June: Zero Days

“Documentary as Critical Code Studies”

Jonathan Cohn (University of Alberta)

In Zero Days (2016), director Alex Gibney forcefully explains how and why the United States and Israel launched the infamous virus Stuxnet and how it got out of control. In the process, he illustrates methods for the close reading of algorithms and the ethical and political necessity of doing so.

But first, Gibney explores all the ways in which computer code is obfuscated and made to seem beyond our grasp and understanding. Most of the government officials he interviews simply state that Stuxnet is confidential and they cannot discuss it. This is a typical problem for those of us who study code and algorithms: if the code is interesting or important enough, it is probably also a closely guarded trade secret that a company depends on for economic advantage. Gibney compares these interviews to “asking the emperor about his new clothes,” an ironic analogy that points to how intensively the NSA and others try to make code seem as invisible as possible. In fact, the emperor does have clothes, and it would befit us to learn how to best view and critique them.

Yet, Zero Days tends to reinforce the idea that code is beyond us. Often, the documentary represents the world of code, algorithms, and viruses as an ethereal space that, while beyond our perception, continually shapes it nonetheless. Visually, code takes the shape of large amorphous clouds and blocks of illegible three-dimensional glowing digits. It is an aesthetic taken directly from the fantasies of Hackers (1995) or The Matrix (1999) and is a relic from a moment when many were grappling with distinctions between the real and the digital. While this binary proved untenable and we no longer question whether digital spaces are ‘real’ or not, vestiges of this debate persist. As material reality has been increasingly presented as precarious, chaotic, and contingent, the digital has become associated with (largely patriarchal) ideals of agency, omniscience, and stability. While this binary is also not defensible, Zero Days illustrates how this rhetoric has made code and viruses seem omnipotent, beyond our control and ultimately capable of annihilating us. In other words, Skynet (in the form of Stuxnet) is real and, while John Conner saved us this time, there will be a sequel and in it we will probably all die.


But don’t believe the hype. In contrast to these code clouds and the NSA’s seeming belief that if they don’t explain the code, it will be impossible to understand, Gibney suggests that there may be a way “the computer code could speak for itself.” What follows is a long sequence of interviews with experts from private security firms who explain in an impressive amount of detail how they went about analyzing Stuxnet’s code. Their close reading (or what they call “deep analysis”) should be familiar to any English major as they focus on the computational equivalents of, most notably, style, genre, reception, auteurship, and allusions. They speak of the “sophistication” of Stuxnet in ways that echo how a modern critic would consider the artistry of a piece of literature or cinema. Rather than focus on its inherent “sophistication” (the equivalent here of intrinsic beauty), they focus on comparing the language and structure of the millions of other viruses they had previously seen. They do point out Stuxnet’s lack of bugs but only to compare it to typical viruses, which are often significantly shorter and contain many flaws. Analysts at Symantec state that while they typically can read and understand a virus in a few minutes, like a code form of Ulysses, Stuxnet was taking them months to understand. When classifying the virus, they consider not just its purpose but also its form and style in much the same way we might think of genre at the level of both semantics and syntax. And the closer (or deeper) their analysis got, the more they focused on the level of diction and allusions. In much the same way students might make their way through Beowulf, the analysts searched for the words and code and used Google and experts to figure out the terms they didn’t understand. In the end, this analysis forcefully suggests that the authors of the virus were the United States and Israel and the intended recipient was Iranian nuclear facilities.

This close reading is clearly utilitarian, pragmatic, and focused on discovering the ultimate “meaning” of the code, but I would argue that the methodologies described in Zero Days are promising for more critical ventures. Critical (code) studies has long been interested in close reading not as a method of finding meaning, but rather of disrupting meaning by locating ambiguity and irony in texts. Now that we think we understand what a masterful virus like Stuxnet “means,” perhaps it is time to consider how to challenge this meaning and the ideology that made it possible.


