IWS - The Information Warfare Site
News Watch Make a  donation to IWS - The Information Warfare Site Use it for navigation in case java scripts are disabled



BKBLUNWH.RVW 20030325

"The Blue Nowhere", Jeffrey Deaver, 2001, 0-671-04226-2, U$7.99/C$10.99
%A Jeffrey Deaver
%C 200 Old Tappan Road, Old Tappan, NJ 07675
%D 2001
%G 0-671-04226-2
%I Pocket STAR Books/Simon and Shuster
%O U$7.99/C$10.99 www.simonsays.com
%O http://www.amazon.com/exec/obidos/ASIN/0671042262/robsladesinterne
http://www.amazon.co.uk/exec/obidos/ASIN/0671042262/robsladesinte-21
%O http://www.amazon.ca/exec/obidos/ASIN/0671042262/robsladesin03-20
%P 505 p.
%T "The Blue Nowhere"

Recently, over the course of a week, three different people told me I *had* to read this book. Obviously, somebody likes it.

Well, there are some reasonable points about members of the blackhat community, such as the various activities and types, the generally opportunistic skill level, obsessive behaviour (although the" addiction" theme is a bit overplayed) and the usual types of motivations. (While the book does note that blackhats engage in different activities, the insistence on a kind of "superhacker" who does everything is a central feature of the book.) However, despite serious attempts to use real technology, such as the packet nature of network transmissions, routers, and steganographic embedding, a great deal of the technical errors are simply annoying. The Computer Emergency Response Team does not deny that is its name: in fact, both name and acronym are trademarked, and CERT suggests other offices call themselves computer incident response teams. Hackers don't get callouses on the ends of their fingers. (Guitarists, yes. Harpists, yes. Quilters, yes. Typists, no. In addition, typing speed has never been a measure of "hacking" skill.) Nobody would bother to hide SATAN anywhere over a period of years: it has been freely available and the program is so old it is no longer very useful, anyway--which objection would apply to most security breaking tools. Exploits are very version-specific, and are seldom useful for long periods of time. Winchester hard drives are not a big deal: at one point they were, but at another they were the most commonly available drives for personal computers.

The network forensics that are used in this work to track people are neither clearly explained, nor very accurate. The significance of domain names is overrated, while there is no mention of IP addresses at all. An attack on law enforcement systems carried out through the Computer Crime Unit investigating office is extremely unlikely: the perpetrator obviously already has access to the law enforcement systems (he has previously erased files and interfered with investigations), even an hour is too little time to completely investigate multiple large networks, and a simple air gap would be enough to prevent the intrusion--and would be standard in such an office. A software package intended to destroy a computer does physical damage to it. Deaver does have an explanation that might be reasonable--except that it wouldn't work.

At one point there is a derisive comment about "Eurotrash hackers" who try to use (presumably American) idioms and get them wrong. This is rather ironic in view of the fact that Deaver makes so many mistakes with both technical and blackhat jargon. The title of the book itself is supposed to be a synonym for cyberspace (although it is explained, rather late in the book, simply as a reference thought up by one of the characters).

On the other hand, Deaver's familiarity with more standard forensic science does contribute some points of interest to the story. Digital forensics does have some relation to the fibres, DNA, and bug work, so those common areas of concern are covered well.

The plot twists, betrayals, and characterization that Deaver uses to such good effect in the "Lincoln Rhyme" series of mysteries are present to some extent in this book, but the author seems to be uncomfortable with the technical and online world, and therefore the story ultimately does not ring true.

The Internet Review Project would like to thank Chuck Wilmink for his generous contribution to this ongoing research.

copyright Robert M. Slade, 2003 BKBLUNWH.RVW 20030325