Best books on computer viruses according to redditors
We found 25 Reddit comments discussing the best books on computer viruses. We ranked the 8 resulting products by number of redditors who mentioned them. Here are the top 20.
3. Fatal System Error: The Hunt for the New Crime Lords Who Are Bringing Down the Internet
3 mentions
It did something more clever than just that, it spun up the centrifuges in 'waves' so that they would fail at a slightly increased rate, but unlikely to be noticed in a daily operations manner.
Countdown to Zero Day is a great read on it.
Unfortunately, there was blood spilled (although it could be argued as a multi-prong approach to neutralize the nuclear capabilities, this may be considered separate from stuxnet).
If you want to read a sourced book on this kind of stuff: Countdown to Zero Day
Well-sourced and talks about the 0-day exploit marketplace in great detail. Also goes into the history of cyber warfare, the Iranian nuclear program, and much more. You should have a basic understanding of how computers and malware work before reading this book, but this book does an incredible job of taking the hyper-technical details and explaining them to the layman. It is well-sourced, informative and terrifying.
Sourcing is something that Snowden has apparently forgotten in the cold wastes of Russia. The thing is, its NOT just the USA and its Allies. If we were to stop buying exploits, we would be falling behind in the coming electronic battles. I don't feel great about this. The only way to really fix this is to get companies (Apple, Google, Microsoft, et al) to pay higher bounties for exploits. Why claim a 3K bounty when a black hat will pay 20K, or why claim the 20K when the grey market governments can offer upwards of 500K for good 0-day exploits. Companies need to raise their bounties to match market forces. Governments aren't finding the exploits, they are buying them.
Follow the link for short answer, to quench your curiosity read the book Count Down to Zero Day by Kim Zetters, which is an in-dept account of Stuxnet and how it was carried out, I can guarantee it will knock your socks off!!
http://www.darkreading.com/vulnerabilities-and-threats/so-you-want-to-be-a-zero-day-exploit-millionaire/d/d-id/1101256?
http://www.wired.com/2014/09/kevin-mitnick-selling-zero-day-exploits/
http://www.wired.com/2014/11/countdown-to-zero-day-stuxnet/
http://www.amazon.com/Countdown-Zero-Day-Stuxnet-Digital/dp/077043617X
I completely disagree that the agency is "out of control and costing far more than its usefulness is worth."
We know that other countries spy on our government and corporations. We know that there's a huge number of criminal organizations looking to gain control of everyday people's computers. Imagine what would happen if someone with sinister motives was able to gain control of key infrastructure? It's no secret that computer security is far from perfect. There's a great book on computer security called Worm that goes into great detail to how governments don't take cyber security seriously. Turn on Windows XP without SP2 and see how quickly your computer is compromised. While I don't agree with CSEC spying on Canadians, I think arguing against their existence is ignorant.
I disagree with the conclusion of that article. It's basically arguing the semantics of what is a weapons program. The Iranians were attempting to enrich much more uranium than was needed for their domestic energy program - why would they be attempting to manufacture it in such excessive quantities? Beyond that, the material they need for domestic energy production is readily available for reasonable prices, so the need for internal production was always dubious at best. So just because they weren't actively launching test missiles like North Korea is, doesn't mean they weren't suspiciously ramping up production of components of nuclear weapons. Your article supports this conclusion:
> “The JCPOA imposes measures that constrain Iran’s nuclear energy program to provide confidence that the program remains peaceful,”
Beyond even all that, the article claims that in 2007 (Dec), the US intelligence agencies had declared that the program had been 'halted', not that it never existed - so the threat of a program did exist. This is also the same time frame that Stuxnet was being developed, and when it was deployed, it in essence, constrained Iran’s nuclear energy program, but severely hindering the amount of uranium they could enrich.
I don't bother with any podcast, I read books instead, like this one, which has 448 pages (how long is that in minutes?) of info about Stuxnet, what it did, how it did it, etc.
Not sure if you are into security tech but some of my favorites....
Also thought I'd include some that I have purchased but not finished yet in case you'd be interested.
A book was recently released on Stuxnet, discussing the event and what it could mean for the future: Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon by Kim Zetter.
I haven't gotten to it yet but it's received excellent reviews from just about everyone.
Read this.
Also if you find a flash drive on the ground somewhere, don't claim it as your own. It's not like finding candy on the ground (that stuff is usually fine).
Worm: The First Digital World War?
I just started to get back into reading. I've been picking up books from airports and end up getting hooked on them.
Extreme Risk: A Life Fighting the Bombmakers was a really good read http://www.amazon.com/Extreme-Risk-Life-Fighting-Bombmakers/dp/0552157597/ref=sr_1_1?ie=UTF8&qid=1300672302&sr=8-1
I'm now reading Fatal System Error which has been equally addictive http://www.amazon.com/Fatal-System-Error-Bringing-Internet/dp/B004NSVENM/ref=sr_1_1?ie=UTF8&qid=1300672448&sr=8-1
Both are non-fiction.
