The Modern Web: Multi-Device Web Development with HTML5, CSS3, and JavaScript – #bookreview

The Modern Web
Multi-Device Web Development with HTML5, CSS3, and JavaScript
Peter Gasston
(No Starch Press – Kindle, paperback)

After a quick first glance, you might look right past this book. You might assume its title, “The Modern Web,” simply introduces some kind of heavily footnoted, academic study of the Internet.

Not so, Web breath. In this case, it’s the subtitle that should grab your attention.

Whether you hope to go into web development, or you’re already there, Peter Gasston’s new book can help you get an improved grasp on three important, device-agnostic tools that will be essential to your work and career development. They are: HTML5, CSS3, and JavaScript, that not-so-simple programming language that many new web specialists often try to avoid learning. (That’s because, typically, it’s easier, more fun and a bit less cryptic to work with HTML5 and CSS3.)

Also, Gasston notes, there have been big explosions in the number of libraries and frameworks that use JavaScript, further clouding a developer’s ability to know which ones he or she should learn next. (The author limits his coverage to four: jQuery, YepNope, Modernizr, and Mustache.)

Gasston’s well-written book zeroes in on the three “web technologies that can be used anywhere, from open websites to device-specific web apps.” And on all sorts of devices, ranging from tiny phones to tablet computers to wall-covering HDTVs.

And his teaching aim is to show you “modern coding methods and techniques that you can use to build websites across multiple devices or that are tailored to the single device class you’re targeting.”

By the way, “websites” is simply a shorthand term the author uses “to avoid repetition. The features you’ll learn from this book are relevant to websites, web applications, [and] packaged HTML hybrid applications–in short, anything that can use HTML, CSS, and JavaScript.”

Gasston also wants you to learn that “fast” is the main thing that matters to those who will use your site. “Your site needs to be fast–and feel fast–regardless of the device it’s being displayed on,” he emphasizes. “And fast means not only technical performance (which is incredibly important) but also the responsiveness of the interface and how easily users can navigate the site and find what they need to complete the task that brought them to you in the first place.”

His 243-page book contains many short, useful code examples and illustrations, and is excellent for developers who have at least a little bit of experience with HTML5, CSS3, and JavaScript but aren’t sure where and how to focus their energies and attention for the rapidly changing career road ahead.

The Modern Web offers a well-organized introduction, plus 11 chapters:

  1. The Web Platform
  2. Structure and Semantics
  3. Device Responsive CSS
  4. New Approaches to CSS Layouts
  5. Modern JavaScript
  6. Device APIs
  7. Images and Graphics
  8. New Forms
  9. Multimedia
  10. Web Apps
  11. The Future

There also are two appendices: Browser Support as of March 2013 and Further Reading.

Peter Gasston has been a web developer for more than 12 years, and his previous book is The Book of CSS3.

He notes that “[t]he Web is constantly evolving, and book publishing means taking just a single snapshot of a moment. Some things will change; some will wither and be removed. I’ve tried to mitigate this by covering only technologies that are based on open standards rather than vendor-specific ones and that already have some level of implementation in browsers.”

He urges developers to stay alert to changing Web standards and to “be curious, be playful, keep on top of it all. He stresses: “There’s never been a more exciting time to work in web development, but you’ll need to put in an extra shift to really take advantage of it.”

Si Dunn

Natural Language Annotation for Machine Learning – #programming #bookreview

Natural Language Annotation for Machine Learning
James Pustejovsky and Amber Stubbs
(O’Reilly, paperbackKindle)

You may not be sure what’s going on here, at first, even after you’ve read the tag line on the book’s cover: “A Guide to Corpus-Building for Applications.

Fortunately, a few definitions inside this book can enlighten you quickly and might even get you interested in delving deeper into natural language processing and computational linguistics as a career.

“A natural language,” the authors note,” refers to any language spoken by humans, either currently (e.g., English, Chinese, Spanish) or in the past (e.g., Latin, ancient Greek, Sanskrit). Annotation refers to the process of adding metadata information to the text in order to augment a computer’s ability to perform Natural Language Processing (NLP).”

Meanwhile: “Machine learning refers to the area of computer science focusing on the development and implementation of systems that improve as they encounter more data.”

And, finally, what is a corpus? “A corpus,” the authors explain, “is a collection of machine-readable texts that have been produced in a natural communicative setting. They have been sampled to be representative and balanced with respect to particular factors; for example, by genre—newspaper articles, literary fiction, spoken speech, blogs and diaries, and legal documents.”

