Synopses & Reviews
"The computer world is like an intellectual Wild West, in which you can shoot anyone you wish with your ideas, if you're willing to risk the consequences. " --from Hackers & Painters: Big Ideas from the Computer Age, by Paul Graham
We are living in the computer age, in a world increasingly designed and engineered by computer programmers and software designers, by people who call themselves hackers. Who are these people, what motivates them, and why should you care?
Consider these facts: Everything around us is turning into computers. Your typewriter is gone, replaced by a computer. Your phone has turned into a computer. So has your camera. Soon your TV will. Your car was not only designed on computers, but has more processing power in it than a room-sized mainframe did in 1970. Letters, encyclopedias, newspapers, and even your local store are being replaced by the Internet.
Hackers & Painters: Big Ideas from the Computer Age, by Paul Graham, explains this world and the motivations of the people who occupy it. In clear, thoughtful prose that draws on illuminating historical examples, Graham takes readers on an unflinching exploration into what he calls "an intellectual Wild West."
The ideas discussed in this book will have a powerful and lasting impact on how we think, how we work, how we develop technology, and how we live. Topics include the importance of beauty in software design, how to make wealth, heresy and free speech, the programming language renaissance, the open-source movement, digital design, internet startups, and more.
And here's a taste of what you'll find in Hackers & Painters:
"In most fields the great work is done early on. The paintings made between 1430 and 1500 are still unsurpassed. Shakespeare appeared just as professional theater was being born, and pushed the medium so far that every playwright since has had to live in his shadow. Albrecht Durer did the same thing with engraving, and Jane Austen with the novel.
Over and over we see the same pattern. A new medium appears, and people are so excited about it that they explore most of its possibilities in the first couple generations. Hacking seems to be in this phase now.
Painting was not, in Leonardo's time, as cool as his work helped make it. How cool hacking turns out to be will depend on what we can do with this new medium."
Andy Hertzfeld, co-creator of the Macintosh computer, says about Hackers & Painters: "Paul Graham is a hacker, painter and a terrific writer. His lucid, humorous prose is brimming with contrarian insight and practical wisdom on writing great code at the intersection of art, science and commerce."
Paul Graham, designer of the new Arc language, was the creator of Yahoo Store, the first web-based application. In addition to his PhD in Computer Science from Harvard, Graham also studied painting at the Rhode Island School of Design and the Accademia di Belle Arti in Florence.
Synopsis
'In this second edition, author Erickson uses practical examples to illustrate the most common computer security issues in three related fields: programming, networking, and cryptography. Readers can easily follow along with example code by booting the included live CD.\n
'
Synopsis
This 25th anniversary edition of Steven Levy's classic book traces the exploits of the computer revolution's original hackers -- those brilliant and eccentric nerds from the late 1950s through the early '80s who took risks, bent the rules, and pushed the world in a radical new direction. With updated material from noteworthy hackers such as Bill Gates, Mark Zuckerberg, Richard Stallman, and Steve Wozniak, Hackers is a fascinating story that begins in early computer research labs and leads to the first home computers.
Levy profiles the imaginative brainiacs who found clever and unorthodox solutions to computer engineering problems. They had a shared sense of values, known as "the hacker ethic," that still thrives today. Hackers captures a seminal period in recent history when underground activities blazed a trail for today's digital world, from MIT students finagling access to clunky computer-card machines to the DIY culture that spawned the Altair and the Apple II.
Synopsis
A comprehensive introduction to the techniques of exploitation and creative problem-solving methods commonly referred to as "hacking." It shows how hackers exploit programs and write exploits, instead of just how to run other people's exploits. This book explains the technical aspects of hacking, including stack based overflows, heap based overflows, string exploits, return-into-libc, shellcode, and cryptographic attacks on 802.11b.
Synopsis
This hands-on guide to hacking Microsoft's powerful video games console starts with step-by-step tutorials on hardware modification that teach basic hacking techniques as well as essential reverse engineering skills.
Synopsis
In the beginning there was dial-up, and it was slow; then came broadband in the form of cable, which redefined how we access the internet, share information, and communicate with each other online. Hacking the Cable Modem goes inside the device that makes Internet via cable possible and, along the way, reveals secrets of many popular cable modems, including products from Motorola, RCA, WebSTAR, D-Link and more.
Inside Hacking The Cable Modem, you'll learn: the history of cable modem hacking how a cable modem works the importance of firmware (including multiple ways to install new firmware) how to unblock network ports and unlock hidden features how to hack and modify your cable modem what uncapping is and how it makes cable modems upload and download faster
Written for people at all skill levels, the book features step-by-step tutorials with easy to follow diagrams, source code examples, hardware schematics, links to software (exclusive to this book!), and previously unreleased cable modem hacks.
