Global Shopping Center
UK | Germany
Home - Books - Computers & Internet - Authors, A-Z - Garfinkel, Simson Help

1-12 of 12       1

  • Garfinkel, Simson
  • click price to see details     click image to enlarge     click link to go to the store

    $31.46 $11.88 list($44.95)
    1. Building Cocoa Applications :
    $34.62 $33.33 list($54.95)
    2. Practical Unix & Internet
    $11.53 $11.05 list($16.95)
    3. Database Nation : The Death of
    $34.95 $3.08
    4. PGP : Pretty Good Privacy
    $23.58 list($44.95)
    5. Web Security, Privacy and Commerce,
    6. RFID : Applications, Security,
    $29.67 list($44.95)
    7. Security And Usability
    $28.00 $7.95
    8. Architects of the Information
    $16.48 $6.00 list($34.95)
    9. Web Security & Commerce (O'Reilly
    10. Big Brother in the Next Half Century
    11. Seguridad y Comercio En La Web
    12. Seguridad Practica En Unix E Internet

    1. Building Cocoa Applications : A Step by Step Guide
    by Simson Garfinkel, Michael K. Mahoney
    list price: $44.95
    our price: $31.46
    (price subject to change: see help)
    Asin: 0596002351
    Catlog: Book (2002-05-01)
    Publisher: O'Reilly
    Sales Rank: 73225
    Average Customer Review: 3.82 out of 5 stars
    US | Canada | United Kingdom | Germany | France | Japan

    Book Description

    Building Cocoa Applications is an ideal book for serious developers who want to write programs for the Mac OS X using Cocoa.It's a no-nonsense, hands-on text that's filled with examples -- not only simple and self-contained examples of individual Cocoa features, but extended examples of complete applications with enough sophistication and complexity that readers can put them to immediate use in their own environments.Building Cocoa Applications takes a step-by-step approach to teaching developers how to build real graphics applications using Cocoa. By showing the basics of an application in one chapter and then layering additional functionality onto that application in subsequent chapters, the book keeps readers interested and motivated. Readers will see immediate results, and then go on to build onto what they've already achieved. By the end of the book, readers who have built the applications as they have read will have a solid understanding of what it really means to develop complete and incrementally more complex Cocoa applications.The book comes with extensive source code available for download from the O'Reilly web site, along with an appendix listing additional resources for further study. ... Read more

    Reviews (17)

    5-0 out of 5 stars Worth the effort
    I've been meaning to learn Objective C, Interface Builder and Project Builder for years. From back in the days of Rhapsody, and before when I'd bought books on NextStep programming. Always intended to do so, that is, until I received this book at Apple's World Wide Developer's Conference. And now after typing my way through the book's source code, I'm comfortable with Objective C's oddball syntax, understand how to wire up an application in Interface Builder and have confidence I'll soon be making quality Cocoa applications of my own. I've already started writing a freedb client.

    Obviously, it would be nice for me if the book explored network programming or the IOKit, but it concentrated on the fundamentals which nearly all applications share: windows, menus, drawing, printing, preferences, clipboards, documents, icons, etc. I can figure it out from here.

    So get off the fence, it's time to learn Cocoa.

    4-0 out of 5 stars Excellent Introduction
    The Book "Building Cocoa Applications" provides an excellent introduction to the fundamentals of Mac OS X programming and the Cocoa application framework. As is appropriate for a tutorial text, this book covers the essential classes in the Cocoa framework that every Cocoa programmer needs to know about. It can adeptly take an intermediate programmer, familiar with C, from no knowledge of Cocoa to a working knowledge of the framework.

    I particularly like the tutorial applications in the text and the way that the text carries an example from one tutorial to the next so that the reader has the opportunity to craft an Objective-C based Cocoa application from the beginning.

    I would recommend this text to developers who are familiar with C and want to know more about Cocoa programming on Mac OS X.

    5-0 out of 5 stars Fabulous book for the right person
    I adore this book: it does exactly what I wanted it to do, and it does so compellingly - I've worked straight through the whole thing. The example programs are a great step by step introduction to integrating necessary UI functionality into a program. The exercises are challenging, requiring thought, a willingness to rummage through class definitions, and experimentation.

    But make sure that what I wanted it to do is what you want it to do. I have a fair amount of experience as a programmer in a lot of different languages, but no experience coding in a desktop windowing environment. This book has rapidly brought me to a place where I feel confident that I will be able to build my own Cocoa applications, and have a real understanding of the underlying architecture.

    Don't buy this book if you aren't already very comfortable with at least one programming language. If that language isn't ANSI C, plan on working a little harder to grok some of the more abstruse C-ness. Don't expect a course on obect-oriented progamming. Don't expect lessons in how to use a debugger. Don't expect spoon feeding - as it claims on the back cover, it's a book for serious developers.

    I'm glad I wasn't put off by the reviews complaining of errors. I haven't found anything harsher than a minor distraction. What I have found is that I would sometimes reach the point in the discussion of a new concept where I had to stop and ask, "But why did they do it *that* way?" After putting effort into arriving at my own conclusion, I would invariably find that in the next paragraph my question was answered.

    Definitely not "for Dummies," but definitely worth the effort.

    2-0 out of 5 stars Error-ridden and too little actual teaching
    Not recommended, although some people like it a lot.  More errors in the text than others, making you go to the web for errata pages. Relies too much on just presenting source code for the reader to type in, without adequate explanation of what the code does and why it's structured the way it is. Less of a gentle introduction than Hillegass's book "Cocoa Programming for Mac OS X", less comprehensive than Anguish's book "Cocoa Programming".

    2-0 out of 5 stars Try a different book first.
    This book has potential, but in general I am pretty dissatisfied.

    Good things:

    (1) It is pretty well thought-out.

    (2) The progression through 4 projects is good.

    (3) There is working code for the examples available online.

    Bad things:
    (1) The book is riddled with errors. If you include the unofficial errata from OReilly's Website, the book becomes about 200% more usable.

    (2) Why has this book not been reprinted? At LEAST OReilly should have released an official errata for this book at this point!!!

