Privacy Books

This book is trash. This is just a printed version of textfiles.com that gives you all of the "lost" files for free. This is just a horrible book that takes advantage of people not using google first to find free information.

I think this book is equivalent to somebody filling up a bottle with tap water and selling it for 20 dollars as pure water found in the most secret places.

this book is culled from sources across the internet, almost all of the information is freely available somewhere. in most cases the author has not even bothered to change the filenames or unique file extensions. the book itself is barely an index of the cd-rom, with the first paragraph of a file serving as a description. there is some (un)original writing done by the author himself, comprising a miniscule amount of the actual text. if you would like to learn what these files are actually about, you would be much better served by going to the sites they were taken from

The widespread availability of computers and access to telephone and Internet technologies has contributed to the sharp rise in the number of people going online over the years. Unfortunately, many of these people found their way online through less-than-honest means, and once online, they would set out to perform a great deal of mischief and damage to various computers and computer information systems.

Hack Attacks Encyclopedia edited by John Chirillo serves as the ultimate source for collected information on the history of hacking, cracking, and phreaking. The book features nearly 2,000 text and HTML document extracts that includes news articles, online postings, and other snippets of insightful information. Some of the accounts are startling. Readers will quickly pick up just how clever some hackers, crackers, and phreakers really are. The following snippet exemplifies available talent in Northern America:

"Silver Spy has everything going for him - comfortable surroundings, a father who is an engineer. He ranks in the top 3 percent of his high-school class. His SAT scores for college admission totaled 1,400 of a possible 1,600. He wants to attend Stanford or the Massachusetts Institute of Technology. But in the eyes of the phone companies he is a thief, and in the eyes of the law he's a criminal. Such is the portrait of this 17-year-old computer "hacker" and "phone phreaker" who lives about 20 miles outside Boston. He spoke with U.S. News & World report on the condition that neither his real name nor home town be revealed."

The Hack Attack Encyclopedia is broken up into major sections by decade - the 70's, the 80's, the 90's, the Millennium, and a special historical synopsis. From beginning to end, readers will be able to follow the history of mischievous behavior. It will be an eye-opening experience for anyone to follow the advancements made in communications technologies and how they can be easily circumvented and otherwise compromised to carryout further activities. Although some of the technologies disclosed in the book are outdated and have been replaced, readers will still gain helpful insight of the mindset of hackers, crackers, and phreakers operating today. They are a force to be taken very seriously.

An extensive 217-page glossary of terms will enlighten readers about the slang talk used in the hacking, cracking, and phreaking communities. As a special bonus, the CD accompanying the book features full-length editions of the article and snippet extracts included in the book, hundreds of computing and Internet exploits, and a sampling of useful utility programs.

Hacking, cracking, phreaking, and virus infection still poses problems for many people today. This book will open the eyes of many people - including business people, IT managers, and law enforcement officials. It will serve as an excellent starting point for taking necessary corrective action to prevent further mischief and harm caused to personal and company computer systems. I can't wait to see an updated edition. Highly recommended reading.

this book is culled from sources across the internet, almost all of the information is freely available somewhere. in most cases the author has not even bothered to change the filenames or unique file extensions. the book itself is barely an index of the cd-rom, with the first paragraph of a file serving as a description. there is some (un)original writing done by the author himself, comprising a miniscule amount of the actual text. if you would like to learn what these files are actually about, you would be much better served by going to the sites they were taken from

The book looks damned impressive from the outside; it's 960 pages! Surely, this must be the most complete discussion of the hacking and phreaking subculture ever published! The cover, a sunset-colored affair with barbed wire and neat lettering, tells you it'll have a more up-to-date sensibility. Everything said this would be my next purchase.

My heart sank as I read through the book.

