone, regardless of their p value.

An issue Reinhart makes a number of times is that even when people get their statistical numbers and figures seemingly right, they often misinterpret and misuse the output. An example he gives is for a traffic study on the safety of allowing rights turns on red lights. The Highway Commissioner who requested the study wrote about its findings that “we can discern no significant hazard to motorists or pedestrians from implementation of right turns on red”. To the untrained eye, the conclusion makes sense. But Reinhart writes that the Commissioner turned statistical insignificance into practical insignificance. This is significant mistake, which happens often, of which the consequences can be significant.

One does not have to have much of a background in statistics to enjoy the book, as Reinhart does a good job of keeping the scary statistical math to a minimum.

Chapter 12 concludes the book with the topic of what can be done? Reinhart notes that there are no easy answers and change will not be easy. The reality is that since most research articles have poor statistical power and researchers have freedom to choose among analysis methods to get favorable results, we are mathematically determined to get a plethora of false positives.

The book does not have a specific information security slant to it. The closest book in making statistics and data work within information security is the superb Data-Driven Security: Analysis, Visualization and Dashboards by Jay Jacobs and Bob Rudis reviewed here.

Statistics Done Wrong: The Woefully Complete Guide is a truly enjoyable book and will forever change the way you view statistics, research findings and those daily radio and TV notices which erroneously proclaim “recent studies indicate..”

On Sacrifice
On Sacrifice
by Moshe Halbertal
Edition: Paperback
Price: $16.02
20 used & new from $14.39

5.0 out of 5 stars Profound and deep work, and one definitely worth reading., March 31, 2015
This review is from: On Sacrifice (Paperback)
The notion of animal sacrifice is a difficult concept for a person of Western thought to understand. Animal sacrifice was so reprehensible to the founders of Conservative and Reform Judaism that they removed all mentions of it from their prayer books and services. It was simply a vestige of an era long passed, and had no place for them.

In On Sacrifice, Moshe Halbertal, professor of law at New York University and professor of Jewish Thought at the Hebrew University of Jerusalem, has written a masterpiece; where he articulately details the profound importance that animal sacrifice played in the past, and the notion how it has evolved into self-sacrifice, and how that presently plays out in religion, ethics and politics.

The book attempts to understand the deeper meaning of what sacrifice is all about. A brief book, it’s composed of two roughly 60-page parts: Sacrificing to and Sacrificing for.

From the religious end, Halbertal writes that sacrifice is an offering that brings atonement and transference of sin. From the political end, he writes that sacrifice is an attempt for the individual to transcend for a higher cause.

The danger of sacrifice moving from the to, to the for, is one of the books main concerns, and it explores the depth of such an extension, along with its implications for the complex relationship between sacrifice and violence.

On that notion, Halbertal quotes the French-American philosopher Rene Girard, who has investigated the nexus of sacrifice and violence. Girard contents that violence has an accelerating, uncontrolled nature. It escalates through sequels of retaliatory events. The aim of an animal sacrifice is to halt the unbridled spread of violence. Sacrifice thus serves a vital purification role.

The first part is about the religious aspect of sacrifice. Namely sacrificing to a God. While the second part details the political aspect of sacrifice, for a cause.

While the Conservative and Reform movement saw nothing in sacrifice, Halbertal writes that sacrifice is the most primary and basic form of ritual. The gift of sacrifice to God, who is in the first place the provider of the good and in no need of it, functions as a token of submission and gratitude, and its reception is not driven by need or interest, but rather is an expression of welcoming and goodwill.
Once animal sacrifice ceased after the destruction of the Temple in Jerusalem, Halbertal quoted Talmudic sources that charity became one of the substitutes for animal sacrifice. He notes that charity is in fact preferred over sacrifice because it erases the abyss between giving and receiving without recourse to ritual, which minimizes individuation.

The main theme of part 2 is the notion of self-sacrifice, as opposed to animal sacrifice. He notes that human beings are the only species that kills for principles rather than for only self-interest.

Much of part 2 details the relationship of self-sacrifice during war. He writes how Abraham Lincoln was able to vindicate the hundreds of thousands of casualties on how they died for freedom and what it stands for. He then compares that to the failed war in Iraq, where George W. Bush tried to justifying the continuation of the war, in order to finish the task for which so many had already died for. Not continuing fighting, in Bush’s weltanschauung, would mean the dead sacrificed for nothing.

