BKHDPLST.RVW 20031205 "Hiding in Plain Sight", Eric Cole, 2003, 0-471-44449-9, U$35.00/C$53.95/UK#24.50 %A Eric Cole %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8 %D 2003 %G 0-471-44449-9 %I John Wiley & Sons, Inc. %O U$35.00/C$53.95/UK#24.50 416-236-4433 fax: 416-236-4448 %O http://www.amazon.com/exec/obidos/ASIN/0471444499/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/0471444499/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/0471444499/robsladesin03-20 %P 335 p. + CD-ROM %T "Hiding in Plain Sight" Part one explores the world of covert communication. Chapter one suggests that covert communication is all around us, but weakens its case by providing only fictional examples. The author also states that he has detected huge numbers of files which contain embedded steganographic materials. He doesn't seem to understand that this hurts his argument: what good is steganography if you can detect its effects? There is a confused and incomplete introduction to cryptography in chapter two. To be fair, it does make some good practical points, such as the difference between an algorithm and an implementation. The basics of steganography are provided in chapter three but the explanations and examples may not make clear the distinction between steganography and covert channels or codes. The definition and illustration of digital watermarking, in chapter four, does not present a rationale as to why the invisible marking data cannot be removed. The example is confused and unconvincing. Part two is supposed to take us into the hidden realm of steganography. Chapter five outlines miscellaneous computer crimes and intrusions with only the most tenuous ties to steganography, fabricated by the author. A list of steganographic programs (almost all of the insertion type) are provided without details in chapter six. There are more examples of the same illustrations, a couple of related programs, and some mislabelled figures (a graphical layout of an IP header rather than the promised sniffer example) in chapter seven. Cole uses an instance of hiding a virus with steganography, but the dangers of inventing your own cases becomes evident: the virus, as described, wouldn't work anymore. Part three purports to show you how to make your own communications secure. Chapter eight lists cryptanalytic and steganalytic techniques, but does not delineate them well. A rehash of previous ideas and weak examples substitutes for the strategy promised in chapter nine: the main illustration has a complete failure of forward secrecy. Chapter ten pledges that steganography will get better. Although Cole is more entertaining than Katzenbeisser and Petitcolas manage to be in their "Information Hiding Techniques for Steganography and Digital Watermarking" (cf. BKIHTSDW.RVW), his information is sketchy and suspect. In comparison, his work is little more than a pamphlet. copyright Robert M. Slade, 2003 BKHDPLST.RVW 20031205