The vast, vast, VAST (over two-thirds) majority of the book consists of the first paragraph of BBS textfiles, with a line telling you the filename included on the CD that comes with the book. In some cases, Chirillo deigns to visit upon you a single-line description, but many don't even have that. So now, imagine this: page after page of filenames, then descriptions, then the first paragraph, of files located on a CD that's in the back of a book. What a horrible waste! There's a computer "glossary" in the back which looks suspiciously like similar documents available on the web, although I can't be sure. Also, there are a few tiny chapters giving general descriptions of the hacker and phreaking subculture. If you were to remove the filenames and descriptions and paragraphs, I doubt this book could get past 100 pages, if that.

This is one of the most vibrant accounts of Jesus' life, a must read, heart wrenching, wonderful books written. God bless you Alicia Britt Chole.

Nancy Wise

I had already read and very much enjoyed this book and wanted more to share. Thank you for carryiing a book I really liked and wanted to share.

It felt like this book was written just for me. I am a newly licensed minister (22) and I have yet to take on a position that utilizes my strengths because I feel God telling me to wait. This book completely explains why this time in my life is necessary. Its encouraging but also cutting because it speaks of the immense importance of our hidden times. Every day is as important as the next even when no one is watching us closely.

This book is written beautifully and concisely. You'll find yourself gliding through the chapters, but its really good stuff. You don't hear this message every day in fact I've NEVER heard this message preached before. I rarely highlight books, but this one is covered in yellow.

This book should be way more popular than it is...kind of fitting since it is all about taking advantage of hiddenness.

FIVE STARS.

We recently kicked off our Fall Bible study at church, using Alicia's series "Anonymous: Jesus' Hidden Years and Yours." Sixty women were left speechless, a feat by anyone's standards! Alicia can pack more depth and volume into one sentence then most of us can hope to write in three pages! The corresponding study guide adds tremendous depth and underscore to the teachings of "Anonymous", leading the reader into rich intimacy with God.

This teaching, via this book, has been one of the most transformational teachings I've ever received from Scripture. Alicia's capacity for pondering God and the sacred walk of a Christian therein, leaves me hungering to be a better mother, a better writer, a better human being, and most importantly, a better seeker of God.

Alicia Chole's "Anonymous" is a must-read for anyone who feels they are in a hidden or anonymous season. Her reflective style offers hope and healing with biblical and practical examples. It's a timeless piece of art on paper.

Jackie M. Johnson
"Power Prayers for Women" Author
POWER PRAYERS FOR WOMEN

THE RIGHT TO PRIVACY is an excellent legal resource which can be read by legal scholars, however, lay people need to consult a legal dictionary from time to time. But the book clearly establishes how the right to privacy applies to every citizen when used against several aspects of everyday life the citizen comes in contact with. Caroline Kennedy, along with Ellen Alderman, has proven her excellent legal scholarship which, in my opinion, qualifies her as attorney general and/or associate justice of the U. S. Supreme Court.

This book starts off Rated R. I wish I could give a copy to my teens, but it gets a little too descriptive (necessary for impact though) of police violations on women. However, I thoroughly enjoyed this book. (Maybe when they're older...) It is a collection of some landmark cases, conflicts, and horror stories of the reality of our government's instrusiveness into people's personal lives. It is an eye-opener to those who blindly follow government orders. I'm comfortable reading legal documents, but I thought one of the book's better points was that it put legal terms into layman's terms. I found the book so lively and intriguing I finished it in a day! I definitely recommend this for anyone concerned about government instrusiveness and loss or interpretation of constitutional rights.

a bit boring but just shows what big brother can do to innocent people . good to see caroline standing up for ordinary people .

I enjoyed this book, even though it is heavy on legal court cases. Don't let that fool you, though, it's not a legal reference. This book covers significant cases in privacy using a very interesting approach. There a interviews and behind-the-scenes stories that explain what happened, how the plaintiff felt, and what the outcome was.

If you liked this book you will love "The Digital Umbrella." It is a great compliment to this book.

This book is written by a couple of lawyers who specialize in privacy issues. It is essentially a collection of thoughly researched court cases with added commentary from the authors. As such, it reads like...well... a collection of court cases.

