a brilliant review. The "People Magazine" template is increasingly
common, from Wired Magazine to a book on the history of drones which
always began chapters with "XY was cleanng his parasail on a warm day in
the Caribbean when ..." as if human interest in people who are not made
very human trumps what I wanted, the history of the evolution of drones.
But that would have been a long essay instead of the mandated 300-page
no more no less books that fit the shelves at Big Boxes just so. (did
you know that B&N told publishers that ficiton beyond 300 pp would not
be shelved unless it was by one of the Big Few?)
On 1/5/2015 10:58 AM, Dave Aitel wrote:
http://www.amazon.com/War-Shane-Harris-ebook/dp/B00HP6T7V0/ref=sr_1_1_twi_1?ie=UTF8&qid=1420467848
For a book about America's failing trust with our own intelligence
team, this book is a hard book to trust. That's not to say it's not
well researched: a third of the book is footnotes. But at least HALF
the footnotes are simply "from author's interviews", often from
interviews with anonymous "former officials". The first chapter is
about how the use of real-time SIGINT revolutionized warfare in the
modern age, and the rest of the book is really about how we can't seem
to make any inroads in protecting ourselves.
There's a saying in the intelligence world about how SIGINT doesn't
lie, but HUMINT does. And that's because while it's rare that you will
lie to yourself in your internal memorandum and emails, divulging
content from what two sources say means you have to triangulate their
points of view and often end up in nonsense land. Shane Harris falls
right into this trap, and relying on sources so heavily also means
that it has a penchant for breathless hyperbole that is going to make
anyone from the computer security field roll their eyes and sigh
mightily about twice a page. "OMG! THE CHINESE ARE BETTER AT THE
HAXING." is a direct quote, I think. After his interview with
Seghoian, he can't help but mention in every chapter the "thousands of
0day" the NSA is "stockpiling", as if 0day wasn't just another word
for "I know something about a computer that might be useful". Shane
posits: "The chances are good that if another country or terrorist
group knocks out the lights in a US city, it will use an exploit
purchased from a company that also sells them to the NSA." Is that so,
Shane, or is that maybe complete bullshit?
That's the kind of hilarious commentary you get throughout the book.
Chris Rouland, for example, is a "top-notch hacker".
Basically the book can't decide if it is the US Magazine of computer
security journalistic round-ups, with human interest profiles of
various ex-feds who now work for Crowdstrike and Mandiant or if it is
a serious work of historical journalism and policy recommendations.
Who is this book for? People in the field will find some of the
information in the book interesting, as it's not well covered
elsewhere, but hardly need to read for the thousandth time about how
phishing works. People not in the computer security field will ... not
read this book full of insider gossip.
And, like US Magazine, the audience is assumed to be entirely
Americans. Aside from the obligatory misunderstanding (!?!?) of what
the NSA bought from Vupen and the constant mentioning of the Chinese
APT groups you don't see any non-US people even making the "They're
just like Us!" section, not even Brits.
Some of the best bits are in chapter 10, when he details the battle
between Keith Alexander (NSA) and Jane Holl Lute (DHS). "Who wore it
better?" he asks, while at the same time pointing out the luddite-ish
Lute's struggle to make Alexander admit that his technocratic
NSA-centric plan for the future of cyber defenses was an insultingly
daft non-starter among the business community. But he fails to examine
any technical reasons why: for example, it's telling that
Mandiant/Crowdstrike/AV/etc. are all looking at examining host
behavior, not looking to block attacks and malware traffic on the
wire, like Alexander was proposing. Even Keith Alexander's
patents-everyone-whines-about are about host behavior and not traffic
analysis.
It's a technology book surprisingly devoid of cogent analysis of
technology, and Shane fails to challenge his sources even when
evidence should have pointed him in that direction. For example, he
goes over (and is clearly for) the NSA-Task-Force's recommendations,
and then points out that Obama adopted none of them. But he doesn't
examine why that might be (aka, a lot of the suggestionswere pretty
silly
<https://lists.immunityinc.com/pipermail/dailydave/2013-December/000546.html>).
So to sum up: This is an interesting book if you are geeky enough to
know what Mandiant does, but also secretly subscribe to People
Magazine. But despite his efforts, Shane can't make a case one way or
another except by showing his sources, which he can't do. A telling
analogy to the situation the intelligence community finds itself in,
all by itself.
-dave
_______________________________________________
Dailydave mailing list
[email protected]
https://lists.immunityinc.com/mailman/listinfo/dailydave
_______________________________________________
Dailydave mailing list
[email protected]
https://lists.immunityinc.com/mailman/listinfo/dailydave