    (3) This book does NOT cover 10.3 and the XCode software (still uses project builder). In most cases this is ok and you can figure much of it out. However, there are times that the differences are too significant to overcome without a lot of effort.
    I have been very happy with O'Reilly books in the past, but this one is substandard.
    I would recommend trying a different book unless this one is overhauled. ... Read more

    2. Practical Unix & Internet Security, 3rd Edition
    by Simson Garfinkel, Gene Spafford, Alan Schwartz
    list price: $54.95
    our price: $34.62
    (price subject to change: see help)
    Asin: 0596003234
    Catlog: Book (2003-02-21)
    Publisher: O'Reilly
    Sales Rank: 40308
    Average Customer Review: 4.31 out of 5 stars
    US | Canada | United Kingdom | Germany | France | Japan

    The world's most business-critical transactions run on Unix machines, which means the machines running those transactions attract evildoers. Furthermore, a lot of those machines have Internet connections, which means it's always possible that some nefarious remote user will find a way in. The third edition of Practical Unix & Internet Security contains--to an even greater extent than its favorably reputed ancestors--an enormous amount of accumulated wisdom about how to protect Internet-connected Unix machines from intrusion and other forms of attack. This book is fat with practical advice on specific defensive measures (to defeat known attacks) and generally wise policies (to head off as-yet-undiscovered ones).

    The authors' approach to Unix security is holistic and clever; they devote as much space to security philosophy as to advice about closing TCP ports and disabling unnecessary services. They also recognize that lots of Unix machines are development platforms, and make many recommendations to consider as you design software. It's rare that you read a page in this carefully compiled book that does not impart some obscure nugget of knowledge, or remind you to implement some important policy. Plus, the authors have a style that reminds their readers that computing is supposed to be about intellectual exercise and fun, an attitude that's absent from too much of the information technology industry lately. Read this book if you use any flavor of Unix in any mission-critical situation. --David Wall

    Topics covered: Security risks (and ways to limit them) under Linux, Solaris, Mac OS X, and FreeBSD. Coverage ranges from responsible system administration (including selection of usernames and logins) to intrusion detection, break-in forensics, and log analysis. ... Read more

    Reviews (32)

    4-0 out of 5 stars Little old but still a valuable classic
    Practical UNIX and Internet Security by Garfinkel and Spafford is a fundamental work on the subject. The authors not only are widely respected professionals in the field, but good writers as well (or is this O'Reilly's editors? :-). Anyway, this book despite its size is readable, still has lots of information, and comes highly recommended. As one of the other reviewers of this book has written, the details of systems and software may change, but the underlying security and good management practices will not. The reason I give it 4 out of 5 stars is because it is published a while ago.
    Edgar Danielyan CCNP(Security) ISA

    4-0 out of 5 stars Recommended with reservations for students & hobbyists only
    Somewhat outdated -- two years old in a very dynamic field, Rootkit is not even mentioned, Bugtraq mentioned only in supplement, etc. Far from being practical and can be used only as an introductory text in Unix security. Not recommended for Internet security (superficial and incomplete). Good style --  Simson Garfinkel of The UNIX-Haters Handbook fame  is a really talented journalist (but now only a journalist, see his interview with  The main problem with the book is that instead of relying on tools as any Unix author should, the authors use a cookbook/reference approach giving recipes about improving security. References to important RFCs, FAQ and CERT advisories are absent. For example RFC1244 (now superseded by RTC2196) is not mentioned in index(and probably in the text as well) although Ch.2 and Ch.24 mirror its content. No attempts were made to explain what tools can be used for checking/fixing particular class of problems or to present a bigger picture in which the flaw exists. Typesetting is very primitive. Although one of the authors is a (former) programmer judging by just the book content it is difficult to believe that he is able to spell PERL :-). The book is not updated enough to compete with newer books on Internet Security. For corporate users possible alternatives are combinations of one book on Unix security (for example, Unix System Security by David A. Curry) and one book on Internet security (for example Actually Useful Internet Security Techniques by Larry J. Hughes). The last is recommended as an alternative for readers who cannot afford two books. Often books written by a specialist in particular areas can be a better deal than books from security folks. For example TCP/IP Network Administration by Craig Hunt contains a lot more information about how properly configure TCP/IP than this book and in Ch.12 has a very decent overview of security in just 40 pages.

    5-0 out of 5 stars A mile wide, several inches deep, great for filling in gaps
    I hate to repeat the cliche, but if you can only buy one security book this year and you are a *nix geek, this should be it, hands down. As some point out, you can probably find everything in this book online, but then again you can find anything online, so why buy any books at all? I don't like giving 5 stars; this book left me no choice.

    The strength of this book lies in several areas. First, the authors probably have 50+ years experience between them and it shows. You really get the impression that they've "been there, done that". But they don't try and "wow" you with their intelligence and they aren't condescending, in fact they write quite clearly.

    The "mile wide" crack I made in the title refers to the fact that this book covers everything from physical security and social engineering, to how to setup up integrity checking with tripwire and use PAM. Basically I found this book to be invaluable because while I could breeze through certain sections, there was a ton of material that I needed more knowledge about, but either never got around to it, or didn't even know I was lacking. An example is NFS. I knew I needed more background about NFS because I work in infosec, but every place I've ever worked has banned NFS outright, which makes it a little more difficult to learn.... Another 2 technologies pop into my mind: LDAP and PAM. I knew what they were, but now I know how to set up the basics and can branch out on my own.

    In our infosec world it's simply not possible to know everything. This book gives the reader a solid grounding in a ton of stuff, which enables him to go out and Google around intelligently for more advanced information. In a pinch it can also be used as an anti-theft device since it weighs in at 900+ pages and is quite heavy.

    5-0 out of 5 stars Awesome security book!
    Practical Unix & Internet Security, the 3rd Edition has a ton of new useful information.

    If you have but one security reference, this should be it!

    3-0 out of 5 stars Best for beginners
    As a Linux administrator, I ordered this book hoping to find out how hackers typically gain access to systems and neat little tricks for locking down my system, as well as detecting and dealing with intruders. While Practical Unix & Internet Security did cover these topics, it covered little I didn't already know.

    Significant time is spent explaining how unix-based systems work. The book covers things such as file systems, partition structure, file ownership/permissions, users and groups, inodes, ssh, backups, etc. Each command, utility, procedure or feature is detailed over several pages followed by an explanation of what you should be doing with said topic.

    There are also a few real-world examples here and there; stories most of us have heard before, like the admin who had . in his path.