A copy was originally lent to me by a very well-read and intelligent friend of mine who considered it overly dry. I, on the other hand, loved it. It's very details-oriented from cover-to-cover and packs in a wealth of information that is invaluable to anyone interested in the legal aspects of privacy.

This book addresses every aspect of doing business on the Internet securely. A must read for anyone that uses the Internet to either buy or sell.

This is an excellent book for the skeptic who thinks that "it can't happen to us!" I think many different companies (government and private sector alike) will be amazed at how comparitively little it actually costs to prevent a corporate disaster. Ever wish to go inside the mind of a good hacker and learn how he does it? This is the book for you!

The ubiquitous Internet is a double-edged sword. A major benefit is sharing information; a major detriment is the risk to customers of divulging private information. For e-businesses, therefore, privacy is a showstopper issue. This book was written to promote e-business success by helping organizations evaluate privacy needs, establish a privacy task force, use technologies to provide maximum protection, formulate privacy policies and procedures, implement and test privacy procedures, and monitor and modify privacy protection. This one's a winner--for companies that want to "win" at e-business.

The ubiquitous nature of the Internet is a double-edged sword, with sharing information a major benefit, and the risk of divulging private information a major detriment. In the rush to establish an e-business, organizations can't afford to ignore the showstopper issue: privacy. Erbschloe and Vacca provide a how-to for businesses to help them evaluate their privacy needs, establish a privacy task force, use privacy technologies to the best advantage, formulate privacy policies and procedures, implement and test privacy procedures, and monitor and modify their privacy protection. This one's a winner--for businesses that want to "win" at e-business.

A very informative and useful book in an area which is near and dear to all of us as we open up to the world of i-payments.

"Trust used to be all about a handshake - and nothing has changed..."

So begins Appendix F in Vacca's book. The entirety of the book defines that critical handshake, which has been made so much more complex by Internet
freedom and opportunities. Layers of certification and handshaking, both online and offline, hashing, third parties, CA's.

Vacca includes costings, comparatives, definitions, implementation instructions, and white papers written by others with expertise in the area.

This book is a 'must read' for those of us working in IT security.

As usual, John writes a very timely book on contemporary IT issues. Most people are still afraid to use their credit cards on the net and businesses have huge constraints in terms of what can and can't be done through the web. As the rules of the game toughen for the every-ready hacking minds, government are also cracking down on such culprits, however, for the average user of electronic commercial transactions, there needs to be a stronger feeling that their money is safe. John's PKI book helps to educate those with this understandable concern, that it may now be getting safer to do business on the net.

This book covers the entire spectrum of PKI technology with an emphasis on the pratical aspects of design,implementation and use. As an IT security professional, I have found this book to be extremely useful in my job as we must constantly be on guard and make use of the latest technology to stay one step ahead of the multitude of security threats we face on a day-to-day basis.

To successfully transact business on the worldwide web, a secure network is essential. John Vacca's book explores public key infrastructures (PKIs)as a technology to provide that security. This book would be a good resource for anyone responsible for maintaining network security in big business or small.

"Trust used to be all about a handshake - and nothing has changed..."

So begins Appendix F in Vacca's book. The entirety of the book defines that critical handshake, which has been made so much more complex by Internet freedom and opportunities. Layers of certification and handshaking, both online and offline, hashing, third parties, CA's.

Vacca includes costings, comparatives, definitions, implementation instructions, and white papers written by others with expertise in the area.

Previously a developer and implementor, and now a user, I wish that we had had this information then when we were implementing PGP, and I can only hope that my host sites now are compliant.

Since I am not an economist, I must leave some of the technical details of the book for assessment by others. However, the author's advocacy for financial privacy and for consumption taxes seem to be right on the money--so to speak. He writes in a very lucid and comprehensible manner.

Richard Rahn explains money concepts and how it relates to your everyday life in a simple and concise manner. He conclusively argues for the abolution of taxes on capital and why unprincipled politicians will fight to keep them. He demonstrates with examples how some countries have prospered by keeping or eliminating taxes on capital while those who didn't have fallen behind. He is most persuasive on the issue of financial privacy as a human right and without it we are at the mercy of a totalitarian government. Very easy to read.

