Making Sense of NoSQL – A balanced, well-written overview – #bigdata #bookreview

Making Sense of NoSQL

A Guide for Managers and the Rest of Us
Dan McCreary and Ann Kelly
(Manning, paperback)

This is NOT a how-to guide for learning to use NoSQL software and build NoSQL databases. It is a meaty, well-structured overview aimed primarily at “technical managers, [software] architects, and developers.” However, it also is written to appeal to other, not-so-technical readers who are curious about NoSQL databases and where NoSQL could fit into the Big Data picture for their business, institution, or organization.

Making Sense of NoSQL definitely lives up to its subtitle: “A guide for managers and the rest of us.”

Many executives, managers, consultants and others today are dealing with expensive questions related to Big Data, primarily how it affects their current databases, database management systems, and the employees and contractors who maintain them. A variety of  problems can fall upon those who operate and update big relational (SQL) databases and their huge arrays of servers pieced together over years or decades.

The authors, Dan McCreary and Ann Kelly, are strong proponents, obviously, of the NoSQL approach. It offers, they note, “many ways to allow you to grow your database without ever having to shut down your servers.” However, they also realize that NoSQL may not a good, nor affordable, choice in many situations. Indeed, a blending of SQL and NoSQL systems may be a better choice. Or, making changes from SQL to NoSQL may not be financially feasible at all. So they have structured their book into four parts that attempt to help readers “objectively evaluate SQL and NoSQL database systems to see which business problems they solve.”

Part 1 provides an overview of NoSQL, its history, and its potential business benefits. Part 2 focuses on “database patterns,” including “legacy database patterns (which most solution architects are familiar with), NoSQL patterns, and native XML databases.” Part 3 examines “how NoSQL solutions solve the real-world business problems of big data, search, high availability, and agility.” And Part 4 looks at “two advanced topics associated with NoSQL: functional programming and system security.”

McCreary and Kelly observe that “[t]he transition to functional programming requires a paradigm shift away from software designed to control state and toward software that has a focus on independent data transformation.” (Erlang, Scala, and F# are some of the functional languages that they highlight.) And, they contend: “It’s no longer sufficient to design a system that will scale to 2, 4, or 8 core processors. You need to ask if your architecture will scale to 100, 1,000, or even 10,000 processors.”

Meanwhile, various security challenges can arise as a NoSQL database “becomes popular and is used by multiple projects” across “department trust boundaries.”

Computer science students, software developers, and others who are trying to stay knowledgeable about Big Data technology and issues should also consider reading this well-written book.

Si Dunn

CompTIA Security+ Exam SY0-301 Rapid Review – For Security+ certification – #bookreview

CompTIA Security+ Exam SY0-301 Rapid Review
Michael Gregg
(Microsoft Press – paperback, Kindle)

IT security professionals know the importance of certifications to their careers and their continuing credibility with employers or potential clients.

The CompTIA Security+ Exam SY0-301 Rapid Review is a handy and helpful guide for IT security specialists who are preparing for Exam SY0-301, to earn a CompTIA vendor-neutral Security+ certification

Important note: This book is for certification candidates who are already well-versed in their field. It is specifically “designed to assess your readiness for the SY-301 exam,” the author notes. “It is not designed as a comprehensive exam preparation guide.”

If you want to begin studying for Exam SY0-301, you are urged to start with the CompTIA Security+ Training Kit, which is scheduled for release in 2013.

The Rapid Review and the SY0-301 exam are aimed at IT professionals who have “a minimum of two years of experience in IT administration with a focus on security.”

Also, exam candidates should have “[d]ay-to-day technical information security experience” and “[b]road knowledge of security concerns and implementation.”

Like the exam, the Rapid Review focuses on six areas: (1) network security; (2) compliance and operational security; (3) threats and vulnerabilities; (4) application, data and host security; (5) access control and identity management; and (6) cryptography.