The Internet is delivering vast amounts of information in many different formats to researchers in the fields of theoretical and computational linguistics. And, in turn, specialists are now working to develop new insights and algorithms “and turn them into functioning, high-performance programs that can impact the ways we interact with computers using language.”

This book’s central focus is on learning how an efficient annotation development cycle works and how you can use such a cycle to add metadata to a training corpus that helps machine-language algorithms work more effectively.

Natural Language Annotation for Machine Learning is not light reading. But it is well structured, well written and offers detailed examples. Using an effective hands-on approach, it takes the reader from annotation specifications and designs to the use of annotations in machine-language algorithms. And the final two chapters of the 326-page book “give a complete walkthrough of a single annotation project and how it was recreated with machine learning and rule-based algorithms.”

“[I]t is not enough,” the authors emphasize, “to simply provide a computer with a large amount of data and expect it to learn to speak—the data has to be prepared in such a way that the computer can more easily find patterns and inferences. This is usually done by adding relevant metadata to a dataset. Any metadata tag used to mark up elements of the dataset is called an annotation over the input. However,” they point out, “in order for the algorithms to learn efficiently and effectively, the annotation done on the data must be accurate, and relevant to the task the machine is being asked to perform. For this reason, the discipline of language annotation is a critical link in developing intelligent human language technology.”

Si Dunn

The Art of SEO, 2nd Ed. – Managing Search Engine Optimization – #bookreview #in

The Art of SEO, 2nd Edition: Mastering Search Engine Optimization
By Eric Enge, Stephan Spencer, Jessie Stricchiola, and Rand Fishkin
(O’Reilly,
paperback, list price $49.99; Kindle edition, list price $39.99)

If you have a business website and also use social media, you likely have been bombarded with email messages , tweets or “comments” from spammers claiming to be “SEO experts.”

The four authors of this well-regarded and useful book really are experts in the field of search engine optimization (SEO). And their hefty book frequently is considered a must-have text for learning how to make online search work in ways that will help bring more customers or clients to your website.

The new, 688-page second edition of The Art of SEO “has been completely revamped and updated from the first edition, taking into account the changes in the search engine industry and the rising influence of social media,” the authors state.

This is not a book that you can zip through 1-2-3 and check “SEO” off your to-do list. Search engine optimization is a much bigger and more complicated task than you may realize. Fortunately, this well-written, well-organized and reasonably well-illustrated book “is designed to be a complete and thorough education on search engine optimization for SEO practitioners at all levels.”

The intended audience “includes web developers, development managers, marketing people, and key business personnel.” But even if you run a one-person shop with a website that is intended to draw customers or clients, you can learn useful techniques and new strategies from The Art of SEO, 2nd Edition.  Just be prepared to study a bit. As the authors note, “[Y]ou can think of [this book] as SEO 101, SEO 102 and SEO 103.”

The book has 14 chapters:

  1. Search: Reflecting Consciousness and Connecting Commerce
  2. Search Engine Basics
  3. Determining Your SEO Objectives and Defining Your Site’s Audience
  4. First Stages of SEO
  5. Keyword Research
  6. Developing an SEO-Friendly Website
  7. Creating Link-Worthy Content and Link Marketing
  8. How Social Media and User Data Play a Role in Search Results and Rankings
  9. Optimizing for Vertical Search
  10. Tracking Results and Measuring Success
  11. Domain Changes, Post-SEO Redesigns, and Troubleshooting
  12. SEO Research and Study
  13. Build an In-House SEO Team, Outsource It, or Both?
  14. An Evolving Art Form: The Future of SEO

“Search has become integrated into the fabric of our society,” the four writers note. Worldwide, more than 158 billion searches are performed each month, and more than 5 billion searches are performed each day, they estimate.

If you want to be found more often in those searches, you definitely need to start paying closer attention to search engine optimization. And The Art of SEO, 2nd Edition can be your steady how-to guide and reference point.

#

Si Dunn is a novelist, screenwriter, freelance book reviewer, and former software technical writer and software/hardware QA test specialist. He also is a former newspaper and magazine photojournalist. His latest book is Dark Signals, a Vietnam War memoir. He is the author of an e-book detective novel, Erwin’s Law, now also available in paperback, plus a novella, Jump, and several other books and short stories.

