| Title | : | Trojan Horse |
| Author | : | |
| Rating | : | |
| ISBN | : | 1250010489 |
| ISBN-10 | : | 9781250010483 |
| Language | : | English |
| Format Type | : | Hardcover |
| Number of Pages | : | 319 |
| Publication | : | First published September 4, 2012 |
As the virus penetrates Western intelligence, and the terrifying truth about its creator is revealed, Jeff and Daryl find themselves in a desperate race to reverse it as the fate of both East and West hangs in the balance.
Trojan Horse Reviews
-
2 stars. Technical part was interesting. The author and forward author have amazing technical experience. There were many journeys of the characters that was not believable. Disappointed.
🇺🇸 -
I really really wanted to like this series of books. And I've tried. I literally read through this book *twice* back to back. Just to see if perhaps the first go 'round I judged it unfairly... Alas..no. The book falls into the same trap, and even worse so, that the previous book falls into. Mark Russinovich is a very very smart, and talented man. In the field of security, and threat detection, he's a futurist, and a man that, has a lot of insight into what the future may hold for our political/techno world. I very much so trust his opinion and his idea's that the future of warfare will be shaped by the internet, and more covert cyberware rather than ground forces and bombs.
That being said... Mark...we're all not writers. Sadly to say, the art of writing a novel isn't a gift bestowed upon everyone. Trojan Horse, occurs a few years after Zero Day. Let's start off with my biggest praise of the series. The books start off with a very scary but ultimately very realistic look into different situations that could possibly happen if the right code fell into the wrong hands. We're given the scene of a team of doctors in the middle of an operation on someone's exposed brain, and the entire hospital goes lights out... a train is given the wrong signal on a track, and halted, while another train immediately behind collides... This similar intro was presented in Zero Day as well. Mark has quite the imagination when it comes to these types of events and ideas. He gives us very scary and thought provoking scenes that show us, we are vulnerable behind a shadow of a doubt. To this effect, Mark Russinovich, proves his mettle. Unfortunately, that's sort of where it ends. Mark is very good at showing us that we are and have been lulled into a false sense of security, and that our society is far far more vulnerable than we think. If the opportunity presented itself, we could be in serious trouble. The problem is...he made this point in his book Zero Day. We were present with the very same situation. The United States finds itself exposed and vulnerable, that honestly scares me. Then in Trojan Horse we're literally given the same set of circumstances just with a literal new plot.
Building on the idea that Trojan Horse bears too much resemblence to Zero Day, the characters all fall into the very same writing problems that they did in Zero Day. Mark does an excellent job presenting characters with interesting backstories, but utterly fails in bringing any of them to life. Each character, Jeff, Darryl, Frank, the host of shadowy bad guys are all flat and I honestly have no real emotional connection to any of them. That's pretty bad when your main character AND support characters can draw no emotional response. While the "bad guys" here are given some elaborate attention to detail in regards to their motivations (which is always a good thing), in the real time action of the story they come off as just cut outs and characters of little dimension.
I reason this to be the result of another major problem with Mark's writing. He spends far, far too long with the exposition. That is to say he sets up explanations that last pages. And it becomes tiresome. This is a complaint that dogged the first book as well. He has paragraphs explaining one matter, such as pgp keys. or a page dedicated to a political process or how a system works. These types of exposition is good if used sparingly. He literally drowns the book in it, and it leaves precious little room for actual character interaction, dialogue and anything in the way of writing for the characters.
Also, and again this is a carry over that runs into Trojan Horse as well... His characters just blur together. I read through this book twice, and I still couldn't tell you the individual characters on the Muslim/Chinese/European sides, to distinguish between them. What ends up happening is characters talk and say things, but because there's so little real substance, they just come off as flat and unengaging. Mark tries to throw in bits of humor, such as Darryl teasing Jeff about taking her on a vacation in Italy... or proding him with a jab about her getting used to certain treatment etc.. Unfortunately this type of dialogue is just empty. As there is absolutely zero relationship building in this series. Throughout zero day and trojan horse, relationships between characters is non-existant. There's a character in Trojan Horse, Frank something or another.. he's suddenly a close friend to Jeff and Darryl. But yet there's no setup to this, no follow ups, or anything. I feel as though in the way of personal lives and relationships, there's zero continuity. Nothing is followed up on, there's no consequence or continuing bit of subplot. Even Jeff's overly dramatic back story about his gf dying in the sept. 11th attacks (see my previous review of Zero Day as to why I think it's a pretty silly plot..) is not even mentioned here. And that's how Jeff,Darryl and mostly all the characters are... We're given these back stories, but none of them seem to affect the story, or future events at all. It means the characters are just flat, unmoving, static devices to advance the plot.