Along with definitions and explanations, the Rapid Review challenges the reader with numerous true-false questions and “Can you answer these questions?” queries. The true-false answers and their explanations are presented immediately after the true-false questions. Meanwhile, the answers to the “Can you answer these questions?” queries are presented at the end of each chapter—and you have to do a bit more work and reviewing to sort them out.

Si Dunn

Ethics of Big Data – Thoughtful insights into key issues confronting big-data ‘gold mines’ – #management #bookreview

Ethics of Big Data
Kord Davis, with Doug Patterson
(O’Reilly, paperbackKindle)

“Big Data” and how to mine it for profit are red-hot topics in today’s business world. Many corporations now find themselves sitting atop virtual gold mines of customer information. And even small businesses now are attempting to find new ways to profit from their stashes of sales, marketing, and research data. 

Like it or not, you can’t block all of the cookies or tracking companies or sites that are following you, and each time you surf the web, you leave behind a “data exhaust” trail that has monetary value to others. Indeed, one recent start-up, Enliken, (“Data to the People”), is offering a way for computer users to gain some control over their data exhaust trail’s monetary value and choose who benefits from it, including some charities.

Ethics of Big Data does not seek to lay down a “hard-and-fast list of rules for the ethical handling of data.” The new book also doesn’t “tell you what to do with your data.” Its goals are “to help you engage in productive ethical discussions raised by today’s big-data-driven enterprises, propose a framework for thinking and talking about these issues, and introduce a methodology for aligning actions with values within an organization.”

It’s heady stuff, packed into just 64 pages. But the book is well written and definitely thought-provoking. It can serve as a focused guide for corporate leaders and others now hoping to get a grip on their own big-data situations, in ways that will not alienate their customers, partners, and stakeholders.

In the view of the authors: “For both individuals and organizations, four common elements define what can be considered a framework for big data:

  • “Identity – What is the relationship between our offline identity and our online identity?”
  • “Privacy – Who should control access to data?”
  • “Ownership – Who owns data, can rights be transferred, and what are the obligations of people who generate and use that data?”
  • “Reputation – How can we determine what data is trustworthy? Whether about ourselves, others, or anything else, big data exponentially increases the amount of information and ways we can interact with it. This phenomenon increases the complexity of managing how we are perceived and judged.”

Big-data technology itself is “ethnically neutral,” the authors contend, and it “has no value framework. Individuals and corporations, however, do have value systems, and it is only by asking and seeking answers to ethical questions that we can ensure big data is used in a way that aligns with those values.”

At the same time: “Big data is pushing corporate action further and more fully into individual lives through the sheer volume, variety, and velocity of the data being generated. Big-data product design, development, sales, and management actions expand their influence and impact over individuals’ lives that may be changing the common meanings of words like privacy, reputation, ownership, and identity.”

What will happen next as (1) big data continues to expand and intrude and (2) people and organizations  push back harder, is still anybody’s guess. But matters of ethics likely will remain at the center of the conflicts.

Indeed, some big-data gold mines could suffer devastating financial and legal cave-ins if greed is allowed to trump ethics.

Si Dunn

Understanding IPv6, 3rd Edition – Welcome to the new, improved & BIGGER Internet – #bookreview #microsoft #windows

Understanding IPv6, 3rd Edition
Joseph Davies
(Microsoft Press, paperback, list price $49.99; Kindle edition, list price $39.99)

The Internet can now expand into a much bigger realm than was possible before the worldwide launch of IPv6 (Internet Protocol version 6) on June 6, 2012.

The web most of us use has long relied on IPv4, the circa-1981 Internet Protocol built around 32-bit addresses. This scheme can accommodate approximately 4.3 billion unique addresses worldwide. On a planet where (1) the population now has surpassed 7 billion and (2) many of us now have multiple devices connected to the Web, Internet Protocol version 4 recently has been in dire danger of running out of unique addresses.

