Re: Book Review: @war by Shane Harris

[Richard Thieme <rthieme () thiemeworks com>]

a brilliant review. The "People Magazine" template is increasingly 
common, from Wired Magazine to a book on the history of drones which 
always began chapters with "XY was cleanng his parasail on a warm day in 
the Caribbean when ..." as if human interest in people who are not made 
very human trumps what I wanted, the history of the evolution of drones. 
But that would have been a long essay instead of the mandated 300-page 
no more no less books that fit the shelves at Big Boxes just so. (did 
you know that B&N told publishers that ficiton beyond 300 pp would not 
be shelved unless it was by one of the Big Few?)

On 1/5/2015 10:58 AM, Dave Aitel wrote:
> http://www.amazon.com/War-Shane-Harris-ebook/dp/B00HP6T7V0/ref=sr_1_1_twi_1?ie=UTF8&qid=1420467848
>
> For a book about America's failing trust with our own intelligence 
> team, this book is a hard book to trust. That's not to say it's not 
> well researched: a third of the book is footnotes. But at least HALF 
> the footnotes are simply "from author's interviews", often from 
> interviews with anonymous "former officials". The first chapter is 
> about how the use of real-time SIGINT revolutionized warfare in the 
> modern age, and the rest of the book is really about how we can't seem 
> to make any inroads in protecting ourselves.
>
> There's a saying in the intelligence world about how SIGINT doesn't 
> lie, but HUMINT does. And that's because while it's rare that you will 
> lie to yourself in your internal memorandum and emails, divulging 
> content from what two sources say means you have to triangulate their 
> points of view and often end up in nonsense land. Shane Harris falls 
> right into this trap, and relying on sources so heavily also means 
> that it has a penchant for breathless hyperbole that is going to make 
> anyone from the computer security field roll their eyes and sigh 
> mightily about twice a page. "OMG! THE CHINESE ARE BETTER AT THE 
> HAXING." is a direct quote, I think. After his interview with 
> Seghoian, he can't help but mention in every chapter the "thousands of 
> 0day" the NSA is "stockpiling", as if 0day wasn't just another word 
> for "I know something about a computer that might be useful". Shane 
> posits: "The chances are good that if another country or terrorist 
> group knocks out the lights in a US city, it will use an exploit 
> purchased from a company that also sells them to the NSA." Is that so, 
> Shane, or is that maybe complete bullshit?
>
> That's the kind of hilarious commentary you get throughout the book. 
> Chris Rouland, for example, is a "top-notch hacker".
>
> Basically the book can't decide if it is the US Magazine of computer 
> security journalistic round-ups, with human interest profiles of 
> various ex-feds who now work for Crowdstrike and Mandiant or if it is 
> a serious work of historical journalism and policy recommendations. 
> Who is this book for? People in the field will find some of the 
> information in the book interesting, as it's not well covered 
> elsewhere, but hardly need to read for the thousandth time about how 
> phishing works. People not in the computer security field will ... not 
> read this book full of insider gossip.
>
> And, like US Magazine, the audience is assumed to be entirely 
> Americans. Aside from the obligatory misunderstanding (!?!?) of what 
> the NSA bought from Vupen and the constant mentioning of the Chinese 
> APT groups you don't see any non-US people even making the "They're 
> just like Us!" section, not even Brits.
>
> Some of the best bits are in chapter 10, when he details the battle 
> between Keith Alexander (NSA) and Jane Holl Lute (DHS). "Who wore it 
> better?" he asks, while at the same time pointing out the luddite-ish 
> Lute's struggle to make Alexander admit that his technocratic 
> NSA-centric plan for the future of cyber defenses was an insultingly 
> daft non-starter among the business community. But he fails to examine 
> any technical reasons why: for example, it's telling that 
> Mandiant/Crowdstrike/AV/etc. are all looking at examining host 
> behavior, not looking to block attacks and malware traffic on the 
> wire, like Alexander was proposing. Even Keith Alexander's 
> patents-everyone-whines-about are about host behavior and not traffic 
> analysis.
>
> It's a technology book surprisingly devoid of cogent analysis of 
> technology, and Shane fails to challenge his sources even when 
> evidence should have pointed him in that direction. For example, he 
> goes over (and is clearly for) the NSA-Task-Force's recommendations, 
> and then points out that Obama adopted none of them. But he doesn't 
> examine why that might be (aka, a lot of the suggestionswere pretty 
> silly 
> <https://lists.immunityinc.com/pipermail/dailydave/2013-December/000546.html>). 
>
>
> So to sum up: This is an interesting book if you are geeky enough to 
> know what Mandiant does, but also secretly subscribe to People 
> Magazine. But despite his efforts, Shane can't make a case one way or 
> another except by showing his sources, which he can't do. A telling 
> analogy to the situation the intelligence community finds itself in, 
> all by itself.
>
> -dave
>
>
>
>
> _______________________________________________
> Dailydave mailing list
> Dailydave () lists immunityinc com
> https://lists.immunityinc.com/mailman/listinfo/dailydave

_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave