[ISN] Book review: "Computer Security for the Home and Small Office"
by Thomas C. Greene
isn at c4i.org
Wed Jun 2 05:12:38 EDT 2004
Computer Security for the Home and Small Office
Thomas C. Greene
Paperback - 405 pages (2004)
$39.99 - Apress ISBN: 1-59059-316-2
[Full Disclosure: I have been quoted by Greene for past articles in a
friendly/professional capacity. He has also written articles that were
accusatory to me and attrition.org in the past. Translated: I owe him
The first and most obvious question that will come to some people is
where an alleged hack from The Register  gets off writing a book on
computer security. After reading the entire book, you'll understand
that his last five years covering computer security and playing
Windows solitaire has paid off. Just as he writes his news material in
an "irreverent editorial style", so shall I in this quippy review.
Computer security isn't just for hackers or professionals, it's
something every computer owner and operator should be aware of. When
we read about the worm-of-the-week, it is infecting and compromising
tens of thousands of machines, often owned by you, the end user. How
are the average computer users expected to protect their home systems
when security is a discipline and career? In the past, they were
expected to read web sites, trust Microsoft and possibly struggle
through an overly technical book detailing the ins and outs of
firewalls or other security technology. Some books came out to address
this issue but ended up being dull, covering the absolute basics while
ignoring serious issues, or contained more errors than facts. After
all this time, one book seems to be ideal for the everyday user, and
read to educate them on more than configuring a Windows machine or
Overall, the book favors the end Windows user in time spent explaining
the gritty details of basic security. However, neophyte Linux users
will be able to learn some of the basics as applies to them, as Greene
considers both platforms when dealing out information. Using plain
wording unencumbered by superflous jargon, the lessons you need are
easy to understand, well organized and well written. Fortunately for
you, the book was technically reviewed by Robert Slade  before
hitting the shelves, and it shows. It's a pleasant change of pace
reading a book without sighing in disgust every few pages when the
author typically proves they are better off working at McDonalds. The
Greene/Slade combination is definitely worthy of Subway.
The last third of the book moves beyond configuring your computer and
delves into the single most aspect of computer security: Common Sense
and Awareness. Rather than continue on with tech tips, Greene opts to
educate the end user about the security industry, which is a blessing
in disguise. Later chapters warn you on FUD (Fear, Unscertainty and
Doubt), how to avoid industry charlatans, and how to apply common
sense toward keeping unwanted people out of your system.
Greene also delves into some of the great debates of our time, like
open vs closed operating systems (Windows vs Linux). His journalistic
experience shines through here and Greene delivers perhaps the single
best summary of why Linux may be a better option for you than Windows.
He dispels the myth that it is too complex, that it doesn't run the
programs you want, and the shortcomings of Windows.
The last section covers a wide variety of topics that move beyond the
personal computer and into daily life, as computers may affect you.
This is a nice touch as a large part of the population doesn't follow
technology news despite the drastic effects it can have on your life.
By understanding what is looming around the corner, you can better
prepare for changes that affect the Internet, your computer, and your
No review is complete without a little criticism! The biggest
complaint I can direct at this book is the practice of lengthy and
largely worthless Appendix. Starting on page 297 (Appendix B) and
ending on page 392 (Appendix C), about half of the material would have
been better left on Greene's new website . Giving us long lists of
trojan port numbers for example, isn't the most helpful thing you
could have filled those pages with.
All in all, if you are an average Joe when it comes to computers and
security, grab a copy of this book. It *will* help you learn what you
need to know, and it will make you realize that security is more than
tweaking options on a computer configuration screen. That lesson is
still hard to teach to some so-called security professionals, but one
you will learn rapidly with this book.
More information about the ISN