ARRAY(0xd97725bc)
 
Profile for Richard Bejtlich > Reviews

Browse

Richard Bejtlich's Profile

Customer Reviews: 357
Top Reviewer Ranking: 9,230
Helpful Votes: 6041




Community Features
Review Discussion Boards
Top Reviewers

Guidelines: Learn more about the ins and outs of Your Profile.

Reviews Written by
Richard Bejtlich "TaoSecurity" RSS Feed (Metro Washington, DC)
(REAL NAME)   

Show:  
Page: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11-20
pixel
Learn to Program with Scratch: A Visual Introduction to Programming with Games, Art, Science, and Math
Learn to Program with Scratch: A Visual Introduction to Programming with Games, Art, Science, and Math
by Majed Marji
Edition: Paperback
Price: $24.54
44 used & new from $18.14

5.0 out of 5 stars Review from my 9-year-old, April 11, 2014
I asked my 9-year-old to share her thoughts on Learn to Program with Scratch. She chose five stars and wrote the following:

"For Learn to Program with Scratch, I really liked the structure and simplicity of the projects. Unfortunately I don’t have Scratch 2 yet; I have 1.6 (?), but I tried a project of a cat following a mouse attached to my cursor, and it worked. I enjoy Scratch and I believe that this book will help me to understand and use Scratch for many more years to come."

Sounds like dad needs to upgrade to the latest version of Scratch...

This is another wonderful programming books for kids from No Starch Press.


Python for Kids: A Playful Introduction to Programming
Python for Kids: A Playful Introduction to Programming
by Jason R. Briggs
Edition: Paperback
Price: $20.99
104 used & new from $15.45

36 of 42 people found the following review helpful
5.0 out of 5 stars Review from my 8-year-old, December 28, 2012
I asked my 8-year-old to share her thoughts on Python for Kids. She chose five stars and wrote the following:

"The book is well-written and colorful. I like it a lot!

The text is easy to read and fun. It keeps you turning pages.

There's a creative twist that keeps your mind moving!

I especially enjoyed the wizard list on pages 32-36 and the turtle graphic in chapter 11 (pages 146-161).

Great book overall!"

I love that my daughter is writing real Python programs by following along with this book. She also read and did the exercises in the No Starch "Super Scratch Programming Adventure!" book, which she liked. However, I don't know of any IT people who do work in Scratch. Plenty use Python though!

I'd like to thank No Starch for sending us a review copy.
Comment Comments (2) | Permalink | Most recent comment: Feb 4, 2013 1:49 PM PST


The Unofficial LEGO Technic Builder's Guide
The Unofficial LEGO Technic Builder's Guide
by Pawel Kmieć
Edition: Paperback
Price: $22.64
97 used & new from $15.87

0 of 2 people found the following review helpful
5.0 out of 5 stars A review from my 8-year-old, December 28, 2012
I asked my 8-year-old to share her thoughts on The Unofficial LEGO Technic Builder's Guide. She chose five stars and wrote the following:

"The pictures are colorful and lovely, even though I don't have any Technics [yet]. I would really like some!

One project I would like to build is a bridge using the triangular Warren truss shown in chapter 11.

I think it's a great book. I really hope I get some bricks soon!"

I'm getting the message about buying some Technic sets!

The most impressive part of this book for me involved better understanding how builders at shows assemble small yet very realistic model vehicles. For example, chapters 19-21 show very cool helicopters, tanks, and other vehicles.

I'd like to thank No Starch for sending us a review copy.


The Unofficial LEGO Builder's Guide (Now in Color!)
The Unofficial LEGO Builder's Guide (Now in Color!)
by Allan Bedford
Edition: Paperback
Price: $18.04
88 used & new from $12.00

3 of 3 people found the following review helpful
5.0 out of 5 stars Review from my 8-year-old, December 28, 2012
I asked my 8-year-old to share her thoughts on The Unofficial LEGO Builder's Guide. She chose five stars and wrote the following:

"Colorful and exciting, this book has it all for Lego builders, young and old!

I especially liked the colorful railroad building on page 38, figure 3-3.

I really recommend this book. I read it whenever I have a chance.

Overall, it's a great book."

