Fair use, plagiarism and the World’s No. 1 Hacker book

Posted on by Ben Rothke

O'Reilly Media is one of the premier technology publishing companies, who like all serious publishing houses have strong policies and guidelines regarding plagiarism.  They also have a Missing Manuals series of books.  The goal of the Missing Manual series, is to “produce sterling, beautifully written manuals for popular consumer software and hardware products” 

So with license, perhaps this post should be titled How To Become The World’s No. 1 Hacker – The Missing Bibliography. 

In my initial review of How To Become The Worlds No. 1 Hacker, I noted that the author plagiarized most of his sources.  

Of the books 26 chapters, I used iThenticate plagiarism checker from iParadigms to check the 13 largest chapters.  Many of the smaller chapters were 1-2 pages in length, and were not analyzed. 

The following iThenticate screen shot speaks for itself.  The report field is an overall similarity index for each submission.  This index determines the percentage of similarity between a submission and information existing in the iThenticate databases selected as search targets. 

fair-use-plagiarism-and-the-world-s-no-1-hacker-book 1

So how much can an author legitimately copy under the fair use doctrine?  As to the notion of fair use, the U.S. Copyright Officenotes that the doctrine of fair use has developed through a substantial number of court decisions over the years and has been codified in section 107 of the copyright law

Section 107 contains a list of the various purposes for which the reproduction of a particular work may be considered fair, such as criticism, comment, news reporting, teaching, scholarship, and research. Section 107 also sets out four factors to be considered in determining whether or not a particular use is fair, namely the: 

1.       purpose and character of the use, including whether such use is of commercial nature or is for nonprofit educational purposes
2.       nature of the copyrighted work
3.       amount and substantiality of the portion used in relation to the copyrighted work as a whole
4.       effect of the use upon the potential market for, or value of, the copyrighted work 

The distinction between fair use and infringement is not easily defined, and in fact, seems to almost defy definition. There is no specific number of words, lines, or notes that may safely be taken without permission. Anytime a specific number or percentage is used, that refers to general guidelines, not the copyright law.   

But even before the plagiarized text begins in the book, there is misrepresentation of the truth.  The following is a screen shot from page 24: 

fair-use-plagiarism-and-the-world-s-no-1-hacker-book 2

The author states that LIGATT is the official cyber security provider for the Phillps ArenaAtlanta Hawks basketball team, andAtlanta Thrashers hockey team.  The firm also noted this in a October 2009 press release, which was then picked up as a news story by the Atlanta Business Chronicle and Sports Business Journal.  

But no such deal ever took place.  Tracy White, Chief Sales Officer and Senior VP of Sales and Marketing for Atlanta Spirit LLC, the parent company of the Atlanta  Thrashers, stated that “LIGATT doesn’t provide (nor have they ever provided) services for the Hawks, Thrashers or Philips Arena.” 

With that, the following are the sources copied in the book: 

Chapter 2

Number of words Source
1392 http://www.auditmypc.com/freescan/readingroom/port_scanning.asp
1109 http://securityfocus.com/archive/101/310004/2003-01-29/2003-02-04/0
1094 http://www.grc.com/oo/packetsniff.htm
823 http://www.cromwell-intl.com/security/monitoring.html
468 http://www.realexam.net/ciscoport-scans-ping-sweeps/394.html
312 http://www.itbuzz.co.cc/2008/11/developing-your-ethical/
193 http://www.valuesys.net/content/view/191/50/

 Chapter 4

Number of words Source
3219 (plus screen shots) http://www.ibm.com/developerworks/library/s-crack/
2867 http://host14.ipowerweb.com/~hackerth/org/texts/hacking/howtobrute.php
1302 http://starbase.airweb.net/tech/hack-faq.html
892 http://sectools.org/crackers.html
327 (plus screen shots) http://www.raymond.cc/blog/archives/2006/09/02/how-to-hack-into-a-windows-xp-computer-without-changing-password/

 Chapter 5 – Single source makes up the entire chapter

Number of words Source
1081 http://starbase.airweb.net/tech/hack-faq.html

 Chapter 7

Number of words Source
2658 http://www.securiteam.com/securityreviews/5OP0B006UQ.html
577 http://searchsecurity.techtarget.com/searchSecurity/downloads/WebappattacksLG.pdf
399 http://starbase.airweb.net/tech/hack-faq.html
367 http://www.e-secure-db.us/dscgi/ds.py/Get/File-8852/Writing_Buffer_Overflow_Exploits_-_a_Tutorial_for_Beginners.txt
223 http://arhiva.elitesecurity.org/t132220-Insecure-Programming
589 http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1048483_mem1,00.html

Chapter 8

Number of words Source
2559 (includes screen shots) http://www.squidoo.com/spyphone_flexispy
1239 http://www.securityfocus.com/infocus/1829
756 http://www.spyphoneguy.com/page/4/
666 http://www.spectorsoft.co.uk/products/index.html?UK=true
500 http://www.keyloggers2010.com/index.html

Chapter 9

Number of words Source
2195 http://www.nmrc.org/pub/faq/hackfaq/hackfaq-08.html
1750 (includes 29 screen shots) http://www.ethicalhacker.net/content/view/106/24/
942 (includes 20 screen shots) http://www.dedoimedo.com/computers/backtrack.html

Chapter 10 – Single source makes up the entire chapter

Number of words Source
2940 http://starbase.airweb.net/tech/hack-faq.html

Chapter 11         

Number of words Source
1967 http://docs.athenawebsecurity.com/ceh_athena/CEH.pdf
1870 http://starbase.airweb.net/tech/hack-faq.html

Chapter 12

Number of words Source
5894 http://www.informit.com/articles/article.aspx?p=472323&seqNum=5
59 http://www.nmrc.org/pub/faq/hackfaq/hackfaq-19.html

Much of the last half of the book is single chapter cut and paste, in which a single large source makes up the entire text of chapters 13, 14, 15, 18, 19, 20, and 21.

Chapter 13

Number of words Source
696 http://www.nmrc.org/pub/faq/hackfaq/hackfaq-27.html

Chapter 14

Number of words Source
1488 http://www.nmrc.org/pub/faq/hackfaq/hackfaq-28.html

Chapter 15

Number of words Source
677 http://www.nmrc.org/pub/faq/hackfaq/hackfaq-29.html

Chapter 18         

Number of words Source
2962 http://ethicalhacking.org.ua/8794final/lib0063.html

Chapter 19

Number of words Source
2025 http://hacker-dox.net/Que-Certified.Ethical.Hacker.E/0789735318/ch07lev1sec4.htmlhttp://docs.athenawebsecurity.com/ceh_athena/CEH.pdf

Chapter 20

Number of words Source
3593 http://docs.athenawebsecurity.com/ceh_athena/CEH.pdf

Chapter 21

Number of words Source
4106 http://www.cnhacker.com/bbs/read.php?tid=161454&fpage=8

Chapter 23

Number of pages Source
6 Scanned article directly from http://hakin9.org/magazine/995-hardware-keylogger-a-serious-threat

Ben Rothke, CISSP is the author of Computer Security: 20 Things Every Employee Should Know, and now knows more about section 107 of the copyright law than he would like to admit.

Ben Rothke

Senior Information Security Manager, Tapad

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community

Related Blogs