Synopsis
This 25th anniversary edition of Steven Levy's classic book traces the exploits of the computer revolution's original hackers -- those brilliant and eccentric nerds from the late 1950s through the early '80s who took risks, bent the rules, and pushed the world in a radical new direction. With updated material from noteworthy hackers such as Bill Gates, Mark Zukerberg, Richard Stallman, and Steve Wozniak, Hackers is a fascinating story that begins in early computer research labs and leads to the first home computers.
Levy profiles the imaginative brainiacs who found clever and unorthodox solutions to computer engineering problems. They had a shared sense of values, known as "the hacker ethic," that still thrives today. Hackers captures a seminal period in recent history when underground activities blazed a trail for today's digital world, from MIT students finagling access to clunky computer-card machines to the DIY culture that spawned the Altair and the Apple II.
Synopsis
Voice over Internet Protocol (VoIP) networks, the technology used to place phone calls through the Internet, suffer from the same security holes as standard IP networks. This book reviews the many possible VoIP attacks, and discusses the best defenses against them.
Synopsis
Voice Over Internet Protocol (VoIP) networks, the technology used to place phone calls through the Internet, suffer from the same security holes as standard IP networks, as well as new threats specific to telephony. In addition to attacks on network availability and authentication, administrators must contend with eavesdropping, audio injection, Caller ID spoofing, VoIP phishing, and other unique exploits. All of these security holes can result in the leakage of information and in unreliable phone calls. Hacking VoIP reviews the many possible VoIP attacks, and discusses the best defenses against them for both enterprise and home VoIP solutions. Author Himanshu Dwivedi introduces popular security assessment tools, describes the inherent vulnerabilities of common hardware and software packages, and provides the first ever VoIP security audit program. The book covers common enterprise VoIP protocols such as SIP and RTP as well as unique protocols like H.323 and IAX.
Synopsis
Watson reviews Rails development and then moves to essential enterprise subjects like Web services and their relationships with SOA, data persistence, messaging, interoperability with other platforms, handling documents and search, spell-checking, report generation, and how to access del.icio.us and Flickr from Ruby.
Synopsis
Enterprise software development is labor-intensive. And it is made more costly than necessasry by some of the most popular technologies which can be needlessly complex. The combination of Ruby and Ruby on Rails provides a simple, stable platform for cost-effective software development.
The book quickly reviews Rails development and then move to essential enterprise subjects like Web Services (and their relationships with SOA), data persistence, messaging, interoperability with other platforms, handling documents and search, spell-checking, and report generation. It also covers new Web 2.0 technologies like Ajax and the read-write Web. It is rich in examples and covers numerous interesting topics readers will be surprised to see, such as advanced search with Ferret, how to access del.icio.us and Flickr from Ruby, or how to use Yahoo's general search from Ruby. The book closes with a look at the Semantic Web and why it makes sense to adopt semantic Web technologies.
Synopsis
This hands-on guide to hacking begins with step-by-step tutorials on hardware modifications that teach basic hacking techniques as well as essential reverse engineering skills. The book progresses into a discussion of the Xbox security mechanisms and other advanced hacking topics, with an emphasis on educating the readers on the important subjects of computer security and reverse engineering. Hacking the Xbox includes numerous practical guides, such as where to get hacking gear, soldering techniques, debugging tips and an Xbox hardware reference guide.
Hacking the Xbox also confronts the social and political issues facing today's hacker by looking forward and discussing the impact of today's legal challenges on legitimate reverse engineering activities. The book includes a chapter written by the Electronic Frontier Foundation (EFF) about the rights and responsibilities of hackers, and concludes by discussing the latest trends and vulnerabilities in secure PC platforms.
Synopsis
In this second edition, author Erickson uses practical examples to illustrate the most common computer security issues in three related fields: programming, networking, and cryptography. Readers can easily follow along with example code by booting the included live CD.
Synopsis
While other books merely show how to run existing exploits, Hacking: The Art of Exploitation broke ground as the first book to explain how hacking and software exploits work and how readers could develop and implement their own. In the second edition, author Jon Erickson again uses practical examples to illustrate the most common computer security issues in three related fields: programming, networking and cryptography. All sections have been extensively updated and expanded, including a more thorough introduction to the complex, low-level workings of a computer. Readers can easily follow along with example code by booting the included live CD, which provides a Linux programming environment and all of its benefits without the hassle of installing a new operating system.