You can try Cuckoo's Egg: http://www.amazon.com/The-Cuckoos-Egg-Tracking-Espionage/dp/1416507787
And if you like it, here's the movie about the book: http://youtu.be/EcKxaq1FTac
It's one of my favorite books of all time.
If you haven't read Mitnick's other work, he has the Art of Intrusion which is pretty nice.
Fatal System Error is also a nice read: http://www.amazon.com/Fatal-System-Error-Bringing-Internet/dp/B004NSVENM
If you're into fiction, read this: http://www.amazon.com/Zero-Day-Jeff-Aiken-Novel/dp/1250007305/
Someone gave me a used copy of the little black book of computer viruses. This prompted me to learn assembly. From there I sorta dicked around with com/exe infectors and a few other things until I went to college. The intro language at my university was then c. So I guess that was how "I" got started - assembly :p
It is worth pointing out that at last a few of the "modules" talked about were lifted from actual black market malware. Both the p2p updating function and the ability to "ride" on USB and other media come from the conficker worm.
http://www.amazon.com/Worm-First-Digital-World-War/dp/0802119832
Read this a while back, if you enjoyed you should also check out: Fatal System Error: The Hunt for the New Crime Lords Who Are Bringing Down the Internet & DarkMarket
If anyone else has any recommendations for books similar to these it would be appreciated.
Audiobooks are a performance of sorts, so you "right" book can suck with a "bad" reader. But a "good" book with a "great" reader can be fantastic. Check out the Bobbiverse sci-fi series, and Bruce Dickinson's autobiography (no, really!). James Clavell's Shogun is good too... off the top of my head. Oh, Countdown to Zero Day was superlative!
The author of the Wired piece is well versed in this topic. See Countdown to Zero Day. Hint: It's about Stuxnet.
Pretty good book on this topic, https://www.amazon.com/Data-Driven-Computer-Security-Defense-Should/dp/1549836536
It goes more into a philosophy on what to secure based on companies specific threats. Make a list of the top X threats your company is likely to face based on analytics / SIEM events / past breaches. Then order them based on importance / risk factor.
>"amateurish and extremely small" operation. This was conducted by the Russian Internet Research Agency
That is accurate. The IRA is amateurish and extremely small, even acc to the people who originally reported on the existence of the IRA. Do you have any evidence that it wasn't amateurish and extremely small? Something large would have left substantial traces. Adrian Chen, the reporter who first reported on the IRA, has pointed out that the IRA has a grand total of 90 people, most temps, with a shaky grasp of english, who are getting paid to shitpost on Facebook. This minor story got swept into the grand conspiracy theory because there had to be some identifiable dark force that drove everything. In reality, Chen has pointed out that he has been extremely skeptical of the conspiracy theory but was afraid to speak out for fear of offending the anti-Trump crusade.
>[On the people Mueller indicted] It looks like they just took some employees from the that American department whose names they could get. But the American department was like 90 people. So my reaction was that, for me, it was like that curious list of oligarchs and Kremlin authorities where they put the whole Forbes list and the whole Kremlin administration on it. It’s very strange.
>I was also very surprised that they wrote private about the private messages of one girl [Irina Kaverzina]. She wrote to relatives that FBI is following them and so on. I think they read her emails. I was very surprised by that. But generally, they seem to have got people who were not careful — who used their own email accounts or registered Twitter accounts to Russian phone numbers.
Edit: The most interesting thing about the Russia conspiracy theory now is that Mueller apparently was too incapacitated to know what he was investigating, which gives rise to the question of exactly who is it who is alleging this Russian activity was both real and substantive?
A good book about computer viruses in general is The Little Black Book of Computer Viruses. A bit dated now perhaps, but it's a good read, all the same. Full text is here apparently, though it says it is an 'Electronic Edition'.
Worm: The first Digital World War . It's new and badass.
Do you have a link to the Stuxnet article?
Edit: Are you referring to this book?
Die zwarte markt bestaat al decennia, er is een mooi boek over geschreven waar ondermeer uit blijkt hoe dat wereldje al lange lange tijd bestaat een werkt.
Countdown to Zerodays
Daarnaast is de wens van de overheid begrijpelijk (zij moeten een veilig bestaan voor hun burgers garanderen, en met de terroristische dreiging, is dat heel moeilijk. en is dit een voor de hand liggende wens (want dat konden ze altijd al)
Echter is de volgende vorm van versleuteling onbreekbaar. Zodra deze gebroken is, verandert het bericht en heeft de ontvanger het direct door. het heet quantum encryptie.
De geschiedenis van encryptie, van het begin in Egypte mede langs kraken van de Duitste enigma machine in WOII, eindigend bij quantum encryptie is erg leuk beschreven in:
The Code Book