IPv6 will fix that problem and offer several important new enhancements, as long as we don’t find ways to expand the Internet to parallel universes or to the people on a few trillion distant planets. IPv6 uses a 128-bit addressing scheme that can accommodate more than 340 trillion trillion trillion unique addresses. So go ahead. Get online with that second iPad, third smart phone or fourth laptop.

IPv4 and IPv6 are now running in a dual stack that supports both addressing schemes. The transition from IPv4 to IPv6 is not seamless, however. A lot of work remains to be done by major Internet service providers (ISPs), web companies, hardware manufacturers, network equipment providers and many others to enable IPv6 on their products and services.

Joseph Davies, author of Understanding IPv6, has been writing about IPv6 since 1999. His new 674-page third edition provides both a detailed overview of IPv6 and a detailed focus on how to implement it, within a limited range of Windows products.

“There are,” he notes, “different versions of the Microsoft IPv6 protocol for Windows….I have chosen to confine the discussion to the IPv6 implementation in Windows Server 2012, Windows Server 2008 R2, Windows Server 2008, Windows 8, Windows 7, and Windows Vista.”

This well-written and well-organized book is not for beginners. Its intended audience includes:

  • Windows networking consultants and planners
  • Microsoft Windows network administrators
  • Microsoft Certified Systems Engineers (MCSEs) and Microsoft Certified Trainers (MCTs)
  • General technical staff
  • Information technology students

Davies and Microsoft offer downloadable companion content for this book: Microsoft Network Monitor 3.4 (a network sniffer for capturing and viewing frames); and PowerPoint 2007 training slides that can be used along with the book to teach IPv6.

If you need a guide to best practices for using IPv6 in a Windows network, definitely consider getting Understanding IPv6, 3rd Edition.

Si Dunn

Security and Privacy for Microsoft Office 2010 Users – #bookreview #in

Security and Privacy for Microsoft Office 2010 Users
Mitch Tulloch
(Microsoft Press,
paperback, list price $9.99; Kindle edition, $0.00)
 

If you work for a company that uses Microsoft Office products, or if you have them in your own business, you may be concerned about security and privacy as you publish documents, download documents or collaborate on projects online. Indeed, there may be formal security and privacy restrictions in place.

At the same time, because of workload, you may have little time for formal training in Word, Excel, and PowerPoint. And you may not get much guidance on how you are supposed to comply with your employer’s restrictions. Indeed, you may be required and expected to just learn this stuff on your own.

This handy 84-page guidebook can help. Using typical office scenarios, it covers a number of everyday topics. These include working with Protected View, removing private information from documents, signing documents digitally, marking documents as final so they can’t be modified, encrypting documents, password-only access to documents, and restricting who can edit a document.

Security and Privacy for Microsoft Office 2010 Users is recommended for intermediate-level users of Microsoft Word, Excel, and PowerPoint. But the examples and illustrations are clear enough for Microsoft Office newcomers, as well.

Si Dunn

#

Inside Cyber Warfare, 2nd Edition – You’re at the front line & you can’t retreat – #bookreview

Inside Cyber Warfare (2nd Edition)
By Jeffery Carr
(O’Reilly, paperback, list price $39.99; Kindle edition, list price $31.99)

A global war for survival is in full battle, and you — or at least one or more of your computers — may now be right at the front line, already in the fight.

Actually, in cyber warfare, there is no “front line.”  As this important book makes unnervingly clear, attacks on business and military data, on financial systems, and on personal information now can — and do – come at any time from anywhere on the planet.

The attackers can be governments, military units, criminal groups, terrorist organizations, hacker gangs, lone-wolf thieves and even mischief makers with little or no agenda except chaos. And what seems to be a damaging infiltration from one nation actually may be controlled by, and coming from, computers in several other nations.

Indeed, some recently successful and damaging attacks against supposedly well-secured systems have been launched from sites very difficult to identify, using networks of infected computers scattered across several continents, including the United States. And the owners of the infected computers had no idea their machines were involved.

