Imatge de l'autor
2 obres 404 Membres 17 Ressenyes

Obres de Nicole Perlroth

Etiquetat

Coneixement comú

Membres

Ressenyes

This is really well written. I appreciate that Perlroth explained terms and it did not feel overwhelming.
 
Marcat
brozic | Hi ha 16 ressenyes més | Jan 27, 2024 |
As Charles Darwin so eloquently put it in his “Origin of Species,” and as evolutionary biologists confirmed later on, life flourishes and sometimes doesn’t depending on a series of trade-offs.

When a living cell establishes a border, it lets some fluids enter the membrain and keeps some out. Hopefully, that which it lets in nourishes the life of the cell and that which it keeps out are harmful.

Or at least, that which it lets in is good enough to keep life going.

I held this thought in my little brain as I drove home from cottage country, from the robust and fragrant air of the arboreal forests to the dust and dirt of city air.
This highway I travelled — one of the widest in the world — allowed hundreds of thousands of cars to pass from one state of wellbeing to a wholly different state.

We think of the highway as “infrastructure” intended to allow the free flow of people and cargo through states of being. Generally beneficial to society.

But what if the highway contaminates society at the same time it brings well-being to the city’s residents?

Each year our governments pour billions of our money into the maintenance of these highways, and somewhat fewer billions into maintaining the electronic highways even as the physical highways help compound the problems of pollution and global warming, and the electronic highways spew the filth of misinformation through social media, spam e-mail, and websites of propaganda, hatred, and racism.

I thought about our investments in infrastructure as I read Nicole Perlroth’s dire look at the state of our electronic infrastructure and the government agencies who contribute to the leaky ship.

Nefarious and sometimes just entrepreneurial programmers across the globe are busy establishing vulnerabilities in the software and hardware that runs our electronic infrastructure, and often sell these vulnerabilities to middlemen who then convert them into “exploits” that undermine the privacy and security of our computer networks.

The highly publicized Stutsnet intrusion likely developed by US and Israeli agencies, for example, clobbered the operation of centrifuges in Irans nuclear facilities, then leaked into the hands of Russian hackers who developed the exploit not-Petya which devastated Ukrainian networks, global logistics networks, hospitals, and other installations.

More recently there was the Solarwinds hack that compromised the networks of 10,000 corporations or more.

Just a few of these exploits gain any publicity but it’s becoming more apparent that the agencies who are tasked with maintaining our security are holding back on the extent and variation in vulnerabilities to help keep their options open, or to be more specific, to keep the “spying” options open.

We are seeing more of these exploits leak back into the public sphere and wind up in the hands of unfriendly nations and organizations for intelligence operations and/or profitable ransomware ventures.

Just as we are being fooled into believing that our social media chatter is just that, instead of seeing it as the raw material for increasingly sophisticated advertising tools, maybe we are gullible in building an electronic infrastructure for the spooks first and us second. With the complicity of the major corporations who are actually in charge of building and maintaining the highways.

Much has been made recently of the efforts of the US and other Western governments to hold back the diffusion of Huawei routers and switches in the new 5G networks out of fear that the Chinese Government is insisting on back doors to this technology to compromise the security of our networks,

But it is highly likely that America’s National Security Agency has built their own back doors into Huawei switches and everybody else’s for that matter. And as go the US Government, so goes their Five Eyes intelligence partners, and possibly wider network of NATO partners.

This book contained some great accounts of the struggle Google had to maintain the integrity of its networks facing the onslaught of Chinese intrusions, and equally harrowing (for me anyway) stream of intrusions on Apple iPhone.

If you are wondering why so many “interim” upgrades to the iOS just think of the struggles Apple faces with known and sometimes evolving exploits to gain access to iPhone data. I can think of the Pegasus intrusion which helps Middle Eastern governments spy on their journalists and critics and most likely played a significant part in the assassination of Washington Post journalist and Saudi national Jamal Kashoggi.

As I drove along the summer highway I somehow wanted my government to exercise better control of the infrastructure to privacy and security objectives. Maybe if we cut back on the proliferation of polluting highway lanes (to the tune of billions in savings) and re-prioritize it for the management of our electronic infrastructure we could be making a safer and happier future.

That would be a trade-off I could live with.
… (més)
 
Marcat
MylesKesten | Hi ha 16 ressenyes més | Jan 23, 2024 |
Astonishing and unnerving. Everyone should read this book. Lots and lots of problems, but I look forward to reading more about potential solutions!
 
Marcat
fmclellan | Hi ha 16 ressenyes més | Jan 23, 2024 |
This is an excellent book.

Perlroth covers decades of history on information security, and tells detailed stories about some of the most significant publicly-known breaches. That includes a very detailed history of the US/Israelli Stuxnet program that damaged Iranian centrifuges used for nuclear weapons development, the Chines breach of the US Office of Personnel Management's records (including security clearance applications) and much more. The underlying technology is absolutely complicated, but her book is pitched at lay readers, outside the tech sector, and is quite accessible.

Just as she was finishing the book, the SolarWinds hack was discovered and reported. That serious breach doesn't appear in the book at all -- proof of how quickly the news develops and how fast the bad news about the bad guys breaks.

Her coverage is so good because she looks at the policy, espionage, economic and other incentives that underlie the infosec cold war. This is a great primer for anyone who wants to understand why we are at risk, as well as how.

The epilogue could serve as a standalone policy briefing document for Congressional staffers looking to draft legislation that would secure our infrastructure. It's a useful read for industry infosec workers and intelligence and defense sector practitioners as well.

This book is an important contribution to the public dialogue on this critical topic. I've spent my entire career working in information technology, databases and big data, and I learned a great deal from reading it.
… (més)
 
Marcat
mikeolson2000 | Hi ha 16 ressenyes més | Dec 27, 2023 |

Premis

Potser també t'agrada

Estadístiques

Obres
2
Membres
404
Popularitat
#60,140
Valoració
4.1
Ressenyes
17
ISBN
8
Llengües
1

Gràfics i taules