More on this book
Community
Kindle Notes & Highlights
Read between
April 9 - April 29, 2022
The former director of the NSA, Keith Alexander, famously called Chinese cyberespionage the “greatest transfer of wealth in history.” The Chinese were stealing every bit of American intellectual property worth stealing and handing it to their state-owned enterprises to imitate.
Russian trolls had been inundating Facebook pages frequented by young Ukrainian mothers with anti-vaccination propaganda. This, as the country reeled from the worst measles outbreak in modern history. Ukraine now had one of the lowest vaccination rates in the world and the Kremlin was capitalizing on the chaos. Ukraine’s outbreak was already spreading back to the States, where Russian trolls were now pushing anti-vaxxer memes on Americans.
What had saved Ukraine is precisely what made the United States the most vulnerable nation on earth. Ukraine wasn’t fully automated.
By the time Iran’s nuclear scientists discovered that a computer worm was responsible for the destruction of their centrifuges, Stuxnet had already destroyed a fifth of Tehran’s uranium centrifuges and set Iran’s nuclear ambitions back years.
When it came to zero-days, governments weren’t regulators; they were clients.
The New Hacker’s Dictionary, which offers definitions for just about every bit of hacker jargon you can think of, defines hacker as “one who enjoys the intellectual challenge of creatively overcoming or circumventing limitations.”
The goal is to get to a point where you can find functions and variables that can be exploited to do something for which they were never intended.
“That’s why the Europeans are so good at writing exploits,” he says. “After babies, European parents get like a year to hack.”
For the first time, the secret was out: the U.S. government was willing to pay hackers—quite a bit, as it turned out—to turn over vulnerabilities in the products and leave their customers—including American citizens—vulnerable in the process. And the government was doing so with money from taxpayers, the very people the government was charged with protecting.
At TAO, young hackers with the skills to develop these tools were learning that they could make far more money on the outside, developing and selling their surveillance and attack tools back to the government, than they could on the inside. In Russia and China anyone with cyber skills could be coerced, threatened, and blackmailed to conduct offensive hacking operations, but the U.S. government had no such luxury. Increasingly it was losing its best hackers and analysts to higher-paying jobs at private defense contractors like Booz Allen, Northrop Grumman, Raytheon, Lockheed, and Harris, and at
...more
In their eagerness to pay top dollar for more and better zero-day exploits and spy tools, U.S. spy agencies were helping drive a lucrative and unregulated cyberarms race, one that gradually stopped playing by American rules.
there was little incentive to regulate a market in which the United States government was still its biggest customer.
