The Lure Provides a case study of a large, complex, and highly technical prosecution of two Russian hackers. In this book, the materials presented offer information that can be used by IT professionals, business managers, and academics who wish to learn how to protect systems from abuse, and who wish to respond appropriately to network incidents. Full description
Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.
Pour obtenir l'appli gratuite, saisissez votre adresse e-mail ou numéro de téléphone mobile.
In The Lure: The True Story of How the Department of Justice Brought Down Two of The World's Most Dangerous Cyber Criminals, Steve Schroeder provides a clearly written, blow by blow account of how the FBI took down a Russian hacking operation.
Schroeder begins the book by telling how he and his colleagues lured two Russian hackers into leaving their virtual immunity in Russia for the far less tolerant shores of the US. Of course, the case involved highly technical details, but the author breaks it down for readers in a way that is understandable to anyone with rudimentary computer or programming experience. This aspect of his writing is impressive, and for this reason I think the book would make fine reading for anyone interested in cyber crime, or as an introductory level text in a classroom setting.
The "lure" ends pretty early, though, because they catch the hackers, and the rest of the book is a detailed foray into the US legal process. I found it enjoyable in places, but I don't know how well 400+ pages of legal minutiae will appeal to others. The evidence is overwhelming against the hackers, and even though Schroeder attempts to inject drama into the various stages of the prosecution process, it reads more like a drawn-out tale of sad desperation. Law enforcement officials, experts, and the prosecution labor mightily to bring these two to justice, and by the end you get the feeling that unless hackers are insanely incompetent, they can get away with whatever they want in the US. The narrative rarely lags, but by the end I found myself losing interest in the bureaucratic maneuverings of "Steve" (the author writes in the third person) and his colleagues.
I think the author has done a great service by turning a technical morass of evidence into a readable narrative, and I strongly recommend the book to anyone in law enforcement (or to the hackers who hope to prevent interactions with law enforcement). Otherwise, it really depends on how familiar you want to become with the intricacies of the US legal system.
7 internautes sur 9 ont trouvé ce commentaire utile
Prosecuting A Cyber Crime, Step By Laborious Step19 avril 2011
Steve Schroeder's love for the tiniest detail helped make him an effective prosecutor in the emerging field of cybercrime at the dawn of the 21st century. But it also makes him a rather stodgy writer, and even less effective editor. This book makes you feel you are sitting on a very long trial in real time.
"The Lure" examines how two young Russian hackers were brought to justice by a system still working through an enormous learning curve. How to prove that their breaking into web servers of banks, online merchants, and other businesses boiled down to extortion and fraud? How to prove malicious intent using terms like "hash," "bash," and "tarred"? It's this challenge Schroeder attempts to explicate in this new book.
For me, the most interesting part of the book was the trap set by the FBI, the "lure" of the title that drew the two Russians to Seattle to demonstrate the art of hacking to the very people who planned to arrest them. For Schroeder, that's the preliminary part of the story, the part that didn't involve him, and over with in 70 of the book's 500 pages. After that, it's on to the pre-trial and trial phases of the case, and a deep-dish examination awash in the intricacies of law and computer science.
Schroeder's writing style, as indicated, is very cut-and-dry, and more than a bit self-serving. He did a great job leading the prosecution of the case, and wants you to know this by highlighting his clever decisions and choicer comments. This subjective viewpoint would be less grating if he didn't take the distancing tack of referring to himself in the third-person.
The court case is the least interesting part of the story. Once the two Russians, Alexey Ivanov and Vasily Gorshkov, are reeled in, the case against them seems to have been pretty straightforward. In the case of Gorshkov, whom Schroeder prosecuted, the story isn't so much whether a crime took place as whether the state can pin the crimes on him while he and his lawyer pin the blame on Ivanov alone. [Ivanov was prosecuted separately, entered a guilty plea, and disappears from most of the rest of the narrative.]
Schroeder takes you through step after painstaking step he and his team undertook to make Gorshkov's guilt apparent to a jury and a caustic judge whose own impatience may mirror yours by book's end. Wading through pages of transcript, Schroeder draws out even the tiniest disputes. Little details like transporting text from a Microsoft Word program to a Power Point slideshow format occupy much attention. Even a juror's holding up the trial for an hour looking for lunch gets play. "Law & Order" it's not.
