Average Customer Review:
 ( 35 customer reviews )
Write an online review and share your thoughts with other customers.
Most Helpful Customer Reviews
100 of 100 found the following review helpful:
 Should interest newbies and experts alikeSep 28, 2011
By Chris Lee Mullins
One of the greatest things about airport bookstores - they often ignore sale dates. I purchased Worm a few days ago without realizing it wasn't supposed to be released yet. Which is good, because it made that flight from Denver to Baltimore tolerable.
First things first. If you are a network newbie, you will be coddled by this book. You don't need to have your MCSE or CISSP to read "Worm". Bowden does a good job of breaking down salient data - what is TCPIP, what is RPC - and creating explanations that make sense. Don't know why Port 445 is so special? Wonder why Windows is so often the target of malware around the world? (the technical explanation, not the political answer) You will after reading this book. It won't win you any medals at the next Cisco shareholders meeting or net you a job in IT, but at least you'll know why Patch Tuesday is important and why malware isn't just a problem with code - it's a social engineering problem, too.
The next best thing about this book is how much it stresses that the Internet is still in it's adolescence. It's a hodgepodge of ancient protocols and new-fangled protocols shoehorned into communicating with one another, and that's a fragile animal. you'll wonder why it doesn't go down more often.
"Worm" is entertaining and informative. Personally, I think it's too short. You'll get a quick bio about a particular researcher, follow them through some problem solving and then, inexplicably, drop them entirely while picking up with another researcher. I think the personalities involved are as important as the science. But those quibbles are trivial.
10 of 10 found the following review helpful:
The true story of how hackers almost brought down the Internet -- and still couldOct 05, 2011
By Mal Warwick
It's out there. Waiting. Chances are, you've never heard of it. Nobody knows who controls it, or why. No one knows what it will do. But its destructive capacity is terrifying.
Welcome to the world of cyberwar! And, no, this is NOT science fiction.
"It" is the Conficker Worm, an arcane name (an insider's joke) for the most powerful "malware" -- malicious software -- yet encountered on the Internet. First detected in November 2008, Conficker is a devilishly clever bit of programming that took advantage of a vulnerability in the Windows operating system. Microsoft immediately moved to "patch" the vulnerability, but therein lay the problem: Windows is the most-pirated software of all, so hundreds of milliions of computers were running versions of Windows without the patch -- all of them vulnerable to Conficker (and to hundreds of other malicious programs whose authors now knew how to embed their work in Windows).
Mark Bowden, the very capable author of Blackhawk Down, tells the story in Worm of a group that included many of the world's top computer security experts who privately came together early in 2009 to combat Conficker. At first, they were confined exclusively to the private sector, and their work was informal. Eventually, they managed to gain the attention of senior government officials and -- slowly, reluctantly -- obtain limited official support from the U.S. and Chinese governments. The group, known among themselves as the Conficker Cabal, even managed to get onto the White House agenda late in the game, as Conficker was upgraded once and then again - because the worm represented nothing less than an existential threat to the Internet itself.
I did say the potential was terrifying, didn't I?
Bowden is a superb journalist and a capable writer, as Blackhawk Down made clear. However, Delta Force soldiers pinned down in a firefight in Mogadishu make for great copy. Geeks exchanging emails about technical material don't. Bowden does an excellent job explaining in plain English the nature of Conficker and how it operates, and he does his best to sketch the members of the Cabal in three diimensions, but the result is hardly a page-turner. Still, Worm is a very important book, because it brings to light just how vulnerable is the infrastructure of the world we live in.
And, oh yes, the Cabal managed to fight Conficker to something of a standstill. But they couldn't destroy it, and to date they've never found the hackers who created it. Conficker is still out there.
[...]
25 of 32 found the following review helpful:
 This Will Really Get You Thinking About Computer Security!Sep 30, 2011
By Loyd E. Eskildson
"Pragmatist"
Author Bowden does a great job of summarizing malware in general, and the Conficker worm in particular. He begins by explaining that there are three types of malware - Trojans, viruses, and worms. A Trojan is a piece of software that masquerades as one thing to get inside a computer, then attacking. A virus attacks its host computer after entering its operating system - it depends on the operator opening an e-mail attachment or clicking on a lilnk. A worm works like a virus, but doesn't attack once it enters - it's primarily designed to spread, then wait for instructions delivered later.
Some computer malware is intended to damage or destroy one's computer, and victims quickly realize the problem. A computer worm, by contrast, is a packet of computer code designed to infiltrate a computer without attracting attention and then scans for others to invade, spreading exponentially. The Conficker computer worm emerged in November, 2008 and infiltrated 1.5 million of the world's computers in the first month. By January, 2009 it had spread to at least 8 million computers, exploiting flaws in Microsoft Windows that it closed after entering. They constantly check with its unknown creaters at their unknown location for directions. Frustrated cyber-security experts at Microsoft, Symantec, SRI International, etc. have merged forces to try and defeat it - so far they've been unsuccessful. Bowden's 'Worm' tells how hackers, entrepreneurs, and computer security experts are trying to defend the Internet from Conficker - what the author calls 'the first digital world war.'
