Skip to main content

Book Review: Lexicon (2013) by Max Barry

Executive Summary

Lexicon is an exciting story that is really about social engineering taken to the nth degree. It is not a cyber security canon candidate, however, because it does not meet the criteria established last year,[3] but it does share some connective tissue with one of my favorite canon candidates, Snow Crash, and offers some practical advice about how modern media consumers can protect themselves from media manipulation. This is not a must-read for the cyber security professional, but it is wonderful beach read if you are looking for something fun to take with you on your next vacation.


Lexicon[1] is not a cyber security canon candidate because it really does not talk about anything specific to cyber security, but it shares its premise about the origination of human language with a candidate-favorite called Snow Crash.[2][3] It is a run-and-gun conspiracy thriller in which the evil cabal, called the Poets, has mastered the art of persuasion to such a degree that its members can manipulate individuals, groups, and the media to accomplish their goals. They do this by analyzing the target in terms of emotional, intellectual, and personality state to discover just the right “trigger words” that will completely destroy any resistance in the target’s mind. As the author, Max Barry, compels the reader to turn just one more page with this adventure, he also makes the reader think about the implications of manipulation attempts in our own society, the origins of languages in the human world and why there are so many, the more banal implications of the state collecting surveillance data on individual citizens, and the implications of our own bias as we consume information from the media.

The Story

After they receive extensive training on Poet techniques at an exclusive private school in Virginia, very similar to the Harry Potter's Hogwarts School of Witchcraft and Wizardry, newly graduated Poets receive their code names. The Poets’ leader is called W. B. Yeats. The main heroine is called Virginia Woolf, and her mentor is called T. S. Eliot.

The Poets did not start out as evil. At the beginning, they simply learned how to manipulate individuals by quickly assessing their target’s mental state and looking for weakness. One consequence of that practice is that they learned how to hide their own weaknesses from their fellow Poets to prevent manipulation from within. Because of that active suppression of sharing intimate details with their friends and loved ones, their ability to sympathize with the non-Poet population, and even their own members, eroded over the years to the point that the Poets’ leadership considered non-Poets to be nothing more than another form of cattle to be managed and experimented on in order to fulfill the Poets’ goals. 

Before she became Woolf, Emily was a prodigy. Poet recruiters plucked her off the streets at a young age because of her con-man skills and sent her to the private school in Virginia. But she is a rebel. She fights the suppression of her personality and is eventually exiled to a small and remote Australian town called Willow Creek until she becomes mature enough to handle the discipline it takes to be a full-fledged Poet.

There is the inevitable falling out between the Poets’ leadership and a group of Poets that feel the organization has gone too far. That confrontation is the catalyst to the entire story. Poet researchers discover something they call a “Bear Word”: a word so powerful that, when issued with a command, will compel any human to immediately comply. The Poets’ leader, Yeats, decides to experiment with the Bear Word at Willow Creek, which is now the home of the story’s prodigy, Emily. Yeats deploys the Bear Word with the command of “Kill” at the local hospital to see what will happen. Every person who sees the command immediately attempts to comply. The town becomes a bloodbath that is similar in scope to any modern-day zombie movie. Because of the actions taken at Willow Creek, the Poet organization fractures into two groups: supporters of Poets and disgruntled former members. Yeats begins to terminate any former colleagues who oppose him. How this manifests, and how Emily figures into the story, is the basis for the run-and-gun action.

The Tech

The tech in this book is not Internet gadgetry. There are no computer hacks in the story, but the entire Poet skill set is really social engineering on a grand scale. Although the Poets’ ability to manipulate individuals and groups is purely the result of Barry’s wonderful imagination, some of the skill sets he portrays for defending against manipulation are more practical.

One important skill in this defense is an understanding of how news organizations present information to the masses. Most news organizations try to present the facts as they currently know them. Many try to report objectively. The news consumer must remember, however, that the news people within the media are making choices about what to put into a story and what to leave out. News people also do not have to prove anything. They can imply. In most cases, the consumer will probably never hear anything more about a particular story. By choosing which facts to present and which facts to leave out, the news organization can lead consumers down the path for them to make their own conclusions about what happened without actually having to state it out loud.