    Unlike many computer books, this one is well written and an easy read, and it's certainly a lot more friendly than some unix geeks who's advice consists of RTFM.

    I think this book would be great for someone who has a very basic understanding of unix-based systems but has never administrated one before, but for those of us who've already had some experience running unix there's probably not anything new here for you. ... Read more

    3. Database Nation : The Death of Privacy in the 21st Century
    by Simson Garfinkel
    list price: $16.95
    our price: $11.53
    (price subject to change: see help)
    Asin: 0596001053
    Catlog: Book (2001-01)
    Publisher: O'Reilly
    Sales Rank: 148897
    Average Customer Review: 3.71 out of 5 stars
    US | Canada | United Kingdom | Germany | France | Japan

    Book Description

    Fifty years ago, in 1984, George Orwell imagined a future inwhich privacy was demolished by a totalitarian state that used spies,video surveillance, historical revisionism, and control over the mediato maintain its power. Those who worry about personal privacy andidentity--especially in this day of technologies that encroach uponthese rights--still use Orwell's "Big Brother" language to discussprivacy issues. But the reality is that the age of a monolithic BigBrother is over. And yet the threats are perhaps even more likely todestroy the rights we've assumed were ours. Database Nation: The Death of Privacy in the 21st Century showshow, in these early years of the 21st century, advances in technologyendanger our privacy in ways never before imagined. Direct marketers andretailers track our every purchase; surveillance cameras observe ourmovements; mobile phones will soon report our location to those who wantto track us; government eavesdroppers listen in on privatecommunications; misused medical records turn our bodies and ourhistories against us; and linked databases assemble detailed consumerprofiles used to predict and influence our behavior. Privacy--the mostbasic of our civil rights--is in grave peril. Simson Garfinkel--journalist, entrepreneur, and international authorityon computer security--has devoted his career to testing new technologiesand warning about their implications. This newly revised update of thepopular hardcover edition of Database Nation is his compellingaccount of how invasive technologies will affect our lives in the comingyears. It's a timely, far-reaching, entertaining, and thought-provokinglook at the serious threats to privacy facing us today. The book poses adisturbing question: how can we protect our basic rights to privacy,identity, and autonomy when technology is making invasion and controleasier than ever before? Garfinkel's captivating blend of journalism, storytelling, and futurismis a call to arms. It will frighten, entertain, and ultimately convinceus that we must take action now to protect our privacy and identitybefore it's too late. ... Read more

    Reviews (31)

    5-0 out of 5 stars Simson at his best
    To many people, George Orwell's 1984 epitomizes loss of privacy, in which a totalitarian state uses complete control of the media to maintain its power over the populace. Today's actual usurpation of privacy, which is arguably greater than Orwell could ever have imagined, is much more subtle and incremental. Bits and bytes of personal information are collected by credit bureaus, government agencies, financial institutions, insurance companies, and other organizations, the compilation of which is a dossier of valuable personal information on any given person. As author Simson Garfinkel puts it, the future isn't one dominated by Big Brother but by "a hundred kid brothers that constantly watch and interrupt our daily lives."

    Database Nation is one of those rare books that comes along every few years and gives its readers pause to think about the effects of the massive computing infrastructure that Western society has laid down. The book explains in great detail how personal privacy has slowly been eroding and the effects of this erosion.

    Garfinkel details today's myriad threats to privacy, the most notable of which may be the systematic capture of everyday events in our lives. Nearly every purchase we make, every place we travel, every word we say, and every page we read is routinely recorded and made available for later analysis. The result is an unprecedented amount of data surveillance, the effect of which we have just begun to grasp.

    Database Nation is an important book for two reasons. For the individual, it details the countless ways in which our privacy is slowly yet relentlessly being worn away. For the security professional, the book details the responsibilities that must be assumed to ensure that the Orwellian society envisioned in 1984 doesn't become a reality.

    This review of mine originally appears at

    5-0 out of 5 stars The Contents of this Book is Chilling!
    Simson Garfinkel has written Database Nation to present a comprehensive assessment of the direction technological advances are taking that have already threatened the privacy of American citizens. Threats to our privacy hit home - they threaten our liberties to voice opposing views, to mount peaceful protests, to buy and sell, to move about freely without big brother watching us, and to live our lives as we please without undue snooping by others.

    The book serves as an indictment of the Federal Government, law enforcement agencies, financial institutions, private companies, and others who have gained too much control over the lives of people. Garfinkel provides a historical perspective of technological developments and demonstrates how easily we have gone down the road of information gathering. Readers will learn that their privacy is lost when information about them is being collected and sometimes sold, stolen, and put to use by others for a variety of purposes.

    The contents of this book is chilling. Are threats of crime and terrorism justification for power grabs and the surrendering of our civil liberties? Garfinkel provides case studies to demonstrate the impact technology has had upon our personal freedoms. He provides revelations about various uses and abuses of barcoding, fingerprinting, audio and video surveillance systems, Webcamming, wiretapping, credit reporting, medical record management, confidentiality, and more.

    Readers will learn how the lives of average American citizens can be turned upside down when errors creep into IRS tax records and credit bureau reports. People are human and humans make errors unintentionally, they steal information, and they deliberately tamper with information for a variety of criminal reasons. Readers would be shocked to learn that they themselves may have been the victims of undue scrutiny!

    This book should serve as a wake-up call for American citizens to become more knowledgeable about widespread information gathering efforts and the potential for harm that could result from its illegal and unethical use. This is must reading for any person who is concerned about the direction America is taking - and for those persons who don't care but should be more concerned about where we are heading!

    3-0 out of 5 stars Would have been better without the science fiction
    This book dashed the high hopes I had for it. There are many very good reasons to be concerned about the ways technology can be used to curtail our civil liberties and constrict our freedoms. I had hoped for a serious discussion laying out the problems, their current state of application and misuse, and some thoughts about how to push back.

    We do get some of that and to the extent this book is in this scope I like it a great deal (for example, the discussions around eternal copyrights and huge commercial databases gathering everything known about each of us or the sale of drivers license photos to commercial interests). When it is in the middle area of discussing thought crime and brain wiretapping he begins to lose me. It isn't that the issues aren't worthy of discussion, it is simply they way he discusses them has too much of a paranoid science fiction future feel.

