⌚ April 4, 2012
Thought-provoking information about computer security across international borders.
If you think that, then you desperately need to read Desktop Witness by Michael Caloyannides. This is a book about computer privacy, and you might never trust your computer again after reading it.
Whether it be medical records, credit card numbers, address books, or secret cookie recipes, we all have things that we wish to keep private. However, our computers act as electronic tattletales that monitor and record our every activity.
Desktop Witness is a computer security book that brings awareness to what our own computers are recording, how that information can be used against us, and what we can do to protect our privacy when using a computer.
Desktop Witness is one of those must-read computer security books that will wake you up to the bigger picture and make you think. Even though it was published in 2002, most concepts are still up-to-date because much of the book focuses on general security concepts stemming from human nature — and human nature never changes.
This a paperback book containing eight gripping chapters spanning 366 pages. Topics include awareness, good privacy practices, desktop privacy, network privacy, encryption, steganography, Internet privacy, ICQ and chat privacy, irrecoverably destroying data, keystroke logging, the dangers of Windows XP and Office, backup privacy, encrypted telephony, international travel, and legal issues – to name a few. A multitude of issues and ideas are discussed, but please do not let the stuffy description intimidate you. Desktop Witness almost reads like an engrossing spy novel, and the author presents the material in a factual, easy-to-understand format without bogging down in unnecessary details.
What I like best is how Desktop Witness examines the entire privacy mixture rather than focusing on a specific ingredient. For example, rather than relying on blanket statements such as “encrypt your data and you will be fine,” this book looks at the privacy system in its entirety. Yes, encryption is discussed, but encryption is just a small link in a much larger privacy chain, and the chain is only as strong as its weakest link. So, your data is encrypted, but if you store the password on a sticky note beneath your keyboard, what good is it? Can you trust that the backup of your encrypted data is equally secure? Has your computer been tampered with? What if customs officials demand that you decrypt your data…or else? These and many other issues are discussed.
Surprisingly, when it comes to hiding data and maintaining our privacy, the biggest enemy is the State, not the classic hardcore hacker of computing lore. A government’s primary goal is to be in control, and putting privacy in the hands of the people usurps that control. The author does not shy away from presenting this ugly truth and mentions the possible penalties for circumventing them. Reading about this may be upsetting and disturbing, but it is essential information for those determined to protect their privacy.
The book takes a worst-case scenario approach: Hiding data from an oppressive regime. Therefore, a number of privacy hiding techniques may seem like overkill to one living in a tolerant nation. However, laws are constantly changing and our freedoms are being eroded, so the knowledge gleaned now may be invaluable in the future.
And that brings up another good point about why I like Desktop Witness. It goes beyond any one specific country and forces you to think internationally. It takes into account that there are countries with Draconian laws and totalitarian regimes that see any form of personal privacy as a threat to their power base. As such, the book discusses traveling to different countries of varying laws and warns how hiding data on a laptop when crossing borders could incur the wrath of the State. In addition, for those left with no choice and must live under such regimes, techniques for hiding your data from the State are discussed – along with warnings for doing so. Both the positive and the negative aspects of information privacy are handled.
Many software packages for hiding, encrypting, and emailing data are introduced along with their usage. However, most software is intended for Windows 95/XP/2000 since the book is dated for 2002. Windows is discussed as a last resort. In fact, when it comes to Windows, the author takes the following approach: Do not use Windows since it leaves behind too much digital litter for a forensics investigator to find, but if you must use Windows, here is what you can do. Newer, better alternatives such as Linux and TrueCrypt are not mentioned, so you might want to use the software as a starting point from which to seek better programs available today.
The most important point to mention about Desktop Witness is that it goes beyond the standard security advice found in almost any computer book. “Never accept cookies.” “Store your password in a safe place.” “Never open email attachments.” “Update your anti-virus software.” Generic statements like these only thwart script-kiddies and your little sister. They sound good in computer magazines, but they will not protect you from government-funded intelligence agencies determined to monitor your communications with resistance groups.
The information in Desktop Witness operates on a higher level intending to thwart professional criminal rings and Big Brother governments. For example, you will find information using DOS and floppies to send encrypted email through satellite phone links in order to thwart forensics examiners in the event that your computer is confiscated by law enforcement officers. Yes, Desktop Witness operates on a much, much higher level because the stakes – imprisonment and physical persecution – are higher. Whether this is seen as paranoia or not is best left to the reader depending upon his privacy needs and the country he lives in.
And that leads to the second reason why I consider this book valuable: The ideas and information go beyond general computer security. We are talking about imprisonment-for-life-if-discovered countermeasures. Desktop Witness is not a book about illegal activities (depending upon where you live, of course), but it deals with information that other computer security books seem afraid to publish. Most computer security books I have read only repeat what many of us have already heard countless times, “Choose a password at least eight characters in length,” blah, blah, blah. Nothing in-depth. Desktop Witness takes your security awareness to another level by presenting “touchy” topics that you most likely will not find in regular bookstores. The author even warns that the very act of possessing this book in certain countries may be reason enough to monitor you.
Due to the outdated Windows software, a number of chapters can be skipped, but the rest of the book is essential reading no matter what time period you live in. We live in a world where slavery is the natural state of man and where governments squash any perceived threat to their control.
Reading Desktop Witness will broaden your horizon and shake your thinking regarding computer privacy while offering practical advice on how to maintain your personal privacy in public times no matter where on the globe you may be.
Desktop Witness has the potential to shatter any trust you might have in social networks, home computers, and the Internet. You might even find yourself using your private computer with more caution than you previously did after reading this book. Yes, it’s that kind of book.
This is a riveting read that will make you wish you could form your own country of freedom on another planet. In the meantime, it shows you how to hide your data and erase your traces.