- File Size: 1841 KB
- Print Length: 445 pages
- Publisher: Crown (November 11, 2014)
- Publication Date: November 11, 2014
- Sold by: Random House LLC
- Language: English
- ASIN: B00KEPLC08
- Text-to-Speech: Enabled
- Word Wise: Enabled
- Lending: Not Enabled
- Amazon Best Sellers Rank: #60,723 Paid in Kindle Store (See Top 100 Paid in Kindle Store)
|Print List Price:||$17.00|
Save $3.01 (18%)
Random House LLC
Price set by seller.
Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon Kindle Edition
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Customers who bought this item also bought
“Exhaustively researched . . . Zetter gives a full account of this ‘hack of the century,’ as the operation has been called, [but] the book goes well beyond its ostensible subject to offer a hair-raising introduction to the age of cyber warfare.”—The Wall Street Journal
“Part detective story, part scary-brilliant treatise on the future of warfare . . . an ambitious, comprehensive, and engrossing book that should be required reading for anyone who cares about the threats that America—and the world—are sure to be facing over the coming years.”—Kevin Mitnick, New York Times bestselling author of Ghost in the Wires and The Art of Intrusion
“Unpacks this complex issue with the panache of a spy thriller . . . even readers who can’t tell a PLC from an iPad will learn much from Zetter’s accessible, expertly crafted account.”—Publishers Weekly (starred review)
“A true techno-whodunit [that] offers a sharp account of past mischief and a glimpse of things to come . . . Zetter writes lucidly about mind-numbingly technical matters, reveling in the geekery of malware and espionage, and she takes the narrative down some dark electronic corridors. . . . Governments, hackers and parties unknown are launching ticking computer time bombs every day, all coming to a laptop near you.”—Kirkus Reviews
“An exciting and readable story of the world's first cyberweapon. Zetter not only explains the weapon and chronicles its discovery, but explains the motives and mechanics behind the attack—and makes a powerful argument why this story matters.”—Bruce Schneier, author of Secrets and Lies and Schneier on Security
--This text refers to the paperback edition.
About the Author
Would you like to tell us about a lower price?
There was a problem filtering reviews right now. Please try again later.
Stuxnet, et. al. presented the security industry with a huge problem - and the implications are still being sorted out to this day. Government use of malware, and how the industry should handle it when discovered are topics that are still being debated on a daily basis. Kim does a great job on explaining the issues, and giving readers plenty to think about.
From a technical perspective, the book goes into enough detail so that those of us familiar with the topic know exactly what is being discussed and it's implications, while not going overboard and overloading non-technical users with incomprehensible details. The book has a good narrative style, while covering technical detail and including details on the sources for information. Throughout the book are footnotes that list source information, additional notes that explain context, or provide additional details that don't fit in the narrative telling - I strongly suggest that you read the footnotes, as they offer very useful information.
All in all, I strongly recommend the book, well worth it.
Toward the end I found it a little less interesting, but that was o.k. I had learned so much more than I set out to learn.
The Kindle version is very well implemented. You can check a footnote or a definition and go back to the text.
I am going to repeat myself and say that this book is a model of both research and of technical writing.
But more than just Stuxnet, the book examines the intersection of infrastructure and malware, and the growing military-cyber complex. This area of focus leads to perhaps the most interesting sections of the book. The chapter on vulnerabilities in US infrastructure is a real eye-opener.
Either one of these topics would make the book a must-read for those interested or involved in security and cyber warfare. Having both of them together, marshaled by an excellent author, is a real treat.
Zetter leads with an exhaustively detailed technical description of exploits ("attack code that hackers use to install viruses") and "zero day" exploits ("hacking world's most prized possession because they attack holes that are still unknown to the software maker") and the inadvertent discovery by the anti virus tech community of Stuxnet and its infection into specific PLCs, or control mechanisms, which regulate the centrifuges at Iran's Natanz nuclear facility. While heavily technical in parts, the detail is a fascinating "who done it " even for the lay person.
The book's middle portion strongly infers that Stuxnet's complex creation came about through a secret collaboration of the United States and Israel, identifying its start under the Bush administration and endorsed and enthusiastically used by the present Obama administration. The concluding two chapters confront the moral and legal issues in unleashing this virus and how by opening this Pandora's Box the stage has been set for future cyber warfare. She notes prophetically in the end, "where the United States led, others will follow . . . [and how this country] lost the moral high ground from which to criticize other nations for doing the same. " How true !
