What do you think?
Rate this book
Listening In: Cybersecurity in an Insecure Age
A cybersecurity expert and former Google privacy analyst’s urgent call to protect devices and networks against malicious hackers
New technologies have provided both incredible convenience and new threats. The same kinds of digital networks that allow you to hail a ride using your smartphone let power grid operators control a country’s electricity—and these personal, corporate, and government systems are all vulnerable. In Ukraine, unknown hackers shut off electricity to nearly 230,000 people for six hours. North Korean hackers destroyed networks at Sony Pictures in retaliation for a film that mocked Kim Jong-un. And Russian cyberattackers leaked Democratic National Committee emails in an attempt to sway a U.S. presidential election.
And yet despite such documented risks, government agencies, whose investigations and surveillance are stymied by encryption, push for a weakening of protections. In this accessible and riveting read, Susan Landau makes a compelling case for the need to secure our data, explaining how we must maintain cybersecurity in an insecure age.
New technologies have provided both incredible convenience and new threats. The same kinds of digital networks that allow you to hail a ride using your smartphone let power grid operators control a country’s electricity—and these personal, corporate, and government systems are all vulnerable. In Ukraine, unknown hackers shut off electricity to nearly 230,000 people for six hours. North Korean hackers destroyed networks at Sony Pictures in retaliation for a film that mocked Kim Jong-un. And Russian cyberattackers leaked Democratic National Committee emails in an attempt to sway a U.S. presidential election.
And yet despite such documented risks, government agencies, whose investigations and surveillance are stymied by encryption, push for a weakening of protections. In this accessible and riveting read, Susan Landau makes a compelling case for the need to secure our data, explaining how we must maintain cybersecurity in an insecure age.
240 pages, Hardcover
Published November 28, 2017
12 people are currently reading
212 people want to read
About the author
Susan Landau
16 books10 followersSusan Landau, Ph.D. (MIT, Mathematics, 1982; M.S., Cornell University, 1979; B.A., Mathematics, Princeton University, 1976), is Bridge Professor in Cybersecurity and Policy at the Fletcher School of Law and Diplomacy at Tufts University and Visiting Professor, Department of Computer Science, University College London; previously she was Professor of Cybersecurity Policy at Worcester Polytechnic Institute.
In 1989, she introduced what is now known as is known as "Landau's algorithm," the first for deciding which nested radicals can be denested. In 2012, she was awarded a Guggenheim Fellowship.
In 1989, she introduced what is now known as is known as "Landau's algorithm," the first for deciding which nested radicals can be denested. In 2012, she was awarded a Guggenheim Fellowship.
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 19 of 19 reviews
August 31, 2017
This ARC had been provided compliments of NetGalley. Gratitude sent to Yale University Press for allowing this pre-release made available.
The author had drawn a virtual line in the sand. We are buried in the midst of a digital revolution that's being tugged at from all sides. I'm a believer. For one, "we the people" need to feel secure with the digital information we share. It may be in the form of bank account numbers, email addresses, messages or pictures. Let's say, when online, can we be certain that vital Information such as credit card numbers are always going securely to the intended source? Short answer - no. Could our protected data possibly be intercepted? We can only hope. Although, that's being hopefully optimistic. What is it about our trusted smartphone, for example, that protects such sensitive information from falling into the wrong hands? Encryption. The digital process of converting information into a code. Generally speaking, the stronger the code the better. Enter cryptology. The buzzword that defines the foundation of digital security. We've come a long way since the Morse Code.
On the other side of the coin, in some legal matters, a government investigator may need quick and reliable access to a smartphone. Terrorism, drug prosecutions and child pronography to name just a few. Accessing data would be practically impossible with smartphones provided with strong encryption technology. Most of today's manufacturers have that capability made available to us. The government, however, has recommended weaker encryption methods be employed. That would help alleviate their problem. Tracking individuals would be easier. Although it would open up a can of worms for the public. Criminal elements would have far easier access to private information just as well. That's the conundrum.
I only chose to address issues relating to smartphones. It's safe to say that's the one thing most of society shares. Digitally, speaking of course. Since the smartphone's grand entrance into the market about ten years ago, it's become a household item. Think of how many people you know, who don't have one!
