Some Typos and Technical Errors in We Are Anonymous by Parmy Olson
Please also see my review/criticism of the book here.
Typos and other minor errors
Note: Parmy Olson changed most 1337-speak to standard spelling. While I consider this incorrect with respect to proper names, I have not listed such names as typos because the spelling changes were a deliberate choice.
- Page 11: "she had a job in her salon": should this be "in a hair salon"?
- Page 61: "Scientolgist"
- Page 136: "and gave it the school authorities" should be "and gave it to the school authorities"
- Page 152: Kayla's IRC network is spelled as both "#tr0111" and "#tr011."
- Page 169: "chamber of commerce": This should be capitalized as it's referring to a specific one, I think.
- Page 207: "Bryce Case, known on the internet at YTCracker": "at" should be "as."
- Page 207 and page 456: "DigitalGangsters.com" should be "DigitalGangster.com" (per YTCracker). (Added Sept. 9, 2012)
- Page 307: "pronouncment"
- Page 320: describes 1-614-LULZSEC as a Google Voice number, while page 468 says "The Skype number 1-614-LULZSEC was off at all times and redirected to another Google number . . ."
- Page 347: "an incident like WikiLeaks": WikiLeaks isn't an "incident." Presumably she's referring to an incident involving WikiLeaks, but it's not clear which one.
- Page 356: "the sweet, merciful possibility that car had been for his neighbors." Should be "the car."
- Page 398: "Assange had been dealing to Sabu": should be "dealing with."
Technical errors
For a book with the words "hacker" and "cyber" on the cover, this carelessness with the technical descriptions is really inexcusable. I don't blame Ms. Olson for not being a computer expert -- not everyone can know everything -- but she or the publisher should have hired an expert to review the text before publication.
I'm no computer expert myself (and can't afford to hire one), so I make no claims about the accuracy or completeness of what follows. But these are passages that jumped out at me as sounding wrong. Feel free to consider this list as a starting point for more advanced discussion. In page number order, with my comments in italics:
- Page 12: "The use of Structured Query Language . . . was a popular way to retrieve and manipulate the information in databases." (It still is, actually.) SQL injection worked (Still works!) by 'injecting' SQL commands into the server . . . essentially using the language against itself. (Well, it's not really using it "against itself," it's simply using it.) As a result, the server would not recognize the typed characters as text, but as commands that should be executed. (Aren't they both text and commands?)
- Page 56 says that an IP address is a "unique number, typically long with several decimals." On page 438, she specifies that page 56 was referring to IPv4 addresses, while "IPv6 addresses are a combination of numbers and letters that are segmented by colons." Then on page 478, in the glossary, she says that "Each IP address consists of four sets of numbers separated by periods" (with no reference to IPv6). (IPv4 addresses are generally written as four sets of numbers separated by periods -- certainly a more specific format than "long with several decimals" -- while IPv6 addresses are eight groups of numbers separated by colons.) Added Sept. 10, 2012
- Page 57: "But if that person was using a VPN, then people . . . trying to 'get their dox' would find a fake IP address, sometimes pointing to another computer in another country." (What is a "fake IP address"?)
- Page 72: "speech recognition technology" (She means "text to speech technology" here.) Added Sept. 10, 2012
- Page 76: "At the time, packets were part of everything one did on the internet." (They aren't now?)
- Page 79: "It was crucial for people who were using LOIC to run it through an anonymizing network like Tor . . ." (I thought you're basically just DoS'ing Tor if you do that? Compare to page 446: "users could not fire the tool from behind an http proxy because their 'packets' would hit their own proxy . . .")
- Page 96: "Soon Emick got her family to move to Michigan and started going online from a fake server that hid her true IP address." (Why does she keep using "fake" to mean "anonymizing"? Especially since she then uses the word "proxy" -- I think for the first time, without definition -- on page 115.)
- Page 98: "Laurelai checked the site's configurations and saw that it was getting flooded with so much junk traffic . . ." (I think she means logs, not configurations.)
- Page 104: "Defacing a site was harder to do than carrying out a DDoS attack — you had to get root access to the server . . ." (Elsewhere in the book she describes defacements done without getting root.)
- Page 126: ". . . people who used LOIC without also using anonymizing software or a proxy server were just asking to get arrested." (Is there "anonymizing software" suitable for LOIC that doesn't involve a proxy server?)
- Page 152: "It led them to a database filled with the usernames, e-mail addresses, and hashes (encrypted passwords) . . ." (Things other than passwords can be hashed, and hashing isn't synonymous with encryption.)
- Page 156: ". . . to go after the .gov and .mil targets, particularly those of third-world countries . . ." (The .gov and .mil TLD's are limited to use by U.S. entities.)
- Page 156: "This, for example: http://www.un.org.al/subindex.php?faqe=details&id=57 was a United Nations server that was vulnerable to SQL injection, specifically subindex.php." (subindex.php, with or without the query string parameters, is a resource being retrieved from a server, not a server itself.)
- Page 245: "Kayla had a powerful web script that let her scan the Internet for any website with a vulnerability." (Impressive!)
- Page 386: "popular hacking techniques like . . . SQL maps" (Should this be sqlmap? If so, it's a tool not a technique.)
- Page 434: "If someone were to perform an SQL injection attack, they might inject code saying, 'Select a from b where a=SMITH.'" (Wouldn't one generally have to end the prior statement first?)
- Page 445: "Most of the detail in this chapter about the bugs inherent in LOIC . . ." (The chapter doesn't mention a single bug in LOIC; it describes built-in functionalities of different versions of the program.)
- Page 450: ". . . she and the other hackers managed to obtain user and password details for the site's root, MySQL." (Can MySQL be the root of a site?)
- Page 473: "a white hat security researcher nicknamed Le Researcher" (I would characterize him as grey hat. He claims to have hacked UGNazi's website, which is illegal and arguably unethical even if they're criminals.)
- Glossary (page 475 et. seq.): Some of the glossary definitions aren't wrong, per se, but don't sound quite right, either. The best she could do for "Hacker" is "a computer programming enthusiast or hobbyist who enjoys tinkering with internal systems and creating shortcuts and new systems"? And I find it very silly to have a glossary definition of Anonymous when that's what the whole book is about! The attempted brief definition only highlights their indefinability.
This work is licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License.