Jeffrey Carr’s updated book is aimed at political and military leaders, policy makers,  and corporate executives responsible for securing data systems and sensitive information. Yet everyday computer users need to read it, too, to have a clearer sense of what we are all up against now. We must understand the risks well enough to help pressure lawmakers, corporate leaders and others to make good choices regarding data security and protecting intellectual property.

The author is a cyber intelligence expert and consultant whose specialty is investigating “cyber attacks against governments and infrastructures by state and non-state hackers.”

Carr’s well-written second edition covers such topics as: the cyber-warfare capabilities of a wide range of nation-states, from Australia and Nigeria to China, the Russian Federation and the United States; how organized crime operates and profits in cyberspace; the difficulty of responding to international cyber attacks as acts of war; and national and international legal issues that affect cyber warfare.

Some foreign governments, Carr points out, are believed to condone and even sponsor cyber attacks. Others are well aware of the digital lawbreakers operating within their borders, yet prosecute only a selected few cases. For example, Carr notes, “in the Russian Federation, the police are interested only in arresting hackers for financial crimes against Russian companies. Hacking attacks cloaked in nationalism are not only not prosecuted by Russian authorities, but they are encouraged…” through a variety of proxies.

Against technically savvy, well-funded and government-coddled hackers, your outdated virus protection software and your dogs’-names passwords are very thin, very porus shields, indeed. 

Carr offers a number of recommendations to American policymakers who must wrestle with Internet and data security issues, plus protection of intellectual property. One of his strongest recommendations is a call for the Department of Defense to throw Windows out the Pentagon’s windows and replace it with Red Hat Linux.

“Red Hat Linux,” he writes, “is a proven secure OS with less than 90% of the bugs found per 1,000 lines of code than in Windows. Many decision makers don’t know that it is the most certified operating system in the world, and it’s already in use by some of the US government’s most secretive agencies.” He adds: “Linux certainly has its vulnerabilities, but the math speaks for itself. Shoot Windows and eliminate the majority of the malware threat with one stroke.”

He also wants sharp crackdowns on “US companies that provide Internet services to individuals and companies who engage in illegal activities, provide false WHOIS information, and other indicators that they are potential platforms for cyber attacks.”

But anyone who connects a computer to the Internet and is active on social media needs to be aware of the risks and high stakes involved in the cyber warfare now being fought between and among governments, criminal groups, terrorist organizations, hacker gangs and lone-wolf troublemakers.

Even as you read this, your personal computer or your company’s servers may be secretly helping North Korea, Iran, China, a drug cartel or a lone, bored hacker launch a cyber attack somewhere else in the world.

You may not be a high-value data target. Yet, even with just one laptop computer, you can become an unwilling and unknowing foot soldier for the wrong side.

These are scary thoughts, and you can’t wish them away. Read this important book to get the big, unnerving picture.

Then start thinking–fast–of ways to better protect your computers, data, intellectual property and personal information.

Si Dunn‘s latest book is a detective novel, Erwin’s Law. His other published works include Jump, a novella, and a book of poetry, plus several short stories, including The 7th Mars Cavalry, all available on Kindle. He is a screenwriter, a freelance book reviewer, and a former technical writer and software/hardware QA test specialist.

The Tangled Web: A Guide to Securing Modern Web Applications – #programming #bookreview

The Tangled Web: A Guide to Securing Modern Web Applications
By Michal Zalewski
(No Starch Press, paperback, list price $49.95 ; Kindle edition, list price $31.95)

When Michal Zalewski writes, people listen. And many software programmers pay — or should pay — very close attention to what he recommends.

Zalewski is an internationally respected information security expert who has uncovered hundreds of major Internet security vulnerabilities

“The dream of inventing a brand-new browser security model,” he states in The Tangled Web, “is strong within the community, but it is always followed by the realization that it would require rebuilding the entire Web. Therefore, much of the practical work focuses on more humble extensions to the existing approach, necessarily increasing the complexity of the security-critical sections of the browser codebase.”