OK, so you have your guns, you've studied the law and you've got your gold and 10 years of food stashed.

Guess what?

It's not necessary. Not now. Not anymore.

No violence, no protests, no writing your congressman.

This is a revolution that is happening one person at a time, anonymously, securely, privately and instantaneously. Each individual voluntarily removes his energy from the system that is enslaving him.

The government will simply lose revenue until it can only function within its justified duties, which is the protection of the property and lives of its citizens.

This book shows the convergence of multiple truly revolutionary technologies that will give us back our freedom and force government to adjust to this new world. This is the way we will return to true freedom.

Rahn has made a bold attempt to predict the impact of technological and financial innovations on the economy and society in general. The technological developments are the Internet, electronic money, and freely available cryptographic software of a very high standard, specifically PGP. Other commentators have also speculated on the problems these with cause to governments in raising taxes, fighting money laundering etc. However Rahn takes into account not just technological developments but also an innovation of a purely financial nature, namely securitization.

In principle, almost any kind of asset can be turned into money by securitization. Probably the most highly publicised example is "Bowie bonds" which are backed by royalties from songs. David Bowie was the first to raise money in this way, hence the name.

Throughout history governments have yielded to the temptation to allow their currencies to be debased. In the past most people had to put up with this but Rahn suggests that the technological and financial innovation will effectively give people other choices.

Rahn concentrates on the US in his book, which is natural enough - after all as well as being his own country it is the world's most influential! However he does make many references to Switzerland, particularly in connection with that nation's long experience of bank secrecy, and is also very critical of the tendency of many Americans to think that what is illegal in the US should be illegal everywhere and conversely that what is legal there should be legal everywhere. He points out that the American legal system imposes a big burden on American business and society and that other countries should be suspicious of attempts to export US law.

One of my major quibbles is that the title is a bit misleading since what Rahn is describing is not really the "end of money" but its transformation and the end of coins and banknotes. Even that is questionable since the developments he foresees are most relevant to the comfortably off. In many countries the poor will remain a large section of the population for many years to come and I expect many of them will want to continue using hard cash.

However this is a thought-provoking an fascinating book which should help us to anticipate the problems and the opportunities changes in the form of money pose for society.

Dr. Rahn explains advanced concepts of economics in a format that the beginner and simpleton, like me, can understand and use. It is an easy four hour read, is a primer in economics and is must reading for anyone who thinks the way of spending money will continue just like it is at this time. The big question is whether government will grow up in time not to get in the way of the monetary changes and whether you and I will be able to spend our money as we wish without Big Brother's nosing in. What Dr. Rahn fails to point out is that the concepts expressed in his book are basic to our constitution and to our freedom. If we do not take heed, we stand to lose both. It is must reading for every citizen.

I bought this to help perform research on a security course that I'm preparing. Even though the information on some of the honeypot programs is a bit outdated, I still found the book very helpful. It's well-written, and gives a very good explanation of how to implement honeypots. It was a tremendous help in my research.

This book is written with obvious passion towards honeypots as the author obviously believes in the power of honeypots in making the corporate network a safe place. The discussion cover simple and advanced topics in honeypot motives, creation and trapping hacker information. In all, a well researched book that evangelises the use of honeypot intrusion detection

This book did a great job of presenting the concepts of modern honeypot technology. It begins by covering the basic concepts of what the different types of honeypots can do, the different design concepts of production honeypots vs. research honeypots and how honeypots can be an aid to network security in any organization. The one thing I did'nt like was the "flow" of the book and the way some chapters were written. There was an exessive amount of fluff, some topics were beat like a dead horse. The book could easily have shaved off 50 pages making it a better read. Overall, it was a great book, I learned a lot, and would recomend it to anyone looking for an intro to honeypots. The included CD was a plus as well.

