Simple Steps to Data Encryption: A Practical Guide to Secure Computing / Practical Anonymity: Hiding in Plain Sight Online

Posted on by Ben Rothke

Of the many books that author Pete Loshin has written in the past decades, a number of them are completely comprised of public domain information that he gathered.  Titles such as Big book of Border Gateway Protocol (BGP) RFCs, Big Book of IPsec RFCs, Big Book of Lightweight Directory Access Protocol (LDAP) RFCs, and others, are simply bound copies of publicly and freely available information. 

In two of his latest books Practical Anonymity: Hiding in Plain Sight Online and Simple Steps to Data Encryption: A Practical Guide to Secure Computing, Loshin doesn’t do the wholesale cut and paste like he did from the RFC books, but on the other side, these titles do not offer much added information than the reader can otherwise get online. 

The software tools detailed in the books are open source tools; and the open source community has done a fantastic job of not only making the software free, but creating documentation that is also free and rivals commercial technical guides.

Practical Anonymity is basically an overview of the basics of Tor.  The truth is that all it takes to use Tor is to download it and then click on Start Tor Browser.  For those that want to read the manuals, the Tor documentation repository has detailed information that includes everything a user needs to know about using the product.  The Tor site has numerous manuals, FAQ’s and more.  There is likely enough information there for the vast majority of Tor and potential Tor users.

At 130 pages, the book is useful for those that want a hard copy to read on a bus or plane and for whatever reason, don’t want to print out the references from the Tor site. Loshin does a decent job of presenting the topic, including why Tor is important, and who it could most benefit. 

Tor was first released in 2002.  But since it became known that the NSA was viewing data, Tor usage has doubled, as detailed in a recent Washington Post article.

One of the main drawbacks of Tor, as the book notes in chapter 2 (and also detailed in the Tor FAQ here) is that Tor is slow; really slow.  The FAQ notes that here are many reasons why the Tor network is currently slow.  It is first off important to know that Tor is never going to be extremely fast.  All Tor traffic is bouncing through volunteers' computers in various parts of the world, and bottlenecks and network latency will always be present.  The current Tor network is small compared to the number of people trying to use it, and Tor can't always handle file-sharing traffic load.

The book also spends a large amount of space detailing Tails, which is a Linux distro that can booted as a CD or on a USB.  The benefit of Tails is that no trace of it will be left on the host it was run off of.

Like Tor, the Tails documentation repository has a large set of documents and FAQs covering all areas of the product.  For those on a budget, this site has everything that they need to know about using Tails.

Practical Anonymity: Hiding in Plain Sight Online is a decent start for those who want to be more anonymous.  It is far from a comprehensive guide, as using Tor is just the beginning to start being anonymous, but far from the only resource or method.  Anyone trying to gain complete anonymity based on this title alone will be surely disappointed, and certainly not anonymous.

In Simple Steps to Data Encryption: A Practical Guide to Secure Computing, Loshin attempts to provide an overview of why you need encryption, and how to use it.  The book barely succeeds at doing that, but there are certainly other titles that do it either more articulately or at least without charging for it.  In addition, the book seems like it was rushed to print, and could have used a better technical editor.

In fact, the book starts with an overview of how to use GnuPG (Gnu Privacy Guard).  And like Tor, there are numerous free references at the GnuPG documentation site that provide many useful references.

At $60- for the pair, the books provide little added value to the free online documentation.   For those that want a bound hard copy of a book, these two titles may suit them.  For other who want to save trees and their money, and get the same and improved information direct from the source, the respective documentation sites are but a click away.

ISBN 978-0124114838

Ben Rothke

Senior Information Security Manager, Tapad

data security

Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community

Related Blogs