The lessons in this book will help kids (and adults for that matter) transition their Lego ideas from dream to reality. I think this is the book to read after you go to a Lego show and feel inspired to construct a model of your home (for example), but don't know where to start. The book teaches design themes that show how to use Lego bricks to best represent your ideas.

I'd like to thank No Starch for sending us a review copy.


The LEGO Adventure Book, Vol. 1: Cars, Castles, Dinosaurs & More!
The LEGO Adventure Book, Vol. 1: Cars, Castles, Dinosaurs & More!
by Megan Rothrock
Edition: Hardcover
Price: $14.10
103 used & new from $8.97

5.0 out of 5 stars Review from my 8-year-old, December 28, 2012
I asked my 8-year-old to share her thoughts on The LEGO Adventure Book, Vol 1. She chose five stars and wrote the following:

"The book is very inspirational and attractive. The drawings are colorful and realistic. I think it's a great book.

Meg's adventures are fun to follow even without the pieces you might need.

It's a great book, please make a sequel!"

This book is pretty amazing. The production quality is exceptional with excellent colors and photography.

Readers might be concerned if they want to duplicate what they see in the book. I echo the concern of an earlier reader who lamented the requirement for custom pieces.

I look at the book a little differently, though. My kids and I use it for inspiration, rather than a recipe for duplication.

I'd like to thank No Starch for sending us a review copy.


Wonderful Life with the Elements: The Periodic Table Personified
Wonderful Life with the Elements: The Periodic Table Personified
by Bunpei Yorifuji
Edition: Hardcover
Price: $13.13
89 used & new from $9.37

0 of 1 people found the following review helpful
4.0 out of 5 stars Review from my 6-year-old, December 28, 2012
I asked my 6-year-old to share her thoughts on Wonderful Life with the Elements. Together we chose four stars. She wrote the following:

"Dear Bunpei,

I LOVE your book because I like science! (Even though I'm six). I like it!

But why did you put "privates" on Nitrogen?

Anyway, it's a great book!"

I agree that this is a great book. Both of my daughters enjoy science and this book depicts the periodic table and the elements in an engaging way. However, her comment about "privates" reminds me of an earlier review mentioning the way the author draws humans to represent the elements. They are cartoons, but not like one might see in the West. Your child may have a question about the anatomy depicted, so parents beware.

I'd like to thank No Starch for sending us a review copy.


Super Scratch Programming Adventure!: Learn to Program By Making Cool Games
Super Scratch Programming Adventure!: Learn to Program By Making Cool Games
by The LEAD Project
Edition: Paperback
Price: $14.97
100 used & new from $9.70

2 of 4 people found the following review helpful
5.0 out of 5 stars Review from my almost-8-year-old, October 14, 2012
I asked my almost-8-year-old to share her thoughts on Super Scratch Programming Adventure! She chose five stars and wrote the following:

"I think it's a very great book. I love the storyline, but my main concern is that I could not find a trace of the Super Scratch folder.

How hard is it to draw the Mona Lisa? I have Scratch version 1.4, and I found it difficult drawing Le Louvre.

On the flip side, I learned a lot. Who knew you could make Scratchy move with 1) arrow keys and 2) a medium sized Script?

I enjoyed watching the Magic Star Web change colors.

Overall, I think it's a very great book, and I highly recommend it to anyone who is interested in programming."

I agree that this is a great book. My daughter wanted to learn how to program a video game, and I thought it would be a lot more difficult. Shortly after starting to read and apply this book, she coded a video game!

I'd like to thank No Starch for sending us a review copy.


SSH Mastery: OpenSSH, PuTTY, Tunnels and Keys
SSH Mastery: OpenSSH, PuTTY, Tunnels and Keys
Price: $9.99

11 of 14 people found the following review helpful
5.0 out of 5 stars The master writes again, March 4, 2012
Verified Purchase(What's this?)
This is not an unbiased review. Michael W. Lucas cites my praise for two of his previous books, and mentions one of my books in his text. I've also stated many times that MWL is my favorite technical author. With that in mind, I am pleased to say that SSH Mastery is another must-have, must-read for anyone working in IT. I imagine that most of us use OpenSSH and/or PuTTY every day, but I am sure each of us will learn something about these tools and the SSH protocol after reading SSH Mastery.