So getting passed the major problem of completely un-interesting characters, is the issue of actual plot. Don't get me wrong, I think the story lines are great and very realistic, but there is such a thing as "over the top". I'd rather see the characters go through a much more down to earth and realistic plot than some trumped up huge epic world ending storyline. Look...our character Jeff is the private owner of a small web security firm... The previous book already stretches the imagination that he gets wrapped up and is able to foil a terrorist plot and suddenly become a martial artist and gun totting bad ass and literally saves the United States. Alright...so a fluke right? A once in a lifetime deal that a real person would probably hold to be the greatest thing they ever accomplished in their lives... Nope, here's book two and the same "normal" guy Jeff Aiken is wrapped up in a 2nd even larger spread terrorist plot. Again managing to foil it and save the world ( I don't think that's an overstatement here) So what's my problem? It just comes off as being too fake and unbelievable. I know big plots and epic stories sell, but I'd probably really care for Jeff and Darryl a *tad* bit more if I could relate to them solving way way more down to earth crime or situation. Instead we're again given this hyped up plot that apparently a guy with just some basic logic can stop, but yet the entirety of the US intelligence agencies can't?
My last complaint is Mark's poor description of locales. Trojan Horse supposedly takes place in many different countries around Europe, China, and bits of the US. Yet there is absolutely no feeling given to any of these places. Ever. Aside from Mark mentioning the name of the current location in the beginning, I would have sworn that every chapter took place in the same area. There is no descriptive text or feeling given to any of the locales. (the only small exception is when Ahmed is in Prague I believe and describes standing out from the normal blonde/blue eyed crowd) This is a pity because the book spans many locations that could take more of a front seat and actually apply to the story, but nope. It comes off, just like the main characters...flat and inconsequential.
Both books just feel rushed and "going through the motions". The stories themselves are creative, the character backstories are lush, but none of it matters when the execution and writing of the novel itself is done so poorly. Aside from beating the bad guys the main characters have no movement. I really doubt I'll be in any rush to read and start Rogue Code. I have so little caring or motivation to read yet another installment of this series, because I'm 90% sure it'll be another carbon copy of these first two books. Sorry Jeff, you gotta save the world apparently without me... -
My Blog (Terebrate) review of this book:
http://bit.ly/Wj67AB
Executive Summary:
I recommend this book for the casual reader that is interested in cyber security topics. It is not a must read for the cyber security professional, but it is a fun one. You will not learn anything new here, but you will enjoy wallowing around in a Clancy-esque story with cyber security tech as the main focus. In it, Russinovich describes the nature of the Chinese Cyber Espionage program, general hacking techniques, and the significance of STUXNET. If you are looking for some easy entertainment during a rainy weekend, this is your book.
Review:
The story picks up two years after “Zero Day” ended [12]. Daryl is now out of government service and working with her better half, Jeff, in his consulting firm. Jeff gets called in to track down a nasty piece of Malcode that changed the contents of an important UN document regarding the Iranian nuclear program prior to publication. Daryl comes in to assist and the two of them discover that the Chinese are behind the UN attacks. But, their investigation leads them to stumble upon the Chinese attempting to deliver a STUXNET Eradicator tool to the Iranians. For those not familiar, STUXNET is the infamous Malcode that the west launched against Iran to prevent the nation from building an atomic bomb [10]. Spy vs Spy hijinks ensue and our two heroes find themselves in all sorts of threatening physical situations from Chinese agents and their Muslim proxies. You know; a typical day for a geek.
That’s what I like about Mr. Russinovich. He throws a lot of ingredients into the pot, applies heat and stirs vigorously. While readers watch all of these things collide with each other, they also get a good history lesson on some recent cyber security issues and learn about some interesting hacks; some we have seen in the real world and others we have not seen but are quite possible.
Recent Cyber Security History
To sober the audience up a bit, Russinovich talks about the 2009 hacks against unmanned drones in the Middle East. Iraqi insurgents were able to capture video feeds from flying Predators by repurposing a $30 Russian software package called SkyGrabber that was originally intended to snatch music and videos that others are downloading [15][16].
