Topic created on: May 23, 2008 06:28 CDT by
shakuni 
.
I read Mark Ludwig's "The Giant Black Book of computer viruses" a few years back.However it is obsolete now and there is no book to fill its place.Although there are good books on writing rootkits, there's no book that focus on writing computer viruses and worms (There is one by springer but it only touches the surface).I think its high time someone should write a book on it.I've started to write one that will focus on both windows and Linux platforms.
Please give me your opinion on the following points-
1.What should be the scope of the book (tell'em'all or just show them the way and leave them to research further).
2.Should the book be based purely on assembly language only or there should be some HLL(c/c++) code in it.Again I prefer the assembly language paradigm since it is almost impossible to do many things in HLL.
3.Should I write such book at all ?
Any other suggestions are welcome.
shakuni
[/i]> I think its high time someone should write a book on it.[/i]
exactly! there're some books about viruses and worms, but they're all obsolete, meanwhile viruses and worms have changed, new protections and pro-active technologies been introduced, new analyst-tools and hardware. the world isn't the same, it has changed.
> 1.What should be the scope of the book
> (tell'em'all or just show them the way and leave them to research further).
depends on your goals, so it's only for you to decide. anyway, better to tell them everything you know, than just give a clue. after all, if you buy TV you want to get something like "plug-n-enjoy". just a few ppl buy constructors just to get electro-stuff together. the same with books. ppl want to get knowledge, they pay for it.
> 2.Should the book be based purely on assembly language only
> or there should be some HLL(c/c++) code in it.
almost every man in RE know asm, but it's too low level to explain simple things, so don't reject HLL, coz, one HLL line might replace a dozen asm lines (you can use pseudo-code as well).
> Again I prefer the assembly language paradigm
> since it is almost impossible to do many things in HLL.
well, just choose the best way. if HLL-listing looks ugly, try asm.
if asm is too complicated to be understood, use HLL or pseudo-code.
> 3.Should I write such book at all?
it's only for you to decide. how we can discuss the book that doesn't exist yet? write a few chapter, show them to ppl. some ppl will tell you that it's a crap, some ppl will tell you that it's awesome book ever, some ppl will be neutral. thus, don't write the book for ppl, write it for yourself :)
|
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}