"This sobering description of many computer-related failures throughout our world deflates the hype and hubris of the industry. Peter Neumann analyzes the failure modes, recommends sequences for prevention and ends his unique book with some broadening reflections on the future."--Ralph Nader, Consumer Advocate
This book is much more than a collection of computer mishaps; it is a serious, technically oriented book written by one of the world's leading experts on computer risks. The book summarizes many real events involving computer technologies and the people who depend on those technologies, with widely ranging causes and effects. It considers problems attributable to hardware, software, people, and natural causes. Examples include disasters (such as the Black Hawk helicopter and Iranian Airbus shootdowns, the Exxon Valdez, and various transportation accidents); malicious hacker attacks; outages of telephone systems and computer networks; financial losses; and many other strange happenstances (squirrels downing power grids, and April Fool's Day pranks).
Computer-Related Risks addresses problems involving reliability, safety, security, privacy, and human well-being. It includes analyses of why these cases happened and discussions of what might be done to avoid recurrences of similar events. It is readable by technologists as well as by people merely interested in the uses and limits of technology. It is must reading for anyone with even a remote involvement with computers and communications--which today means almost everyone.
- Presents comprehensive coverage of many different types of risks
- Provides an essential system-oriented perspective
- Shows how technology can affect your life--whether you like it or not!
|Sold by:||Barnes & Noble|
|File size:||3 MB|
About the Author
Peter G. Neumann (Principal Scientist in the Computer Science Laboratory of SRI International) runs the popular and provocative on-line Internet newsgroup, The Risks Forum, which he started in 1985. He also writes the widely read "Inside Risks" column in the Communications of the ACM. Running RISKS is a sideline to his research and development interests, which include computer hardware and software, systems, networks, and communications, as well as security, reliability, and safety--and how to attain them. He is a Fellow of both the ACM and the IEEE. He is often the first person called when computer disasters occur.
Table of Contents
1. The Nature Of Risks.
Background on Risks.
Sources of Risks.
Guide to Summary Tables.
2. Reliability And Safety Problems.
Problems in Space.
Robotics and Safety.
Medical Health and Safety.
Computer Calendar Clocks.
3. Security Vulnerabilities.
Security Vulnerabilities and Misuse Types.
Pest Programs and Deferred Effects.
Bypass of Intended Controls.
Other Attack Methods.
Comparison of the Attack Methods.
Classical Security Vulnerabilities.
Avoidance of Security Vulnerabilities.
4. Causes And Effects.
Weak Links and Multiple Causes.
Accidental versus Intentional Causes.
5. Security And Integrity Problems.
Spoofs and Pranks.
Intentional Denials of Service.
Unintentional Denials of Service.
Financial Fraud by Computer.
Accidental Financial Losses.
Risks in Computer-Based Elections.
6. Threats To Privacy And Well-Being.
Needs for Privacy Protection.
Prevention of Privacy Abuses.
Annoyances in Life, Death, and Taxes.
What's in a Name?
Use of Names as Identifiers.
7. A System-Oriented Perspective.
The Not-So-Accidental Holist: A System View.
Putting Your Best Interface Forward.
Woes of System Development.
Modeling and Simulation.
Coping with Complexity.
Techniques for Increasing Reliability.
Techniques for Software Development.
Techniques for Increasing Security.
Risks in Risk Analysis.
Risks Considered Global(ly).
8. A Human-Oriented Perspective.
The Human Element.
Trust in Computer-Related Systems and in People.
Computers, Ethics, and the Law.
Mixed Signals on Social Responsibility.
Certification of Computer Professionals.
9. Implications And Conclusions.
Where to Place the Blame.
Expect the Unexpected!
Avoidance of Weak Links.
Assessment of the Risks.
Assessment of the Feasibility of Avoiding Risks.
Risks in the Information Infrastructure.
Questions Concerning the NII.
Avoidance of Risks.
Assessment of the Future. 020155805XT04062001