Honeypots is an excellent introduction to the subject of honeypots, useful as a reference for experts as well as for beginners to the subject. It is written very clearly and provides step-by-step instructions with plenty of examples and screenshots. It covers commercial, open source, and do-it-yourself solutions, from very simple low-interaction detection honeypots to very high-interaction research honeypots. A CD-ROM is included with software and example data collected by honeypots. One defect is a fairly large number of typos.

Honeypots: Tracking Hackers By Lance Spitzner (Senior Security Architect for Sun Microsystems, Inc.) is an advanced computer science text to understanding and making use of "honeypots" (technological systems specifically designed to be compromised by online attackers) as burglar alarms, incident response systems, or tools for gathering information about hackers in order to better guard the security of one's compter data. Technical know-how, advanced theory, guidance from three legal experts, and more fill the pages of this excellent and very strongly recommended resource for anyone invested with cyber security responsibilities. An accompanying CD-ROM contains white papers, source code, and data captures of real attacks to facilitate the deployment of honeypot solutions to serious computer problems.

This book is an eye-opener on privacy invasion, and how it can harm you in countless ways. It is a comprehensive study of the many forms privacy invasion can take, especially as practiced on the Internet, and what you can do to protect yourself. Author Dan Tynan has studied these offensive practices for years, and gives us the benefit of his research and findings. Find out what is going on, and what you can do protect yourself, not only on the internet, but in other aspects of your life as well.

Much as we don't want to, privacy is something we all need to think about and protect these days, unless we want to give up our computers and other gadgets and go back to stone tablets. Now we have an easy, funny, understandable guide to protecting ourselves in the online age, and we'd be foolish (and just asking for trouble) to ignore it. Dan Tynan has done all the hard work for us; now we just need to make sure that everyone we know reads this book!

This book covers more than just your digital privacy. It sweeps on a wide variety of privacy topics. I find that a good thing since it's comprehensive. In reality your digital identity is interspersed with your physical identity and both a very important.

This is the most accessible of the privacy books I've read. The advice is presented in bite sized bits that are easy to understand and implement. It gives both background and practical advice. Both of which are necessary to understand the problem and the solutions.

Computer Privacy Annoyances
O'Reilly
By Dan Tynan
ISBN 0596007752

As someone who gets asked questions about Internet use and safety all the time, a book I had been itching to read was "Computer Privacy Annoyances", by Dan Tynan. According to the cover, the book covers "How to avoid the most annoying invasions of your personal and online privacy."

The quick and dirty? The book gives very practical, real-world examples of how your data can be used, yet the author manages to avoid sounding like a doomsayer... even some of the more scary scenarios don't come off sounding like sensationalism, just honest (and sometimes even apologetic) examples of what could very realistically happen. (I thank you, Mr. Tynan.)

I'll take bets on anyone that doesn't learn at least ten new things they didn't know about their privacy rights. Mr. Tynan has taken the proverbial "They" and reduced it to the very organizations that "they" really are. Did you know you can request a copy of your FBI files? Do you know who has the power view it? Do you know who is collecting data on you at this very moment and what they are doing with it?

The book's format allows for a surprisingly fast read. Well organized sections such as privacy at home, on the Internet, in public, at work, and even on a federal level allow for quick chapter absorption. In each chapter, the author states the annoyance, and then the fix. This allows for quick skipping over an 'annoyance' that might not annoy you that much.

I did notice that the author made no mention of the everyday information users give out about themselves without even realizing it, such as usernames that contain birthdates and such. But the Internet privacy chapter is only a small portion of the topics covered in this book. In fact, if I had to find one fault with this book, however, I'd say they lost a much larger audience that could have easily benefited from the book by calling it *Computer* Privacy Annoyances.

As a tech professional, if I could get all my clients, users, friends, family and complete strangers to read this book, I strongly believe identify theft could become a thing of the past. And it might even reduce global blood pressure, too. Bonus!

Privacy? Good luck! Even the slightest misstep on line (or anywhere else, for that matter) can open you up to privacy intrusions that you may not know about. Dan Tynan does a really good job in outlining these areas in Computer Privacy Annoyances. This is pretty much required reading for living in our heavily computerized society.

