Title: Book review: Hacks, Leaks, and Revelations
Date: 2023-08-16 16:15

[![Hacks, Leaks, and Revelations cover]({static}/images/HacksLeaksReveleations.png)](https://nostarch.com/hacks-leaks-and-revelations)

Last month, I got an email [from Briana Blackwell from No Starch Press](https://nostarch.com/about)'s marketing department,
telling me that [Hacks, Leaks, and Revelations: The Art of Analyzing Hacked and Leaked Data](https://hacksandleaks.com/)
by [Micah Lee]( https://micahflee.com/)
was available in *early access*, and that they'd be happy to send me an ebook
copy free of charge!

From the couple of interactions I had with him, Lee is not only a great human being,
but also technically literate. He's the director of information security
at [The Intercept](https://theintercept.com/staff/micah-lee/), and the person
behind [OnionShare](https://onionshare.org/) and [DangerZone](https://dangerzone.rocks/);
so I was thrilled to finally get my hands on his book!

And what a great one it is! It's a complete course for everyone who want to learn how to properly deal with and report on large data sets like leaks:
How to communicate with sources along with some notions of [opsec](https://en.wikipedia.org/wiki/Operations_security),
some words on the ethics of dealing with this kind of data,
how to get data leaks and how to analyse them
properly and safely, wrangling tools like
[dangerzone](https://github.com/freedomofpress/dangerzone),
a [BitTorrent](https://en.wikipedia.org/wiki/BitTorrent) client,
[Signal](https://signal.org),
[Tor](https://torproject.org) via the [Tor Browser](https://www.torproject.org/download/) and
[Onionshare](https://onionshare.org/),
some [linux](https://en.wikipedia.org/wiki/Linux) and [shell](https://en.wikipedia.org/wiki/Shell_(computing)) basics,
a crash course into data analysis with [Python](https://python.org) and [SQL](https://en.wikipedia.org/wiki/SQL),
the [OCCRP](https://occrp.org/en)'s [Aleph](https://docs.aleph.occrp.org/),
…
with hands-on exercises and reporting examples based on real leaks like
[EpikFail](https://en.wikipedia.org/wiki/2021_Epik_data_breach),
[BlueLeaks](https://en.wikipedia.org/wiki/BlueLeaks), 
the [Oath Keepers leak](https://apnews.com/article/oath-keepers-leaked-membership-rolls-2ca4195ed3a10e45dd189bf98f3e5a26),
[Unicorn Riot's DiscordLeaks](https://discordleaks.unicornriot.ninja/discord/),
[AFLDS](https://theintercept.com/2021/09/28/covid-telehealth-hydroxychloroquine-ivermectin-hacked/),
he [Heritage Foundation emails](https://www.databreaches.net/heritage-foundation-wasnt-attacked-they-leaked-their-own-data/),
…

It's a comprehensive yet highly digestible resource that I would wholeheartedly
recommend to anyone remotely interested by modern journalism practises. Hacked
and dumped databases are all around the internet, waiting to be analysed, reported on,
contextualised and exposed, and with this book, anyone could help with
the effort of making the world a better place: sunlight is the best
disinfectant!