Webbots, Spiders, and Screen Scrapers, 2nd Ed. – Bots can be tools for good, efficiency, profit – #programming #bookreview

Webbots, Spiders, and Screen Scrapers: A Guide to Developing Internet Agents with PHP/CURL, 2nd Edition
By Michael Schrenk
(No Starch Press,
paperback, list price $39.95; Kindle edition, list price $31.95)

Bots have a bad reputation on the Web, but when used properly and for honest purposes, they can be tools for good, for better business and research efficiency, and for profit.

That’s the major premise behind Michael Schrenk’s popular book, now updated from its 2007 first edition.

He is a specialist in “automated agents (webbots, spiders, and screen scrapers)” that “solve problems” which web browsers can’t solve for themselves.

“The basic problem with browsers,” Schrenk writes, “is that they’re manual tools. Your browser only downloads and renders websites: You still need to decide if the web page is relevant, if you’ve already seen the information it contains or if you need to follow a link to another web page. What’s worse, your browser can’t think for itself. It can’t notify you when something important happens online, and it certainly won’t anticipate your actions, automatically complete forms, make purchases, or download files for you. To do these things, you’ll need the automation and intelligence only available with a webbot, or a web robot. Once you start thinking about the inherent limitations of browsers, you start to see the endless opportunities that wait around the corner for webbot developers.”

Spiders, by the way, “are specialized webbots that – unlike traditional webbots with well-defined targets – download multiple web pages across multiple websites,” he notes. Meanwhile, screen scraping is not clearly defined in this book, despite being in the subtitle. It generally involves automatically collecting, but not parsing, visual data from a source. Schrenk includes a chapter titled “Scraping Difficult Websites with Browser Macros,” and some purists would call that more a focus on the process known as web scraping rather than screen scraping. But this is minor nitpicking.  

Schrenk’s well-written book offers sample scripts (mostly written in PHP) and example projects that show how to design and write webbots. And his website for the book offers several code libraries that can be downloaded. “The functions and declarations in these libraries provide the basis for most of the example scripts used in this book,” he says. Likewise, his example scripts mostly use that website “as targets, or resources for your webbots to download and take action on” for practice and learning.

It is important, before diving into the programming, to take very careful note of his paragraph titled: “Learn from My Mistakes.” In it, Schrenk emphasizes: “I’ve written webbots, spiders, and screen scrapers for over 15 years, and in the process I’ve made most of the mistakes someone can make. Because webbots are capable of making unconventional demands on website, system administrators can confuse webbots’ requests with attempts to hack into their systems. Thankfully, none of my mistakes has ever led to a courtroom, but they have resulted in intimidating phone calls, scary emails, and very awkward moments. Happily, I can say that I’ve learned from these situations, and it’s been a very long time since I’ve been across the desk from an angry system administrator. You can spare yourself a lot of grief by reading my stories and learning from my mistakes.”

The 362-page 2nd edition has 31 chapters and three appendixes, and it is divided into four major parts:

  • ·         Part I: Fundamental Concepts and Technologies
  • ·         Part II: Projects
  • ·         Part III: Advanced Technical Considerations
  • ·         Part IV: Larger Considerations

That final part includes a very important chapter on keeping webbots and spiders out of legal trouble.

In other words, have fun but be very careful with what you create. As Schrenk emphasizes: “…it’s up to you to do constructive things with the information in this book and not violate copyright law, disrupt networks, or do anything else that would be troublesome or illegal.” And: “If you have questions, talk to a lawyer before you experiment.”

Words to the wise. And, yes, to the wiseasses, as well.

Si Dunn is a novelist, screenwriter, freelance book reviewer, and former software technical writer and software/hardware QA test specialist. He also is a former newspaper and magazine photojournalist. His latest book is Dark Signals, a Vietnam War memoir available now in paperback. He is the author of a detective novel, Erwin’s Law, a novella, Jump, and several other books and short stories.

Not your father’s database: Getting Started with CouchDB & with Fluidinfo – #bookreview #in #programming

These two books reflect some of the wide-ranging changes that the Internet and mobile devices are bringing to the ways databases are structured, accessed, updated, stored and maintained.

Getting Started with CouchDB
By MC Brown
(O’Reilly,
paperback, list price $24.99; Kindle edition, list price $14.99)

“Databases are no longer isolated, single systems,” writes MC Brown. “Whether you want a database that can be shared among multiple devices (your desktop, laptop, and mobile phone), between multiple offices, or to be used as part of your database scaling operations, copying and sharing database information has become required functionality.”