Contents: Privacy At Risk; Privacy At Home; Privacy On The Net; Privacy At Work; Privacy In Public; Privacy And Uncle Sam; Privacy In The Future; Index

In this Annoyances title, Tynan looks at a wide range of activities and situations that involve a potential unwanted loss of privacy. Using a question and answer format, he effectively shows how seemingly innocent activities (like booking a hotel room or ordering a kosher meal on a flight) can be logged and combined to build a profile of your activities that may not present a very flattering picture of who you are and what you do (and with whom). While there's the obligatory chapters on spam, online registration sites, and the like, there are also excellent chapters that cover privacy at work (what your employers can and can not do) as well as health record concerns. Things may not be as secure and private as you think they are...

Realistically, there's already more information out there to be gleaned than you'd probably expect and be comfortable with. But by reading and digesting the contents of this book, you can start to reduce your exposure going forward. Even just the awareness of privacy concerns will start to cause you to question *why* a merchant might want certain information. They may *want* your zip code or phone number, but that doesn't mean you *have* to give it to them. Even if this book keeps you from making just one mistake that would lead to identity theft, then it's more than paid for itself. A recommended read...

The book arrived in a timely manner and its condition was better than described. Great price too! Thanks

"Keeping Found Things Found", is a must buy, an essential tool, as we all struggle to keep on top of, rather than be buried by, information. The book's premise is excellent, explaining as it does how to organize web information into our lives in ways that help rather than just adding to the clutter.

In today's frenetic pace, when we are swamped with information, this book gave me highly valuable suggestions. But, as importantly, it also gave me some very useful questions to ask. It seems as though every day I run across new Web initiatives or gadgets or software tools. Which are worth my time and trouble (and money)? The book gives a checklist of questions to consider.

"Keeping Found Things Found" is thorough and extremely readable.

This book is a great introduction and a consummate summary of the field of personal information management. Its comprehensive nature makes it useful for people familiar with the field, while at the same time it's a great primer for someone new to this area.

When the author of this book invited me, based on some of my web illustrations, to create some illustrations for this book I was interested in the project because it spoke directly to my own experience. I teach design for instructional media in a university setting and struggle every day, not only with my own deluge of personal information and how to manage it -- but with helping my students recognize that the end result of their own design efforts will be contributing to the personal information overload faced by their clients and their students. This book maps out the dimensions of our current personal information problems, and should be a required read for everyone who is engaged in adding to those problems, trying to solve them, or studying them in any detail. In particular, students of Information Technology, Information Design, Informatics, Instructional Systems, Human Performance and any other discipline with ties to personal information management -- and Jones makes clear how many of us that really is! -- needs to view the complexity of users' lives in this kind of comprehensive detail. Too many of us only think about what we are asking people to use or to do or to remember. This view of their lives may be daunting, but it is critical!

I'm a college dropout(Information Studies), now working in IT as a Systems Admin at a fair sized hotel. When I left college to pursue other at that time more interesting things. I couldn't really see the big picture in why we had to learn what they wanted us to.
Now I do, thanks to this book.

I keep feeling inspired about the management of my information. Both as PIM in my own department, but mostly also for my users. I can suddenly see some meaning in the way they manage their PIM. I as the IT department have to facilitate their professional PIM. I have to give them the tools to make sure they don't lose stuff, but also so they don't drown in information. Suddenly I have a much more nuanced view of my job. Being the geek who loves his tech stuff, can do everything to keep servers and computer running, is not really enough. I have to know my place in the business of managing information and information flow in the company.

This book could teach many programmers, much on how they can make their products more usable to the users. Make them understand some of how people look at the information being processed, stored, shared, pushed by the programs they write. We have to facilitate more styles of PIM than just our own, not everyone works like we do.

I have to stop myself, I just love this book and the ideas it keeps inspiring to pop up in my head.
There is so much for so many people in this book..

I have spent many hours on WS-Security, and this book was what finally got me up to speed on XML security.

