Publisher’s Weekly Review of A Hacker’s Mind

Publisher’s Weekly reviewed A Hacker’s Mind—and it’s a starred review!

“Hacking is something that the rich and powerful do, something that reinforces existing power structures,” contends security technologist Schneier (Click Here to Kill Everybody) in this excellent survey of exploitation. Taking a broad understanding of hacking as an “activity allowed by the system that subverts the… system,” Schneier draws on his background analyzing weaknesses in cybersecurity to examine how those with power take advantage of financial, legal, political, and cognitive systems. He decries how venture capitalists “hack” market dynamics by subverting the pressures of supply and demand, noting that venture capital has kept Uber afloat despite the company having not yet turned a profit. Legal loopholes constitute another form of hacking, Schneier suggests, discussing how the inability of tribal courts to try non-Native individuals means that many sexual assaults of Native American women go unprosecuted because they were committed by non-Native American men. Schneier outlines strategies used by corporations to capitalize on neural processes and “hack… our attention circuits,” pointing out how Facebook’s algorithms boost content that outrages users because doing so increases engagement. Elegantly probing the mechanics of exploitation, Schneier makes a persuasive case that “we need society’s rules and laws to be as patchable as your computer.” With lessons that extend far beyond the tech world, this has much to offer.

The book will be published on February 7. Here’s the book’s webpage. You can pre-order a signed copy from me here.

Tags: , ,

Posted on January 21, 2023 at 7:18 AM5 Comments

Comments

nasrin January 23, 2023 4:50 PM

Hi Schneier!
Thanks for your great work!
Do you recommend this book to any one? Does it contain technical parts ?

Best regards

ResearcherZero January 24, 2023 4:34 AM

“It seems to me, Golan, that the advance of civilisation is nothing but an exercise in the limiting of privacy.” ~Janov Pelorat (remark to Golan Trevize) – Foundation’s Edge by Isaac Asimov

How rationalists and nihilists have it wrong, and why the infosec community is ahead of the curve.

“The world is filled with conflicts over boundaries and meanings. Some want to impose rigid norms, definitions, and structures on everyone in a flailing attempt to restore certainty and order.”

“In security contexts, this often means more centralized control and surveillance. Some fight this with a nihilist argument that no meaning, or structure, or understanding is possible. But we see that societies and systems can work — sort of — because we, collectively, with good judgment and sincere effort and appreciation for context and nuance, make them work.”
https://ioc.exchange/@invisv/109740474201888576

James Mickens Keynote Presentation

“Some people enter the technology industry to build newer, more exciting kinds of technology as quickly as possible. My keynote will savage these people and will burn important professional bridges, likely forcing me to join a monastery or another penance-focused organization. In my keynote, I will explain why the proliferation of ubiquitous technology is good in the same sense that ubiquitous Venus weather would be good, i.e., not good at all.”

“Using case studies involving machine learning and other hastily-executed figments of Silicon Valley’s imagination, I will explain why computer security (and larger notions of ethical computing) are difficult to achieve if developers insist on literally not questioning anything that they do since even brief introspection would reduce the frequency of git commits. At some point, my microphone will be cut off, possibly by hotel management, but possibly by myself, because microphones are technology and we need to reclaim the stark purity that emerges from amplifying our voices using rams’ horns and sheets of papyrus rolled into cone shapes. I will explain why papyrus cones are not vulnerable to buffer overflow attacks, and then I will conclude by observing that my new start-up papyr.us is looking for talented full-stack developers who are comfortable executing computational tasks on an abacus or several nearby sticks.”
https://www.youtube.com/watch?v=ajGX7odA87k

reflections on trusting trust
https://dl.acm.org/doi/10.1145/358198.358210

“it’s important to understand the many inappropriate laws, dysfunctional institutions and perverse incentives that get in the way of rational policies”
https://www.lightbluetouchpaper.org/2022/10/13/chatcontrol-or-child-protection/

Clive Robinson January 24, 2023 6:02 AM

@ ResercherZero, name.withheld…, SpaceLifeForm, ALL,

With regards Ross Andersons post,

https://www.lightbluetouchpaper.org/2022/10/13/chatcontrol-or-child-protection/

I find the last two sentances the most important,

“It will also undermine human rights at a time when we need to face down authoritarians not just technologically and militarily, but morally as well. What’s the point of this struggle, if not to defend democracy, the rule of law, and human rights?”

It’s becomming clearer to most that our democracies have been misapropriated, and rules designed for the emergancy defence of Nations are being usurped and abused as a way to circumvent any rational debate or control by the elected representatives or the people they should honestly represent.

For years on this blog warnings about “think of the children” arguments being used as a knee jerk way to gain unwarranted powers has been highlighted as bad in many ways. But though we’ve all been aware of it we’ve not realy given voice to it.

Perhaps it’s time we should follow Ross Anderson’s direction and start using the truth directly, loudly, and in the face of those who exhibit such behaviours, rather than timidly try to “rationaly and calmly discuss”. Because these people are not interested in rational or calm discussion, they just see it as something to drive roughshod over with not just intent but real malice, as they aim to get their wholly undesirable society destroying and oppressing plans into place.

History tells us the only way to stop an inevitably self entitled idiot driving roughshod where they please but should not, is by putting a very solid barrier in place for them to crash into and be deflected or stopped. As we’ve seen with traffic barriers for more than half a century, such barriers save the lives of many others and significabtly limits the harms the self entitled idiots can do even to themselves.

Rhonda Ayala February 19, 2024 7:47 AM

My very first Involvement in cryptocurrency was through a Whatsapp group called “Fortune Club 131” which was established on April 12th. Among the initial group of over 90 members, Maria was generally responsible for running the group. The trading scheme’s brilliance stemmed from Mr. Baines, who, along with his team of analysts, had the remarkable ability to anticipate BTC and ETH movements. They utilized leverage of up to 100 times in “Perpetual Contracts,” resulting in substantial profits during short 2- 6 hours trading. As part of my involvement, I transferred 106k USDT into their trading platform, “GMI Marketing” which is the current URL I access my account from but unfortunately can’t initiate withdrawals. Throughout April 26th, this WhatsApp group experienced positive trading outcomes based on results from a website that appeared to be a legitimate trading platform. The website closely resembled other real-time BTC quote sites. Interestingly, it seems that only a few of the 90+ members used their actual phone numbers for their WhatsApp accounts. On April 28, Maria created another WhatsApp group specifically to assist me with my crypto purchases and the transition of funds into the trading site. She dedicated a considerable amount of time to suggesting the acquisition of USDT instead of ETH for transfer into the trading platform account. The entry cost was $106K, and Maria consistently reminded me of the importance of reaching that contribution level. Once I achieved it, I was encouraged to trade based on their signals, resulting in my account quickly growing to 800K USD. At this point, I decided to request a withdrawal of USD 200K. However, I was informed that I needed to deposit an additional $82K for gas fees and trading charges. This raised a significant red flag for me. Given that I didn’t have the funds readily available, Augusta persistently urged me to take out a loan, which I declined. Hence, I had to reach out to a reputable recovery team known as ADWARE RECOVERY SPECIALIST for assistance. After providing them with detailed information about the entire situation, they utilized the provided information to trace back my funds to the wallet where they were being held. While they were unable to recover the entire amount, they successfully retrieved more than half a million dollars in USDT. I recommend seeking help from ADWARE RECOVERY SPECIALIST. The results they achieved in my case speak for themselves, and I am confident they can provide similar assistance to anyone facing a similar situation.

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.