The author brilliantly introduced many global hot-button issues regarding cyber security from its birth up until present day. I had no idea what I was getting myself into when I selected this book. The information poured out like an angry beehive. It read more like an encyclopedia of cyber security than a novel. The author discussed at length dozens upon dozens of cases both global and domestic. If you wanted to know everything, I mean everything about our present digital revolution, this prose would be the one I'd recommend.
The author had drawn a virtual line in the sand. We are buried in the midst of a digital revolution that's being tugged at from all sides. I'm a believer. For one, "we the people" need to feel secure with the digital information we share. It may be in the form of bank account numbers, email addresses, messages or pictures. Let's say, when online, can we be certain that vital Information such as credit card numbers are always going securely to the intended source? Short answer - no. Could our protected data possibly be intercepted? We can only hope. Although, that's being hopefully optimistic. What is it about our trusted smartphone, for example, that protects such sensitive information from falling into the wrong hands? Encryption. The digital process of converting information into a code. Generally speaking, the stronger the code the better. Enter cryptology. The buzzword that defines the foundation of digital security. We've come a long way since the Morse Code.
On the other side of the coin, in some legal matters, a government investigator may need quick and reliable access to a smartphone. Terrorism, drug prosecutions and child pronography to name just a few. Accessing data would be practically impossible with smartphones provided with strong encryption technology. Most of today's manufacturers have that capability made available to us. The government, however, has recommended weaker encryption methods be employed. That would help alleviate their problem. Tracking individuals would be easier. Although it would open up a can of worms for the public. Criminal elements would have far easier access to private information just as well. That's the conundrum.
I only chose to address issues relating to smartphones. It's safe to say that's the one thing most of society shares. Digitally, speaking of course. Since the smartphone's grand entrance into the market about ten years ago, it's become a household item. Think of how many people you know, who don't have one!
The author brilliantly introduced many global hot-button issues regarding cyber security from its birth up until present day. I had no idea what I was getting myself into when I selected this book. The information poured out like an angry beehive. It read more like an encyclopedia of cyber security than a novel. The author discussed at length dozens upon dozens of cases both global and domestic. If you wanted to know everything, I mean everything about our present digital revolution, this prose would be the one I'd recommend.
September 2, 2017
A well balanced, illuminating and thought-provoking examination of cyber threats and security in the midst of the Digital Revolution, which is transforming our world from atoms to bits.
Susan Landau has pitched Listening In at the right level for the wider audience. She took my hand and sagely guided me through the otherwise complicated Delphic world of decryption keys, substitution ciphers and encryption algorithms and seamlessly applied it to topical real world situations.
Such as the Russian's hacking the DNC and the resultant email leaks, combined with false news stories and Twitter bots that disrupted the US elections. The US military's use of sophisticated cyberattack weapons to remotely destroy centrifuges at a nuclear facility in Iran. Perhaps the most apposite for us as citizens in the digital era, the FBI's failed court applications to force Apple to write software in order for the FBI to access a terrorist's locked iPhone. A hotly debated issue of security versus privacy that pertinently will continue to be relevant in our future.
But what really stood out was Susan Landau's pragmatic, real world approach on how to address the ongoing cyber threats that we face today.
DARPA, the agency that introduced Internet to the world, developed an essentially unhackable helicopter by securing two small, but critical systems, namely the communications software and the operating system. This is an exemplar for securing both cars and smartphones which are large, complex systems that access multiple communication channels.
Despite the continuing cries by governmental agencies such as the FBI, NSA and CIA of "going dark" - losing the ability to listen in or collect data, the reality is that they are and continue to develop strategies for conducting surveillance via phones, GPS, social media, ubiquitous video cameras, facial recognition technology, data analysis across separate databases and automated license plate readers to name a few.
Within weeks of the FBI taking Apple back to court, one hacking company was able to give the FBI access to the phone and charged $1 million for the effort. A few months later, a Cambridge University researcher demonstrated how to hack the phone using chip-mirroring techniques costing approximately $100 from purchases on eBay.
While end-to-end encryption and secured devices has made it more difficult to collect personal data and conduct surveillance, the protection that encryption offers is essential to thwarting organised crime and nation-states from stealing our data, creating disruptions in the political and economic sphere and otherwise sowing havoc and chaos.
I highly recommend this book as a must read for anyone interested in the reality of living in a digital world.
PS: Various devices such as Amazon's Alexa, Apple's Siri and Smart TVs operates by transmitting your voice commands to algorithms in the cloud to parse your request and send a response to your device in your hand or living room. Which means that you have effectively invited a permanent eavesdropper into your home.
