You’ve likely come across Nicole Perlorth’s work over the last decade or so, even if you don’t know her by name. Perlorth works the cybersecurity track for the New York Times and has broken some of the most significant news in the sphere. Early last year, she debuted a rivetting new book, This Is How They Tell Me the World Ends: The Cyberweapons Arms Race. I recently finished it and thought I’d try and order my thoughts: here goes.
Perlorth’s perspective is very much US-centric; while the USA is rarely painted in shining whites, there is a dichotomy of “Us versus Them” at work. That’s no criticism, but recognition of facts. Perlorth’s not shy about underlining the mistakes her own country has made in regards to mishandling cyberthreats. These include government agencies running rampant with powerful tools that allow them to eavesdrop on American and Non-American civilians alike–which we know from Snowden–but so much more, as well. So-called “zero-days”–built-in software exploits that the software developers have completely overlooked, that they don’t even know exist–take primacy in Perlorth’s work. How come developers are not made aware of these? It has to do with a massive primary and secondary market for these, some of whose most massive clients are US security agencies, foreign governments, and even anonymous hacker outfits. None of these have much of an interest in plugging the holes–though you’d be justified in thinking that your own government’s security agencies should be looking out for you. But in a society in which everything is on the Internet, to access numerous pieces of software without leaving so much as a trail is too seductive to pass by; and besides, it’s becoming more and more difficult to believe nation-states have the interests in their citizens’ health first and foremost (but that’s just me).
Perlorth makes evident her proficiency in the inner workings of this world so few of us think about. The point, if I may attempt to draw it in as few words as possible, is this: Clandestine war is being perpetuated online and few know about its true extent; it threatens an infrastructure that is increasingly dependent on the Internet–and so, ever more vulnerable. The way zero-days and numerous other exploits have been stockpiled by US agencies, then ransacked by unknown third parties who resell these cyberweapons to foreign states speaks of a leveling of the playing field that works to nobody’s benefit, least of all yours or mine. This Is How They Tell Me the World Ends follows up on Perlorth’s intent by ringing the biggest alarm bells possible in my mind; vulnerabilities aplenty, and I am at their mercy. But the worst part is, even with those claxons ringing by, I’m not sure I can break through the apathy, to spend the dozen hours necessary to change all my passwords to complex strings of numbers and letters I’ll surely forget, to add in two-factor authentication and anything else I could do to safeguard my data; and even if I did? It wouldn’t be enough.