He adds: “Different databases have traditionally approached this in a variety of different ways, including binary logs, data streams, row-based logging, and more complex hashing techniques. Within CouchDB, a simple but very effective method has been developed that uses the individual documents as the key to the method of sharing and distributing the document information between databases.”

Apache CouchDB is a free download for Linux, Mac OS X, or Windows. According to the website, “Apache CouchDB™ is a database that uses JSON for documents, JavaScript for MapReduce queries, and regular HTTP for an API.”

Brown also describes how to install CouchDB from source code, with careful emphasis on “(if you must).”

For the number of pages (84), the list prices for Brown’s book seem a bit high. But if you want to learn how to work with CouchDB, information to get you started is conveniently at hand, in the book or e-book. For example, Brown shows how to create databases and delete databases and how to create, update and delete documents in the databases.

“All of your interactions with CouchDB will be through HTTP,” he notes. His book provides some “key details” for several HTTP operations “such as HEAD and DELETE that are useful when talking to CouchDB.”

MC Brown has written or contributed to more than 26 books dealing with programming, systems management, web technologies and other subjects. He is vice president of documentation for Couchbase.

#

 Getting Started with Fluidinfo
By Nicholas J. Radcliffe and Nicholas H. Tollervey
(O’Reilly,
paperback, list price $24.99; Kindle edition, list price $11.99)

“Fluidinfo is an online storage system in which there is a place for information about everything—everything that exists, everything that could exist, and everything that can be imagined,” this book’s two authors state. “It allows anyone to store any information, about anything, in any digital form. And Fluidinfo is social: users can exercise fine control over who can read their data and can even enable other chosen users and applications to write data on their behalf.”

Another way to describe Fluidinfo is as an “openly writeable shared datastore.”

Like CouchDB, Fluidinfo exposes “all its functionality through HTTP, the core protocol that underpins the World Wide Web. Programmers can take advantage of its RESTful API, which makes it easy to integrate with other applications.”

To try out Fluidinfo and get an account, go to fluidinfo.com. The site offers the option to sign in via Twitter.

This well-written, 119-page book is offered as a “practical guide to several ways to access and use Fluidinfo” and is organized into nine chapters:

  • Chapter 1: What Is Fluidinfo?
  • Chapter 2: Fluidinfo from the Command Line
  • Chapter 3: Social Data
  • Chapter 4: Programming with Fluidinfo
  • Chapter 5: Programming with FOM (the Fluid Object Mapper)
  • Chapter 6: Programming Fluidinfo with JavaScript
  • Chapter 7: Fluidinfo’s RESTful API
  • Chapter 8: Advanced Use of the Fluidinfo Shell
  • Chapter 9: Conventions for the About Tag

There is also an appendix titled “Fluidinfo Query Language Reference.”

One of the book’s authors, Nicholas Radcliffe, has connections to Fluidinfo that date back to the 1980s and “has been a friend and advisor to the Fluidinfo company since its inception.” Meanwhile, Nicholas Tollervey is a software developer at Fluidinfo and has nearly 30 years’ experience in programming.

#

Si Dunn is a novelist, screenwriter, freelance book reviewer, and former software technical writer and software/hardware QA test specialist. He also is a former newspaper and magazine photojournalist. His latest book is Dark Signals, a Vietnam War memoir available now in paperback. He is the author of a detective novel, Erwin’s Law, a novella, Jump, and several other books and short stories.

Google+: The Missing Manual – #bookreview

Google+: The Missing Manual
By Kevin Purdy
(O’Reilly, paperback, list price $14.99; Kindle edition, list price $11.99)

 I believe too much social media can rot the brain and waste many good hours of our lives. So, after I opened a Google+ account (mostly out of curiosity) a few weeks ago, I promptly let it sit unused.

I wasn’t sure what I could do with Google+ and how it might benefit me. Furthermore,  I felt that I was too busy to dig around on it, learn by blunder, and have to open a bunch of help screens and blog postings to try to find more information.

Most of all, I didn’t want to click or check the wrong box and start inviting hundreds of email contacts to join me on Google+. Particularly since there was absolutely nothing about me to see except one photo and a few bare words of “profile.”

Google+: The Missing Manual promises to deliver “the important stuff you need to know.” So I recently got a copy of it and gave Google+ another try.

Kevin Purdy’s book, I am pleased to say, is well-organized for beginners and is proving easy to follow as I gradually enlarge my Google+ beachhead.