Synopsis
Voice Over Internet Protocol (VoIP) networks, the technology used to place phone calls through the Internet, suffer from the same security holes as standard IP networks, as well as new threats specific to telephony. In addition to attacks on network availability and authentication, administrators must contend with eavesdropping, audio injection, Caller ID spoofing, VoIP phishing, and other unique exploits. All of these security holes can result in the leakage of information and in unreliable phone calls. Hacking VoIP reviews the many possible VoIP attacks, and discusses the best defenses against them for both enterprise and home VoIP solutions. Author Himanshu Dwivedi introduces popular security assessment tools, describes the inherent vulnerabilities of common hardware and software packages, and provides the first ever VoIP security audit program. The book covers common enterprise VoIP protocols such as SIP and RTP as well as unique protocols like H.323 and IAX.
Synopsis
This book is for both technical and nontechnical people interested in computer security. Unlike many so-called hacking books, this explains technical aspects of hacking such as stack based overflows, heap based overflows, string exploits, return-into-libc, shellcode, and cryptographic attacks on 802.11b.
Synopsis
This is the first book to focus on important new threats and attacks against modern Web 2.0 networks, sites, and applications. The security world is changing rapidly. A new generation of hacking techniques has appeared, combining social abuse with purely technical attacks, and focusing on new vulnerabilities that are inherent in wireless technologies. "Hacking: The Next Generation" is a must-read for anyone involved in defending a site, a network, or an application -- including social networks and applications based in the cloud.
Synopsis
With the advent of rich Internet applications, the explosion of social media, and the increased use of powerful cloud computing infrastructures, a new generation of attackers has added cunning new techniques to its arsenal. For anyone involved in defending an application or a network of systems, Hacking: The Next Generation is one of the few books to identify a variety of emerging attack vectors.
You'll not only find valuable information on new hacks that attempt to exploit technical flaws, you'll also learn how attackers take advantage of individuals via social networking sites, and abuse vulnerabilities in wireless technologies and cloud infrastructures. Written by seasoned Internet security professionals, this book helps you understand the motives and psychology of hackers behind these attacks, enabling you to better prepare and defend against them.
- Learn how "inside out" techniques can poke holes into protected networks
- Understand the new wave of "blended threats" that take advantage of multiple application vulnerabilities to steal corporate data
- Recognize weaknesses in today's powerful cloud infrastructures and how they can be exploited
- Prevent attacks against the mobile workforce and their devices containing valuable data
- Be aware of attacks via social networking sites to obtain confidential information from executives and their assistants
- Get case studies that show how several layers of vulnerabilities can be used to compromise multinational corporations
Synopsis
'\'
Hacking is the art of creative problem solving, whether that means finding an unconventional solution to a difficult problem or exploiting holes in sloppy programming. Many people call themselves hackers, but few have the strong technical foundation needed to really push the envelope.
Rather than merely showing how to run existing exploits, author Jon Erickson explains how arcane hacking techniques actually work. To share the art and science of hacking in a way that is accessible to everyone, Hacking: The Art of Exploitation, 2nd Edition introduces the fundamentals of C programming from a hacker\\\'s perspective.
The included LiveCD provides a complete Linux programming and debugging environment-all without modifying your current operating system. Use it to follow along with the book\\\'s examples as you fill gaps in your knowledge and explore hacking techniques on your own. Get your hands dirty debugging code, overflowing buffers, hijacking network communications, bypassing protections, exploiting cryptographic weaknesses, and perhaps even inventing new exploits. This book will teach you how to:
- Program computers using C, assembly language, and shell scripts
- Corrupt system memory to run arbitrary code using buffer overflows and format strings
- Inspect processor registers and system memory with a debugger to gain a real understanding of what is happening
- Outsmart common security measures like nonexecutable stacks and intrusion detection systems
- Gain access to a remote server using port-binding or connect-back shellcode, and alter a server\\\'s logging behavior to hide your presence
- Redirect network traffic, conceal open ports, and hijack TCP connections
- Crack encrypted wireless traffic using the FMS attack, and speed up brute-force attacks using a password probability matrix
Hackers are always pushing the boundaries, investigating the unknown, and evolving their art. Even if you don\\\'t already know how to program, Hacking: The Art of Exploitation, 2nd Edition will give you a complete picture of programming, machine architecture, network communications, and existing hacking techniques. Combine this knowledge with the included Linux environment, and all you need is your own creativity.\''
Synopsis
'Silverlight 2, Microsoft\'s new Web framework for developing rich Internet applications, brings the developer and the designer together. This example-rich tutorial reveals how to work on projects in Visual Studio and Expression Blend, how to use source control to manage projects, and how to deploy applications successfully.\n
'
Synopsis
'
\"We did what would normally take six months in eight days-with a team learning from scratch.\" -from Chapter 1 of Hacking Silverlight
Writing good code is hard enough using established, well-documented technologies; with something new like Silverlight, you need to think like a hacker. Hacking Silverlight is a unique tutorial that shows the reader how to build great Silverlight web applications fearlessly. Each chapter starts and ends with carefully annotated code examples that range from Silverlight basics to undocumented techniques you won\'t find anywhere else.
