Reddit reviews Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon
We found 6 Reddit comments about Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon. Here are the top ones, ranked by their Reddit score.
If you want to read a sourced book on this kind of stuff: Countdown to Zero Day
Well-sourced and talks about the 0-day exploit marketplace in great detail. Also goes into the history of cyber warfare, the Iranian nuclear program, and much more. You should have a basic understanding of how computers and malware work before reading this book, but this book does an incredible job of taking the hyper-technical details and explaining them to the layman. It is well-sourced, informative and terrifying.
Sourcing is something that Snowden has apparently forgotten in the cold wastes of Russia. The thing is, its NOT just the USA and its Allies. If we were to stop buying exploits, we would be falling behind in the coming electronic battles. I don't feel great about this. The only way to really fix this is to get companies (Apple, Google, Microsoft, et al) to pay higher bounties for exploits. Why claim a 3K bounty when a black hat will pay 20K, or why claim the 20K when the grey market governments can offer upwards of 500K for good 0-day exploits. Companies need to raise their bounties to match market forces. Governments aren't finding the exploits, they are buying them.
I disagree with the conclusion of that article. It's basically arguing the semantics of what is a weapons program. The Iranians were attempting to enrich much more uranium than was needed for their domestic energy program - why would they be attempting to manufacture it in such excessive quantities? Beyond that, the material they need for domestic energy production is readily available for reasonable prices, so the need for internal production was always dubious at best. So just because they weren't actively launching test missiles like North Korea is, doesn't mean they weren't suspiciously ramping up production of components of nuclear weapons. Your article supports this conclusion:
> “The JCPOA imposes measures that constrain Iran’s nuclear energy program to provide confidence that the program remains peaceful,”
Beyond even all that, the article claims that in 2007 (Dec), the US intelligence agencies had declared that the program had been 'halted', not that it never existed - so the threat of a program did exist. This is also the same time frame that Stuxnet was being developed, and when it was deployed, it in essence, constrained Iran’s nuclear energy program, but severely hindering the amount of uranium they could enrich.
I don't bother with any podcast, I read books instead, like this one, which has 448 pages (how long is that in minutes?) of info about Stuxnet, what it did, how it did it, etc.
Not sure if you are into security tech but some of my favorites....
Also thought I'd include some that I have purchased but not finished yet in case you'd be interested.
The author of the Wired piece is well versed in this topic. See Countdown to Zero Day. Hint: It's about Stuxnet.
Audiobooks are a performance of sorts, so you "right" book can suck with a "bad" reader. But a "good" book with a "great" reader can be fantastic. Check out the Bobbiverse sci-fi series, and Bruce Dickinson's autobiography (no, really!). James Clavell's Shogun is good too... off the top of my head. Oh, Countdown to Zero Day was superlative!