    When he paints the future of conscious machines and whether they will demand civil rights or not, well, I think he spoils this book. That speculative stuff should be in a different book. For me, the inclusion of this material makes it impossible to take seriously the good stuff he does have. The weird apple spoils the barrel kind of thing.

    It isn't that the book isn't worth reading. It's that the serious stuff is so important that we need to focus on that and not be distracted by paranoid delusions about things that don't even exist. There is plenty to be concerned about in the databases already collected and being sold in commercial markets.

    4-0 out of 5 stars Who's Watching Me Now?
    Simson Garfinkel's Database Nation is a frightening account of how our privacy is being infringed upon by government, industry and certain individuals. It illustrates how ordinary citizens' private information is obtained by individuals or organizations that want to exploit the data to their advantage. The information can be obtained from driver's licenses, credit card purchases, and medical records, just to name a few. The book is insightful and fast-reading. It will prompt you to take control of your life and wonder, "Who is watching me now?"

    Garfinkel's intent is not to scare his readers, but to inform unsuspecting citizens that an increasing percentage of our daily activities are being captured by databases across the world. Our personal privacy is threatened with the use of fingerprinting and human marking to document and identify individuals. Whereas this means of identification was created to prevent identity theft, solve crimes, and eliminate computer error, some states are now able to sell this information to private businesses because they are part of the public record. Garfinkel's research on this topic is extensive.

    Not unlike George Orwell's book 1984, we are also under constant surveillance. The stores we shop at, offices we work in, roads we drive on, and establishments we frequent are capturing our video images and placing them in databanks across the nation. Even surveillance satellites are able to capture minute details of a person. Our personal information is a commodity--it's what marketers use to solicit people.

    Chapter 11: Privacy Now! provides us with examples and ways in which we can fight back as a nation to protect our right to privacy. However, it does not provide individuals with strategies for protection. Humans have come to rely on computers and data processing at the expense of the individual. The problem is that the smallest clerical error can destroy a person's life.

    Garfinkel compares his book to Silent Spring, by Rachel Carson, which planted the seeds for the environmental movement. Likewise, Database Nation sets the stage for the legislation and regulation of privacy in the twenty-first century.

    Everyone should read this book!

    1-0 out of 5 stars lacks global perspective, highly misleading
    This book has more to do with American politics than negative implication of advanced technology like it is trying to shoot for.

    Database is merely a tool, and tools can bring hazardous results when held in wrong hands. SSN is another tool to get a grip on personal information for the government and large businesses, and the author is right in pointing out the abuse of SSN. However, one needs to note that use of such numbering system is considered unconstitutional in many countries, because they rob the rights to remain anonymous away from people.

    Traditionally, the interest of the nation and large businesses took precedence over the rights and freedom of commoners in the United States, and installment and abuse of SSN is just one of the tools they use in order to tap into what they should not.

    This book blames the tools and development thereof for such negative consequences, without ever blaming those who hold the tool. It's like blaming chain saw itself for the lost forest, without ever considering who used the chain saw.

    The book never talks about the global trend of the issue. If it did, it would have been clear that most of the worries expressed in the book does not apply in many countries where the government and businesses aren't as nosy as ours. Freedom, individual rights and technology can co-exist, and there are lots of good examples to learn from on our planet, but the author refuses to do so. Most of the worries expressed in this book have to do with the ways of U.S. policymakers than the technology itself.

    As for the chapter on terrorism - The author might be a knowledgeable person within the boundary of the United States, but he severely lacks international common sense. It fails to address the cause of terrorism, noting, "The terrorist of tomorrow is the irrational terrorist. (pp.211)" - A typical uninformed American take on terrorism. The author needs to learn a few languages, travel every continent and see how the world works for himself before publishing a book on it. The ignorance alone doesn't bother me, but I'm not happy with the fact that it is published in a book that is supposedly informative, ending up with spreading unnecessary fear without presenting any valid solution. Besides, this chapter on terrorism strays from the purpose of this book (technology and privacy). This is another indication that this book is compiled without sense of direction.

    All positive reviews quoted on the back cover are of domestic sources: I suppose they couldn't get anyone overseas to recognize the value of the book on this supposedly global issue. I think this book should be discontinued, but in case that's impossible, they could at least change the title to "Nightmare in the 21st century America" from "The Death of privacy in the 21st century" and re-compile the book under some sense of direction, instead of simply listing whatever people would be afraid of.

    To sum up, this book scores well among those who are uninformed: it is highly engaging because it tickles the fear factor of readers and grabs attention, in a way fictions do. However, the raison d'etre of this book is quite questionable. Like cheap horror movies, it flows without sense of direction, moving from one scare to another. I'm afraid I cannot recommend this book to anyone as an informative source. ... Read more

    4. PGP : Pretty Good Privacy
    by Simson Garfinkel
    list price: $34.95
    our price: $34.95
    (price subject to change: see help)
    Asin: 1565920988
    Catlog: Book (1994-11-01)
    Publisher: O'Reilly
    Sales Rank: 373835
    Average Customer Review: 3.6 out of 5 stars
    US | Canada | United Kingdom | Germany | France | Japan

    If you're concerned about the security of personal information on your computer--or in your e-mail--get PGP using this book. Garfinkel's guide to PGP (Pretty Good Privacy) encryption software is a comprehensive guide to secure encryption for everyone and anyone. So much so that even Phil Zimmerman, who created PGP, said he learned new things from this book. But more than that, it takes you behind the scenes into the fascinating history and workings of the great intellectual adventure story of cryptography. This book is a fascinating read as well as a top-notch guide, and is needed now more than ever. ... Read more

    Reviews (10)

    5-0 out of 5 stars A good PGP and cryptography primer
    PGP is a fascinating tool. Most see PGP as a way of sharing files, but the creator of PGP, Phil Zimmerman, really want to make a *privacy* tool. I did not realize this and other things until reading this book.

    O'Reilly's PGP book can be divided into two sections. The first section is really a history of cryptography and how PGP fits in this context. I found this section surprisingly enjoyable as you learn about the long and tortuous struggle between the NSA and people who want to promote freedom and privacy. On a more concrete level though, you do learn quite a bit about different encryption algorithms and key algorithms, such as the RSA and Diffie-Hellman as well as other concepts important to cryptography. Admittedly, the history itself makes for pretty interesting reading.