Author David James Kelley is part of an elite group hand-picked by Microsoft to test early Silverlight builds and develop sample applications. This book guides the reader through a running case study of an actual, large-scale Silverlight project.'
Synopsis
Voice over Internet Protocol (VoIP) networks have freed users from the tyranny of big telecom, allowing people to make phone calls over the Internet at very low or no cost. But while VoIP is easy and cheap, it's notoriously lacking in security. With minimal effort, hackers can eavesdrop on conversations, disrupt phone calls, change caller IDs, insert unwanted audio into existing phone calls, and access sensitive information.
Hacking VoIP takes a dual approach to VoIP security, explaining its many security holes to hackers and administrators. If you're serious about security, and you either use or administer VoIP, you should know where VoIP's biggest weaknesses lie and how to shore up your security. And if your intellectual curiosity is leading you to explore the boundaries of VoIP, Hacking VoIP is your map and guidebook.
Hacking VoIP will introduce you to every aspect of VoIP security, both in home and enterprise implementations. You'll learn about popular security assessment tools, the inherent vulnerabilities of common hardware and software packages, and how to:
- Identify and defend against VoIP security attacks such as eavesdropping, audio injection, caller ID spoofing, and VoIP phishing
- Audit VoIP network security
- Assess the security of enterprise-level VoIP networks such as Cisco, Avaya, and Asterisk, and home VoIP solutions like Yahoo! and Vonage
- Use common VoIP protocols like H.323, SIP, and RTP as well as unique protocols like IAX
- Identify the many vulnerabilities in any VoIP network
Whether you're setting up and defending your VoIP network against attacks or just having sick fun testing the limits of VoIP networks, Hacking VoIP is your go-to source for every aspect of VoIP security and defense.
Synopsis
The book addresses "geeky" owners of Canon consumer cameras who would like to explore the possibilities of their cameras, and eventually tweak them to do things way beyond their original specifications, such as
- RAW file (or DNG) support in addition to the camera's JPEG output - Manual control for aperture, shutter speed, and ISO - Expand shutter speeds way beyond the specification limits - Enable bracketing
The hacks are based on the Canon Hack Development Kit (CHDK), a free software maintained by a group of enthusiasts. Many scripts are already published on the web. The book teaches how to use existing scripts and how to write new ones.
Canon cameras, especially their consumer lines of PowerShot/IXUS cameras, allow the user to temporarily upload so called add-ons into the camera through the memory card. The next time the camara is switched on, the add-on is active, when the camera is switched off, the camera returns to its original state, so there is no risk of loosing the manufacturers warranty.
About the Author
Nitesh Dhanjani is a well known security researcher, author, and speaker. Dhanjani is currently Senior Manager at a large consulting firm where he advises some of the largest corporations around the world on how to establish enterprise wide information security programs and solutions. Dhanjani is also responsible for evangelizing brand new technology service lines around emerging technologies and trends such as cloud computing and virtualization.
Prior to his current job, Dhanjani was Senior Director of Application Security and Assessments at a major credit bureau where he spearheaded brand new security efforts into enhancing the enterprise SDLC, created a process for performing source code security reviews & Threat Modeling, and managed the Attack & Penetration team.
Dhanjani is the author of "Network Security Tools: Writing, Hacking, and Modifying Security Tools" (O'Reilly) and "HackNotes: Linux and Unix Security" (Osborne McGraw-Hill). He is also a contributing author to "Hacking Exposed 4" (Osborne McGraw-Hill) and "HackNotes: Network Security". Dhanjani has been invited to talk at various information security events such as the Black Hat Briefings, RSA, Hack in the Box, Microsoft Blue Hat, and OSCON.
Dhanjani graduated from Purdue University with both a Bachelors and Masters degree in Computer Science.
Dhanjani's personal blog is located at dhanjani.com.
