The author is not a hacker, he is a "security consultant". I am not really sure whether he means to use the word prejudicially or not. In the introduction he does say:
which is basically positive and pretty much describes his approach to writing a beginning book on (mostly) C programming. However, he does also introduce explicit examples of how "exploitation" works -- that is how I learned why a buffer overflow can be very bad, like not just segfault bad, for example.Originally Posted by Jon Erickson
There are some historical examples of how people have done other bad things (how polymorphic shellcode is constructed, various "DoS attack" methods, TCP/IP hijacking, etc). By the time you are done*, if you are stupid enough, you should be ready to try out some obvious and well known exploit, get traced, and go to jail.
*actually I am not. Polymorphic shellcode is in the last chapter, "cryptology". The book has a very steep curve in it, something you keep coming back to. It also very code heavy.