Today’s Web indeed is a mess, a complex morass of “design flaws and implementation shortcomings” within a technology “that never aspired to its current status and never had a chance to pause and look back at previous mistakes,” he says. And: “The resulting issues have emerged as some of the most significant and prevalent threats to data security today….”

In his well-written new “Guide to Securing Modern Web Applications,” Zalewski states that “a substantial dose of patience, creativity, and real technical expertise is required from all the information security staff.”

Anyone who works with the Web application stack needs to clearly understand its built-in security vulnerabilities and the consequences that can occur when unwanted penetrations occur.

Zalewski’s 299-page book is structured into three parts – Anatomy of the Web, Browser Security Features, and A Glimpse of Things to Come — and 18 chapters:

  1. Security in the World of Web Applications
  2. It Starts with a URL
  3. Hypertext Transfer Protocol
  4. Hypertext Markup Language
  5. Cascading Style Sheets
  6. Browser-Side Scripts
  7. Non-HTML Document Types
  8. Content Rendering with Browser Plug-ins
  9. Content Isolation Logic
  10. Origin Inheritance
  11. Life Outside Same-Origin Rules
  12. Other Security Boundaries
  13. Content Recognition Mechanisms
  14. Dealing with Rogue Scripts
  15. Extrinsic Site Privileges
  16. New and Upcoming Security Features
  17. Other Browser Mechanisms of Note
  18. Common Web Vulnerabilities

Zalewski’s other published works include Silence on the Wire and Google’s Browser Security Handbook.

Despite the software industry’s many efforts to find security “silver bullets,” Zalewski contends that “[a]ll signs point to security being largely a nonalgorithmic problem for now.” What still works best, he says are three “rudimentary, empirical recipes”:

  1. Learning from (preferably other people’s) mistakes
  2. Developing tools to detect and correct problems
  3. Planning to have everything compromised.

“These recipes are deeply incompatible with many business management models,” he warns, “but they are all that have really worked for us so far.”

Zalewski’s book puts a bright, uncomfortable spotlight on the fundamental insecurities of Web browsers, but it also shows you how to improve the security of Web applications.

Whether you program Web apps, or manage Web app programmers, or are studying to become a Web app programmer, you likely need this book.

Si Dunn‘s latest book is a detective novel, Erwin’s Law. His other published works include Jump, a novella, and a book of poetry, plus several short stories, all available on Kindle. He is a freelance book reviewer for the Dallas Morning News and a former technical writer and software/hardware QA tester.

A Bug Hunter’s Diary: A Guided Tour through the Wilds of Software Security – #programming #bookreview

A Bug Hunter’s Diary: A Guided Tour through the Wilds of Software Security
By Tobias Klein
(No Starch Press, paperback, list price $39.95; Kindle edition, list price $31.95)

If your passion or desire is to find and kill software bugs and fight hackers, you should check out this well-written how-to book.

Tobias Klein, an information security specialist, has tracked down many difficult bugs and identified security vulnerabilities in some of the world’s best-known software, including Apple’s iOS, the Mac OS X kernel, web browsers, and the VLC media player, among others.

Using a diary approach, plus code examples and illustrations, Klein describes a bug he has just discovered in a software package. Then he illustrates how it creates a security vulnerability that a hacker could exploit, and he describes how to fix or at least reduce its risks.

Chapters 2 through 8 each focus on separate bugs, and Klein includes a list of “lessons learned” for programmers who want to avoid creating similar problems.

