PoC||GTFO Volume I & II
This review is one of the first ones. I've reviewed several academic papers, seminar papers, theses etc. But never actually reviewed a book. But on my bookshelf are several titles that I just want to highlight, as I think they are worth reading.
| PoC GTFO Volume 1 | PoC GTFO Volume 2 | PoC GTFO Volume 3 |
|---|---|---|
 |
 |
So PoC||GTFO is actually a journal/zine\(^1\) that you can find online. In some kind, it reminds me of zines like Phrack or 2600 but quirkier (positively). Why are they quirkier? Because the introduction and style imitate a cliché bible from the United States (as well as some articles do in their language). So in some way, it is like a bible for geeks that are interested in all kinds of weird machines, cryptography, operating systems, file-type polyglots, hardware and of course security/hacking. A lot of authors are well known and have a high status in the security scene.
So why mention a dead tree version, if you can read the issues online anyway? Because they are done so nicely. No starch press\(^2\) did a fine job. And if you enjoy reading real books as I do, it is great that such things exist, even in our domain. Often books are more or less just books, where content is everything. But sometimes a good print format or nice cover will upgrade the "joy of reading". And these both volumes are quite amazing and are fun to read.
The first cool thing is that the volumes are leather-bound, which is to some extent a nice surprise. I read over this part of course as I ordered the book... The first volume comes in black leather with a nice gold edge (in German "goldener Buchschnitt") and looks fancy. This volume contains the first eight issues of PoC||GTFO. The second volume has a green leather-bound and comes with some PCB layout on its edge - cool! It contains editions from nine to thirteen (including). The third volume comes as well leather-bound (dark blue) with a silver edge and has some nice markings for the start of an edition. It contains the edition fourteen to eighteen. Currently the editions from nineteen onwards are missing, and therefore we can hope for a fourth volume.
While reading the PoC||GTFO volumes it is so amazing to read about things you heard of but in a different context or even never heard of, as they are from another era of computing or just specialized. Most important is, in my opinion, that the articles touch a certain depth (level of detail) and outline the impact on the real world, even though the article deals with a niche area problem. Some articles sound esoteric like, why should someone investigate or bother about? E.g. antique network protocols from the 70s or shell code for RISC-V. But then you see the PoC and for me, I just connect those proofs to things I do know or can rely on, or you see a connection to similar problems in other areas. If it is an article about stuff I never heard of, but it sounds interesting I dig into it until I can relate something to it and keep reading. So if one of want to read these amazing books you will learn so much from them.
In between all these nerdy things, there is more to discover. The issues are covered with oftentimes strange advertisements and promotion stuff that doesn't come from the industry. They come from the authors themselves and often are nerdy but not cringe. Most times they look like they come from a very different time or universe. Geek-Level +1... I just love this kind of (art)work!
As a total nerdy speciality, this zine has lots of articles about file polyglots and therefore the PDF version of PoC||GTFO is a polyglot itself. Funny things like the PDF has a complete operating system included are standards for the editors and are nice gimmicks. Have a look at the file sizes and play around with tools like binwalk and hexdump. There can be tons of things discovered that are not only amusing but often teach something.
As all volumes cover lots of articles I cannot review every single one of them. But I just thought to pick some articles and do some more research and write something about it. Maybe someone will sometime read this and will have as much fun as I had reading them.
Side note: On several events like black:hat etc. these journals are distributed in printed format.
Links:
- One of the mirrors: https://pocorgtfo.hacke.rs/
- https://nostarch.com/gtfo1 and https://nostarch.com/gtfo2