Susan Landau has pitched Listening In at the right level for the wider audience. She took my hand and sagely guided me through the otherwise complicated Delphic world of decryption keys, substitution ciphers and encryption algorithms and seamlessly applied it to topical real world situations.
Such as the Russian's hacking the DNC and the resultant email leaks, combined with false news stories and Twitter bots that disrupted the US elections. The US military's use of sophisticated cyberattack weapons to remotely destroy centrifuges at a nuclear facility in Iran. Perhaps the most apposite for us as citizens in the digital era, the FBI's failed court applications to force Apple to write software in order for the FBI to access a terrorist's locked iPhone. A hotly debated issue of security versus privacy that pertinently will continue to be relevant in our future.
But what really stood out was Susan Landau's pragmatic, real world approach on how to address the ongoing cyber threats that we face today.
DARPA, the agency that introduced Internet to the world, developed an essentially unhackable helicopter by securing two small, but critical systems, namely the communications software and the operating system. This is an exemplar for securing both cars and smartphones which are large, complex systems that access multiple communication channels.
Despite the continuing cries by governmental agencies such as the FBI, NSA and CIA of "going dark" - losing the ability to listen in or collect data, the reality is that they are and continue to develop strategies for conducting surveillance via phones, GPS, social media, ubiquitous video cameras, facial recognition technology, data analysis across separate databases and automated license plate readers to name a few.
Within weeks of the FBI taking Apple back to court, one hacking company was able to give the FBI access to the phone and charged $1 million for the effort. A few months later, a Cambridge University researcher demonstrated how to hack the phone using chip-mirroring techniques costing approximately $100 from purchases on eBay.
While end-to-end encryption and secured devices has made it more difficult to collect personal data and conduct surveillance, the protection that encryption offers is essential to thwarting organised crime and nation-states from stealing our data, creating disruptions in the political and economic sphere and otherwise sowing havoc and chaos.
I highly recommend this book as a must read for anyone interested in the reality of living in a digital world.
PS: Various devices such as Amazon's Alexa, Apple's Siri and Smart TVs operates by transmitting your voice commands to algorithms in the cloud to parse your request and send a response to your device in your hand or living room. Which means that you have effectively invited a permanent eavesdropper into your home.
April 12, 2018
Scary world we live in. We've allowed ourselves to lose our privacy. I really don't think there is a way to protect our devises from someone hacking into them. My tax guy askes every year if I've had my identity stolen, my answer is not that I know of, but I am sure lots of people HAVE my info, they just haven't used it yet. I hope I get to see where all the hacks lead! I am sure whatever anyone wants to know about a person has already been put out there BY THAT PERSON, Facebook, MySpace, Twitter, etc... Interesting book. We gave up our privacy ages ago. What would be interesting is our reclaiming it!
I received a Kindle ARC from Netgalley in exchange for a fair review.
I received a Kindle ARC from Netgalley in exchange for a fair review.
January 14, 2018
[I received a copy of this book through NetGalley.]
An interesting foray into encryption and privacy, especially when considering the point of view of authorities who may need to access data on devices seized upon arrests.
The author makes a case for strengthened encryption, and I feel this makes more sense than the contrary. The book is positioned around the main controversy of including backdoors to allow police and intelligence services to access a device, so that when they need to do it during an investigation, to apprehend a perp or to follow the trail of other people potentially involved, they could do so easily; whereas strong encryption would make it difficult or impossible. However, as has been discussed during actual investigations (an example given in the book involves Apple), there’d be no guarantees that in-built backdoors would be used only by authorities: if they’re here, sooner or later someone with ill intentions is bound to find them and use them, too.
This ties into a general concern about how we have evolved into a digital age, and have to envision security from this perspective. Here also, while not going into deep technical details, the book explains the principles underlying this new brand of security; how this or that method works; the pros and cons of going towards more encryption or less encryption; what other solutions have already been tested, especially in military environments; how cyber-attacks can disrupt governmental operations in many different ways, such as what happened with Estonia and Georgia, and even the 2016 US elections. All very current and hot issues that deserve to be pointed at and examined, because whatever solutions get implemented, if they create less security and impinge on civilian privacy as well, they’re not going to be useful for very long (if ever).
Also interesting, even though it’s not the main focus, is the concept of encryption methods needing to be made public in order to be really efficient: the more people have a chance of poking at them, testing them, and finding faults, the more these methods can be revised and strengthened.