Seth Feldman (York University)

“Zero-day exploit” is a term used by computer security experts and their adversaries to describe the ability of a particularly sophisticated piece of malware to locate and attack through a hitherto unknown vulnerability in the targeted software. Alex Gibney’s extrapolation of the term in the title of his film, Zero Days, takes it from a technical phenomenon to its broader social and political implications. If a nation has the resources, it can make zero-day-exploits the regular result of an omnipotent cyber-weapons system. Enough hackers with enough time and money can bring down any computer-controlled system – which is to say pretty much everything that makes the world go round. These weapons are being built all over the world and few people are talking about them, much less about how to control them. This is the task Gibney has assigned himself in Zero Days.

Zero Days uses the 2010 Stuxnet attack on Iran’s Narantz nuclear facility as his model. It’s not a new story. David Sanger, the senior New York Times correspondent interviewed in the film, described Stuxnet in his 2012 book, Confront and Conceal. Although both the US and Israel refuse to admit it, Stuxnet is universally seen as their collaborative handiwork. By 2012, Sanger and other reporters were already writing about Stuxnet using the National Security Agency code name for it, “Operation Olympic Games.” (An extensive collection of articles by Sanger and others may be found here).

Gibney details Stuxnet through the authoritative testimony of no fewer than nineteen talking heads, all of whom make multiple appearances during the two-hour film. (Another dozen or so statements are made by figures in archival clips.) The interview material takes us from the discoverers of Stuxnet to those who worked through its implications to the high-ranking intelligence officers who all but admit to pulling the trigger and who now have some well-considered regrets. Although there isn’t much time for them in any one sound clip, the speakers are articulate and manage to impart a great deal of information. They’re so good that they bury stereotypes about geeks, nerds and senior American intelligence officers. Gibney edits them tightly. The talking heads often finish each others’ thoughts – impressive but also somewhat distracting.

Gibney’s witnesses take us beyond the Stuxnet story to its aftermath and its implications. Michael Hayden, a former head of both the CIA and of the National Security Agency, equates cyberwarfare with nuclear, biological and chemical weapons. He then comes to the conclusion – an apt conclusion for the film as a whole – that in each of these other types of warfare some form of international control was, with considerable difficulty, negotiated. Hayden argues that cyberwarfare may be controlled in a similar manner.

Yet Gibney’s use of the “talking head” goes beyond its normal associations. There is one quite literal talking head, who gets the most screen time and whose image ends the film. She is an animated face, an outgrowth it would appear, of the film’s creative use of CGI to illustrate what was found within Stuxnet. Her insertion into the film comes after we see the back of a woman being lit and made up for an interview – though there is no attempt to make a connection between this woman and the talking cyber-head. It is only after she has responded to Gibney’s questions with some hair-raising answers (e.g. that Stuxnet/Olympic Games was just part of a massive cyber-weapon designed to shut down all of Iran’s infrastructure) that the animation tells us that she is “an actor playing the role of a small number of people from the NSA and CIA too scared to come forward.”

The talking head, in itself a terrific performance by Joanne Tucker, stands out as the only woman’s voice in the film. In one of her quoted clips, she tells us that that the room full of American hackers building cyber-weapons was pretty much a boy’s club. Despite the employment equity implications, I’m not sure that this is an entirely bad thing given the damage done as well as the potential damage of cyberwarfare.

That said, the question arises: should we believe her testimony? Technically speaking, what she gives us is hearsay dispensed by a cartoon. On the other hand, her information and her tone are consistent with what we hear from the non-animated witnesses. There is also an argument to be made that in a time when so much information is the prize of a pitched battle between outright lies and anonymous sources, even cartoons may have a pipeline to the truth.

It is this last aspect of this exceedingly well researched and entirely convincing film that should bother anyone concerned with the evolution of documentary. Will changes in the standards for veracity slip by us (as, some will argue, they always have)? Should we give up on the mirror entirely and just bang away with Grierson’s hammer? Or, as we are immersed in increasingly desperate times, can we really afford to pursue our structural and theoretical qualms? Let us try to shed some light on this before some exotic piece of malware turns off the lights forever.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.