    The second section is about PGP usage, and it is very thorough in its coverage. You will learn just about every possible feature in PGP, and how to apply them to a number of possible situations. I like reading this book over the PGP manuals just for the time and care put into it, if not the amusing examples.

    One thing other reviewers have rightly touched on is the age of the book. TIme has passed. The RSA algorithm is now free and open, and PGP clone called GPG is now in wide use. I am definitely excited to see a 2nd edition of this book in hopes that it will cover such things.

    However, regardless of the age, this book is an excellent primer into PGP and cryptography culture, and newbies like me will certain enjoy reading it.

    4-0 out of 5 stars Jan. 2001, the book is dated, but nonetheless worthwhile
    PGP: Pretty Good Privacy is over six years old and such is ancient when compared to the shipping version of PGP.

    The first part of the book though is still timely in that it provides a good overview on how PGP was developed. The sparring between Jim Bidzos of RSA & PGP creator Phil Zimmerman is interesting.

    The second part of the book details PGP usage. Since most of it references version 2.x, it is heavily outdated. But the book is nonetheless worthwhile if you are interested in the history of PGP. If not, download the free version of PGP and use the documentation.

    3-0 out of 5 stars Depends on What You're Looking For
    If you want to learn how to use PGP from a UNIX command line, this is the book for you. If you want to know the history of encryption and the development of PGP as a tool. This, too, may be the book for you.

    If you want to use the Windows version of PGP, this is not the book for you.

    Simon Garfinkel's PGP is certainly informative and is written in light, breezy language that makes it easy reading for even the least technical. But, sadly, this book is so out of date as to be entirely useless with regard to actually using PGP today.

    4-0 out of 5 stars Dated but useful nonetheless
    This book gives an excellent account of how encryption came into the hands of non-spooks (and I don't mean Clipper). But what really matters is the legacy information on how encryption works. This information hasn't changed since. It also gives the reader a solid base of understanding of what PGP is doing when you use it.

    The book is also quite simple to read, so much so that I felt guilty for "studying" a book that was so easy that I could blow through a chapter in twenty minutes. One final note of importance is that because the book is old (94), it is UNIX-centric, which is quite refreshing in today's environment of applications written exclusively for Windoze.

    3-0 out of 5 stars A Pretty Good history of PGP
    The first half of "PGP: Pretty Good Privacy" is devoted to cryptography basics and the history behind PGP. It's certainly interesting reading, especially seeing how the relationships among the players developed. If you're interested in this background, then this book is for you.

    The second half explains PGP usage and where you can find it online. Unfortunately, a lot of this seems dated -- however, to be fair, the book is over five years old. You'll probably be better off with another resource such as the included documentation. ... Read more

    5. Web Security, Privacy and Commerce, 2nd Edition
    by Simson Garfinkel
    list price: $44.95
    (price subject to change: see help)
    Asin: 0596000456
    Catlog: Book (2002-01-15)
    Publisher: O'Reilly
    Sales Rank: 307257
    Average Customer Review: 4 out of 5 stars
    US | Canada | United Kingdom | Germany | France | Japan

    Book Description

    Since the first edition of Web Security, Privacy, & Commerce,web use has exploded, and so have the threats to our security andprivacy--from credit card fraud to marketing spam to web site defacementsto attacks that shut down popular web sites. Nearly double the amount of information, this completely updated volumeexplains the techniques you can use to protect your privacy, organization,system, and network. Topics include:

    • Web technology--Cryptography, the Secure Sockets Layer(SSL), the Public Key Infrastructure (PKI), passwords, digital signatures,and biometrics.
    • User privacy and security--Cookies, log files, identitytheft, spam, web logs, and web bugs, as well as hostile mobile code in plug-ins,ActiveX controls, Java applets, and JavaScript, Flash, and Shockwave programs.
    • Web server security for administrators and contentproviders--CGI, PHP, and SSL certificates, intellectual property, P3P andprivacy policies, digital payments, client-side signatures, code signing,pornography filtering, and PICS.
    ... Read more

    Reviews (5)

    3-0 out of 5 stars Good book
    Good read, but primarily as an introductory primer. General info and comprehensive, with good discussion and resources. But to really get into the nuts and bolts of this subject, you will need to find other books. Somewhat esoteric at times and frustrating.

    5-0 out of 5 stars Great Material
    Web Security, Privacy and Commerce
    by Simson Garfinkel, Gene Spafford was a gift to me for my birthday when getting ready to pass my "Master Site Designer," test it turned out to be great pre test material which helped me pass my test.

    Thanks for a great book I look forward to more by the authors.

    2-0 out of 5 stars In a word, disappointing.
    Apart from paid reviewers I can't see anyone with any actual knowledge of security rating this book 5 stars. It is not as clear and concise as it should be, and the technical knowledge is freely available at and other sites. A better job could have been done with security and privacy policies.

    More effort should have been put forth in providing common sense (implementable) solutions or best practices instead of re-hashing material that other books have already done a better job presenting.

    I normally enjoy O'reilly books but like the first edition, this book is a disappointment.

    5-0 out of 5 stars Great coverage on all aspects of infosec
    Web Security, Privacy & Commerce, 2nd Edition
    by Simson Garfinkel with Gene Spafford
    O'Reilly & Associates 2002
    ISBN: 0596000456

    There are two basic reasons why a book comes out in a second edition: either the author needs the cash or the book needs to be updated. When the first edition of Web Security, Privacy & Commerce came out in 1997, it was titled Web Security & Commerce. Not only has the title changed, but Web security, privacy, and commerce have changed radically in the last five years.

    The nature of the change and the pace at which it occurs is a large part of the difficulty within information security. Imagine a heart surgeon going on an extended vacation in 1997 and coming back in 2002. Although his surgical technique may be a bit rusty, there is no reason to think that he could not start practicing medicine again right away. However, if you were to take a contemporary information security professional from 1997 and place him in the 2002 workplace, he would be horribly outdated. Technologies that did not exist in 1997, or even 2000, are now ubiquitous, and technologies that were considered cutting edge only a few years ago are now archaic.