Part 2 opens with the notion that self-transcendence is at the core of the human capacity for a moral life. But Halbertal cautiously concludes that section with the observation that when the state become the sole locus of self-transcendence, it turns into a false idol.

Halbertal closes with the observation that there should be a realm beyond such a sacrificial stage that sets a higher, limiting standard for the political association. Different traditions will articulate that realm in different ways, from human rights that that ought to limit state interests, to the image of God that all humans are supposed to share regardless of their associational affinities. A political body that lacks such a category directions the sacrificial urge to an unworthy cause. Ann an absolute commitment to an unworthy cause is the modern form of the old problem of idolatry.

Sacrifice is the most primary and basic form of ritual, and in On Sacrifice, Professor Moshe Halbertal has made that eminently clear. Like his other writings, this is profound and deep work, and one definitely worth reading.

Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It
Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It
by Marc Goodman
Edition: Hardcover
Price: $18.98
74 used & new from $13.32

5.0 out of 5 stars In the rush to get everyone wired, they forget to secure it, March 30, 2015
Technology is neutral and non-moral. It’s the implementers and users who define its use. In Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It, author Marc Goodman spends nearly 400 pages describing the dark side of technology, and those who use it for nefarious purposes. He provides a fascinating overview of how every major technology can be used to benefit society, and how it can also be exploited by those on the other side.

Technology breeds crime and in the book, Goodman users Crime, Inc. as a metaphor for the many entities and organizations that exist in the dark web and fringes of the Internet. Towards the end of the book, after describing all of the evils that the Internet creates, he suggests creation of a modern day Manhattan Project for cyber security. He writes that a major initiative such as that is what is required to secure the Internet and emerging technologies.


As to Crime, Inc., Goodman shows how they use technologies such as distributed computing, satellite communications, crowdsourcing, encrypted channels and other sophisticated mechanisms to carry out their actions. The premise of the book, and it’s a compelling one, is that in the rush to wire every classroom, person and organization, we have failed to secure it appropriately.

The books 18 chapters are an easy and quite fascinating read. Goodman writes in detail about many major technologies trends and how its benefits can be subverted. The book is written for the non-technical reader and Goodman does an admirable job of minimize tech-talk and gibberish.

While the book obsesses on the dark side, it’s important to note that Goodman is not an anti-technologist. The goal of the book is to make people aware of what they are clicking on, and how they often give away their personal life when using free mobile applications.

Chapter 6 on the surveillance economy is particularly interesting. While Snowden brought attention to the NSA’s wholesale spying, what has gone under the radar is the lucrative surveillance economy that has developed. Goodman writes how firms like Acxion, Epsilon and others are part of the over $150 billion data brokerage industry. Their power is that they correlate information from myriad disparate sources, to create a powerful dossier that marketers are willing to pay for.

The chapter articulately details the unprecedented amounts of data people have shared with third-parties; that once shared, is almost impossible to control. The privacy implications are huge and the problem is only getting worse. Data brokers have no privacy incentives as they make money when they sell data, not when they protect it.

The book is a fascinating read, albeit a bit wordy at times. The book contains so many horror stories and examples of software and hardware gone badly, that the reader can be overwhelmed. Goodman on occasion makes some errors, such as when he writes that a six-terabyte hard drive could hold all of the music ever recorded anywhere in the world throughout history. At times, he overemphasizes things, such as when he writes that one billion users have posted their most intimate details on Facebook. While Facebook recently passed the 1 billion user mark, not every user posts intimate details of their live.

The book provides a superb overview of the security implications of the Internet of Things (IoT). Goodman details how the IoT can be used to create intelligent systems and networks that can detect and shutdown adversaries. But to secure the IoT will require an effort akin to the Manhattan Project. With that, Goodman advocates that the government fund a digital Manhattan Project, getting the best and brightest minds in the information security space together, to create a framework to better secure the Internet.

The problem is as he notes, that Washington simply does not see the need nor can they comprehend the urgency of the situation. It’s only the government that can ostensibly get the private and public sectors together to work in concert, but that is unlikely to happen anytime soon. Which only serves to exacerbate an already tenuous information security problem.