This leads to the second important skill in the defense against manipulation: getting out of your comfort zone and consuming information from media outlets that you do not agree with. Especially today, when every issue is so polarizing, it is easy to tune into your media outlet of choice—Bill O’Reilly on the right and John Stewart on the left to name two—and hear spoken back to you exactly what you want to hear because you already totally agree with it. By staying within their own political media information bubble, consumers get manipulated into thinking that their side is the only reasonable way to think about any particular issue, and that is simply just not the case.


Lexicon is an exciting story about social engineering. It is not a cyber security canon candidate because it does not meet the criteria established last year,[3] but it does share some connective tissue with one of my favorite canon candidates, Snow Crash, and offers some practical advice about how modern media consumers can protect themselves from media manipulation. The story is really about social engineering taken to the nth degree. I personally loved the idea that an evil cabal could be run by a group of literature majors using their favorite poets’ names as code names. This is not a must-read for the cyber security professional, but it is wonderful beach read if you are looking for something fun to take with you on your next vacation.


[1] “Lexicon,” by Max Barry, published by Penguin Press, June 2013, last visited 1 August 2014,

[2] "Book Review: Snow Crash by Neal Stephenson (1992)," by Rick Howard, Terebrate, 10 November 2013, last visited 1 August 2014,

[3] "Books You Should Have Read by Now," by Rick Howard, Terebrate, 16 February 2014, last visited 1 August 2014,


"'Lexicon,' a Thriller by Max Barry," by Graham Sleight, The Washington Post, 15 July 2014, last visited 1 August 2014,

"Lexicon Could Be Max Barry's Smartest Dystopia Yet," by Michael Ann Dobbs, Io9, 31 July 2014, last visited 1 August 2014,


Popular posts from this blog

Books You Should Have Read By Now

When I started Terebrate back in January 2010, I always intended it to be a place to put my book reviews on whatever I was reading. Since then, a lot has happened in my professional life. I changed jobs, twice. I presented my collection of cybersecurity book reviews at the annual RSA Conference and suggested that the cybersecurity community ought to have a list of books that we all should have read by now. My current employer, Palo Alto Networks, liked the idea so much that they decided to sponsor it. We ended up creating the the Rock and Roll Hall of Fame for cybersecurity books. We formed a committee of cybersecurity experts from journalists, CISOs, researchers and marketing people who were all passionate about reading. My collection became the the candidate list and for the past two years, the committee, with the help of community voting, has selected books from the candidate list to be inducted into something we are calling the Cybersecurity Canon. It has been very exciting.

This i…

Book Review: Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground by Kevin Poulsen (2011)

Executive Summary
Kingpin tells the story of the rise and fall of a hacker legend: Max Butler. Butler is most famous for his epic, hostile hacking takeover in August 2006 of four of the criminal underground’s prominent credit card forums. He is also tangentially associated with the TJX data breach of 2007. His downfall resulted from the famous FBI sting called Operation Firewall where agent Keith Mularski was able to infiltrate one of the four forums Butler had hacked: DarkMarket. But Butler’s transition from pure white-hat hacker into something gray—sometimes a white hat, sometimes a black hat—is a treatise on the cyber criminal world. The author of Kingpin, Kevin Poulsen, imbues the story with lush descriptions of how Butler hacked his way around the Internet and pulls the curtain back on how the cyber criminal world functions. In much the same way that Cuckoo's Egg reads like a spy novel, Kingpin reads like a crime novel. Cyber security professionals might know the highlights of…

Book Review: “We Are Anonymous: Inside the Hacker World of LulzSec, Anonymous and the Global Cyber Insurgency (2012)” by Parmy Olson

Executive Summary: 

This book is a must read for all cyber security professionals. It does not cover the entire Anonymous movement, but by focusing on the evolution of the Anonymous Franchise and the rise and fall of the LulzSec hacking group, Ms. Olson captures the essence of the hacktivist culture and what motivates its supporters. If you seek to understand the Hacktivist movement, this book is a primer.


The Anonymous Franchise really hit its stride between the years of 2010 and 2011. Hacktivism began earlier than that of course (1994 was the first documented case that I could find [12]), but it did not strike fear into the hearts of CEOs, CSOs and government officials until that two year run. It was the perfect storm of technology, disenfranchised youngish people, “Internet Pranks as an Art Form,” empowerment and the hacking culture that came together into a gigantic hairball of activity and energy that caused governments from around the world to double-clutch on some of th…