Want to get paid for a vulnerability similar to this one?
Contact us at: email@example.com
“The Florentine Deception”, Carey Nachenberg, 2015, 978-1-5040-0924-9,
%A Carey Nachenberg http://florentinedeception.com
%C 345 Hudson Street, New York, NY 10014
%G 978-1-5040-0924-9 150400924X
%I Open Road Distribution
%O U$13.49/C$18.91 www.openroadmedia.com
%O Audience n+ Tech 3 Writing 2 (see revfaq.htm for explanation)
%P 321 p.
%T “The Florentine Deception”
It gets depressing, after a while. When you review a bunch of books on the basis of the quality of the technical information, books of fiction are disappointing. No author seems interested in making sure that the technology is in any way realistic. For every John Camp, who pays attention to the facts, there are a dozen Dan Browns who just make it up as they go along. For every Toni Dwiggins, who knows what she is talking about, there are a hundred who don’t.
So, when someone like Carey Nachenberg, who actually works in malware research, decides to write a story using malicious software as a major plot device, you have to be interested. (And besides, both Mikko Hypponen and Eugene Spafford, who know what they are talking about, say it is technically accurate.)
I will definitely grant that the overall “attack” is technically sound. The forensics and anti-forensics makes sense. I can even see young geeks with more dollars than sense continuing to play “Nancy Drew” in the face of mounting odds and attackers. That a vulnerability can continue to go undetected for more than a decade would ordinarily raise a red flag, but Nachenberg’s premise is realistic (especially since I know of a vulnerability at that very company that went unfixed for seven years after they had been warned about it). That a geek goes rock-climbing with a supermodel we can put down to poetic licence (although it may increase the licence rates). I can’t find any flaws in the denouement.
But. I *cannot* believe that, in this day and age, *anyone* with a background in malware research would knowingly stick a thumb/jump/flash/USB drive labelled “Florentine Controller” into his, her, or its computer. (This really isn’t an objection: it would only take a couple of pages to have someone run up a test to make sure the thing was safe, but …)
Other than that, it’s a joy to read. It’s a decent thriller, with some breaks to make it relaxing rather than exhausting (too much “one damn thing after another” gets tiring), good dialogue, and sympathetic characters. The fact that you can trust the technology aids in the “willing suspension of disbelief.”
While it doesn’t make any difference to the quality of the book, I should mention that Carey is donating all author profits from sales of the book to charity:
copyright, Robert M. Slade 2015 BKFLODEC.RVW 20150609