An additional issue the book grapples with, it that the while government wants its citizens to be secure and touts the importance of personal privacy, it simultaneously spies on them. Also, providers such as Google and Facebook provide free services, at the cost of turning the user into a data customer. It’s not just the criminals and terrorists the book warns about, rather government and free data collection services.

While the book paints an overly depressing picture of what the future holds for personal privacy, Goodman closes the book with his UPDATE protocol. He writes that while the worst is yet to come and that it’s getting more and more difficult to gain control you’re your personal data and metadata; there are six steps you can do. Goodman claims that these 6 steps can prevent 85% of digital attacks. The UPDATE steps are: Update frequently, Passwords, Download from safe sites only, Administrator accounts used with care, Turn off computers and Encrypt data.

Much of the problem is that people are clueless to what is going on. They use free services not knowing their data and personal privacy is what they are giving away. For users that install mobile apps, they are sharing nearly all of their personal information. Considering many users have over 40 apps, the amount of personal data being obtained is staggering

Finally, users don’t know what good security looks like. The book is a valiant attempt to show users that while they think they are using the Internet in a pristine environment, it is simply a cesspool of malware, scammers and miscreants. In Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It is a great wake-up call. Let just hope everyone wakes up and read it.

Measures and Metrics in Corporate Security, Second Edition
Measures and Metrics in Corporate Security, Second Edition
by George Campbell
Edition: Paperback
Price: $90.97
43 used & new from $76.95

2 of 3 people found the following review helpful
3.0 out of 5 stars Good resource on which to get a grip on creating security metrics, March 18, 2015
Two of the most famous quotes from Lord Kelvin are “to measure is to know” and “if you can not measure it, you can not improve it”. With that, in Measures and Metrics in Corporate Security, author George Campbell provides a quick and high-level introduction to the topic of metrics and measurement.

Security metrics are a key initiative for many CISO’s. But what they often struggle with is how to find the right information security metrics, and how do they use them for functionally operational measurements that can be used to support the business.

The first part of the book contains the following 3 chapters which encompass the first 70 pages:
Chapter 1: The Basics
Chapter 2: Types of Metrics and Performance Indicators Appropriate to the Security Mission
Chapter 3: Building a Model Appropriate to Your Needs

The next 70 pages contain the following appendixes:

Appendix 1: Examples of Security-Related Measures and Metrics
Appendix 2: Trade Associations and Other Organizations with Security Voluntary Compliance Programs
Appendix 3: Sample High-Level Security Work Breakdown Structure
Appendix 4: Physical Security Cost Estimating Tables
Appendix 5: Risk Measure Maps

The book does not have a companion web site. And it would have been quite beneficial if the templates detailed in the appendixes were available in soft copy.

The book notes that security metrics can be easy to create. But really good security metrics, those that can add value to the organization can be difficult to develop. For those that are looking to create good security metrics, Measures and Metrics in Corporate Security is a good starting point.

Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World
Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World
by Bruce Schneier
Edition: Hardcover
Price: $18.98
78 used & new from $13.00

7 of 9 people found the following review helpful
5.0 out of 5 stars Important defense of privacy and expose on the dangers of NSA domestic mass surveillance, March 9, 2015
In Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, author Bruce Schneier could have justifiably written an angry diatribe full of vitriol against President Obama, his administration, and the NSA for their wholesale spying on innocent Americans and violations of myriad laws and the Constitution. Instead, he has written a thoroughly convincing and brilliant book about big data, mass surveillance and the ensuing privacy dangers facing everyone.

A comment like what’s the big deal? often indicates a naiveté about a serious significant underlying issue. The idea that if you have nothing to hide you have nothing to fear is a dangerously narrow concept on the value of privacy. For many people the notion that the NSA was performing spying on Americans was perceived as not being a big deal, since if a person is innocent, then what they have to worry about. In the book, Schneier debunks that myth and many others, and defends the important of privacy.

Schneier writes that privacy is an essential human need and central to our ability to control how we relate to people around us and the world at large. Being stripped of privacy is fundamentally dehumanizing and it makes no difference whether the surveillance is conducted by an undercover police officer following us around or by a computer algorithm tracking our every move online.

The book notes that much of the data sharing is done voluntarily from individuals via social media and other voluntary sharing platforms. The real danger is that the NSA has been illegally conducting mass surveillance on Americans, in violation of the Constitution and other Federal laws. And with all of that, the book notes that after spending tens of billions of dollars doing it, the NSA has little to nothing to show for its efforts.

