// Comparison

Hacks, Leaks, and Revelations vs Permanent Record: Which Should You Read?

Two cybersecurity books on Privacy, compared honestly: who each is for, what each does best, and which to read first.

Beginner

4/52024

The Art of Analyzing Hacked and Leaked Data

Micah Lee

Micah Lee on the operational craft of working with leaked datasets: authentication, OPSEC for sources and journalists, and the Python tooling to actually parse what arrives in your dropbox.

Beginner

4/52019

Permanent Record

Edward Snowden

Edward Snowden's first-person memoir: the technical work that led him into the NSA's mass-surveillance programs, his reasoning for disclosure, and the Hong Kong handoff to the journalists who broke the story.

Read this if

Investigative journalists, threat intel analysts, and OSINT practitioners who routinely handle leaked datasets. Lee covers verification, OPSEC for sources, and the practical Python tooling that turns a multi-gigabyte dump into a story or a finding.

Anyone who wants the inside view of the 2013 NSA disclosures from the source rather than the press coverage. Also a useful read for engineers thinking about institutional ethics — Snowden's argument is technical and procedural, not abstract.

Skip this if

Readers wanting traditional pentest tradecraft. The book is about post-leak analysis, not about how to obtain data. Different domain entirely.

Readers wanting an unvarnished, multi-perspective account of the disclosures; this is Snowden's narrative on his terms. Pair with Glenn Greenwald's No Place to Hide and Bart Gellman's Dark Mirror for the journalism-side counterweight.

Key takeaways

Verification is half the work; the book's framing of authentication-by-cross-reference and provenance-by-metadata is the cleanest in print.
Source OPSEC is structural, not personal; the book's chapters on SecureDrop, Tails, and Tor align with current practitioner standards.
Python plus Aleph plus DataSette plus a few small custom scripts is enough to handle most real-world leaks; the book's pragmatic tooling choices avoid academic over-engineering.

The technical case for the disclosures is sharper than the political coverage ever made it: Snowden walks through the specific architectures and capabilities that violated his oath.
The personal-cost chapters are the underrated half of the book; whistleblowing is structurally discouraged because the pipeline is set up to make life miserable for the person who goes through it.
Operational privacy is illustrated, not preached — the book is itself an artifact of careful OPSEC, and that lesson is worth more than any single chapter.

How they compare

Hacks, Leaks, and Revelations and Permanent Record are both rated 4/5 in our catalog. Pick by topic preference and reading style rather than by rating.

Both books target beginner-level readers, so the choice is about topic, not difficulty.

Hacks, Leaks, and Revelations and Permanent Record both cover Privacy, so reading them in sequence reinforces the same material from different angles.

Keep reading

Hacks, Leaks, and Revelations

→ Alternatives to Hacks, Leaks, and Revelations → What to read after Hacks, Leaks, and Revelations