In this short review I'd like to cite a few concepts that MWL helped me better understand. These included: 1) hashing host keys added to known_hosts; 2) forwarding authentication requests to your workstation when connecting from server to server; 3) the variety of port forwarding options and how to configure each in OpenSSH and PuTTY; 4) differences between SSH and TCP keepalives; and 5) key management, especially following a compromise.

For those of you interested in the Kindle version, I bought that edition from Amazon.com and was able to easily read it on my Kindle Touch. As a courtesy MWL mailed me a printed copy of the book, and the presentation is great.

At the very least, SSH Mastery is the sort of book that every new OpenSSH or PuTTY user should receive before using the programs. I look forward to MWL's next books!


America the Vulnerable: Inside the New Threat Matrix of Digital Espionage, Crime, and Warfare
America the Vulnerable: Inside the New Threat Matrix of Digital Espionage, Crime, and Warfare
by Joel Brenner
Edition: Hardcover
Price: $20.87
92 used & new from $0.11

18 of 21 people found the following review helpful
5.0 out of 5 stars Must-read for digital and national security policymakers and practitioners, October 23, 2011
America the Vulnerable (ATV) is one of the best "big picture" books I've read in a long while. The author is a former NSA senior counsel and inspector general, and was the National Counterintelligence Executive (NCIX). In these roles he could "watch the fireworks" (not his phrase, but one popular in the intel community) while the nation suffered massive data exfiltration to overseas adversaries. ATV explains the problem in terms suitable for those familiar with security issues and those learning about these challenges. By writing ATV, Joel Brenner accurately and succinctly frames the problems facing the US and the West in cyberspace.

In this review I'd like to highlight some of Mr Brenner's insights and commentary.

On pp 65-7 he discusses "China's Long View... China had the world's largest economy for eighteen of the past twenty centuries. The two exceptions were those of America's youth and rise to power.... Like India, China does not regard Western domination as normal, and it does not suffer from an inferiority complex. China's chief national strategic objectives are to lift its population out of poverty and reestablish its place in the international order."

On pp 68-71 he explains the problem with the binary thinking of Westerners regarding war. China does not see war as a binary issue, where one is either at peace OR at war. "This kind of ambiguity is difficult for Americans to digest. We are direct and aboveboard, and we like to think others are like us -- or would be if given half a chance... [W]e suffer from a Western misconception in our law, religion, and policy that 'peace' and 'war' are opposites that cannot occur at the same time... Many Americans cling to this view, even though war has not been declared on the planet since 1945, while there have been hundreds of organized, violent, and militarized struggles in the interim."

On pp 71-3 he reiterates my point that the consequences of digital assault from China are indeed new, as well as the assault itself. "Our companies are under constant, withering attack. After the Google heist, *companies* [all emphasis is original] started asking the government for help in defending themselves against *nations*. This was unprecedented. We are now in uncharted territory... the boundary between economic security and national security has completely disappeared... While the scope of and intensity of economic espionage have assumed startling proportions, the 'traditional' espionage assault on our national defense establishment dwarfs anything we have ever before experienced."

On pp 75-77 Mr Brenner describes instances of espionage and consequences. "[Chi Mak] is the first spy (that we know of) through whom we lost critical military secrets and who was not a government employee. He will not be the last. If further proof were required, the case thus illustrates how thoroughly the functional boundary between the private sector and the government has dissolved... In essence, the PRC is leveraging the Pentagon's R&D budget in support of its own war-making capability."

Mr Brenner focuses on Chinese espionage in ATV; the following from p 78 is a good summary: "In contrast to the Russians, who are highly professional, the PRC often enlists amateurs from among a huge pool of sympathizers."

In the middle of the book Mr Brenner concentrates on the China threat by correctly identifying that the Chinese do not want a shooting war with the US. Rather (quoting Chinese military thinkers on p 118) "the objective in warfare would not be killing or occupying territory, but rather paralyzing the enemy's military and financial computer networks and its telecommunications. How? By taking out the enemy's power system. Control, not bloodshed, would be the goal... [Continuing on pp 126-7,] The Prussian Carl von Clausewitz, and Mao after him, had called war 'politics by other means.' [Strategists] Qiao and Wang seemed to be saying the reverse: Politics -- and economics and communications and everything else -- was war by other means. And while Clausewitz had preached the doctrine of the decisive battle, Qiao and Wang said there would be no more decisive battles."