    With that, the update to Web Security, Privacy & Commerce is indeed warranted and welcomed. A glance at the table of contents reveals coverage of nearly every core aspect within Web security. The book provides a comprehensive and impartial look at the technologies and approaches that both management and systems administrators can employ to ensure the security of their networks and systems. The author's impartiality is revealed in chapter 15, which describes several telephone scanner utilities; Garfinkel is the creator of one of the utilities, but makes sure to list the competition (and even has nice things to say about them).

    Simson Garfinkel and Gene Spafford are veterans in the computer security world. Garfinkel is the author of several highly acclaimed books, and Spafford is a professor of computer science at Purdue University. Their succinct writing style allows them to cover a huge amount of information in a little over 700 pages.

    The book is divided into four sections: Web technology, privacy and security for users, Web server security, and security for content providers. Part one goes into details about the security foundations of the networks and the Internet. Topics include SSL/TLS, PKI, digital signatures, and biometrics. These seven chapters give the reader a good overview of the essence of information security.

    Part 2, "Privacy and Security for Users," is quite different from other security books. Whereas other books detail the problems with privacy on the Internet, this book does a good job of showing users various strategies for keeping their personal information private. Garfinkel shows how the real threats to personal privacy are not so much cookies and log files; rather the end-users very own readiness to provide Web and e-commerce sites with their personal information.

    Part 3, "Web Server Security," details how service providers and systems administrators can lock down and secure their systems. The authors provide details on topics such as host security, server access methods, and secure CGI/API programming.

    Part 4, "Security for Content Providers," is quite interesting, as many content providers and ISPs forget that the onus of security and privacy to a large degree falls on them. This section includes details on how these providers can use various techniques, from filters to PICS and more, to ensure their users' privacy.

    The fact that Web Security, Privacy & Commerce, 2nd Edition, is nearly twice the size of the first edition is indicative of the fact that security has changed radically since 1997. Whether you run a Web site or are concerned about security for your PC at home, Web Security, Privacy & Commerce is a must read.

    5-0 out of 5 stars Outstanding: Clear and to the point
    I work as a computer security analyst for a major consulting firm. Garfinkel's book is head and shoulders above anything else out there.

    In particular, his handling of the tension between security policy and privacy policy is particularly well written.

    I highly recommend this book to anyone that wants to develop a detailed understanding of the significant issues that affect doing business on the web. ... Read more

    6. RFID : Applications, Security, and Privacy
    by Simson Garfinkel, Beth Rosenberg
    list price: $54.99
    our price: $54.99
    (price subject to change: see help)
    Asin: 0321290968
    Catlog: Book (2005-07-08)
    Publisher: Addison-Wesley Professional
    Sales Rank: 363590
    US | Canada | United Kingdom | Germany | France | Japan

    7. Security And Usability
    by Lorrie Cranor, Simson Garfinkel
    list price: $44.95
    our price: $29.67
    (price subject to change: see help)
    Asin: 0596008279
    Catlog: Book (2005-08-01)
    Publisher: Oreilly & Associates Inc
    Sales Rank: 940781
    US | Canada | United Kingdom | Germany | France | Japan

    8. Architects of the Information Society: Thirty-Five Years of the Laboratory for Computer Science at MIT
    by Simson L. Garfinkel
    list price: $28.00
    our price: $28.00
    (price subject to change: see help)
    Asin: 0262071967
    Catlog: Book (1999-04-30)
    Publisher: The MIT Press
    Sales Rank: 865934
    Average Customer Review: 4 out of 5 stars
    US | Canada | United Kingdom | Germany | France | Japan

    Book Description

    The Massachusetts Institute of Technology's Laboratory for Computer Science (LCS) has been responsible for some of the most significant technological achievements of the past few decades. Much of the hardware and software driving the information revolution has been, and continues to be, created at LCS. Anyone who sends and receives email, communicates with colleagues through a LAN, surfs the Web, or makes decisions using a spreadsheet is benefiting from the creativity of LCS members.

    LCS is an interdepartmental laboratory that brings together faculty, researchers, and students in a broad program of study, research, and experimentation. Their principal goal is to pursue innovations in information technology that will improve people's lives. LCS members have been instrumental in the development of ARPAnet, the Internet, the Web, Ethernet, time-shared computers, UNIX, RSA encryption, the X Windows system, NuBus, and many other technologies.

    This book, published in celebration of LCS's thirty-fifth anniversary, chronicles its history, achievements, and continued importance to computer science. The essays are complemented by historical photographs.
    ... Read more

    Reviews (2)

    3-0 out of 5 stars Good insight in to the significance of academic reseach labs
    This book was an excellent read. Garfinkel was able to write about some of the most interesting developments in network technology. This book is great for people who dont have a complete understanding of what the internet is all about and where it came from. Garfinkel draws a lot of attention and gives a lot of much needed credit to academic research labs for their impact on computer technology. The book's three main parts take the reader on a journey from the development of project MAC (short for multiple access computer and machine aided cognition) in the Laboratory for Computer Science (LCS) in MIT to the growth of large computer networks to the impact these networks and systems will have on our society and economy in the future. The book gave me a great history lesson on some of the lesser known aspects of computer network development. I'd recommend this book to anyone who doesnt understand how many years and how long the road has been to developing the computer systems of today.

    5-0 out of 5 stars How I Learned About the Heroes of Internet
    It is a pleasure for me to write a review on "Architects of the Information Society ", because I have so much things to say. I have been telling to my friends about this book since I finished first ten pages. I am not talking only with computer scientists about the things I have learned. My mother even loved the stories in it, although she had never used a computer or never logged in Internet. Simson L. Garfinkel has been very successful in choosing the right words, which will make the story interesting for everyone. It is written for everyone who knows what computers and Internet are. It starts fascinating the reader by telling stories about people who think that Internet was invented by some companies connecting the local area networks (LANs) in their office and about two business men praising Microsoft founder Bill Gates for having the vision to invent Windows being unaware of nearly all of the "breakthrough" technologies in Windows had actually been invented more than thirty years before, at MIT just a few miles away from the coffee shop they were in. I think everyone who uses Internet must read this book to have an idea what and who was behind it and to love to use Internet more. It has been written for the celebration of 35th anniversary of the foundation of Laboratory for Computer Science (LCS) at MIT. Project MAC (short for Multiple Access Computer and Machine-Aided Cognition) was started in 1963. It was renamed as MIT Laboratory for Computer Science in 1975. Being MIT alumni Garfinkel was lucky in following the tracks of best stories to tell what has been done in LCS. It was Prof. Hal Abelson's idea to make Garfinkel write such a book; he is also the editor of the book. In the preface Garfinkel says that "This book as much his as mine." meaning Abelson. There are three essays in the book. While deciding the themes of the essays, they planned to mention the themes that have been fundamental to the work at LCS. First essay is about the building of "multiple-access computer" by "time-sharing". Second essay is about the growth of computer networks. Third essay is about how networks computer systems have influenced and will continue to influence U.S. economy and society. Garfinkel defines this economy as the economy based on the "exchange of information". The best sentence to show the importance of this book is written by Garfinkel "The step from information systems to information societies was first achieved at MIT in project MAC". ... Read more