Don Eastlake is an old IEFT head. He did a great job with this book both in completeness and explanation. It is complete in that he covers everything. The explanations are clear with good examples.

I would note in passing, however, that you should consider the use of Fast Infoset, where the XML instance documents are replaced by ASN.1 instance documents. That is, if you serialize and deserialize based on an XSD, you are usually better off using the Fast Infoset approach. This can have an improvement of 40% smaller instance documents and 40% faster processing. This is a big win. See "Fast Infoset" in the Wikipedia. ASN.1 security is trivial because the RSA PKCS CMS specifications are all in ASN.1, using digitial signatures and encryption.

This is a great book. I rarely give a book 5 stars, but this one has earned it.

The author's technical and standards body background is a tremendous help in helping the reader sort out the substance from the hype. This book covers XML and cryptography basics, DTDs, XML Schema, XML digital signatures and encryption, and SOAP.

I like the author's comparisons of XML with other encoding schemes, particularly ASN.1 DER which is prevalent in the security standards world.

Also helpful are the author's "soapbox" comments, which handily dispel the notion that you should accept all parts of a standard as the absolute truth and the final word. For example, "X.500 identities are baroque hierarchical names in which each level of the hierarchy consists of an arbitrary, unordered set of attribute-value pairs. They are just one of the complexities and false assumptions (such as the assumption that everyone would allow themselves to be listed in one global public directory, including companies listing all their employees) that doomed the X.500 Directory as originally conceived". I love it!

You'd be hard pressed to go wrong with this book.

In researching business requirements for enterprise web services, it soon became obvious that XML security would be an important issue.

I happened across this book, with a seemingly simple format and am impressed with the information it provides, the progression of information, and how well I was able to understand and comprehend the concepts detailed.

After reading serveral books on XML in general, I would recommend this book to anyone just wanting to learn XML concepts.

I wish more technical books gave me the same feeling of usefulness that this one gave me.

As they say in the movie industry... "An enthusiastic thumbs up"

Collaboratively written by Donald Eastlake (Co-chair of the joint IETF/W3C XML Digital Signature working group) and freelance technical writer Kitty Niles, Secure XML: The New Syntax for Signatures and Encryption is a solid, accessible, step-by-step guide to the processes for encrypting and ensuring security of XML applications. Individual chapters competently address canonicalization and authentication, encryption, cryptographic and non-cryptographic algorithms, and much, much more. Highly recommended for advanced XML users, Secure XML is a comprehensive, technically proficient, and detailed instructional resource and reference filled from cover to cover with extensive discussion and practical examples.

Suppose you have XML data that you want to regularly
send to Bob, across the Internet. But it is of a
confidential nature, so you don't want to send it as
plaintext. Well, you can try using low level
encryptions, like SSL or TLS. But these don't give any
authentication, ie. Bob can't tell that you actually
sent them. Also, once Bob gets the messages, they are
all in plaintext, so he can't easily protect these
against others, if he is on a multiuser computer.

One answer is to incorporate encryption into XML, by
defining cryptographic standards that sit atop XML,
and generate XML documents with encrypted data. These
let you and Bob use powerful XML-based routines like
XPath, XLink and XPointer. Plus, you can now do things
like append your digital signature to your plaintext
file, encrypt the combination with Bob's public key,
and get a resultant XML document that you can send
Bob. Upon receipt, he can decrypt it and verify that
you are the author, all the while dealing with XML
documents.

This book explains the emerging XML standards that
make this possible. They discuss at a high level the
various cryptographic algorithms, like AES [Advanced
Encryption Standard], Diffie-Hellman and MD5. Little
mathematics is needed, as they leave the mechanics of
the algorithms to other books. Instead, they describe
the XML infrastructure that uses these.

The book has a necessarily comprehensive description
of canonicalisation; which refers to the rewriting of
an XML document in a standard form, prior to
encryption. Otherwise two semantically identical
documents would give different ciphertexts, which is
confusing.

If you have been wondering if you should encrypt your
XML documents, and how to do so, this book may clarify
many issues.