Book review: The Florentine Deception, by Carey Nachenberg

Posted by   Virus Bulletin on   May 13, 2015

John Hawes reviews Carey Nachenberg's debut novel.

There's a rather serious problem with fiction involving computers, and computer security in particular. It seems like any time a computer appears in a work of fiction, especially in a Hollywood movie or a TV show, any attempt to adhere to reality goes out the window.

The ubiquitous super-hacker of fiction can break in anywhere he or she wants, within minutes, with no research or preparation, and quite often using only a phone or a wheezy Internet café PC. You can guess anyone's password in a few attempts, especially if you have their family photos handy, but you rarely need to as no one has a screenlock on their laptop, ever. In an emergency, it's perfectly possible to write code in the space of a few hours which will not only run on the systems of an alien race, but will actually self-propagate and disable their diabolical attack ships.

This playing fast and loose with how things really work is probably closely tied to a widespread lack of understanding about how computers function and what they are capable of. People in general neither know nor particularly care what goes on behind their browser or mail client, so writers and filmmakers — even those who at least make a token effort at research in most areas — don't have much understanding either, and base their technical details on stuff they've seen or read elsewhere.

This, of course, only spreads the standard misconceptions further, to the point where most readers will accept the most improbable or impossible of scenarios merely because it features computers and is therefore beyond the wit of man to really understand.

Countering this trend, we have seen a few attempts recently at cyber-themed fiction with some grounding in realism. The latest is from Symantec veteran Carey Nachenberg, whose debut, The Florentine Deception, promises to overturn the low expectations of those who know enough about computers and security to laugh hysterically at most stories which feature cyber peril.

The story starts with our hero, Alex, the founder of a successful security startup, resting on his laurels after selling his stake, digging around an old computer on its way to a charity. This gives us room for a good poke through some of the things someone with a little basic knowledge can find out about you if you don't clean up your computer before you throw it out, and opens up a nice little mystery to get the ball rolling on the story.

From this point we spiral into a well-paced romp featuring plenty of twists and turns, puzzles and surprises, and several good set-piece scenes, many of which generate some serious suspense. Alex is variously helped and hindered by a fairly large and diverse cast of characters who, while not always fully fleshed out, are generally given enough colour to keep them from overlapping, and occasionally get taken out of the action just as you're getting to like them, keeping the reader on their toes.

Following the classic prescription to 'write what you know', the book combines two of Nachenberg's passions: computer security and rock-climbing. Climbing features in several scenes including an extended caving sequence which gets distinctly claustrophobic. As a dedicated ground-dweller, I can't say much about the accuracy of these bits but they certainly have an air of authenticity about them, and of course the computer stuff is pretty plausible throughout. More importantly, and again this is hard to judge, the writing seems pitched at just about the right level, giving enough detail for most people to follow without dipping into jargon or skimming over important facts, but not making the exposition bits too dull for those who already get the picture.

The addition of the climbing angle also makes sure we get plenty of time away from the computer screen and fit in some fresh air and exercise, which helps keep the pace ticking over nicely. Indeed, the computer stuff is well balanced so as not to dominate things at all, running through the story as a motif rather than the main point of focus.

At several points during the book I found myself hurrying through other tasks, including meals, to get back to the action, and reached the end both thoroughly satisfied and wanting more, which is about as good a recommendation as you can get for a thriller. More than just an enjoyable page-turner with an educational spin, the book has some aims well beyond mere entertainment — proceeds from sales of the book will be donated to a selection of charities, mainly educational with a little climbing thrown in. So even if thrillers are not your thing, buy a copy anyway, and give it to someone who will benefit from a little enlightenment.

Posted on 13 May 2015 by John Hawes


Latest posts:

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

VB2021 localhost videos available on YouTube

VB has made all VB2021 localhost presentations available on the VB YouTube channel, so you can now watch - and share - any part of the conference freely and without registration.

VB2021 localhost is over, but the content is still available to view!

VB2021 localhost - VB's second virtual conference - took place last week, but you can still watch all the presentations.

VB2021 localhost call for last-minute papers

The call for last-minute papers for VB2021 localhost is now open. Submit before 20 August to have your paper considered for one of the slots reserved for 'hot' research!

New article: Run your malicious VBA macros anywhere!

Kurt Natvig explains how he recompiled malicious VBA macro code to valid harmless Python 3.x code.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.