Book Reviews

Book Reviews


Book Review: Crimeware, by Jakobsson and Ramzan


By Stephen Northcutt
Version 1.1

Crimeware, by Jakobsson and Ramzan, sets a new standard for security books. It is both eminently pragmatic and, at the same time, a scholarly work. I thought I knew a bit about malware, but I learned tons from the book. I struggled a bit with 16.2 Crimeware-Resistant Authentication and encourage the authors to take another look at that when they do a second edition, and this book simply must have a second edition. It will also be interesting to see if the taxonomy, Chapter 2, takes hold. It would seem like we need a bit more of a classification system than Joanna Rutkowska's type 1 - 3 for our community.

While most authors waste the first few chapters with background information, this book gets right down to it. Now, to be sure, this is background, but it is pretty deep background. My favorite chapter is 7, Botnets, but 6.3 JavaScript is very well done and immediately useful information to know. For a high speed pass, Chapter 8, Rootkits, will get you up to speed, but that needs a whole lot more material to really cover the topic.

As this is an election year, and a crazy one at that, Chapter 10 is a must read; it details a number of ways the election could be impacted. I think a bit about evoting machines might make a scary chapter even scarier. As soon as I finish this review, I need to send a note to a friend of mine concerned about click fraud; the authors do a great job on that in Chapter 11.

And, the best thing, the authors do not just tell you how bad things are - they spend a lot of time talking about defense. And, if I can offer a thank you to the fifty or so researchers that helped with the book, thank you very much, the defensive information community is far better off for your efforts. A must own, must read, and must read soon, if there ever was such a thing. Order it now!