Thursday, March 15, 2012

A Bug Hunter's Diary (book review)

A couple of months ago I got my hands on Tobias Klein's new book "A Bug Hunter's Diary" and have only recently managed to read through it and, I have to say, I liked it very much.

The book takes the reader through a guided tour of seven vulnerabilities uncovered by Tobias over the last few years. Unlike most books on the topic of bug hunting (which typically focus on walking through the tools of the trade and talking in generalities) this book takes on a pseudo-diary format - revealing the thoughts, assumptions and leaps-of-faith that go in to uncovering the kinds of bugs that make the headlines.

As someone who's worked extensively in the commercial bug hunting and vulnerability exploitation business, nothing beats the shoulder-surfing approach to knowledge transfer, and I think this book manages to achieve much of that experience.

Given the span of bugs, platforms and years between discoveries, it provides an interesting perspective on the responses of vendors (and product maintenance engineers) to bugs that come their way and their capability to respond/fix them. My, how times have changed (in a good way - generally).

As a technical book, I think it has legs and I don't think it'll date quickly. Tobias works through the bugs in a logical and well thought out way and, as long as the reader has some familiarity with debuggers and some coding prowess, it shouldn't be that technically taxing. The best bug hunters aren't elite coders and assembly guru's - they're folks that explore imaginative "what if?" scenarios within the software or devices they're looking at.

What bugs are covered? Well, there are several, but divided in to the following major categories:
  • VideoLAN's VLC media player
  • Sun Solaris kernel
  • FFmpeg multimedia library
  • WebEx ActiveX
  • Avast! AV
  • iPhone
Who's going to benefit from this book? I think the book will be well suited to senior engineers charged with debugging glitches in their companies software and folks looking to make the leap from being tool-only penetration testers and security consultants. The kind of folks that have been to one or two Blackhat Las Vegas conferences in the past, listened to various bug hunters spout their latest findings from the podium, and figured that they'd like to give it a try for real.

Shoulder-surf in the comfort of your own home (or Kindle)!

No comments:

Post a Comment