To inform the reader about how prolific and successful the Chinese cyber espionage program is, Russinovich spotlights how the Chinese stole the plans for the Pentagon’s $300 Billion Joint Strike Fighter jet by hacking into military systems [7]. Hey also describes the forces involved in the Chinese Cyber Warfare program; how there are three hacker contingents in the country -- The Patriotic Hackers, the Militia and the PLA – and how none report to the same leader [13][14].
He also takes a shot at describing how STUXNET represents that first real-world example of Cyber Warfare. If you believe David Sanger in his most excellent book “Confront and Conceal: Obama’s Secret Wars and Surprising Use of Military Power,” the US and Israel have demonstrated that cyber warfare is a viable middle ground option when it comes to diplomacy between sanctions on the one side and bombing and/or occupation on the other [10].
And just for fun, he talks about how Jeff and Daryl track down a Malcode author because the hacker placed his home address in the code. This sounds crazy when you say it out loud like that but it actually happened in the real world. At a TED Talk in 2011, Mikko Hyoponen described that very thing [9].
Hacking Techniques
Mr. Russinovich packs a lot of realistic tech into this Story too. He does not shy away from pointing out that the Anti-Virus industry is really not very good at their job; at least for discovering new, never before seen malware [5][6]. He explains what a keylogger is and then explains how a nation state in the story uses them to compromise UN officials. He talks about the long-standing cyber philosophy of Responsible Disclosure where it is perfectly fine for researchers to discover vulnerabilities in commercial software but they should not go public with that information until the vendor has had time to fix it. He also talks about how that practice is losing ground to the lucrative market for selling these kinds of things to governments and independent contractors willing to pay large sums of money for just the right Zero Day [11].
In this story, Russinovich has devised a scary new piece of Malcode that, if it existed in the real world, would be a spy’s dream come true. The Malcode in question is smart about how its victim operates. It knows that the victim writes position papers using the Microsoft Word program. In this case, a United Nations official is writing disparaging remarks about Iran’s nuclear program. Once the official saves the final draft, he cryptographically signs the document before he sends it to the intended recipient. Signing the document like that guarantees the integrity of the file. When the receiver opens the document and verifies the signature, the receiver knows that the document he is reading is the same one that the sender gave him. But that is the rub. The Malcode understands that process and inserts itself into the seam. After the author saves the document but before he cryptographically signs it, the Malcode alters the document to say something that the Malcode author wants to be said. In this case, the Iranian nuclear program is not that bad. When the author signs the document, he has no idea that the Malcode has altered the contents and sends it on its way. I have not seen a piece of Malcode that does this in the real world, but it could be done. Russinovich even gives the Malcode the same “Call Home” design that the famous Conficker Worm used; essentially, generate thousands of random DNS names and systematically try each at random intervals. The Malcode author would place his command and control server at one of those names in the list of a thousand; kind of like hiding in the noise [8].
“Trojan Horse” is another fun romp in the political thriller genre that places cyber security geeks up front as the heroes. It is not a must read for the cyber security professional, but it is a fun one. You will not learn anything new here, but you will enjoy wallowing around in a Clancy-esque story with cyber security tech as the main focus.. If you are looking for some easy entertainment during a rainy weekend, this is your book.
Sources:
[1] “Announcing Trojan Horse, the Novel,” by Mark Russinovich, Mark Russinovich’s Blog, 8 May 2012, Last Visited 6 February 2013
http://blogs.technet.com/b/markrussin...
[2] “ZeroDay – A non-Fiction View,” by Mark Russinovich, RSA Conference 2012, 23 March 2012, Last Visited 13 February 2013
http://www.youtube.com/watch?v=SX7Lxv...
[3] “Windows Sysinternals,” by Mark Russinovich and Bryce Cogswell, Microsoft, , Last Visited 13 February 2013
http://technet.microsoft.com/en-us/sy...
[4] “Sony Rootkits and Digital Rights Management Gone too Far,” by Mark Russinovich, Mark Russinovich’s Blog, 31 October 2005, Last Visited 13 February 2013
http://blogs.technet.com/b/markrussin...
