My review of Sandworm: an essential guide to the new, reckless world of "cyberwarfare"

Originally published at:


understanding is like onion layers…

i can relate. i have the same feels, the next level down reading his descriptions.

don’t we though? :thinking: there aren’t intentional back doors? intentional malicious code? etc. just as much as there is code written to protect privacy or users. not all attacks are are flaws in good code exploited. there is plenty of all types readily available to anyone who bothers to look.

i’ll probably read it because i like these types of stories, but the above text already has me worried this is more of the usual fare.


Maybe biological weapons are a better analogy? They also don’t care if they infect/affect “good guys” or “bad guys”.


I think that you’re missing the point of his review. The “old school” analogy that his debate partner used continued to reduce the problem to the simplest form he could understand: physical warfare, physical weapons, physical damage to a particular physical point, etc.

The counterargument, defining a ‘cyberweapon’ as a ‘secret’, is what allows the ‘bad guy software’ of ‘intentional back doors/malicious code’ to function at all.

Consider a machine gun: assuming a sufficiently large supply of ammunition and sufficient cooling technology to keep the barrel from melting, directed fire at, say, the wall of a bank and the vault door behind said wall would eventually result in a useable tunnel through both.

Translating such an attack into cyberwarfare terms, the ‘gold’ in the vault could be hidden behind several secrets:

  • is the gold in Vault A (on street level), Vault B (in the basement) or Vault C’ (in the supposedly distinct ‘warehouse building’ behind the bank)?
  • is the gold physically present in the vault at the time of the robbery attempt?
  • which wall of the bank is physically closest to the vault in which the gold is kept?
  • where is the bank located?
    … to name but four.

Furthermore, attacks such as “social engineering” still rely on exploiting secrets of psychology. I must therefore request that you specify any other form of ‘attack’, either physical or cybernetic, that does not rely on exploiting ‘secrets’.

To be fair, a rather more credible authority on the subject of warfare than my humble self once pointed out that “All warfare is based on deception.” So, stating that the difference between a conventional weapon and a ‘cyberweapon’ being that one is ‘a secret’ might well be incorrect, but from the other direction. Meaning that the sharpest sword or most powerful firearm must still pierce the same secret as a cyberweapon: it must find a vulnerable target.

i got the analogy, it was just overly simplistic and incorrect is all.

this book will obviously be a dramatization based whatever the authors level of understanding affords, i get that. its a story, not a documentary. the tone in the article just made it sound a bit down the nose which is funny because it is ironically un self-aware, which might even be a trap i’m falling into from someone else’s perspective. it is turtles all the way. ¯\_(ツ)_/¯ :stuck_out_tongue_winking_eye:

not all cyber weapons or attacks involve secrets, same for their targets, that isn’t correct.

i love the image of breaking into vaults with machineguns, that makes a great anime scene.

I also love Sun Tzu, but all warfare isn’t deception, that isn’t what he means by that, it’s a lot more nuanced. His text is a treatise of challenges and insights designed to change the way the reader thinks in order break disadvantageous preconceptions. It isn’t a collection of facts or absolute rules, they are often self contradictory statements. If one locks onto any hard pre-conception from reading sun tzu i think they are not seeing the forest through the trees. (if you like sun tzu, i recommend miyamoto musashi as well :nerd_face::heart_eyes:)

This topic was automatically closed after 5 days. New replies are no longer allowed.