Conclusion: Not a very technical book, but that’s precisely why it makes a good introduction to such matters: easy to understand, while highlighting major concerns that not only deal with national security, but with our own (and with our privacy) as well.
An interesting foray into encryption and privacy, especially when considering the point of view of authorities who may need to access data on devices seized upon arrests.
The author makes a case for strengthened encryption, and I feel this makes more sense than the contrary. The book is positioned around the main controversy of including backdoors to allow police and intelligence services to access a device, so that when they need to do it during an investigation, to apprehend a perp or to follow the trail of other people potentially involved, they could do so easily; whereas strong encryption would make it difficult or impossible. However, as has been discussed during actual investigations (an example given in the book involves Apple), there’d be no guarantees that in-built backdoors would be used only by authorities: if they’re here, sooner or later someone with ill intentions is bound to find them and use them, too.
This ties into a general concern about how we have evolved into a digital age, and have to envision security from this perspective. Here also, while not going into deep technical details, the book explains the principles underlying this new brand of security; how this or that method works; the pros and cons of going towards more encryption or less encryption; what other solutions have already been tested, especially in military environments; how cyber-attacks can disrupt governmental operations in many different ways, such as what happened with Estonia and Georgia, and even the 2016 US elections. All very current and hot issues that deserve to be pointed at and examined, because whatever solutions get implemented, if they create less security and impinge on civilian privacy as well, they’re not going to be useful for very long (if ever).
Also interesting, even though it’s not the main focus, is the concept of encryption methods needing to be made public in order to be really efficient: the more people have a chance of poking at them, testing them, and finding faults, the more these methods can be revised and strengthened.
Conclusion: Not a very technical book, but that’s precisely why it makes a good introduction to such matters: easy to understand, while highlighting major concerns that not only deal with national security, but with our own (and with our privacy) as well.
January 28, 2018
Excellent book, one I'd highly recommend to anyone with even a passing interest in information security. Well written, with enough explanation for the neophyte, but on a level that even professionals can learn from.
I was iffy about commenting on the political side of things, since I think the author did a relatively good job staying out of much of the partisan fray. I'm personally iffy on if the meddling of the Russians actually affected the outcome of the 2016 election. What I was disappointed with was the lack of reference to the obvious security issues around Secretary Clinton's email. If you're going to get into the topic of government securing data (which Professor Landau did) and skip this entirely seems to be a huge oversight.
That said, read this book, it's worth your time.
I was iffy about commenting on the political side of things, since I think the author did a relatively good job staying out of much of the partisan fray. I'm personally iffy on if the meddling of the Russians actually affected the outcome of the 2016 election. What I was disappointed with was the lack of reference to the obvious security issues around Secretary Clinton's email. If you're going to get into the topic of government securing data (which Professor Landau did) and skip this entirely seems to be a huge oversight.
That said, read this book, it's worth your time.
June 9, 2019
This is a concise book (it is only 118 pages long, excluding the endnotes), intended to capture the expertise the author was sharing in talks and lectures before 2017 in a medium suited for wider publication. It is a useful primer on the 'encryption debate.' The author clearly has real expertise on this issue, and although she concludes that "our society is best served by securing communications and devices even if that choice makes government investigations more difficult," she also recognises that investigative powers are essential and fundamentally incompatible with fully protecting the privacy of those who are targeted by them.
Unfortunately, this means that the author does not reach a firm view on questions like "Should the FBI have won its case against Apple under the All Writs Act, as a matter of policy?" Maybe there is no clear and intellectually honest answer to this question, or the related question I am interested in– "Should Australia have passed the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018?" I was hoping that a book from a university press might help me come up with one, but as somebody who has been following the public debate on this issue for several years, I did not learn a great deal from this book.
Unfortunately, this means that the author does not reach a firm view on questions like "Should the FBI have won its case against Apple under the All Writs Act, as a matter of policy?" Maybe there is no clear and intellectually honest answer to this question, or the related question I am interested in– "Should Australia have passed the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018?" I was hoping that a book from a university press might help me come up with one, but as somebody who has been following the public debate on this issue for several years, I did not learn a great deal from this book.
November 7, 2018
A wonderful book, excellent for those who are highly technical and those who want to learn more about why data privacy and security is so important. Ms Landau did an excellent job of breaking things down, so they could be understood by the general public, while still keeping the content deep.
