Customer Review

54 of 59 people found the following review helpful
4.0 out of 5 stars Excellent book on the contemporary face of computer crime, March 25, 2011
This review is from: Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground (Hardcover)
I've read and reviewed almost all of the non-fiction computer crime and espionage books written since the 1980s. Kingpin by Kevin Poulsen is one of my favorites. I will recommend this book to fellow digital security professionals and those who would like insights into our world. Kingpin's coverage of Max Ray Butler's (MRB) constant entanglement with the dark side is a lesson for anyone contemplating using their skills for evil.

One of the reasons I enjoyed reading Kingpin is that I've been familiar with the case since 1998. Poulsen described how MRB exploited vulnerable BIND instances on Air Force and other DNS servers that year. I happened to be a captain in the Air Force CERT and worked with the analyst who discovered MRB's exploitation of Air Force name servers.

Because of my familiarity with this case (limited though it may be), I identified more than one instance where Poulsen seemed to take what I consider to be an unnecessarily "sympathetic" or "understanding" approach to MRB's actions. For example, if MRB acted in the best interest of the Air Force by exploiting and then patching DNS servers, he didn't need to leave a rootkit behind. Worse, he didn't need to return to the compromised systems via his rootkit and backdoor once his "work" was done. Poulsen didn't question MRB's stated motives by presenting a more reasonable explanation for this activity: MRB was a black hat and acted like one.

I noted more "sympathy" for MRB when Poulsen described the incident where MRB choked his girlfriend. Instead of saying MRB "choked his girlfriend," Poulsen wrote on p 11 that "Max began trembling. Then his hands were around her throat and he was pushing her down onto the mattress." This sort of language is disturbing beyond the event itself, because it seems to reveal too much bias.

Once readers recognize this aspect of the book, however, I believe they will still like reading it. Poulsen has a real knack for covering technology and security news and events. I only noticed one odd observation on p 6: Poulsen wrote about the year 1990 and said "the Internet was seven years old then." I think he meant that TCP/IP was seven years old in 1990, having been invented in 1983. Otherwise, I found Poulsen's descriptions of MRB's various exploits to be accurate and intriguing.

If you're interested in a great true story on modern cybercrime, take a look at Kingpin. I finished the book in about two sittings and read every word! I hope Poulsen decides to tackle other aspects of the digital underground in future books.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No

[Add comment]
Post a comment
To insert a product link use the format: [[ASIN:ASIN product-title]] (What's this?)
Amazon will display this name with all your submissions, including reviews and discussion posts. (Learn more)
Name:
Badge:
This badge will be assigned to you and will appear along with your name.
There was an error. Please try again.
Please see the full guidelines here.

Official Comment

As a representative of this product you can post one Official Comment on this review. It will appear immediately below the review wherever it is displayed.   Learn more
The following name and badge will be shown with this comment:
 (edit name)
After clicking the Post button you will be asked to create your public name, which will be shown with all your contributions.

Is this your product?

If you are the author, artist, manufacturer or an official representative of this product, you can post an Official Comment on this review. It will appear immediately below the review wherever it is displayed.  Learn more
Otherwise, you can still post a regular comment on this review.

Is this your product?

If you are the author, artist, manufacturer or an official representative of this product, you can post an Official Comment on this review. It will appear immediately below the review wherever it is displayed.   Learn more
 
System timed out

We were unable to verify whether you represent the product. Please try again later, or retry now. Otherwise you can post a regular comment.

Since you previously posted an Official Comment, this comment will appear in the comment section below. You also have the option to edit your Official Comment.   Learn more
The maximum number of Official Comments have been posted. This comment will appear in the comment section below.   Learn more
Prompts for sign-in
 

Comments

Tracked by 2 customers

Sort: Oldest first | Newest first
Showing 1-3 of 3 posts in this discussion
Initial post: Apr 2, 2011 5:43:45 PM PDT
I read the book and although I think Poulsen was more sympathetic/admiring than I would be, since I found MRB to be deeply pathological in his need to keep hacking (and I predict once he gets out he will once again be drawn to a life of crime)...I don't think he was too soft on MRB when talking about the backdoor he left when patching a security hole. From a lay person who is computer-literate but knows almost nothing about the world of hacking, he laid out MRB's actions and motivations in a way that allowed me to draw the clear conclusion that what he had done was ethically wrong, and was based in his own compulsion to do forbidden things just because he could. Yeah, he did go light on him when talking about his assault on his girlfriend... I half suspected this to be the story about a guy who couldn't take it when women left him, and ended up killing one of them. But apparently as he aged, MRB was at least able to control THAT side of himself!

Posted on Apr 4, 2011 11:14:58 PM PDT
Last edited by the author on Apr 4, 2011 11:15:26 PM PDT
TestGuy says:
Thanks for a great set of comment on the book.

It's a minor nit, but Vinton Cerf published the initial RFC (http://tools.ietf.org/html/rfc675) for TCP in Dec 1974, followed by RFC's 791, 792, and 793 between 1978 and 1980, so one could argue that TCP/IP is older than 1983. In 1982 it became the standard for the US military and in 1983 become the official single standard protocol for the ARPA net, so that is probably what you are referring to.

The birth date of the Internet is pretty fuzzy. Other networks (e.g CSNet) began to be interconnected with the ARPAnet around the same time, so perhaps we should let his statement stand.

Posted on Jan 6, 2012 1:22:15 AM PST
Disc Jaukey says:
This review has a bias in favor of authority and against transparency in government, obviously being a supporter of the Air Force and the military in general. He takes care to put a difference between "black hat" and "white hat" while from a hackers' (purist) point of view - the desire to hack is an innate instinct to solve problems and conquer, not to distinguish between right and wrong based on a socialized view of "right and wrong." Having known nothing about the reality of the "choking girlfriend" criminal justice case or having any real-life sympathy, this reviewer also chooses to judge MRB and the author's interpretation on his case of the assault of his girlfriend. This reviewer, coming from a middle-aged standpoint, likely fails to realize the hormonal extremes of high school and early college. MRB was diagnosed with bipolar disorder, and a boy's "first love" is always the hardest to deal with emotionally, especially as the one being dumped. This is an interesting review, but comes from a conservative standpoint.
‹ Previous 1 Next ›

Review Details

Item

Reviewer


Location: Metro Washington, DC

Top Reviewer Ranking: 18,628