Product: 1597494860
My colleague showed me this book (full disclosure: he was a reviewer) - he made his students buy it it for his OS II class (assigned middle of the semester!) one week ago - hot off the presses. I got two copies, one for my office and one for reading on the bus.
It’s one of three technical exploit books I’d take on a deserted, networked, powered island. Part 1: Journey into Kernel Land (Intro and explanations) is one of the most succinct clear intros I have ever seen. I wish I could distributed that as a document for class. The section on Windows is current and well done, also because the difference between 32 and 64 bit architectures and approaches are emphasized (this is not the case with Eilam’s book alas, though very good) - this book is up to date. I think the Unix section needs to be updated, though, my colleague said that some of the exploits were possible in 2006⁄2007 but with kernel changes some APIs are not available etc. This needs to be updated. Cannot comment on the Mac section, because no expertise.
Website available and examples useful: […]
Wishlist:
1) There are some unavoidable typos, sure: p. 10: MAC is nor Media Access Control in a security context, it’s Mandatory Access Control
2) I would have really really like an expanded section on hypervisors and virtualization (there is a mini epilogue on it at the end)- that would have made my day
3) The Linux case study was neat - for next version, do Windows Stuxnet’s m.o. because it adds all sorts of interesting kernel root attack pathways
You will not regret buying this book - it is obvious and much appreciated that the authors put a lot of effort into making an readable guide for the medium to expert reader that can double as a textbook companion.
Daniel Bilar
CS Department
UNO
Rating: 5
1597494860
Count: 6
Review by Daniel Bilar
on 2020-03-10