BKHTCRIH.RVW 20021012 "High Technology Crime Investigator's Handbook", Gerald L. Kovacich/William C. Boni, 2000, 0-75067086-X, U$34.95 %A Gerald L. Kovacich shockwavewriters.com %A William C. Boni %C 2000 Corporate Blvd. NW, Boca Raton, FL 33431 %D 2000 %G 0-75067086-X %I Butterworth-Heinemann/CRC Press/Digital Press %O U$34.95 800-272-7737 http://www.bh.com/bh/ dp-catalog@bh.com %P 298 p. %T "High Technology Crime Investigator's Handbook: Working in the Global Information Environment" The preface makes the somewhat contradictory statement that the book is "not a `how to investigate high-technology crime' book but provides basic information for someone ... new to the profession." This odd assertion may be partially explained by the fact the text is very heavy on career and organizational matters, and extremely light on functions and technology. It would appear that any technical issues are seen as "how to," while corporate politics are basic information. Part one provides an introduction to the high technology crime environment, in broad overview. Chapter one is a pedestrian presentation of high technology. The text is very disjointed (a discussion of government departments using high-tech crime as a justification to fight for increased budgets is immediately followed by a minor example of online harassment), and, despite the promotion of the importance of technical information and tools for crime investigation, the technical material is weak, simplistic, and oddly handled. For example, a subjective and imprecise measure of data volume (a book) is used to calculate ridiculously "accurate" (in terms of significant figures) store sizes for a variety of obsolete systems. There is a superficial and pessimistic look, in chapter two, at the "Global Information Infrastructure." Again, the technical content is insubstantial: mention of lists of top level domains makes reference to using a search engine to find them, but the instructions consist of "well, you're an investigator, investigate." This seems to sum up the attitude to providing necessary information. High-technology miscreants, in chapter three, are reasonably well described, with only minor errors. There is an internal contradiction when the text lumps phone phreaks in with hackers, and then treats them as distinct, and the book retails the Cap'n Crunch myth, whereas Draper himself points out that he was taught about the 2600 hertz whistle. There is a slight overemphasis on the importance of "professional hackers." Chapter four's coverage of attack technology is jumpy and fragmented. An "ISP attack" makes little sense, while spoofing is narrowly defined to include only one specific type of session hijacking. Three pages of diagrams of PBX (Private Branch eXchange) attacks explain nothing. Protection technology, in chapter five, is defined as access control, accountability, and audit trails, followed by a random grab bag of security ideas. Part two is an overview of the high technology crime investigation profession or unit. This material is basically recycled from "The Information Systems Security Officer's Guide," by one Gerald L. Kovacich. There are a large number of very short chapters. Chapter six is a generic promotion for career planning, with added, but oddly irrelevant, details. Marketing yourself, in terms of preparation of resumes and for interviews, is in chapter seven. Chapter eight describes the perfect, and therefore fictional, company to work for. This is followed by the perfect job description in nine, the perfect investigative unit in ten (with some brief staff job descriptions in eleven), and the perfect mandate (plus an excessively detailed example of a PBX survey) in chapter twelve. Chapter thirteen suggests that you develop contacts, but, somewhat in opposition to the career building emphasis earlier, this concentrates on "sources" or informers. The development of metrics, in chapter fourteen, seems to be primarily concerned with the creation of bar charts to show management that you've been working. The "Final Thoughts," in chapter fifteen, are mostly vague opinions. Part three is entitled high technology crimes and investigations. Chapter sixteen has various stories, with almost no detail, about crimes and computers, few of which are relevant to corporate investigations. There is some useful advice, in chapter seventeen, on the initial seizure and chain of custody of computer equipment, but the discussion is limited to data recovery. Part four is supposed to be about challenges to high technology crime investigation, but chapter eighteen, the only section, simply contains more vague thoughts. For someone trying to build a career via political maneuvering, this book can provide some useful tips. For someone trying to investigate a crime involving computers, it might be a bit frustrating. copyright Robert M. Slade, 2002 BKHTCRIH.RVW 20021012