There's a better story that seems lost in the larger narrative. The Russians aren't painted by Schroeder as bad guys so much as products of a relatively lawless society where concepts like privacy and security are little known. We are told at one point that for them, being caught by their own government might have put them not behind bars but behind a computer doing the same dirty work for the government rather than for themselves. At least one of the culprits, Ivanov, imagined himself something of a helper to the companies whose servers he attacked. He wanted work in the United States, and was happy to offer apparently sincere service once he invaded a computer system successfully. But ignore him at his peril.
"All security questions will be decided not by a mere 'thank you,' because a 'thank you' doesn't put food in your mouth," Ivanov writes a leading executive at PayPal.
The peek behind the curtain of cybercrime is thus sometimes interesting if outdated (the case went to trial in 2001, and Schroeder retired a year later). But the overall narrative is written in such a choppy, repetitive manner as to leech out any drama. Perhaps it was written exclusively as a technical manual as other reviewers say. But it didn't have to be so dry or so long.
1 internautes sur 1 ont trouvé ce commentaire utile
If you have an interest in cyber-crime books, this is one to grab. "The Lure" gives a detailed account of how the Justice Department lured two Russian cybercriminals into an intricate trap. Very detailed, very thick, but well worth reading.
1 internautes sur 1 ont trouvé ce commentaire utile
I didn't check the author's bio before I read the introduction to The Lure, and my first reaction was that it sounded like it was written by a lawyer. Surprise! It was.
This is a fascinating story of the inner workings of the Justice Department with all the detail a reader could possibly want. This cyber crime--the hacking of computer networks at several financial institutions and US corporate offices by a pair of Russians--received a lot of press at the time it occurred, but the specifics were, of course, kept quiet until the case was finalized in the courts. It is enlightening to learn how our system works behind the scenes to bring down criminals. Turns out it's more like TV crime dramas than we might think! The Lure is a moment-by-moment factual account of the entire process from the moment the hackers were discovered through the sting operation (the "Lure" of the title) to the grand finale.
For many readers, however, it is likely to be overwhelming in that it is so very detailed and written in a style reminiscent of a legal brief. Thi shouldn't be a surprise coming from publisher Course Technology, and I'm sure upon its release this text will become a staple in law school cyber-crime classes and police academies around the world. It is not an easy or light read. Not knowing what to expect, I started reading in the living room with the TV news playing in the background and my usual accompaniment of cage birds chattering and a cat crawling onto my lap for petting. Within a few pages I hied myself to the silence of the bedroom where I could focus full attention and reread the part I'd already read. That's how information- and word-dense the book is.
Since I'm a techno-dweeb, the cyber jargon was relatively familiar. Though the author does a banner job of defining terms, I suspect that someone with no computer background or fascination with cyber crime might find this an impossible read, which is why I only rated it three stars. But if you are a fan of textbooks and factual presentations without glitz or notable creative touches, this is the book for you. And it will be both a frightening glimpse at the scope of such crimes and a powerful look at how well our system works to undermine the evil among us.
3 internautes sur 4 ont trouvé ce commentaire utile
If you like reading legal briefs or police reports, you might like this book. Otherwise, I think you'll find it laboriously over-detailed, minutely described, and overall boring. The title gives you the idea that most of the story is about capturing the criminals, but that matter is over quite quickly and the rest is the boring courtroom bits. The author even adds a sidebar to explain that real courtrooms are indeed boring, unlike anything that you'll see on TV. No part of the prosecution seems unworthy of inclusion, and there's nothing exciting in any of it. He writes as if he's making his detailed case to his audience, which he doesn't need to do.
Even with better writing and editing, the story is just dull. Some Russians break into computers, identify themselves to their victims during their extortions, the FBI gets them to come to the US, they arrest them. Done. It wasn't even hard. After that, the bulk of the book is the case against them. It's not exciting. It's mind-numbingly dull. They have the wrong author for this. If this were a textbook for case law, he might do fine. As a mass market book, it needs a writer to edit and punch up the story a bit.
If you are a techie, you'll probably pull out your hair at the mostly-right-but-not-quite descriptions of what goes on during a computer exploit. There's far too much technical detail for a general audience in the book, and certainly much more than he needs to tell the story. There's also not enough technical details to make anyone actually understand why any of it matters. This isn't The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage, which has an engaging narrative, an easy technological style, and a much more interesting story and teaches the general audience in a gentle manner.
The layout of the book is awful. Exchanges such as IRC conversations are presented as paragraphs when they would be much more understandable when presented as dialog, or even as they would appear in an IRC client. There are much better ways to arrange all of the information that this book wants to present, but it looks like the publisher skimped on the layout.