Book Review – The Art of Invisibility by Kevin Mitnik

The Art of Invisibility: The World’s Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data by Kevin Mitnick
My rating: 4 of 5 stars

A cautionary tale of just how visible you are on the internet and in todays connected society.

First off I am fully aware of the irony of posting a review of this book online on Goodreads, my blog and Facebook after reading a book on how to be invisible on the internet…..

This was a an entertaining read and although I work in the IT field, there were still some security facts in the book that I was not aware so I learnt a fair amount. There are also some useful references for security tools that I had not been previously aware of (although I’m not a security professional).

Despite the above, the book isn’t too technical to make the non IT person bored but it may well make them paranoid! There is a huge emphasis on becoming invisible in the book through extreme measures such as paying a complete strange to buy some gift cards at a store that doesn’t have cameras in the store OR on the way to the store, then using that to buy bitcoins – twice to ensure they are completely laundered and then using those new coins to purchase various items. Not something that the average person in the street is likely to ever do ……and I must admit I do wonder if someone needs to go to all that trouble, would they be reading this book?

There are useful hints and tips about using secure messaging, email etc that can be used by everyone just to keep their internet usage secure which are not too extreme for the day to day consumer.

But for the ultra paranoid/nefarious, this book will either help you solve some of your issues or make you even more paranoid as it brings up points you hadn’t thought of before….

Thanks to Netgalley for the opportunity to read and review this book.

View all my reviews

Book Review: The Tunnels – Escapes under Berlin Wall.

When I was a kid, I enjoyed the exciting tales of tunnels and escapes from prisons such as Colditz and as a young kid, that was basically all they were – thrilling tales of adventures and escapes. So naturally, a book about the Berlin Wall and the escapes (mainly) underneath it was going to be intriguing reading. I can clearly remember the night that it was announced that the wall was coming down and free movement was now available so although the ending of the book was not a surprise, it was still going to be an interesting read.

The Tunnels by Greg Mitchell front cover Greg Mitchell writes a very detailed and exciting book that gives details on several escape methods used to leave East Germany, not just tunnels although they are the primary focus. The depths that the diggers went to,their heroism and the risks that the escapees took deserves a wider audience and this book provides a very detailed account of what happened.

Apparently both NBC and CBS were trying to capture exclusive footage of tunnel escapes for their network and some of the book details the political twists and turns as the producers and networks attempt to get the films released despite the protestation of various governments who feared the political fallout and risks during this cold-war era. It was pretty scary to see just how close the US was to war with Russia in the cold-war era and how big of an impact the Berlin escapes were having.

The pictures included in the middle of the book give an additional indication of what happened under the streets of Berlin. I had not heard details of the escapes or seen pictures of the Berlin Wall so this book also provided a detailed history lesson from this era.

I thoroughly enjoyed the book and got a new appreciation for what happened back during those years and an appreciation for the freedom of movement that we currently enjoy. Highly recommended.

As a follow up to the book, I will be watching the NBC video, East Germans escape through tunnel that will provide an extra insight into the situation. I would recommend that you read the book before watching the film though.

A special thanks to Blogging for Books for the review copy of this book.

Popular posts in 2009 from Absoblogginlutely.net

In common with a lot of other bloggers I’m posting a top 10 list of the most popular pages from Absoblogginlutely.net in the year 2009. It is rather worrying that all of the pages are from posts I have done in previous years. Even more concerning is that a couple of the posts are about updating antivirus software from 2004 so it is a bit scary that people were coming across the same problem in 2009. Either people are 5 years behind upgrading their antivirus software or Symantec still haven’t fixed the issue 5 years later…..

  1. Manually removing Google Desktop – my most popular post each year and of all time. Originally posted April 2005.
  2. Instructions on how to setup Dell’s Open Manage Server Administrator alerts. Rather than manually typing in all of the settings to configure a server, I wrote a script to configure the server and setup alerts. The setup process went from about 30 minutes per server to less than 5 minutes. Originally posted November 2007.
  3. A zero day exploit for a Microsoft vulnerability had us all rushing around trying to patch our client servers in the middle of the day and before the patches were available on WSUS servers. I posted direct links to the 958644 patch as Windows Update was having issues in providing the url to the downloads due to the vast number of servers being checked worldwide. Having the blog entry made it very quick for me and obviously lots of other users to grab the patch at each client location. Originally posted October 2008 for a zero day exploit it is concerning this was so popular in 2009.
  4. My instructions on how to Fixing a Blackberry hanging during the activation process was also still popular. Originally posted November 2007.
  5. Back in 2006 there was a wireless vulnerability and I posted about my experiences about trying to obtain a current version of Dell’s wifi drivers for the Inspiron 610m. At the time the Dell driver package was  corrupt so a link to the Intel package was posted. Originally posted October 2006. I can understand why this page is popular as navigating the Dell website for drivers can be rather confusing. Driver downloads are not too bad, but management software and applications can be missing from the driver list or poorly named so it’s not obvious which cd image should be downloaded.
  6. A little know utility, clientdiag, for debugging wsus client issues was my next popular post. I still find myself having to use this utility so I’m not surprised it’s still popular.
  7. Due to feedback and experience with my Dell OMSA setup script, the Dell Open Manage Server Administrator setup script was updated and the original page updated to link to this one. I would have thought that this page should therefore have got more hits. I guess some people must be running an old version of my script! Originally posted November 2008 I now have a category specifically for OMSA
  8. Way back in 2003 I discovered an issue that when Symantec Antivirus was updated, the outlook addin would not be correctly updated and an error message about vpmsece.dll would be displayed when outlook was started. Originally posted October 2003, it is very scary that this issue is still being discovered by users. I have seen references to my solution on Symantec support forums and I got several comments requesting help with the simple solutions.
  9. I used to use Audible in 2004 and found a way to convert Audible data to mp3 so I could listen to the audio books on devices other than my mp3 player. Originally posted June 2004. I’m not sure if this solution is still a viable option (or if it is needed) as I don’t need Audible anymore.
  10. Users not having their home directory mapped at login and cryptic msgina 1010 errors turned out to be users saving their passwords in Internet Explorer to access other servers on the network. Originally posted July 2007 but this is a problem that could occur at any point in time.

