aspose file tools*
The moose likes Book Reviews and the fly likes Exploiting Software: How to Break Code by Greg Hoglund and Gary McGraw Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Books » Book Reviews
Bookmark "Exploiting Software: How to Break Code by Greg Hoglund and Gary McGraw" Watch "Exploiting Software: How to Break Code by Greg Hoglund and Gary McGraw" New topic
Author

Exploiting Software: How to Break Code by Greg Hoglund and Gary McGraw

Book Review Team
Bartender

Joined: Feb 15, 2002
Posts: 944
<pre>Author/s : Greg Hoglund and Gary McGraw
Publisher : Addison-Wesley
Category : Other
Review by : Ernest Friedman-Hill
Rating : 6 horseshoes
</pre>
"Exploiting Software" purports to be a book aimed at helping software professionals understand the security risks they face; it uses the pedagogical device of teaching how software can be attacked to achieve the goal of explaining how secure software should be built. Unfortunately, I think it fails both as a guide to building secure software and as a guide to being a black hat hacker.
Most of "Exploiting Software" reads more like a book proposal than a completed work: too detailed in places (do we really need a dozen pages on writing plugins for the IDA Pro Disassembler?), not detailed enough in others, and generally not well organized. Far too often, the reader is simply told that an exploit exists, and is then directed to the original source for details. Worse, the original sources are often white papers, personal web sites, and conference proceedings -- things that are either hard to obtain, unlikely to be available for long, or both. As a result, the reader learns nothing.
The preface to "Exploiting Software" explains that this is a companion volume to "Building Secure Software," written by the same Gary McGraw with another co-author, and this helps to explain the main failings of this book. While the last two chapters, "Buffer overflow" and "Rootkits", are better than the rest -- they provide plenty of concrete details -- two chapters aren't enough to vindicate this fairly shallow work. For $49.99, I expect a book that can stand on its own.


More info at Amazon.com
More info at Amazon.co.uk
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Exploiting Software: How to Break Code by Greg Hoglund and Gary McGraw