In the 'good old days,' infected computers slowed down because user commands had to compete with viral invaders for processing power. Computers would slow down, and programs would freeze. Worm-linked computers ('botnets') can be used to steal information, assist fraudulent schemes, or launch denial-of-service attacks. So far, Conficker (35 kilobytes of code - less than a 2,000-word document) has done none of those things, and been activated only once to perform a short, simple spamming operation that sold a fake anti-spyware program for two weeks, then stopped.
The Microsoft operating system has over 65,000 ports designed to transmit and receive certain kinds of data. Conficker exploited Port 445, which Microsoft had tried to repair 10/23/2008. Firewalls are security programs that guard these ports, but Port 445 was vulnerable even when protected by a firewall if both print-sharing and file-sharing were enabled. However, many fail to apply new patches promptly, and others run pirated Windows systems which Microsoft doesn't update. Thus, reverse-engineering patches allows attackers to create targeted worms.
Experts trying to disable Conficker have learned that it tries to prevent communication with security providers, it avoided Ukrainian IP addresses, and disabled system restore points that allowed users to reset infected machines to a date prior to infection. To prevent IT-defenders from predicting how the infected computer would try to communicate home by setting the computer's clock ahead and then watching what happened (it generates 250 random-codes/day for each of 8 domains - eg. .com, .edu, .uk, etc.). Conficker-infected computers use system clocks (eg. Google, Yahoo) that can't be set ahead. The 'bad guys' only have to pay $10 to register one address, and wait for botnetted computers to make contact. Unfortunately for computer defenders, that communication used coding techniques employed in the latest standard, MD-6, revised.
Defenders, however, were flooded by 50,000 domain names/day needing investigation. Each requires checking to ensure it belongs to a good guy, and their spread out all over the world. Worse yet, a newer version introduced peer-to-peer communication, meaning that all infected computers no longer needed to call home for instructions, and defenders no longer have any way of telling how many computers are infected.
Another insidious Conficker attribute is that it could also be spread by USB drives - thus, systems not connected to the Internet were also vulnerable.
Most of the world's 'best' malware comes from Eastern Europe, drawing on high levels of technical expertise and organized criminal gangs. That's a very big area within which to search.
18 of 23 found the following review helpful:
 "Worm" --- a worm?Oct 20, 2011
By RpS
Just finished reading this disappointing effort on my Kindle. Tho normally a great Bowden fan, this one fell well short of my expectations. The story drones on and on as the valient Cyber-SEALs battle the faceless Evil Genuis(es) who are behind the Conficker worm. As I hit the midway point I found myself speed clicking thru the pages in an attempt to get to the Good Part (which never came).
I agree with some others that the book is poorly edited, given a sprinkling of spelling errors, but much more annoying is the endless replication of e-mails between the various members of the "Cabal". In what seems to be an obvious attempt to pad the book, these emails run on forever, sometimes extending to as many as 4-5 Kindle screens.
I have concluded that "Worm" must itself be an unscrupulous bit of malware; a program that has infiltrated my Kindle at the behest of some unknown botmaster, having maliciously appropriated the identity of Mark Bowden.
Somebody call US-CERT!
12 of 15 found the following review helpful:
 DisappointedOct 20, 2011
By EHinLA
I heard an interview with the author on NPR recently and thought that this would be an interesting read about a subject I am quite ignorant about. At first I enjoyed the narrative drive, it felt like a thriller - and I didn't mind the asides regarding the different personalities being assembled along with some technical details (which were mostly helpful for me). Unfortunately by about page 100 or so, the book was pretty much all asides and the narrative drive - the whodunit aspect - was gone. I found myself bored. Read another 10 or 15 pages or so, and still felt bored. The book felt repetitive and padded. I don't care enough, at this point, to finish it. In terms of style, all of the "X-Men" references and good - "white hat" and evil "black hat" stuff was really belabored, on and on, both mannered and goofy. The menace of the "malefactors" seemed cartoonish. The author discusses several previous malware attacks and reports that they cost millions to billions of dollars, but he doesn't really explain how - lost productivity? Because, as he explains, the computers aren't "broken" per se (i.e they are machines but without any moving parts), there is no destruction of the internet, so these numbers seem vague: "Still, Blaster caused an estimated $500 million in damages to computer networks worldwide." Really?? I don't get it.
I was hoping for something more interesting - but the whole thing was already in the NPR interview! The rest is padding.
See all 35 customer reviews on Amazon.com
|
based on 35 reviews
