It's hard to remember a world without the Internet. We now take for granted that we can access our bank accounts and health records, get driving directions, talk to friends, and shop, all on the Internet. Many companies couldn't survive without it because it is their link to their customers.
But the Internet doesn't just give businesses access to customers, doctors access to health records, and friends access to each other, it also gives attackers access to your system and to the systems you want to reach.
The systems were built in a much more innocent time, which assumed a collegial environment for honest researchers to share information, or a single-user, home machine used for word processing or playing games. The Internet, along with the idea of people attacking systems for fun or to make a political point, developed so quickly that the systems have not had time to evolve into the completely hardened systems they need to be. In the meantime, it is a constant struggle to try to stay ahead of the attackers.
It would be easy to give up, declare the situation hopeless, and move to Vermont to raise rabbits. But just when dealing with thousands of rabbits starts sounding like the easy way out, along comes Ed Skoudis, with his boundless energy, enthusiasm, and optimism.
Ed is a rare individual. He knows the innards of all the various systems, as well as all the latest exploits and defenses, and yet he is able to explain everything at just the right level. The first edition of Counter Hack was a fascinating read. It's technically intriguing and very clear. It's also, of course, scary, but Ed's basic optimism shines through and is somehow reassuring and empowering.
A book on vulnerabilities will get out of date, though, and so we definitely needed this updated and significantly rewritten second edition. This book is a wonderful overview of the field. (For those wanting to do a deep dive into the details of malicious code, I strongly recommend Ed's other book, Malware [Prentice Hall, 2004].)
Unfortunately, the battle for understanding and defending against exploits is not ever going to be won. As the Red Queen said in Through the Looking Glass, "Now here, you see, it takes all the running you can do, to keep in the same place." That's such a discouraging thought, but at least Counter Hack Reloaded will make us enjoy learning what we need to know to do our best.