BOOK REVIEW: Breaking and Entering: The Extraordinary Story of a Hacker Called ‘Alien’
By Jeremy N. Smith
Reviewed by Niloofar Razi Howe
Hacking new technology is an old sport.
In June 1903, Italian inventor and eventual Nobel Prize Winner Guglielmo Marconi held a public demonstration of his new wireless telegraph to showcase that it could send and receive messages securely from as far as 500 kilometers away. Unbeknownst to Marconi, Nevil Maskelyne, a British inventor and illusionist had been tracking Marconi’s work and chose that night to hack Marconi’s transmission, displaying its security flaws. Before Marconi’s demonstration could begin, the machine began tapping out Maskelyne’s crude message: Rats rats rats rats. There was a young fellow of Italy, who diddled the public quite prettily… and so on. The hack revealed that the wireless telegraph was not as secure as Marconi claimed, and did so in an extraordinarily embarrassing way.
And so began an entire profession.
In today’s world, we call these intruders white hat hackers or pen testers (short for penetration testing) if they are authorized to seek out security flaws, grey hat hackers if they are doing it to benefit the public but not specifically hired to do it (so yes, they may tread on Computer Fraud and Abuse Act), and black hat hackers if their intent is one form of malfeasance or other. In his book Breaking and Entering: The Extraordinary Story of a Hacker Called ‘Alien’, Jeremy N. Smith tells the story of one white hat hacker, a female protagonist who goes by the handle Alien. Smith tells of her life as a student at MIT, and from there, to a job at Los Alamos, which propels her into a career as a security consultant, eventually starting her own firm. Throughout the narrative, Smith aims to create an air of mystery, going to great lengths to hide and protect Alien’s true identity.
The first problem with Smith’s approach is that any reader, even without any technical or social engineering skills and using only information provided in the prologue, can identify the real ‘Alien’ in less than ten seconds. I used the following search terms: hacker, alien, pentest, CEO. Oddly, as I reduced the number of search terms, the results narrowed down even faster. It turned out, the words: hacker and alien are all I needed. I would feel guilty outing Alien in a book review except that Alien actually identifies herself as Alien on the “about” page of her company’s website where she also features Smith’s book prominently. That the real Alien uses this book for publicity makes the ruse rather ridiculous. Ridiculous, that is, unless you are trying to create mystique where none exists.
Perhaps readers who know nothing about the security industry, haven’t seen any episode of the myriad of TV shows featuring white hat and black hat hackers, or ever met any of the incredible characters who populate the security landscape, Alien’s story might be interesting. It includes drug-induced MIT days, scurrying around campus through tunnels, rooftops, and closed-out elevator shafts in pre-dawn hours, learning how to pick locks, using her feminine wiles to get the boys to complete her assignments for her and then getting a job with MIT’s IT department. The book includes uncomfortable vignettes that any woman in any male-dominated industry will relate to but provides no substantive discussion of the underlying issues. There is none of the intrigue that graces the pages of other recent books about hackers-- no great case to crack, no nation-state adversary to run down, not even a run-in with campus security to get our heart rate going (in fairness, there was one sighting of a campus security guard during one of her escapades at MIT). That makes this narrative very difficult to pull off in a compelling way and the obfuscation of her identity, a curious choice.
Amazingly, the same year Alien enrolled at MIT, the Boston hacker collective known as “L0pht Heavy Industries” whose incredible membership included storied characters like Mudge, Kingpin, Count Zero, Dildog, Silicosis, Space Rogue, and Weld Pond among others, famously testified before Congress that they could shut down the entire Internet in 30 minutes. Sadly, however, there is only a passing reference to L0pht in the book, as Smith steers away from any of the fascinating counter culture hacker organizations active at the time, to include; Cult of the Dead Cow, Hong Kong Blondes, Legions of the Underground, Chaos Computer Club, whose exploits and personalities could have added much needed texture to this book, even if their stories might have been tangential to Alien’s. A number of women were also making waves during this timeframe—Jude Milhon, or “St. Jude” as she was known online, and author of the book “How to Mutate and Take Over the World” was a “staunch advocate of the joys of hacking, geek sex and a woman’s right to choose to use technology,” according to a WIRED article about her. The indomitable Katie Moussaris, creator of the bug bounty program at Microsoft, as a young teenager pushed her way into meetups with the awkward boy’s collective of hackers, including L0pht. Hacker Natasha Grigori earned her stellar reputation by taking a hard stance against child pornography and founding antichildporn.org. If the target audience of this book is a reader just learning about the industry, some historical context would have been invaluable.
Without a story to track, an adversary to find, a mystery to crack, any real hook that keeps the reader engaged including giving us the rich historical context of the actual hacker community of the late 1990s, this book unfortunately falls flat.
The only real intrigue in Smith’s book is Alien’s identity which, as previously mentioned, is really no intrigue at all.
I commend Alien for being a female security consultant in an industry that is not kind to women and for the important work that she, and all other security researchers, security consultants, computer scientists, and security engineers do every day to keep our systems and devices safe from all manner of malfeasance. Their stories need to be celebrated because we have a desperate skills shortage and need to inspire a generation of people to join our industry, especially women, who have for the most part, stayed away.
And the stakes are high.
We live in an era where the Internet and all the innovation it has inspired, has led us to a world where everything is increasingly connected to everything else, but few things are secure; where global communication is instantaneous, but every sociopath is also now our digital neighbor. Some argue that safeguarding democracy is ultimately what is at stake, especially as we unpack nation state interference with elections around the world.
Reclaiming trust and privacy in this world will not be easy and it will take intelligence, imagination and willpower to do it. To inspire a new generation of recruits, we need to celebrate the stories of the men and women who are embracing this challenge. I only wish that Smith had chosen a more authentic and compelling way to tell this particular story.
The real lost opportunity with Alien’s personal story is that showcase that it doesn’t take a badass or an extraordinary person to make an extraordinary difference in the security world. Even people who walk very predictable paths in life—say getting a computer science degree from a technical university and a job with the IT department—can lead fulfilling and purposeful lives solving important problems in this increasingly digital and insecure world. Sharing insights from their journey, which this book does not do, would be inspiring to many.
We absolutely need more Aliens.
Under/Cover gives Breaking and Entering just 1.5 out of 4 Trenchcoats.
This book earns a rating of 1.5 trench coats.
Niloofar Razi Howe is a cybersecurity investor and expert, and is the former SVP Strategy and Operations, RSA
Check out more Under/Cover book reviews and sign up for the free Under/Cover monthly newsletter here…