Zero Downtime Migration seminar in Cincinnati tomorrow

I’m currently reading The Network Migration Workbook: Zero Downtime Migration Strategies for Windows Networks as can be seen on my Goodreads shelf. So far it’s been very useful and there have already been lots of tips that would save our company time (and therefore) money in doing migrations. Even if we didn’t go down this particular route for migrations, the tips applied would be very beneficial for other types of migrations, especially when it comes to planning and quoting for the migration itself. The only hard bit is to get the customer to agree to the restrictions in the plan – it is vital to quote for *only* the migration – everything else results in another helpdesk ticket, project or work order.

I’ve been reading the book for a couple of hours straight through – I’ve resisted the lure of jumping to the checklists – and still have some way to go, which is why I’ve not posted a review of the book yet – but so far I’m definitely recommending it – but note that some significant time needs to be invested for each person in the migration project from the sales person, to the project manager to the team lead down to the tech doing the work. In some companies this could be one person – in our company it’s probably three people.

Anyway, the point of this blog post was to mention that the author is going to be at An Introduction to Zero Downtime Migrations – and More in Cincinnati tomorrow (Saturday) for an all day training event which I am attending. It was worth the cheap admission to get an in person overview of the book and also some tips and previews of the other books he has written – I’m particularly intrigued by the Network Documentation book as this is something that is typically hard/time consuming to do yet so valuable when troubleshooting customer networks (and is NEVER provided by the client).  If you’re going to this training day, be sure to say Hi.

If you want to browse Karl’s store then you can click on my affiliate link or click through directly to the books from the links above (not affiliate linked). Currently the cheapest place to buy the book is either used from Amazon or new from the Good Little Books store. It did amuse me to see that someone has the Zero Downtime book listed for $1165 and a used version for $564 which is crazy when the book brand new is currently $250 (will be $300)

More Blackberry fun – upgrade to v4.5

I discovered that Sprint have finally released the 4.5 version of firmware for the blackberry 8330 that will work with a BES server. I took the plunge to upgrade my device (as I *really* want the html email functionality). The upgrade went fairly smoothly apart from the following gotcha’s.
After the reboot, my theme was set back to a different one than what I normally use. No big deal but surprising this was the case.
My Cacheberry software lost the database and registration details – again no big deal as I can reload the gpx into Cacheberry and I have the registration details saved.
Blackbird, my twitter client, lost it’s settings so I had to re-enter the username and password again. Again, no real problem.

The biggest thing was that the device lost it’s ability to synchronise with our corporate server – so no incoming or outgoing email – oops! This is a big deal as my blackberry is used primarily for corporate email AND I had to go and get my BES manager to reactivate the phone for me.

Unfortunately I don’t have html email or the ability to view other people’s calendars yet as both these features look like they need the blackberry server upgrading to a new version – something I’ve requested we look at doing, especially as this will make us a lot more effective.

I did like the fact that one of the new applications is voicerecorder – functionality I miss from our old phones as I was able to record timekeeping notes on the phone as I left a client site ready for updating back at the office. Now this functionality is in the phone and you can quickly and easily send the recorded memo via email. It saves it in amr format (for some weird reason) so you will probably need quicktime or another program to play the recorded message if you don’t listen to it on the blackberry.

I also now have the ability to send/receive mms messages – I’m much more likely to receive them as this phone doesn’t have a camera but as everyone else in the office also has the same phone it’s unlikely that I’ll ever use this functionalilty.

One really cool feature is the web browser – finally we have a real mouse cursor that moves around the web – much easier to navigate and as it has a flash player I can also watch youtube videos now.

As far as the memory is concerned, I did find that not going into google maps, gmail or cacheberry seemed to keep my available memory free so I’ll be running more tests to see which application is leaking memory. I do now have 10mb free on the device (but that is probably because I have an empty cacheberry database at the moment)

Overall, a great upgrade – I’m looking forward to the enterprise server to be upgraded and then I’ll really be able to be more efficient with work emails and checking what everyone else is scheduled to be doing at the office.

For more details on the upgrade check the v 4.5 Blackberry release notes .