Jayson called me regarding this post, and I promised to let him tell his side of the story, right here, at the top of the post, so here it is:
I am more stunned than anyone on finding this out. When Kent and I finally got the book deal from Syngress we were overjoyed and immediately felt the pressure of completing the book by our deadline. We had been so involved in getting the first part completed that we turned to Dustin L. Fritz to step in to write the 2nd part.
Dustin served as the Technical Editor and we were assured that he would be able to complete the 2nd part in time to meet the deadline. I trusted the material that Dustin delivered was either original or properly sourced. As people heard me say before this discovery, I gave proper credit to Dustin for the 2nd part.
I do feel betrayed that someone I trusted appears to have taken short cuts and not delivered original material. The Information Security community is about trust and I apologize to those who should feel betrayed. This is not trying to lay blame this is trying to get the full story out there. This book has my name on it so therefore the ultimate blame is with me.
I want to also apologize to Syngress, Rachel, and Angelina who were behind me 100% for this project. I will personally work to correct any plagiarism or copyright issues in this work.
Edit: Co-author Kent Nabors posted his response in the comments below (where the discussion is going very well), and I have made a couple of small edits to the post to more accurately reflect the fraction of the book made up by the STAR section (from all but 170, to all but 125).
Edit: Dustin L. Fritz (of The CND Group) has left the following comment regarding plagiarism in this book:
This was an honest mistake and I sincerely apologize for any miscommunication. I hope that the correct and proper citations can be added soon and that all questions regarding copyright and plagiarism issues can be resolved. I hope the book can still be enjoyed as a valuable contribution to the information security community and I hope it will go on to fulfill its objective in reaching anyone who desires to learn more about hacking and security. I want to specifically apologize to Jayson, Kent, Syngress, Rachel, Angelina, all the readers, reviewers, and others who have taken offense. I want to fix this and I sincerely appreciate everyone’s positive support!
I appreciate Dustin’s comment, however (as we discussed at length on the phone this morning) I disagree partially with it being an honest mistake. When one has demonstrated in other parts of the same book, and at presentations at venues such as DojoSec, that he or she is capable of quoting and citing things properly, and knows that permission should be asked before reproducing material, it’s no accident when large sections of text are lifted from non-attributed sources and presented as the authors’ work. The argument was made that the work was never put forth as the authors’ words, but the below information and anyone with a copy of the book can verify that this is not the case.
My original post continues from this point.
I am posting this as an amendment to my review of Jayson Street and Kent Nabor’s Dissecting the Hack: The F0rb1dd3n Network. It turns out that a large portion of the book being presented as the author’s original work (almost the entirety of the STAR section, which is all but 125 of the book’s 400) is actually plagiarized from various online sources (primarily Wikipedia). Not much in information security angers me, but it does anger me when authors attempt to present others’ work as their own, misleading their readers and reviewers (many of which have given very positive reviews to this book).
While I was in the process of reading and reviewing Dissecting the Hack: The F0rb1dd3n Network, I promised Jayson that I would provide notes that I had taken in the process of reviewing the book. A few days ago I posted that review, and today I reviewed my notes and edited them to be more readable than they were for his benefit.
In the process of editing those notes, I reviewed each of the problems they addressed, including where I had stated that many quoted materials were not attributed to any source. I had also noticed normally formatted, apparently author-written text that was actually an excerpt from a Wikipedia article in one place. At the time and in my notes, I figured that it was likely a typesetting error.
Unfortunately, this evening, I found out that this is not the case.
After reviewing my notes, I noticed other strange wording in the STAR section, which comprises all but 125 of the book’s 400 pages. I chose some excerpts at random, and Google’d what should have been unique phrases from them. In most cases I was given results on Wikipedia, where the text of the entry matched the text of the book exactly. This worried me greatly.
For several hours this evening, I have gone through STAR, section by section, locating the sources of plagiarized material. The majority of the text presented as the word of the authors’ (normal typesetting, not quoted or attributed) is directly ripped off from a number of online sources, primarily Wikipedia. For the most part, only the sections that directly reference the characters in the story portion of the book can be trusted.
I kept notes this evening, and I have created the table below, which documents 55 instances in The F0rb1dd3n Network where the contents are directly taken from Wikipedia and other online sources. Most of these are quite blatant, taking exact sentences and paragraphs from Wikipedia articles and using those to form the entirety of the book’s explanation of the topic. In most cases, all that is added are references to screenshots, and small wording and paragraph break changes.
Before I found so many examples, I thought that this might be a product of my own academic background holding this non-academic text to too high of a standard, but the massive scale of it constitutes plagiarism by any rational definition, and specifically violates Wikipedia’s copyright rules, among others’ rights. It is an insult to those that have taken the time to review it, and to those who have paid for the book under the assumption that it is an original work. I find it hard to believe that the authors did not feel that this was wrong, and can only assume that the editors were unaware.
The following table lists page numbers, the topic being discussed, a URL of the original material, and a “length” which roughly describes how much material is lifted. In this field, “Entire description” indicates that the entirety of the discussion of the topic in the book is taken directly from the source URL. Other descriptions attempt to explain how much material was “lifted”, though it’s inexact, as paragraph breaks are changed from the source to the book. In some cases, I had to go back to previous revisions of Wikipedia articles to determine what was copied, and so the revision I list may or may not be the exact revision the author used.
