Thursday, June 23, 2011

Book Review

Review - Zero Day

Sex. Murder. Corrupt, bumbling bureaucrats. The Russian Mafia. The fate of the Western world. Hunky nerds and beautiful geeks.

Zero Day by Mark Russinovich has them all. It also has worms and viruses and rootkits – but you don’t have to know any more about them than that if your computer has them, it’s going to be a pain. This book is a can’t-put-it-down thriller until you start thinking about it. Then it will give you nightmares.

Zero Day starts with a company that is having computer problems. They call in a specialist who discovers that their servers have been infected with a particularly pernicious piece of malware. While he’s trying to get the company back in business a call from a colleague at the Department of Homeland Security lets them realize they both are vexed by someone known as “Super Phreak.” Could this be the harbinger of cyberwar? And one with an auspicious starting date.

Mark Russinovich is a Microsoft Technical Fellow. That is a position for a person who is so accomplished that he has no assignment beyond thinking up new ideas. Computer professionals will recognize him as the creator of the Sysinternals utilities. With names like LDMDump and PsGetSid, these programs allow you to learn things about your computer that you didn’t know existed; including that you have an infection down where your antivirus can’t get it.

Here, in Russinovich’s first novel, he uses his knowledge of what is and what could be to weave a story of what we hope never happens. Without referencing any specific real-life situations (see “Stuxnet”[1]), this is a story one could imagine was pieced together from page 4 of the daily newspaper. An airliner has a rough ride over the Atlantic. A ship runs aground in Japan. A hospital has a medication mixup. A worker dies in an industrial accident. Are these unconnected stories? Only our heroes have the insight to know that they are linked by Super Phreak’s zero day rootkit (you only need to know that’s a computer nasty no one has ever seen before). Since a political appointee is too inept, corrupt, or both to sound the alarm; our heroes have to chase, against the clock, across two continents on their own to save the world.

The first edition I had was marred by some editing errors. (The first chapter opens “Saturday, August 11” and on the next page in bold it refers to “Friday, August 11.” [This was corrected in the online excerpt.] In a faux pas as bad as calling your spouse with your lover’s name; another place refers to the heroine with a villain’s name.)

That said, the story maintains its credulity: travel takes real time, coincidences are fortuitous but not magical, heroes are strong and clever but not supermen. Worst of all, the technology is very real and is installed in any business or is available to any teenage hacker anywhere in the world where the internet is available. The story implies a single set of malware could damage a multitude of systems which, in fact, would have to be programmed individually. However, any of the attacks mentioned could happen any time in the near future – or be happening now.

If you like international political thrillers or if you like technology; you’ll like Zero Day. A pair of PhDs become unexpected agents sufficiently focused on what needs to be done to brush off an assassin’s bullets and to convince an uninvolved Russian to assist them in the course of a taxi ride. Russinovich has set himself up to have created the next Jack Ryan. Let’s hope we can look forward to more cybercrises to befall us. [Zero Day the book has no familial or topical relation to the 2003 or 2007 movies with a similar title.]
------- 

REFERENCES:

The book's homepage

http://www.zerodaythebook.com/
Mark Russinovich
http://en.wikipedia.org/wiki/Mark_Russinovich

Stuxnet
http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html
http://en.wikipedia.org/wiki/Stuxnet
Thanks to my source: Steve Gibson
http://twitter.com/sggrc
http://www.grc.com/securitynow.htm

Creative Commons License. This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(c) 2011 Bill Barnes - Disclaimer - Home Page - Blogs Home

No comments:

Pages