Klein’s well-illustrated book is organized as follows:

  • Chapter 1: Bug Hunting – (a brief overview.)
  • Chapter 2: Back to the ‘90s - (shows how he discovered a bug and vulnerability in a Tivo movie file that allowed him to crash a VLC media player and gain control of the instruction pointer.)
  • Chapter 3: Escape from the WWW Zone – (illustrates how and where he found a bug in the Solaris kernel and the “exciting challenge” of demonstrating how it could be exploited for arbitrary code execution.)
  • Chapter 4: Null Pointer FTW – (describes “a really beautiful bug” that opened a vulnerability into “the FFmpeg multimedia library that is used by many popular software projects, including Google Chrome, VLC media player, MPlayer, and Xine to name just a few.”)
  • Chapter 5: Browse and You’re Owned – (discusses how he found an exploitable bug in an ActiveX control for Internet Explorer.)
  • Chapter 6: One Kernel to Rule Them All – (focuses on how he decided to search for bugs in some third-party Microsoft Windows drivers and found one in an antivirus software package.)
  • Chapter 7: A Bug Older than 4.4BSD – (how he found an exploitable bug in the XNU kernel OS X.)
  • Chapter 8: The Ringtone Massacre – (how he found an exploitable bug in an early version of the iPhone’s MobileSafari browser that enabled him to modify ringtone files and access the program counter.)
  • Appendix A: Hints for Hunting – (“…some vulnerability classes, exploitation techniques, and common issues that can lead to bugs.”)
  • Appendix B: Debugging – (about debuggers and the debugging process.)
  • Appendix C: Mitigation – (discusses mitigation techniques.)

Tobias Klein is the author of two previous information security books that were published in Germany. Because hackers use many of the same tools as those seeking to keep them out, there is an important limit on how much detail Klein is able to impart in this book.

As he notes in a disclaimer: “The goal of this book is to teach readers how to identify, protect against, and mitigate software security vulnerabilities. Understanding the techniques used to find and exploit vulnerabilities is necessary to thoroughly grasp the underlying problems and appropriate mitigation techniques. Since 2007, it is no longer legal to create or distribute “hacking tools” in Germany, my home country. Therefore, to comply with the law, no full working exploit code is provided in this book. The examples simply show the steps used to gain control of the execution flow (the instruction pointer or program counter control) of a vulnerable program.”

Si Dunn

Here’s the book scaring me this Halloween: America the Vulnerable – #bookreview #data #security

Subtitled “Inside the New Threat Matrix of Digital Espionage, Crime, and Warfare,” America the Vulnerable is written by Joel Brenner, former inspector general at the National Security Agency.

Brenner has recent experience at the highest levels in national intelligence, counterintelligence and data security. And he has studied firsthand many of the threats and attacks against our national, corporate and personal interests.

“During my tenure in government,” he writes, “I came to understand how steeply new technology has tipped the balance in favor of those–from freelance hackers to Russian mobsters to terrorists to states like China and Iran–who want to learn the secrets we keep, whether for national, corporate, or personal security.” He adds: “The truth I saw was brutal and intense: Electronic thieves are stripping us blind.”

Everything from Social Security numbers to technological secrets that cost billions to develop are being taken — stolen from military and corporate data networks and individual computers, possibly including yours.

His book will leave you wide-eyed and wondering who is surreptitiously poking around inside your computer right at this moment and what they are taking or “borrowing” for sinister purposes.

 Likely the Chinese and the Iranians and Russian mobsters and others, including hackers, are in there or have been there recently.

And Brenner explains how you may be unknowingly helping them find and transfer sensitive and vital information, even when you do something seemingly innocuous as plugging in a thumb drive to your laptop.

You won’t need to watch any monster movies to get scared this Halloween. Brenner’s book or its Kindle version can give you a very serious case of chills and frights. 

Si Dunn

Privacy and Big Data – #bookreview #nonfiction

Privacy and Big Data
By Terence Craig and Mary E. Ludloff
(O’Reilly Media, $19.99, paperback; $16.99, Kindle)

Worried about the safety of your personal data?

That genie, unfortunately is long out of the bottle—and very likely spread all over the planet now.

In Privacy and Big Data, authors Terence Craig and Mary E. Ludloff provide an eye-opening examination of “how the digital footprints we leave in our daily lives can be easily mashed up and, through expertise and technology, deliver startling accurate pictures of our behavior as well as increasingly accurate predictions of our future actions.”