    9. Web Security & Commerce (O'Reilly Nutshell)
    by Simson Garfinkel, Gene Spafford
    list price: $34.95
    our price: $16.48
    (price subject to change: see help)
    Asin: B00009B1VD
    Catlog: Book (1997-06)
    Publisher: O'Reilly & Associates
    Sales Rank: 1240402
    Average Customer Review: 4.18 out of 5 stars
    US | Canada | United Kingdom | Germany | France | Japan

    Book Description

    Attacks on government Web sites, break-ins at Internet serviceproviders, electronic credit card fraud, invasion of personalprivacy by merchants as well as hackers -- is this what the WorldWide Web is really all about?Web Security & Commerce explains the real risks of the Web and how you can minimize them. Whether you're a casual (but concerned) Web surfer or a system administrator responsible for the security of a critical Web server, this book will tell you what you need to know.Entertaining as well as illuminating, it looks behind the headlines at the technologies, risks, and benefits of the Web. Topics include:

    • User safety--browser vulnerabilities, privacy concerns, issues withJava, JavaScript, ActiveX, and plug-ins
    • Digital certificates--what they are, how they assure identity ina networked environment, how certification authorities and server certificates work, and what code signing all about
    • Cryptography--an overview of how encryption works on the Internet and how different algorithms and programs are being used today
    • Web server security--detailed technical information about SSL (Secure Socket Layer), TLS (Transport Layer Security),host security, server access methods, and secure CGI/API programming
    • Commerce and society--how digital payments work, what blocking software and censorship technology (e.g., PICS and RSACi) is about,and what civil and criminal issues you need to understand
    ... Read more

    Reviews (11)

    4-0 out of 5 stars Valuable to Technical & Non-Technical Readers
    This book is an ideal introduction to the broad landscape of security methods and technologies for non-technical users. It is also an excellent resource for IT professionals who need to quickly get up-to-speed on web security.

    My background is mostly "big iron", consisting of 24 years of mainframe and mid-range experience and a little more than a year in distributed computing (UNIX/Linux, network, etc.). In the good old days security consisted of RACF, ACLs, and some common sense rules about physical and logical access controls. Not so today, and until I read this book I had a nagging feeling that there was a large gap in my professional knowledge. Moreover, as a home user who spent a lot of time on the web I would get frustrated by messages issued by my browser about certificates. This book came to my rescue on all counts.

    The first two sections, The Web Security Landscape and User Safety, were illuminating. If a non-technical user only read these parts of the book he or she would come away with a good understanding of the risks faced on the web, and how to mitigate or eliminate them. The one complaint I have about these two sections is the material is woefully out of date. I subtracted a star from my rating for this reason.

    The next three sections of the book is a wide survey of security technologies that cover digital certificates, cryptography, web server security. These provided me with a basic understanding of technologies that I need to know as an IT professional working in distributed environments. When comparing what I needed to know about security in the mainframe world to what I need to know as an IT consultant I could not help thinking, "We're not in Kansas anymore!" The material was clear and easy to understand and built my personal self-confidence. This part of the book will not make you an expert by any means, but you will come away with a good grasp of the elements of web security and a very basic understanding of how everything works and fits together.

    Commerce and Society is the title of the book's last section and contains thought-provoking information on topics such as digital payments, censorship technology and the such. I especially liked the two chapters that addressed civil and criminal legal issues. Despite the fact that this book is out of date with respect to specific products it is a great introduction to web security. Unlike other O'Reilly books that are deeply technical, this one can be easily understood by home and business users as well as IT professionals. I personally gained a lot from the book and highly recommend it.

    4-0 out of 5 stars Definitive Guide for Internet Security
    This books not only explains system security, it goes into technical detail, something that 95% of books always lack. I shouldn't have to say this book is good, its from O'Reilly. It covers PGP and how it works (not jsut what it is), SSL, TLS, login security, CGI security (they give actual code examples not ideals), hardware based security such with things like smart cards. There is also a chapter that explains what to do after you have been broken into and explains your legal routes of actions also. I also liked the fact that there is a chapter that explains the author's route of actions while working at an ISP . This book is a good buy if you need to learn about security and e-commerence and all the options you have relating to security. I've read alot of books, and its rare to find a book that explains things and also gives technical details. I know I'm not the only person who is sick of seeing every book being written for people who have never used a computer before and do not give code examples and real world implimentation. The only bad thing I have to say about this book is that there isn't a chapter that explains creating your own encryption method for Perl/C/PHP/ASP or the math behind it, but the material they do have does a good job of getting you very near this subject.