I am still trying to figure out how to add Google+ efficiently and effectively to my online social life, as well as my writing and editing business. At this point, I still like Twitter much better. But that fact, likely, is because I have been using it for several years and have devoted a lot of time and effort to writing tweets, sharing links, retweeting information and following interesting people.

Kevin Purdy’s book now is helping me make some choices before I click on some of the Google+ setup links and go crashing off into the digital weeds.

Here is how it’s structured:

  • Chapter 1: Getting Started
  • Chapter 2: Managing Contacts with Circles
  • Chapter 3: Streams, Sharing, and Privacy
  • Chapter 4: Notifications
  • Chapter 5: Sharing Photos and Videos
  • Chapter 6: Hanging Out
  • Chapter 7: Searching and Sparks
  • Chapter 8: Google+ Mobile
  • Chapter 9: Playing Games

With the book’s help, I have ventured forth and tried a few things that I might otherwise have avoided or misunderstood. And I now have more features listed to try out during my next opportunities to spend time with Google+.

I am, frankly, still pondering if — or how deeply — I want to invest my social media time in Google+. But Purdy makes the compelling case that “Google+ is more than just a way to connect with friends, family, and acquaintances online. It’s a smarter way of sharing online that’s tied into all the other Google services you might already use”–such as Gmail and Google Docs.

And: “What Google+ really does differently…is give you nearly total control over who can see each thing you put on Google+, and what kinds things you see and from whom.”

I rate this book a well-written keeper (1) for anyone trying to get started on Google+ and (2) for anyone who, like me, has jumped into it and is now trying to figure it out, feature by feature, during busy days.

Si Dunn‘s latest book is a detective novel, Erwin’s Law. His other published works include Jump, a novella, and a book of poetry, plus several short stories, including The 7th Mars Cavalry, all available on Kindle. He is a screenwriter, a freelance book reviewer and a former technical writer and software/hardware QA test specialist.

Microsoft Manual of Style (4th Ed.) – Improve your technical communications – #bookreview

Microsoft Manual of Style
Microsoft Corp.
(Microsoft Press, paperback, list price $29.99; Kindle edition, list price $23.99)

Good writers know they need more help than they can find in a dictionary and a thesaurus. So they often have collections of reference books that include such works as the Chicago Manual of Style, the MLA Handbook and the Associated Press Stylebook.

Consider adding one more specialized stylebook to your collection, particularly if you: (1) you write about, or teach, computer technology; (2) if you are a technical writer assigned to create product manuals for software or hardware; or (3) if you work as an editor of technical articles and technical books.

Microsoft Press recently has released the 4th edition of its Microsoft Manual of Style. This updated edition “includes guidelines for wired and global audience, cloud computing, publication on devices, social media, search engine optimization (SEO), and the natural user interface (NUI).”

The Microsoft Manual of Style is a well-structured and useful guide that can help you improve the clarity, accuracy and style consistency of your technology writing and editing.

The book also offers useful guidelines for global English syntax and machine translation syntax. And its glossary defines more than one thousand terms and acronyms.

These are, of course, times of very rapid change for technology and its terminology. So this latest printed edition of the style manual is, “by necessity, a snapshot” and “by nature a work in progress,” its editors concede.

They emphasize how examples in the book “are labeled as ‘Microsoft Style’ and ‘Not Microsoft Style’ rather than as ‘Correct’ and ‘Incorrect.’ We don’t want to presume to say that the Microsoft way is the only correct way. It’s simply the guidance that we follow in our workplace. In sharing it with others, we hope that the decisions we have made for our content professionals will help you in your own efforts to promote consistency, clarity, and accuracy.”

They have tried to include “as many relevant neologisms as possible” – new words and phrases or new meanings for old terms, recently pushed to the fore by new technology. For example, “[g]esture guidelines for the natural user interface (NUI) introduce what have been non-technical words such as flick, pinch, and tap into the realm of technical documentation.”

A minor ding: the book’s index and usage guides both seem slightly incomplete. For example, in the Introduction, the editors state: “In the world of cloud computing, we now include terabyte (TB), petabyte (PB), and on up to yottabyte (YB), or 1024.” Yet, only terabyte and TB show up in the index and usage guide. PB and YB seem to be missing in action in both areas.