Top international reviews
Kim Zetter does a superb job in telling how Stuxnet was detected, analysed, dismantled and neutralised. An accomplished journalist for WIRED, the technology newspaper cum blog, she clearly excels at unfolding this intriguing and captivating narrative. The book is well researched, and Zetter is at her best when she is explaining complex technicalities such as ripping apart and reverse-engineering a malware code. The true heroes of her book are the analysts and researchers of Symantec, Kaspersky and other security research firms. These sections of the book are highly readable; and she writes with a lay, and not an expert audience in mind – which adds to the readability. Woven into this first part of the book is an excellent chapter on how the zero-day market came about in the first place. Zetter also does a good job when highlighting how these valiant private sector cyberwarriors had to strike a balance between protecting their clients – i.e., neutralising Stuxnet – and avoiding the cross-fire of a state-on-state confrontation.
Zetter’s story is so sound and authentic as she can draw extensively on interviews she held with the heroes of her book. The story becomes much thinner when it comes to the “other side”, i.e., the manufacturers and distributors of the malware – or, for that, its targets, i.,e, the computer and machinery operators in Iran. There, she entirely relies on public sources and on what others have already written about the topic. She does that diligently and exhaustively, after proper research, as it befits a good journalist. And given the fact that this deals with the murky world of intelligence where interviews are not lightly given, she probably had no alternatives. Yet, as a consequence, these parts of book lack the authenticity that has the part outlining the story of Stuxnet proper. She closes the book with a highly readable chapter on assessing the success of the malware. She concludes that Stuxnet was a qualified success in the sense that it contributed to slowing down the Iranian enrichment programme, which bought diplomats time to negotiate. Yet, it remains unclear whether this was actually the goal of Stuxnet, or whether it did not have a further purpose, such as forcing the total shutdown of the Iranian enrichment programme. Given her limited access to government sources, Zetter cannot answer this question. She also concludes that this ‘qualified success’ of slowing down Iran’s programme came at the price of exposing the US as a reckless promoter of cyberwar, thus undermining her own credibility on the international stage on the one hand and –more importantly – undermining the trust of users in the safety and security of the internet on the other hand. Maybe this is a bridge too far, as most people outside the US would already have a view of the US being rather double-minded when it comes to the internet and the utility of cyberwar, but regardless to the depth of international cynicism, she clearly has a point here.
The book has a few weaknesses. First, it is too long. On many instances, the narrative could be shorter and crisper. Sometimes, one gets a bit the feeling she wanted to make as much use of her interview material as possible. Secondly, and this may be related to the first point, the structure of the book is somewhat repetitive. A great part of chapters in the first part follows the same pattern: introducing a technie nerd, describing him (they are always “hims”) and his physical appearance and dress a bit, adding a few sprinkles about his private life (mostly on girl friends), and then delve into that part of the technical dissection of Stuxnet which this chapter is about– and this deep dive is then deep indeed. This makes the reading attractive at the beginning, as it gives a very low entry barrier to the average reader, but it becomes somewhat tiring further down the road. These are weaknesses you can easily live with as a reader. A worthwhile, highly recommendable read in any case.
I somewhat sat on the fence to start with, erring on the side of caution that governments could create such things and the dangers they could unleash. As I read on though, I couldn't help but be impressed at the ingenuity that these people must have gone to. Iran seems to be perceived in the media as a hard done by nation that's always being picked on. However, if your nation is having to hide nuclear complexes from the IAEA, design them to make them missile proof or if you conveniently 'forget' you had specific centrifuges then you probably deserve all you get...
This book doesn't seem to be a negative take on the issue of cyber-weapons, and remains impartial and well balanced. It is all the better for it. It discusses the business of zero day exploits and how they are (may?) traded between persons and government, with many hacks being held back for whatever reasons.
Brinksmanship for a new age.
It is refreshing to discover that there are brilliant code writers at work, but also that the AV community did not flinch at putting themselves in harms way to make sure that their customesrs stayed free from these attacks.
Big Brother is without question here to stay.
Honestly if you've just heard of Stuxnet you really would want to read this: you'll be blown away by it (metaphorical joke there).
As a side-note, I felt that the documentary by Alex Gibney "Zero Days" has a lot of similarities with the book.