    4-0 out of 5 stars Web Security, Privacy & Commerce

    The Internet is an unsecured communication system; it was not designed to be inherently secure. A simple act of browsing a Web page on a remote computer can involve sending packets of information to and receiving them from more than a dozen different computers operated by just as many different organizations.
    The division of responsibility among multiple organizations make it possible for each of these organizations and more to eavesdrop on your communication or even to disrupt them. There is no privacy once you visit a Website because the Internet explorer stores cookies in a folder in the history directory, these cookies can be very powerful, anyone who can gain access to your cookies can learn information about you.
    In today's World Wide Web environment, you must stay abreast of newly discovered vulnerabilities if you wish to maintain a secure computer that is connected to the Internet. The day has long passed when security vulnerabilities were kept quiet. These days vulnerabilities are usually publicized with a breath taking speed once they are discovered. What's more once vulnerability is known exploits are quickly developed and distributed across the Internet. In many cases system administrators only have a few hours between the time that a vulnerability is first publicized and the time when they will start to be attacked with it. Also some flaws exploit protocols you need to allow through your firewall. Despite all the new vulnerabilities been created and discovered, the underlying concept of web security have changed very little and as such this book concentrated on teaching concept and principles rather than specific commands and key strokes its done a good job out of it.
    FIREWALLS are thought to improve computer security because they can exercise precise control over what information is passed between two networks. Firewalls do nothing to protect against insider misuse, virus or other internal problems. It only provides the illusion of better security.
    A good computing infrastructure will continue to function in the face of adversity, being man made or natural disaster. Building a secure computing environment is requires careful planning and continued vigilance. There is no substitute for vigilance.
    A secure server is not a server that implements cryptographic protocols so that data transfer cannot be eavesdropped upon or a Web server that will safeguard any personal information received or collected, not subverting browsers to download viruses or other rogue programs onto user computers.
    Simson Garffinkel and Gene Spafford, concludes that a Secure Web Server is one that is resistant to a determined attack over the Internet or from corporate insider.
    Generally accepted principles in the computer Security consist of recommendations, procedures and policies that are known as Best Practices.
    But even the Best Practices has its own problems, the biggest problem is that there is no really one set of best practices that is applicable to all websites and Web users, the authors of this book recommends a combination of Risk Analysis and Best Practices.
    Unfortunately Simson Garfinkel knows that the application of risk analysis to the field of computer networks has been less successful.
    It is impossible to calculate the risk that an attacker will be able to obtain System Administrator privileges on your Web Server?
    I have never seen a book packed with so much information on Web security as this book I will recommend it to anyone who wants to have a good foundation in Web security, the understanding that I have gained reading this book is unbeliveable.
    This book is about Web Security, privacy and commerce the World Wide Web.
    Organized into five parts it examines the security policies in use on the Web today and the strategies available to minimize the risk in using the World Wide Web.
    Part 1. WEB TECHNOLOGY: -Examines the underlying Technology that makes up today's World Wide Web and how the Internet works in general.
    The Architecture of the World Wide Web, Cryptography basics, What Cryptography can't do, Legal Restrictions on Cryptography, Understanding Secure Sockets Layer (SSL) and Transport Layer Security(TSL), What does SSL/TSL Really Protect:- actually it does little to protect against the real attacks that consumer and the merchants have experienced on the Internet. Digital Identification:-{Passwords, Biometrics, Digital Signatures, Digital Certificates, CAs, and Public Key Infrastructure (PKI). Part 2. Privacy and Security for Users,
    Understanding Cookies, Privacy Protecting Techniques, Choosing a Good Service Provider, Avoiding Spam and Junk Email, Identity Theft, Privacy-Protecting Techniques, Blocking Ads and Crushing Cookies, Backups and Antitheft, Mobile Code Plug-Ins, ActiveX, and Visual Basic, The Risk of Downloaded Code, Java, JavaScript, Flash, and Shockwave. Part 3. Web Server Security:
    Physical Security for Servers, Protecting Computer Hardware, Protecting Your Data, Host Security for Servers, Secure Remote Access and Content Updating, Firewalls and the Web, Securing Web Applications, Deploying SSL Server Certificates, When things go Wrong, Securing Your Web Service, Protecting Your DNS, Computer Crime, Your Legal Options After Break-In. Part 3. Security For Content Providers:
    Controlling Access To Your Web Content, Access Control Strategies, Client-Side Digital Certificates, Code signing and Microsoft's Authenticode, Why Code Signing, Pornography, Filtering Software and Censorship, Privacy Policies, Legislation, and P3P, Children Online Privacy Protection Act, Digital Payments, Internet-Base Payment Systems, How to Evaluate Credit Card Payment System,
    Intellectual Property and Actionable Content, Copyright, Patent, Trademarks,
    Part 5. Appendixes: Lessons From Vineyard.NET, the Platform for Privacy Preferences Projects.

    2-0 out of 5 stars Weak and not comprehensive
    In addition to being way out of date, this book misses some key issues and fails to "connect the dots" and present security as a process. There are other more complete and up to date introductions to security, that are written better and carry more weight. I would skip this title and instead read "secrets and Lies", "Access Denied:", or even "Hacking Exposed" if you're ready for more technical depth.

    4-0 out of 5 stars A good overview, but aging
    I spent quite a bit of time going through this book. It's not a bad book. Very comprehensive and thorough, and generally a pretty well balanced point of view. It acknowledges security is a trade off, and looks at many different options.

    I have 2 main problems with it. Firstly, it's simply getting a little old. While 85% of it is still relevant, I'd like to see a second edition. They spend too much time talking about Netscape 3 problems for my liking.

    Second is the reason it lost a star. The guys who wrote this obviously know their stuff, but in some ways know it a little too well. The result of this is when they go to explain a subject (public key infrastructure for example) they have a tendency to jump straight into the details, implementation issues, problems, etc, without ever giving you a big picture of it first - or only very briefly if they do. If you understand the basic principles of all security concepts, then this is great, but if like me, you bought this book to learn about fundamentals, I found myself on several occassions doing research on the web to understand the big picture before going back to the book.

    But for a good overview for people who are at least semi-technical, it's not bad. ... Read more

    10. Big Brother in the Next Half Century
    by Simson L. Garfinkel
    list price: $22.95
    our price: $22.95
    (price subject to change: see help)
    Asin: 1888869232
    Catlog: Book (1998-03-01)
    Publisher: Hardwired
    Sales Rank: 3467210
    US | Canada | United Kingdom | Germany | France | Japan

    11. Seguridad y Comercio En La Web
    by Simson Garfinkel, Gene Spafford
    list price: $35.20
    our price: $35.20
    (price subject to change: see help)
    Asin: 9701021428
    Catlog: Book (2000-05)
    Publisher: MC Graw Hill
    Sales Rank: 2799726
    US | Canada | United Kingdom | Germany | France | Japan

    12. Seguridad Practica En Unix E Internet - 20 Edicion
    by Simson Garfinkel, Gene Spafford
    list price: $53.20
    our price: $53.20
    (price subject to change: see help)
    Asin: 9701020715
    Catlog: Book (2000-05)
    Publisher: MC Graw Hill
    US | Canada | United Kingdom | Germany | France | Japan

    1-12 of 12       1
    Prices listed on this site are subject to change without notice.
    Questions on ordering or shipping? click here for help.