I learned a great deal about how many telephony systems work, the importance of understanding system integration, and the laws of unintended consequences.
Ms Landau’s coverage of the 2016 election, and other recent global events, and the place hacking computer vulnerabilities played a large role was revelatory.
Highly recommend!
Note: I used to work with Ms. Landau at Sun Microsystems.
I learned a great deal about how many telephony systems work, the importance of understanding system integration, and the laws of unintended consequences.
Ms Landau’s coverage of the 2016 election, and other recent global events, and the place hacking computer vulnerabilities played a large role was revelatory.
Highly recommend!
Note: I used to work with Ms. Landau at Sun Microsystems.
January 25, 2018
Velskrevet bok om utviklingen innen datasikkerhet fra de tidligste angrepene i internetts spede begynnelse til angrepene relatert til presidentvalgkampene i USA og Frankrike. Utmerket bok for de som ikke har fulgt utviklingen på området på nært hold, og samtidig en god oppsummering for «menigheten».
August 30, 2018
Good explanation on a difficult subject which is the technology space I work in. I will definitely use her descriptions, particularly with business people without a technology background. It's a bit dry at times which is why I rate it a 4,
July 1, 2021
This book details some of the recent cyberattacks, and the FBI response, and investigations of such crime. The book only mentions in passing "wiretaps" and methods the FBI uses to deal with digital communications and encryption.....
November 18, 2017
Really good combination of technical insight into, e.g., iPhone security, and into the investigative techniques available to the FBI and to intelligence agencies.
August 30, 2019
A good gathering of lots of different events turned into a well supported argument that we need more personal internet/cybersecurity these days.
August 20, 2018
α - Bruce Schneier recommended.
Ω(»,Î,Φ,β) - Short & direct. Densely packed with information.
Ω(»,Î,Φ,β) - Short & direct. Densely packed with information.
November 28, 2017
Another dark view on our future due to the web and cyber espionage etc.etc. I wonder when it will be possible to control a lot of the things we cannot control right now, even because our government doesn't want us to be able to control them. Scary.
Un altro libro che si dilunga in quanto sará brutto il nostro futuro a causa del cyber spionaggio che possa poi essere usato da hacker o dai poteri forti. Mi chiedo se e quanto sará possibile controllare quanto attualmente ci é impossibile tenere sotto controllo, sia per cause esterne che governative. Mette paura.
THANKS TO NETGALLEY FOR THE PREVIEW!
Un altro libro che si dilunga in quanto sará brutto il nostro futuro a causa del cyber spionaggio che possa poi essere usato da hacker o dai poteri forti. Mi chiedo se e quanto sará possibile controllare quanto attualmente ci é impossibile tenere sotto controllo, sia per cause esterne che governative. Mette paura.
THANKS TO NETGALLEY FOR THE PREVIEW!
December 28, 2017
A good survey of current debates around the use of encryption. Recommended as an introduction, but not as interesting if you follow this area closely already.
Want to read
December 6, 2017As heard on the Science podcast: http://www.sciencemag.org/podcast/wor...
February 2, 2018
This was a good critique of how government agencies are dealing with the issues related to data encryption and access. She is tough on the approach the FBI used, however complimentary of the tactics used by the NSA. She presents the information in a very understandable format for even there lay person.
February 24, 2018
The book is set in a backdrop of the FBI's battle with Apple over the creation of backdoor to access an iPhone captured during the San Bernardino attack and the Russian meddling of US 2016 Presidential elections. Susan Landau (the author) has even testified in front of the US Congress on the FBI-iPhone issue. The book talks about how investigations from Law Enforcement agencies have changed with the advent of internet and how there is even abuse of power sometime by these agencies.
I feel the book failed to provide strong policy/technical recommendations as to how the public can be protected from over reach by Law Enforcement agencies. It did emphasize that creation of the backdoors is a bad idea, but does not give too may supporting arguments in favor of this.
Despite these, it is a must read for Privacy advocates, Journalists covering technology and InfoSec practitioners .
I feel the book failed to provide strong policy/technical recommendations as to how the public can be protected from over reach by Law Enforcement agencies. It did emphasize that creation of the backdoors is a bad idea, but does not give too may supporting arguments in favor of this.
Despite these, it is a must read for Privacy advocates, Journalists covering technology and InfoSec practitioners .
Displaying 1 - 19 of 19 reviews