BKNETSEC.RVW 940831 Academic Press Inc. 955 Massachusetts Avenue Cambridge, MA 02139 Josh Mills, Marketing, jmills@acad.com publisher@igc.org "Network Security", Shaffer/Simon, 1994, 0-12-638010-4 This book will provide the novice with an overview of computer security issues and jargon. "Network" is defined, but so broadly that it covers any computer resource with multiple points of access. In reality, this is a general guide similar to "Computer Security Basics" by Russell/Gangemi (BKCMPSEC.RVW). Topics covered include principles of distributed computing; the need for security; problems and aspects of security; personal computing; malware; security analysis and policy; and certain security standards. The book is quite verbose, and a coherent account can almost be obtained from reading section titles alone. The chapter on viruses and trojan horse programs illustrates the overall style and shortcomings of the book. Some material contradicts itself: the first mention of viral programs states that they are not a significant threat, while most other parts of the book say the risk is substantial. Much of the material is vague: an estimate of the impact of Michelangelo states that "the Canadian ministry did find the virus on 30-40 of its nearly 100 PC[s]". (A Provincial ministry? The Church?) Advice is not practical: suggestions not to use public domain software (suspect advice in any case) is modified with "that is not trusted". Advice is trite: readers are told not to run games. Some advice is just bad: readers are advised to use encryption as a defence against viruses and to use WORM drives. (Where is that list of CD-ROM infections again... ?) As an introduction to the subject, the book is wide-ranging. As a practical guide it has serious shortcomings. copyright Robert M. Slade, 1994 BKNETSEC.RVW 940831 ====================== DECUS Canada Communications, Desktop, Education and Security group newsletters Editor and/or reviewer ROBERTS@decus.ca, RSlade@sfu.ca, Rob Slade at 1:153/733 Author "Robert Slade's Guide to Computer Viruses" (Oct. '94) Springer-Verlag