[5] “Outmaneuvered at Their Own Game, Antivirus Makers Struggle to Adapt
,” by Nicole Perlroth, The New York Times, 31 Dec 2012, Last Visited 24 February 2013
http://www.nytimes.com/2013/01/01/tec...
[6] “Why Antivirus Companies Like Mine Failed to Catch Flame and Stuxnet
,” by Mikko Hypponen, Wired Magazine 6 June 2012, Last Visited 24 February 2013
http://www.wired.com/threatlevel/2012...
[7] “Computer Spies Breach Fighter-Jet Project,” by SIOBHAN GORMAN, The Wall Street Journal, 21 April 2009, Last Visited 24 February 2013
http://online.wsj.com/article/SB12402...
[8] “Conficker expectedly chaos-free as it activates across world,” by Dan Kaplan, SC Magazine, 1 April 2009, Last Visited 24 February 2013
http://www.scmagazine.com/conficker-e...
[9] “Fighting viruses, defending the net,” by Mikko Hypponen, TED Global, July 2011, Last Visited 24 February 2013
http://www.ted.com/playlists/10/who_a...
[10] Citation: “Confront and Conceal: Obama’s Secret Wars and Surprising Use of Military Power,” by David Sanger, June 5 2012.
http://www.amazon.com/Confront-Concea...
[11] “Rebuttal: Missing the Value of Bug Bounties,” by jericho, attrition.org, January 3 2013, Last Visited 27 February 2013
http://attrition.org/security/rebutta...
[12] “Book Review: “Zero Day (2011)” by Mark Russinovich,” by Rick Howard, Terebrate, February17 2013, Last Visited 27 February 2013
http://terebrate.blogspot.com/2013/02...
[13] “China’s Red Hackers: The Tale of One Patriotic Cyberwarrior,” by Hannah Beech, Time, February 21 2013, Last Visited 27 February 2013
http://world.time.com/2013/02/21/chin...
[14] “China’s Cyber-Militia,” by Shane Harris, National Journal, January 31 2011, Last Visited 27 February 2013
http://www.nationaljournal.com/magazi...
[15] “Drone hack explained: Professor details UAV hijacking,” by RT, July 3 2012, Last Visited 27 February 2013
http://rt.com/usa/texas-professor-dro...
[16] “SkyGrabber: hack of US drones shows how quickly insurgents adapt,” by Michael Farrell, The Christian Science Monitor, December 17 2009, Last Visited 27 February 2013
http://www.csmonitor.com/USA/2009/121... -
A detailed technothriller that reminds me a lot of an NCIS episode. There's a little national security, international politics, and cyberwarfare mixed in with what is basically a story about a guy calling tech support. An unassuming premise that builds into a somewhat interesting story but author Mark Russinovich just doesn't generate that much excitement or drama.
Jeff Aiken is a cybersecurity expert coming off a huge success against Al Qaida. He is called in to analyze a potential security breach in UN and UK Foreign Ministry computers. The path of the malware program leads to a UN report on Iran's nuclear program, and evidence that Iranian hackers are behind the attack. Jeff and his partner Daryl (also his girlfriend) are not so sure.
This book is pretty dry. It is big on technical details, background information, and some very informative dialogue. While the subject-matter can definitely be exciting, this one just didn't get my blood pumping that much. Sure, it has action. But Russinovich isn't all that great at writing action. His expertise is cybersecurity, definitely not storytelling.
The ending is pretty underwhelming as well. There are no structural or glaring problems with the conclusion, or the plot in general, but really it just doesn't deliver a whole lot.
Trojan Horse is more for cybersecurity and IT experts, and not really for sci fi or general thriller readers. There isn't enough excitement or drama to carry it for a broader audience. If you love details and computers, this is for you. Otherwise, move on. -
Mark Russinovich is great at demonstrating how different aspects of cyberwarfare work in the real world, by having his characters develop, deploy and try to counter the technology in fictional but realistic settings. Cyberwarfare is everywhere now - so far as an espionage tool and a proxy for physical warfare - but with serious real-world threats and consequences. I like reading Russinovich because I feel like I learn a lot about what the actual threats are and how they might work.
-
The author is a highly respected senior technologist at Microsoft, so the tech in this techno-thriller is good stuff. This is book 2 of the series, and the "book" part (as opposed to the techie part) is much better than the first one. Great insights about how vulnerable we all are to cyber terrorism.