Also, the book spends two pages (16 and 17) explaining (beneath a “Parallelism” heading) how parallelism is used in Microsoft instructional manuals. “Parallelism is ensuring that elements of sentences that are similar in purpose are also similar in structure.” Yet, “parallelism” is not in the index. The term “parallel structure” appears in its place, instead.

These small glitches are not deal breakers. They simply highlight what was stated earlier, that a stylebook is a work always in progress. (Perhaps the fixes will be added in edition five?)

This 4th edition of the Microsoft Manual of Style is rich with information, examples, guidance and definitions. If you write or edit computer-related technology materials, you need it on your reference shelf.

Si Dunn‘s latest book is a detective novel, Erwin’s Law. His other published works include Jump, a novella, and a book of poetry, plus several short stories, including The 7th Mars Cavalry, all available on Kindle. He is a screenwriter, a freelance book reviewer and a former technical writer and software/hardware QA test specialist.

Inside Cyber Warfare, 2nd Edition – You’re at the front line & you can’t retreat – #bookreview

Inside Cyber Warfare (2nd Edition)
By Jeffery Carr
(O’Reilly, paperback, list price $39.99; Kindle edition, list price $31.99)

A global war for survival is in full battle, and you — or at least one or more of your computers — may now be right at the front line, already in the fight.

Actually, in cyber warfare, there is no “front line.”  As this important book makes unnervingly clear, attacks on business and military data, on financial systems, and on personal information now can — and do – come at any time from anywhere on the planet.

The attackers can be governments, military units, criminal groups, terrorist organizations, hacker gangs, lone-wolf thieves and even mischief makers with little or no agenda except chaos. And what seems to be a damaging infiltration from one nation actually may be controlled by, and coming from, computers in several other nations.

Indeed, some recently successful and damaging attacks against supposedly well-secured systems have been launched from sites very difficult to identify, using networks of infected computers scattered across several continents, including the United States. And the owners of the infected computers had no idea their machines were involved.

Jeffrey Carr’s updated book is aimed at political and military leaders, policy makers,  and corporate executives responsible for securing data systems and sensitive information. Yet everyday computer users need to read it, too, to have a clearer sense of what we are all up against now. We must understand the risks well enough to help pressure lawmakers, corporate leaders and others to make good choices regarding data security and protecting intellectual property.

The author is a cyber intelligence expert and consultant whose specialty is investigating “cyber attacks against governments and infrastructures by state and non-state hackers.”

Carr’s well-written second edition covers such topics as: the cyber-warfare capabilities of a wide range of nation-states, from Australia and Nigeria to China, the Russian Federation and the United States; how organized crime operates and profits in cyberspace; the difficulty of responding to international cyber attacks as acts of war; and national and international legal issues that affect cyber warfare.

Some foreign governments, Carr points out, are believed to condone and even sponsor cyber attacks. Others are well aware of the digital lawbreakers operating within their borders, yet prosecute only a selected few cases. For example, Carr notes, “in the Russian Federation, the police are interested only in arresting hackers for financial crimes against Russian companies. Hacking attacks cloaked in nationalism are not only not prosecuted by Russian authorities, but they are encouraged…” through a variety of proxies.

Against technically savvy, well-funded and government-coddled hackers, your outdated virus protection software and your dogs’-names passwords are very thin, very porus shields, indeed. 

Carr offers a number of recommendations to American policymakers who must wrestle with Internet and data security issues, plus protection of intellectual property. One of his strongest recommendations is a call for the Department of Defense to throw Windows out the Pentagon’s windows and replace it with Red Hat Linux.

“Red Hat Linux,” he writes, “is a proven secure OS with less than 90% of the bugs found per 1,000 lines of code than in Windows. Many decision makers don’t know that it is the most certified operating system in the world, and it’s already in use by some of the US government’s most secretive agencies.” He adds: “Linux certainly has its vulnerabilities, but the math speaks for itself. Shoot Windows and eliminate the majority of the malware threat with one stroke.”

He also wants sharp crackdowns on “US companies that provide Internet services to individuals and companies who engage in illegal activities, provide false WHOIS information, and other indicators that they are potential platforms for cyber attacks.”

But anyone who connects a computer to the Internet and is active on social media needs to be aware of the risks and high stakes involved in the cyber warfare now being fought between and among governments, criminal groups, terrorist organizations, hacker gangs and lone-wolf troublemakers.

Even as you read this, your personal computer or your company’s servers may be secretly helping North Korea, Iran, China, a drug cartel or a lone, bored hacker launch a cyber attack somewhere else in the world.

