<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">a brilliant review. The "People
Magazine" template is increasingly common, from Wired Magazine to
a book on the history of drones which always began chapters with
"XY was cleanng his parasail on a warm day in the Caribbean when
..." as if human interest in people who are not made very human
trumps what I wanted, the history of the evolution of drones. But
that would have been a long essay instead of the mandated 300-page
no more no less books that fit the shelves at Big Boxes just so.
(did you know that B&N told publishers that ficiton beyond 300
pp would not be shelved unless it was by one of the Big Few?) <br>
<br>
On 1/5/2015 10:58 AM, Dave Aitel wrote:<br>
</div>
<blockquote cite="mid:54AAC2CD.80509@immunityinc.com" type="cite">
<meta http-equiv="content-type" content="text/html;
charset=windows-1252">
<a moz-do-not-send="true" class="moz-txt-link-freetext"
href="http://www.amazon.com/War-Shane-Harris-ebook/dp/B00HP6T7V0/ref=sr_1_1_twi_1?ie=UTF8&qid=1420467848">http://www.amazon.com/War-Shane-Harris-ebook/dp/B00HP6T7V0/ref=sr_1_1_twi_1?ie=UTF8&qid=1420467848</a><br>
<br>
For a book about America's failing trust with our own intelligence
team, this book is a hard book to trust. That's not to say it's
not well researched: a third of the book is footnotes. But at
least HALF the footnotes are simply "from author's interviews",
often from interviews with anonymous "former officials". The first
chapter is about how the use of real-time SIGINT revolutionized
warfare in the modern age, and the rest of the book is really
about how we can't seem to make any inroads in protecting
ourselves. <br>
<br>
There's a saying in the intelligence world about how SIGINT
doesn't lie, but HUMINT does. And that's because while it's rare
that you will lie to yourself in your internal memorandum and
emails, divulging content from what two sources say means you have
to triangulate their points of view and often end up in nonsense
land. Shane Harris falls right into this trap, and relying on
sources so heavily also means that it has a penchant for
breathless hyperbole that is going to make anyone from the
computer security field roll their eyes and sigh mightily about
twice a page. "OMG! THE CHINESE ARE BETTER AT THE HAXING." is a
direct quote, I think. After his interview with Seghoian, he can't
help but mention in every chapter the "thousands of 0day" the NSA
is "stockpiling", as if 0day wasn't just another word for "I know
something about a computer that might be useful". Shane posits:
"The chances are good that if another country or terrorist group
knocks out the lights in a US city, it will use an exploit
purchased from a company that also sells them to the NSA." Is that
so, Shane, or is that maybe complete bullshit? <br>
<br>
That's the kind of hilarious commentary you get throughout the
book. Chris Rouland, for example, is a "top-notch hacker". <br>
<br>
Basically the book can't decide if it is the US Magazine of
computer security journalistic round-ups, with human interest
profiles of various ex-feds who now work for Crowdstrike and
Mandiant or if it is a serious work of historical journalism and
policy recommendations. Who is this book for? People in the field
will find some of the information in the book interesting, as it's
not well covered elsewhere, but hardly need to read for the
thousandth time about how phishing works. People not in the
computer security field will ... not read this book full of
insider gossip. <br>
<br>
And, like US Magazine, the audience is assumed to be entirely
Americans. Aside from the obligatory misunderstanding (!?!?) of
what the NSA bought from Vupen and the constant mentioning of the
Chinese APT groups you don't see any non-US people even making the
"They're just like Us!" section, not even Brits.<br>
<br>
Some of the best bits are in chapter 10, when he details the
battle between Keith Alexander (NSA) and Jane Holl Lute (DHS).
"Who wore it better?" he asks, while at the same time pointing out
the luddite-ish Lute's struggle to make Alexander admit that his
technocratic NSA-centric plan for the future of cyber defenses was
an insultingly daft non-starter among the business community. But
he fails to examine any technical reasons why: for example, it's
telling that Mandiant/Crowdstrike/AV/etc. are all looking at
examining host behavior, not looking to block attacks and malware
traffic on the wire, like Alexander was proposing. Even Keith
Alexander's patents-everyone-whines-about are about host behavior
and not traffic analysis. <br>
<br>
It's a technology book surprisingly devoid of cogent analysis of
technology, and Shane fails to challenge his sources even when
evidence should have pointed him in that direction. For example,
he goes over (and is clearly for) the NSA-Task-Force's
recommendations, and then points out that Obama adopted none of
them. But he doesn't examine why that might be (aka, a lot of the
suggestions<a moz-do-not-send="true"
href="https://lists.immunityinc.com/pipermail/dailydave/2013-December/000546.html">
were pretty silly</a>). <br>
<br>
So to sum up: This is an interesting book if you are geeky enough
to know what Mandiant does, but also secretly subscribe to People
Magazine. But despite his efforts, Shane can't make a case one way
or another except by showing his sources, which he can't do. A
telling analogy to the situation the intelligence community finds
itself in, all by itself.<br>
<br>
-dave<br>
<br>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Dailydave mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Dailydave@lists.immunityinc.com">Dailydave@lists.immunityinc.com</a>
<a class="moz-txt-link-freetext" href="https://lists.immunityinc.com/mailman/listinfo/dailydave">https://lists.immunityinc.com/mailman/listinfo/dailydave</a>
</pre>
</blockquote>
<br>
</body>
</html>