PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
January 2002

Review: Malicious Mobile Code

Malicious Mobile Code By Roger A. Grimes Opening this book a few days after Nimda hit, I was hoping it would provide some insight into the mechanisms that this hybrid worm used to spread itself across the 'Net. Although hostile code is one of the more serious infosec problems, book publishers haven't kept up with the significant changes in the hostile code environment brought about by ubiquitous e-mail, always-on Internet connectivity and the near universal use of Microsoft Word. With chapters on Windows, macro viruses, Java, ActiveX and e-mail, this book is aimed at a huge hole in everyone's security library. Unfortunately, like a marksman shooting in the dark, it largely misses its target. I enjoyed the section on instant messaging, and learning a lot about a subject that I previously knew very little about. But many sections, such as the ones on Web protocols, security software and digital signatures, are full of misleading "simplifications" or errors. For instance, the author describes code as being "signed by a digital ...

Access this PRO+ Content for Free!

Features in this issue

Columns in this issue