Billy Rios is currently a Security Engineer for Microsoft where he studies emerging risks and cutting edge security attacks and defenses. Before his current role as a Security Engineer, Billy was a Senior Security Consultant for various consulting firms including VeriSign and Ernst and Young. As a consultant, Billy performed network, application, and wireless vulnerability assessments as well as tiger team/full impact risk assessments against numerous clients in the Fortune 500.
Before his life as a consultant, Billy helped defend US Department of Defense networks as an Intrusion Detection Analyst for the Defense Information Systems Agency (DISA) and was an active duty Officer in the US Marine Corps (deployed in support of OIF in 2003). Billy s thought leadership includes speaking engagements at numerous security conferences including: Blackhat Briefings, RSA, Microsoft Bluehat, DEFCON, PacSec, HITB, the Annual Symposium on Information Assurance (ASIA), as well as several other security related conferences. Billy holds a Master of Science degree in Information Systems, a Master of Business Administration degree, and an undergraduate degree in Business Administration
Brett Hardin is a Security Research Lead with McAfee. At McAfee, Brett bridges security and business perspectives to aid upper management in understanding security issues. Before joining McAfee, Brett was a penetration tester for Ernst and Young's Advanced Security Center assessing web application and intranet security for Fortune 500 companies.
In addition, Brett also is the author of misc-security.com. A blog dedicated to focusing on security topics from a high-level or business-level perspective.
Brett holds a bachelor of science in Computer Science from California State University at Chico.
Table of Contents
'\'Acknowledgments; Image Credits; Note to readers; Preface; Chapter 1: Why Nerds Are Unpopular; Chapter 2: Hackers and Painters; Chapter 3: What You Can\\\'t Say; 3.1 The Conformist Test; 3.2 Trouble; 3.3 Heresy; 3.4 Time and Space; 3.5 Prigs; 3.6 Mechanism; 3.7 Why; 3.8 Pensieri Stretti; 3.9 Viso Sciolto?; 3.10 Always Be Questioning; Chapter 4: Good Bad Attitude; Chapter 5: The Other Road Ahead; 5.1 The Next Thing?; 5.2 The Win for Users; 5.3 City of Code; 5.4 Releases; 5.5 Bugs; 5.6 Support; 5.7 Morale; 5.8 Brooks in Reverse; 5.9 Watching Users; 5.10 Money; 5.11 Customers; 5.12 Son of Server; 5.13 Microsoft; 5.14 Startups but More So; 5.15 Just Good Enough; 5.16 Why Not?; Chapter 6: How to Make Wealth; 6.1 The Proposition; 6.2 Millions, not Billions; 6.3 Money Is Not Wealth; 6.4 The Pie Fallacy; 6.5 Craftsmen; 6.6 What a Job Is; 6.7 Working Harder; 6.8 Measurement and Leverage; 6.9 Smallness = Measurement; 6.10 Technology = Leverage; 6.11 The Catch(es); 6.12 Get Users; 6.13 Wealth and Power; Chapter 7: Mind the Gap; 7.1 The Daddy Model of Wealth; 7.2 Stealing It; 7.3 The Lever of Technology; 7.4 Alternative to an Axiom; Chapter 8: A Plan for Spam; Chapter 9: Taste for Makers; Chapter 10: Programming Languages Explained; 10.1 Machine Language; 10.2 High-Level Languages; 10.3 Open Source; 10.4 Language Wars; 10.5 Abstractness; 10.6 Seat Belts or Handcuffs?; 10.7 OO; 10.8 Renaissance; Chapter 11: The Hundred-Year Language; Chapter 12: Beating the Averages; 12.1 The Secret Weapon; 12.2 The Blub Paradox; 12.3 Aikido for Startups; Chapter 13: Revenge of the Nerds; 13.1 Catching Up with Math; 13.2 What Made Lisp Different; 13.3 Where Languages Matter; 13.4 Centripetal Forces; 13.5 The Cost of Being Average; 13.6 A Recipe; 13.7 Appendix: Power; Chapter 14: The Dream Language; 14.1 The Mechanics of Popularity; 14.2 External Factors; 14.3 Succinctness; 14.4 Hackability; 14.5 Throwaway Programs; 14.6 Libraries; 14.7 Efficiency; 14.8 Time; 14.9 Redesign; 14.10 The Dream Language; Chapter 15: Design and Research; Notes; Chapter 1; Chapter 2; Chapter 3; Chapter 4; Chapter 5; Chapter 6; Chapter 7; Chapter 8; Chapter 9; Chapter 10; Chapter 11; Chapter 12; Chapter 13; Chapter 14; Glossary;\\n
\''