Those digital pictures of who we are, who we vote for, what we buy and where we go can be worth a great deal of money and/or power to those who collect them. Indeed, they constitute “big data” and can be worth much more than gold, Craig and Ludloff contend.

“Far more is known today about us as individuals than ever before. How organizations, businesses, and government agencies use this information to track and predict our behavior is becoming one of the fundamental issues of the 21st century,” they state.

Privacy and Big Data is not a lengthy book, just 106 pages. Yet it packs plenty of punch in the form of useful, unsettling and sometimes surprising information, as well as thought-provoking examples, discussions and questions. The two writers – “executives from a growing startup in the big data and analytics industry” – draw upon extensive experience “deal[ing] with the issues of privacy every day as we support industries like financial services, retail, health care, and social media.”

Their well-written work is organized into five chapters and an appendix. Each chapter, meanwhile, has its own bibliography with links to additional materials and information.

Chapter 1, “The Perfect Storm,” looks at what has happened to privacy in the digital age and how we got to this point, starting with ARPANET (the “(Advanced Research Projects Agency Network”) in 1969, which later gave rise to the Internet. In the authors’ view: “There is a perfect storm brewing; a storm fueled by innovations that have altered how we talk and communicate with each other. Who could have predicted 20 years ago that the Internet would have an all-encompassing effect on our lives? Outside of sleeping, we are connected to the Web 24/7, using our laptops, phones, or iPads to check our email, read our favorite blogs, look for restaurants and jobs, read our friends’ Facebook walls, buy books, transfer money, get directions, tweet and foursquare our locations, and organize protests against dictatorships from anywhere in the world. Welcome to the digital age.”

Chapter 2, “The Right to Privacy in the Digital Age,” focuses on “what privacy encompasses, how our privacy norms have been shaped in the U.S. and abroad, the tension between privacy and other freedoms (or lack thereof), and how, for those of us who fully participate in all the digital age has to offer, it may very well be the end of privacy as we know it.”

Chapter 3, “The Regulators,” explores how the world has many geographical boundaries, from national borders down to city limits and even smaller demarcations, including individual agencies, departments and committees. Businesses large and small also operate within specific structural boundaries. Yet the Internet, the authors point out, recognizes no such limits. they examine “how…countries regulate the collection, use, and protection of their citizen’s personal information,” amid countless competing governmental and business agendas.

In Chapter 4, “The Players,” the authors warn: “Wherever you go, whatever you do, anywhere in this world, some ‘thing’ is tracking you. Your laptop, and other personal devices, like an iPad, Smartphone, or Blackberry, all play a role, and contribute to building a very detailed dossier of your likes, concerns, preferred airlines, favorite vacation spots, how much money you spend, political affiliations, who you’re friends with, the magazines you subscribe to, the make and model of the car you drive, the kinds of foods you buy, the list goes on.” The writers identify four broad categories of data grabbers and note that “while the[se] players are playing, consumer privacy continues to erode.” They discuss some specific things you can do to try to reduce your exposure. But, they caution, “What happens on the Internet stays on the Internet forever.”

Finally, in Chapter 5, “Making Sense of It All,” the authors pose several challenging questions and offer their views on possible answers. The questions include: “In the digital world we now inhabit, is privacy outmoded or even possible? Should we just get over it and move on? Should we embrace transparency and its many benefits and disadvantages? And if we do, or have it forced upon us, can we expect the same from our governments, our corporations, and powerful individuals? Will they be held to the same standard? If not, since information is power, what will our world look like?”

Two writers seldom agree on everything, and that is true in this book. In their Appendix titled “Afterword,” Craig and Ludloff state that they have tried to present a wide range of views on important questions, yet sometimes differ in their personal views regarding privacy and big data. They offer brief summaries of where they came from and how their viewpoints have been shaped by life events.

In a world where computers, phones, cars, cameras and many other household, work and public devices gather, store and disseminate data about us, this book can help readers think harder about what information — and freedoms — we may be giving up, willingly and unwittingly, in the name of convenience and connectivity.

Si Dunn

#