Laura Colantoni of Syngress posted the following statement, regarding the recent discovery that a large portion of Dissecting the Hack: The F0rb1dd3n Network is plagiarized. My commentary follows the statement:
The team at Syngress recently found out through our Twitter feed that Dissecting the Hack might have plagiarized material. The twitter feeds led us here where Wesley listed at least 125 instances of plagiarism—mostly from Wikipedia.
After talking to all involved we have determined the following:
•The book’s technical editor is the source of this plagiarism. He greatly overstepped his role.
•He did, in fact, plagiarize despite signing an agreement that explained his role was to fact check and prevent plagiarism.
•The book’s authors, Jayson Street and Kent Nabors were not involved.
As soon as we learned about this issue, we ‘froze’ the status of the books. On Monday, October 19th we made the decision to destroy all remaining titles.
We’ve learned a lot of interesting lessons in the past few days. I suspect the most important is the value of a new anti-plagiarism software program. If you have suggestions on really good ones please feel free to send them my way. But equally important has been the goodwill and generosity of so many people in this community. Our editor and the book’s authors are already working on a plan to move forward due in no small part by experts in the community who have agreed to help us replace all of the plagiarized material with new content. The previous technical editor will in no way be involved with this new project— or with any future Syngress projects. We will hire a new technical editor to review the content.
Our plan is to publish a revised edition with this new content. We’re also working on placing all the new content on completely open websites so that anyone who did have a copy of the book can get electronic access—anyone who heard about the book and wants to check it out can do a quick preview before purchasing.
I’ve talked to several experts in the field who shared good suggestions on how to ensure we deal fairly with our customers. We’ve taken the last couple days to check them all out and to try to balance them with some of the realities of doing business with global sales channels and a variety of contractual obligations. Then we took a deep breath and decided to follow the old K.I.S.S. rule. To keep it simple, we’ll accept back ‘old’ books from current customers and replace them with the new version as soon as it publishes. And we’ll also do multiple postings of the new material and keep it open to all for the life of the title. We post this information in a variety of sources and take out an ad or two in info sec publications. We’ll always have latest up-dates on syngress.com and on dissectingthehack.com.
Although I realize it’s my job to say this, I honestly believe this is a great book and can’t wait to get the REAL version in my hands and yours.
My take on this:
Syngress has done an excellent job of supporting the project and the authors of the book in this case, something that I am glad that they have done. Unfortunately, this seems to have taken a higher priority than addressing the customers and readers. One only has to look at the wording of this statement to see that this is more about the authors and the experts in the community (people who have a direct impact on Syngress’ reputation), than the customers who have paid their own money for a book that they had no way of knowing was a fraud.
While I approve of them continuing the project, reconstructing the STAR section of the book with actual content, I feel that it is dishonest to drag customers, who have already purchased the book, along for an indeterminate amount of time while this is completed. The money that these customers have spent on the book was with the expectation that they were getting a complete book then. If a customer is willing to wait and exchange it, then that’s great and I imagine most customers will opt into that, but it’s simply wrong to hold that customer’s money hostage with the promise of future content without their consent. To put it simply:
Existing owners of this book have every right to request and receive a refund for it, if they want one, as they acquired it under the false pretense that it is an honest work.
This is something that I insisted upon in my private communications with Syngress, however they have chosen to ignore it in this statement. This is not the “K.I.S.S. principle” at work, as Laura puts it. The situation became miles beyond “simple” the moment the book was published. This is about Syngress keeping the money that they have already made from customers for a book that consists mostly of others’ (not just Wikipedia’s) copyrighted content.
This is unfortunate, because otherwise they are taking a great stance with it. They’re honest about the problem, and where the blame should be placed. I’m actually looking forward to the new edition of the book. Syngress has gone a long way to make this right to its readers, and I hope that they decide to take the above into consideration and take the final steps that are necessary to really make it right.
Just to clarify: my beef right now is solely with the publisher’s handling. The project to create a legitimate STAR section is alright in my book. I have signed up on their new social networking site for the project and posted the following, offering my help. Jayson thought it would be nice for me to reproduce it here, so here you go:
While I have been the one to stir up a lot of the dust around this project recently, I do want you to know I like it. I like the idea of hacker fiction. I like the idea of Syngress becoming a more mature publisher (even though it sucks that this project had to be the tipping point). Most of all, I like the people who are a part of the project and that are becoming part of the community.
I have said this to Jayson and others on varying levels of public/private channels, but to make it clear: I am willing to help out and contribute to creating a new STAR section in any way that I can. I can write, I can edit. If someone else wants an interview for a topic that I’m competent on, I am happy to sit down with them on IM, Skype, phone. If you don’t want that, I can review a pre-print copy. And finally, failing all that, I’ll give the final published copy a serious review on my site (though I won’t be doing that if I am asked to participate: conflict of interest).
I do want to see it succeed. Anyone else here who’s willing to throw in a sword or axe, chime in.
If you are an infosec geek and want to contribute to their project, show support for it, or just want to see it in the making, then you should go and check it out.