While the NSA has often said they were just collecting metadata; Schneier writes that metadata can often be more revealing than the data itself, especially when it’s collected in the aggregate. And even more so when you have an entire population under surveillance. How big of a deal is metadata? Schneier quotes former NSA and CIA director Michael Hayden that “we kill people based on metadata”.

The book spends chapters detailing the dangers of mass data collection and surveillance. It notes that the situation is exacerbated by the fact that we are now generating so much data and storing it indefinitely. People can now search 20 years back and find details that were long thought to have been forgotten. Today’s adults were able to move beyond their youthful indiscretions; while today’s young people will not have that freedom. Their entire life histories will be on the permanent record.

Another danger of mass government surveillance is the way it leads to people being categorized and discriminated against. Since much of the data is gathered in secret, citizens don’t have the right to see or refute it. Schneier notes that this will intensify as systems start using surveillance data to make decisions automatically.

Schneier makes numerous references to Edward Snowden and views him as a hero. He views Snowden’s act as being courageous since it resulted in the global conversation about surveillance being made available. Had it not been for Snowden, this book would never have been written.

Schneier does a good job of showing how many of the methods used by the NSA were highly questionable, and based on extremely broad readings of the PATRIOT ACT, Presidential directives and other laws.

The book notes that not only has mass surveillance on US citizens provided extremely little return on the tens of billions of dollars spent; the very strategy of basing security on irrational fears is dangerous. The book notes that many US agencies were faulted after 9/11 and the Boston Marathon bombing for not connecting the dots. But connecting the dots against terrorist plots is extraordinarily difficult, if not impossible. Given the rarity of these events, the book notes that they current systems produce so many false positives as to render them useless.

Schneier straight-out says that ubiquitous surveillance and data minding are not suited for finding dedicated criminals or terrorists. The US is wasting billions on these programs and not getting the security they have been promised. Schneier suggests using the money on investigations, intelligence and emergency response; programs whose tactics have been proven to work.

Schneier makes many suggestions on how to stop the mass surveillance by the NSA. His biggest suggestion is to separate espionage agencies from the surveillance agencies. He suggests that government surveillance of private citizens should only be done as part of a criminal investigation. These surveillance activities should move outside of the NSA and the military and should instead come under the auspices of the FBI and Justice Department, which will apply rules of probable cause, due process and oversight to surveillance activities in regular open courtrooms. As opposed to the secret United States Foreign Intelligence Surveillance courts.

Schneier notes that breaking up the NSA is a long-range plan, but it’s the right one. He also suggests reducing the NSA’s budget to pre-9/11 levels, which would do an enormous amount of good.

While Schenier comes down hard on mass surveillance, he is also rational enough to know that there are legitimate needs for government surveillance, both law enforcement and intelligence needs to do this and we must recognize that. He writes that we must support legitimate surveillance and work on ways for these groups to do what they need without violating privacy, subverting security and infringing on citizens’ rights to be free of unreasonable suspicion and observation.

The book concludes with a number of things that can be done moving forward. At the personal level there is a lot people can legitimately do to stop sharing so much personal information. But for most people, they would rather reap the short-term benefits of sharing information on social media, with retailers and more; than the long-term privacy benefits.

The book also notes that much of the problem stems with federal agencies since keeping the fear stoked is big business for them. For those in the intelligence agencies, that is the basis of their influence and power. Schneier also lays some of the blame on popular media and news who stoke the irrational fears in the daily news. By fixating on rare and spectacular events, the media conditions us to behave as if terrorism were much more common than it is and to fear it far out of proportion to its actual incidence.

This is an incredibly important book. Schenier is passionate about the subject, but provides an extremely reasonably set of arguments. Superbly researched, Schneier lays out the facts in a clear, concise and extremely readable manner. The book is at times disturbing, given the scope and breadth of the NSA surveillance program.

This is the perfect book to take with you on a long flight. It’s a compelling and engrossing read, and important book and a major wake-up call. The NSA knows all about you via its many total information awareness programs. In Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, Bruce Schneier provides the total information awareness about what the NSA is doing, how your personal data is being mined, and what you can do about it.

While the NSA was never able to connect the dots of terrorists, Schneier has managed to connect the dots of the NSA. This is a book that must be read, for your freedom.

Page: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11-20