Ch 9, "Thinking About Intelligence," is one of my favorite chapters because Mr Brenner examines the role of information and intelligence agencies in the modern world. On p 196 he makes a fascinating point: "To understand the future of the private sector's role in intelligence, we don't need a crystal ball. We can just as well look backward as forward, because we are experiencing a return to a historical norm." He then argues that the private sector is developing intel capabilities rivaling the government, which was the case prior to the creation of national agencies in the 20th century. On p 209 he recommends the following: "[T]he best way to run an intelligence agency is to focus tightly on the parts of the business that are really secret and separate them from the rest. You spend more money on open-source collection and analysis, and let them happen in controlled but unclassified space. You beef up counterintelligence. And you pay much more attention to the electronic handling and dissemination of information."

In the final chapter he offers some recommendations for improvement. I liked this statement on p 216: "If you wait for the incoming danger to reach you, you won't be able to defend against it. CYBERCOM solves this problem by letting the general in charge of defending national security networks use offensive tools outside his networks in order to know what's coming. To be blunt, espionage is an essential aspect of defense. To know what's coming, we must be living inside our adversaries' networks before they launch attacks against us." Note that is the traditional role of espionage, a model which the Chinese shatter by *living inside our companies' networks, solely to steal our intellectual property*.

I only found one small typo on p 194: The Yom Kippur War happened in 1973, not 2003.

Overall, I really enjoyed ATV. While I don't think the suggestions for improvement in the last chapter are sufficient to mitigate the threat, several of them are a good start. I highly recommend reading ATV at your earliest opportunity!


Robust Control System Networks
Robust Control System Networks
by Ralph Langner
Edition: Hardcover
Price: $71.96
39 used & new from $63.98

4 of 8 people found the following review helpful
5.0 out of 5 stars Excellent book for ICS and IT security alike, September 25, 2011
I am not an industrial control systems expert, but I have plenty of experience with IT security. I read Robust Control System Networks (RCSN) to learn how an ICS expert like Ralph Langner think about security in his arena. I was not disappointed, and you won't be if you keep an open mind and remember IT security folks aren't the target audience. After reading RCSN I have a greater appreciation for the problems affecting the ICS world and how that community should address the fragility of its environment.

Dale Peterson's review captured many of the thoughts I had when reading RCSN (and I did read the whole book)! Therefore I'd like to share a few points that resonated with me. Many of these ideas translate easily from the ICS plant floor to the IT office.

"Undocumented" usually means "unknown," and the combination of those two characteristics of systems equals "fragile."

Digital systems are fragile also because, unlike physical systems or items, they tend not to show any "predictable degradation" (p 157).

ICS engineers think similarly to IT engineers, in the sense that both think "real engineers don't have time to write documentation" (p 166).

The two communities also share the unfortunate rule of "never touch a running system," which eventually means "never touch a fragile system" (p 167).

Time takes on a life of its own in ICS and IT, since "just by aging, [a configuration] has become a de facto standard" (p 168).

As is the case with IT, in ICS "connectivity is established despite a compelling reason to do so," mainly because it is so easy (p 168).

"Fragility should be seen as a problem in itself," because fragile systems have no hope in the real world, never mind resisting an intelligent adversary (p 174).

As a remedy the author proposes "robustification," which he states "is not about defense and mitigation. It is not primarily *against* anything" except fragility (p 176).

Why? "As long as stochastic (common cause) factors account for the bulk of variation, it doesn't make sense to search for an assignable cause or special cause" (p 176). In other words, so long as ICS (or IT for the matter) is so fragile, don't bother worrying about hackers -- it's likely an inherent failure causing the incident.

To conclude, read RCSN -- it's brief, concise, well-written, full of compelling anecdotes, and groundbreaking.
Comment Comments (3) | Permalink | Most recent comment: Mar 29, 2012 5:19 PM PDT


Page: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11-20