<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<a class="moz-txt-link-freetext" href="http://www.amazon.com/War-Shane-Harris-ebook/dp/B00HP6T7V0/ref=sr_1_1_twi_1?ie=UTF8&qid=1420467848">http://www.amazon.com/War-Shane-Harris-ebook/dp/B00HP6T7V0/ref=sr_1_1_twi_1?ie=UTF8&qid=1420467848</a><br>
<br>
For a book about America's failing trust with our own intelligence
team, this book is a hard book to trust. That's not to say it's not
well researched: a third of the book is footnotes. But at least HALF
the footnotes are simply "from author's interviews", often from
interviews with anonymous "former officials". The first chapter is
about how the use of real-time SIGINT revolutionized warfare in the
modern age, and the rest of the book is really about how we can't
seem to make any inroads in protecting ourselves. <br>
<br>
There's a saying in the intelligence world about how SIGINT doesn't
lie, but HUMINT does. And that's because while it's rare that you
will lie to yourself in your internal memorandum and emails,
divulging content from what two sources say means you have to
triangulate their points of view and often end up in nonsense land.
Shane Harris falls right into this trap, and relying on sources so
heavily also means that it has a penchant for breathless hyperbole
that is going to make anyone from the computer security field roll
their eyes and sigh mightily about twice a page. "OMG! THE CHINESE
ARE BETTER AT THE HAXING." is a direct quote, I think. After his
interview with Seghoian, he can't help but mention in every chapter
the "thousands of 0day" the NSA is "stockpiling", as if 0day wasn't
just another word for "I know something about a computer that might
be useful". Shane posits: "The chances are good that if another
country or terrorist group knocks out the lights in a US city, it
will use an exploit purchased from a company that also sells them to
the NSA." Is that so, Shane, or is that maybe complete bullshit? <br>
<br>
That's the kind of hilarious commentary you get throughout the book.
Chris Rouland, for example, is a "top-notch hacker". <br>
<br>
Basically the book can't decide if it is the US Magazine of computer
security journalistic round-ups, with human interest profiles of
various ex-feds who now work for Crowdstrike and Mandiant or if it
is a serious work of historical journalism and policy
recommendations. Who is this book for? People in the field will find
some of the information in the book interesting, as it's not well
covered elsewhere, but hardly need to read for the thousandth time
about how phishing works. People not in the computer security field
will ... not read this book full of insider gossip. <br>
<br>
And, like US Magazine, the audience is assumed to be entirely
Americans. Aside from the obligatory misunderstanding (!?!?) of what
the NSA bought from Vupen and the constant mentioning of the Chinese
APT groups you don't see any non-US people even making the "They're
just like Us!" section, not even Brits.<br>
<br>
Some of the best bits are in chapter 10, when he details the battle
between Keith Alexander (NSA) and Jane Holl Lute (DHS). "Who wore it
better?" he asks, while at the same time pointing out the
luddite-ish Lute's struggle to make Alexander admit that his
technocratic NSA-centric plan for the future of cyber defenses was
an insultingly daft non-starter among the business community. But he
fails to examine any technical reasons why: for example, it's
telling that Mandiant/Crowdstrike/AV/etc. are all looking at
examining host behavior, not looking to block attacks and malware
traffic on the wire, like Alexander was proposing. Even Keith
Alexander's patents-everyone-whines-about are about host behavior
and not traffic analysis. <br>
<br>
It's a technology book surprisingly devoid of cogent analysis of
technology, and Shane fails to challenge his sources even when
evidence should have pointed him in that direction. For example, he
goes over (and is clearly for) the NSA-Task-Force's recommendations,
and then points out that Obama adopted none of them. But he doesn't
examine why that might be (aka, a lot of the suggestions<a
href="https://lists.immunityinc.com/pipermail/dailydave/2013-December/000546.html">
were pretty silly</a>). <br>
<br>
So to sum up: This is an interesting book if you are geeky enough to
know what Mandiant does, but also secretly subscribe to People
Magazine. But despite his efforts, Shane can't make a case one way
or another except by showing his sources, which he can't do. A
telling analogy to the situation the intelligence community finds
itself in, all by itself.<br>
<br>
-dave<br>
<br>
<br>
</body>
</html>