-
I won a copy of this through FirstReads!
-
See this review and more like it at
Brian's Book Blog
A Tight and Technical Technothriller
I read the original novel by Russinovich years ago (Zero Day) and absolutely loved it. Jeff Aiken was such a fun and different character. And Russinovich was incredibly detailed in his writings about the zero day virus he was writing out. It helps that he has lots of knowledge in the tech world having worked at Microsoft and other tech firms.
Trojan Horse was a little different, showing off more of the thriller part of technothriller -- it was a little bit focused on the virus(es) and computer stuff, but more focused on Jeff and Daryl trying to save the world... again.
The story itself was strong and a fun one to follow. Trojan Horse as a book was one of the most fun technothrillers I've read in a while. There were just nonstop action scenes intermixed in with some technical detail here and there. The best part is that this book is a few years old now and it could still be as true as the day it was written. All of the things inside are possible, have happened, or could easily happen.
I can't wait to continue the series and read the third Aiken novel and I'll hopefully get to that this year.
If you like action-packed Technothrillers -- Trojan Horse is definitely for you. Russinovich wrote a tight and technical thriller that I'll remember for a while.
Trojan Horse was narrated by the great Johnny Heller -- if you're an audiobook person I don't have to say much more. If you're not, he has a wonderfully easy voice to listen to and made this book fly by. -
It's two years after the Zero Day attacks, and cyber-security analyst Jeff Aiken is reaping the rewards for crippling Al-Qaida's assault on the computer infrastructure of the Western world. His company is flourishing, and his relationship with former government agent Daryl Haugen has intensified since she became a part of his team.
But the West is under its greatest threat yet. A revolutionary, invisible trojan that alters data without leaving a trace---more sophisticated than any virus seen before---has been identified, roiling international politics. Jeff and Daryl are summoned to root it out and discover its source. As the trojan penetrates Western intelligence, and the terrifying truth about its creator is revealed, Jeff and Daryl find themselves in a desperate race to reverse it as the fate of both East and West hangs in the balance.
A thrilling suspense story and a sober warning from one of the world's leading experts on cyber-security, Trojan Horse exposes the already widespread use of international cyber-espionage as a powerful and dangerous weapon, and the lengths to which one man will go to stop it.
-
I really like these! They are a lot of fun.
Light, easy to digest, "techno-thriller", entertaining, full of hacker fun, drones, malware, evil terrorists, agents of good, kidnapping, women in duress who overcome their male attackers, gun fights, and more!
One of my co-workers in the past used to call books like this "pop-corn". Just something for entertainment and quick to consume, as he described it.
I considered giving this book a 3, but I honestly really did enjoy it. It's like watching an entertaining/good TV show and then moving on to something else and feeling totally okay with that.
Another thing that pushed me into giving this a 4, is at the end of the book the author does an interview/Q&A with Kevin Mitnick that was awesome. I've read all of Kevin Mitnicks books (Ghost in the Wires being my favorite! Highly recommend!)
If you are okay with accepting everything identified above, than I certainly recommend this series for a "getaway" read and just to have something light and fun.
I look forward to finishing the series and starting Rogue Code soon! -
On a technological aspect, this book feels incredibly real. The topic of cyber warfare will remain on headlines until the end of time. This book explains the workings behind a virus in a comprehensible manner for the average reader.
Plot-wise, the CIA agents being captivated with no weapons or self-defense training, is where the story falls short. The book essentially turns into a thriller, which I’m not complaining (I love thrillers). But I can see the reason for the upset readers who were looking for a more realistic approach to the situations going on. -
Enjoyed this one more than the first in the series. Good amount of action. I've learned to suspend disbelief about a computer security expert operating as an agent in the field with the author's books. It's an effective way to generate a lot of action. The side characters in this novel were more fleshed out and not quite as numerous. Technical details for the most part aren't too far from being plausible.
-
As a security professional and professor of computer science, this book touches on the topics of my lectures and brings a real life scenario to the classroom. This is the James Bond of computers. Recommended to all my students.
-
The writing isn’t great, but the concepts here are really interesting.
-
Did a lot of reading re digital security/age/future in 2015. This was an okay read. 5 years later I haven't read another in the series.
-
https://www.goodreads.com/book/show/1...# -
Started out okay, but then got wild and crazy. An exciting but not particularly compelling story.