If you have a copy of this book that you bought or received for review, I encourage you to take a look at these pages and source URLs to see what I’m talking about:
|135||OSI Model||http://en.wikipedia.org/wiki/OSI_model||2 paragraphs and a table|
|141||Maltego||Old description from paterva.com||1 sentence|
|146||DNSPREDICT||Many sources (likely original tool site)||Entire description|
|157||Amap||http://freeworld.thc.org/thc-amap/||Entire description (short)|
|164||Vulnerability Scanner||http://en.wikipedia.org/wiki/Vulnerability_scanner||Entire description|
|164||IBM Internet Security Systems||http://en.wikipedia.org/wiki/IBM_Internet_Security_Systems||Entire description & history|
|166||Nessus Goes Closed License||http://en.wikipedia.org/wiki/Nessus_(software)#History||quoted|
|167||Tenable NeWT Pro 2.0||Press release? http://www.highbeam.com/doc/1G1-115844766.html||Entire description|
|169||Microsoft Baseline Security Analyzer||http://en.wikipedia.org/w/index.php?title=Microsoft_Baseline_Security_Analyzer&oldid=225194910||Entire description|
|170||eEye Retina||http://en.wikipedia.org/wiki/Retina_Vulnerability_Assessment_Scanner||Entire description|
|177||Exploits||http://en.wikipedia.org/wiki/Exploit_(computer_security)||Entire description (full page of text)|
|179||Buffer Overflows||http://en.wikipedia.org/wiki/Buffer_overflow||Entire description|
|180||SubSeven and Stopping SubSeven||http://en.wikipedia.org/w/index.php?title=Sub7&oldid=299155522||Entire description|
|187||Core Impact||http://en.wikipedia.org/w/index.php?title=Core_Impact&oldid=295444915||Entire description|
|193||Registry Keys||http://en.wikipedia.org/wiki/Windows_registry||Entire description|
|194||Securing your logs||http://codeidol.com/sql/network-security-hack/Windows-Host-Security/Secure-Your-Event-Logs||Entire how-to|
|195||Event Viewer and HOW TO: Event Log Types||http://support.microsoft.com/kb/308427||Entire description|
|197-200||Last User Logged in||http://www.technixupdate.com/change-or-hide-the-last-username-logged-on-username-dialog-box/||Entire how-to copied|
|201||Last True Login Tool||Many – Likely old description from website||Entire description|
|202-204||Last logoff script||http://dovestones.com/active-directory/true-last-logon/last-logoff.html||Entire how-to|
|205-208||Windows Security Log||http://en.wikipedia.org/wiki/Windows_Security_Log||Entire article|
|223||Description of NIST||http://en.wikipedia.org/wiki/National_Institute_of_Standards_and_Technology||Two paragraphs|
|244||One-time Passwords||http://en.wikipedia.org/w/index.php?title=One-time_password&oldid=306538660||Paragraph and list|
|255-256||Full-Disk Encryption||http://en.wikipedia.org/wiki/Full_disk_encryption||Three sections|
|258-264||IPS||http://en.wikipedia.org/wiki/Intrusion_prevention_system||The entire wikipedia article copied over multiple pages!|
|278||Wireshark||http://en.wikipedia.org/wiki/Wireshark||Several sentences from the article|
|279||PGP||http://en.wikipedia.org/w/index.php?title=Pretty_Good_Privacy&oldid=304558754||Two paragraphs of description|
|281||Personal firewalls||http://en.wikipedia.org/wiki/Personal_firewall||Short description|
|299||Bleeding edge technology||http://en.wikipedia.org/wiki/Bleeding_edge||description and list|
|303-305||ECHELON||http://en.wikipedia.org/wiki/Echelon_(signals_intelligence)||Entire description + photo|
|310||Ghost Rat||http://en.wikipedia.org/wiki/Ghost_Rat||Two paragraphs|
|332||2600 Magazine||http://en.wikipedia.org/wiki/2600:_The_Hacker_Quarterly||Entire description|
|333-334||Gary McKinnon||http://en.wikipedia.org/wiki/Gary_Mckinnon||Entire description|
|396||World of Warcraft||http://en.wikipedia.org/wiki/World_of_warcraft||Large paragraph|
|404||Bump Keys||http://en.wikipedia.org/wiki/Bump_key||Entire description|
35 comments on “Amending my F0rb1dd3n Network Review”
Pingback: Book Review: Dissecting the Hack – The F0rb1dd3n Network « McGrew Security Blog
Pingback: Writing original material is hard… « Random Things From Dark Places
Pingback: Syngress Response to Plagiarism in Dissecting the Hack: The F0rb1dd3n Network « McGrew Security Blog
Pingback: Security Justice » Blog Archive » Security Justice Special Edition – Jayson Street and Dissecting the hack: the f0rb1dd3n network
Pingback: (More) (Massive) Plagiarism in Security Books « McGrew Security Blog
Pingback: Plagiarism and the State of Infosec Publishing | InfoSec Reviews Blog