PREFACE

Advances in computer security technologies are occurring at a fast pace. As a result, defenses (over time) are dynamic and forever evolving. As new protective measures appear, new attacks are developed to defeat them, leading to corrective improvements in the protective measures, new attacks, and so on. Hacker organizations, often formed with the intent of forcing developers to improve and harden the security features of their products, meet frequently to discuss new security technologies as well as new attack tools. Challenges and contests in which participants try to break security products or operating systems are mounted frequently and the results published broadly, often to the consternation of the product developer. As more applications migrate to open source, the opportunity for deeper testing of security features is enhanced.

By its very nature, any book on the topic of computer security will be a snapshot of current protection technologies and common attack approaches. For example, even as this book goes to press, new articles are appearing on a possible vulnerability of quantum cryptography, which to date has been considered unbreakable by the intelligence community. Of course, the assertion will be studied and tested by countless groups around the world, and will likely result in an improvement.

With this dynamic quality in mind, readers should review each of the technologies discussed in this book periodically to determine if enhancements or fundamental changes ...