You may not be a high-value data target. Yet, even with just one laptop computer, you can become an unwilling and unknowing foot soldier for the wrong side.

These are scary thoughts, and you can’t wish them away. Read this important book to get the big, unnerving picture.

Then start thinking–fast–of ways to better protect your computers, data, intellectual property and personal information.

Si Dunn‘s latest book is a detective novel, Erwin’s Law. His other published works include Jump, a novella, and a book of poetry, plus several short stories, including The 7th Mars Cavalry, all available on Kindle. He is a screenwriter, a freelance book reviewer, and a former technical writer and software/hardware QA test specialist.

Consuming too much information can make you fat, clueless & dead – The Information Diet – #bookreview

The Information Diet: A Case for Conscious Consumption
By Clay A. Johnson
(O’Reilly, hardback, list price $22.99; Kindle edition, list price $19.99)

In this controversial new book from O’Reilly Media, veteran software developer, open source guru and political advocate Clay A. Johnson makes the forceful argument that our current mania for consuming information is killing us, mentally and physically.

First, we are sitting too much and too long while consuming data from the Web, from TV, from smart phones, from books, and while driving around in our cars listening to blather on the radio.

And, much of what we are consuming is crap – the digital equivalent of high-fat junk food and raw sugar. Some of us now are driving ourselves to destructive distraction through gluttonous obsessions with tweets, status updates, downloads, videos,  instant messages, text messages, emails and restless Web surfing.

For instance, suppose a tweet just went by mentioning some kind of rumored problem with pig populations in Zambia, and you idly read it, processed it in your head, wasted a few more seconds of your life, and took another sip of your latte and took another bite of bagel while continuing to sit on your butt much longer than you intended.

Then you checked your Facebook account on your iPhone or iPad, took another sip of your latte, took another bite of bagel, and went back to Twitter and followed a link to what seemed to be a review of a movie you’ve already seen to see but turned out to be just a lame blog post about how Mitt Romney and Newt Gingrich resemble certain characters in Avatar. Then you took another bite of bagel, another sip of latte and checked your email and followed a link to something about Lady Gaga.

More wasted time. More attention to generally useless information. More sedentary life gone by.

We now spend nearly 11 hours a day consuming – frequently gorging on – information, Johnson’s book points out. And it’s driving us to distraction – and killing us.

First, the physical dangers. Johnson notes: “In 2004, one physician coined the term Sedentary Death Syndrome to classify all the diseases that come from the sedentary state. The effects: heart disease, diabetes, cancer, and yes, obesity. Some researchers are calling it the second largest threat to public health in America. What are we doing when we’re sedentary? Few of us are meditating. We’re consuming information.”

He continues: “New research points to sitting, especially amongst men, as a leading cause of death. Even if you exercise regularly, it turns out that sitting for long periods of time can be deadly.”

It’s also easy to lose track of time and lose control of time management while distracted by the free flow of information. Something unexpected or surprising or outrageous on the Web grabs your attention, and your carefully crafted to-do list for the day is shot to hell. And, relationships can be affected: “Just a quick check of email when we get home can often end up in evenings entirely lost to LCD screens…” instead of talking and paying attention to each other.

Then there’s the problem of “attention fatigue.” Writes Johnson: “About two years ago, I started to wonder: what the heck happened to my short-term memory? And where did my attention span go? I’ve written a little pithy 140-character tweet, sent it into the universe, and in no more than five minutes, I’ve received a reply. The only problem is, I’ve already forgotten what I wrote in the first place. I’ve had to go back, and look at what I said just five minutes ago to understand what the person replying to me is referencing.”

This book offers more dire warnings about consuming too much information. But the author also offers ideas and recommendations for achieving “Attention Fitness.” You can still have your information and consume it, too, in deliberate, conscious doses that are healthier for your mind, body and your participation in American democracy.

If you pay attention to this book long enough to actually think about what it points out and proposes, you may figure out how to get healthier again, how to regain your focus – and how to better understand the ways you are being duped by some of the misinformation constantly sucked into your head by your addiction.

You can become a more conscious and proactive consumer of information and not just another wasted – and life-wasting — data junkie.

Si Dunn‘s latest book is a detective novel, Erwin’s Law. His other published works include Jump, a novella, and a book of poetry, plus several short stories, including The 7th Mars Cavalry, all available on Kindle. He is a screenwriter, a freelance book reviewer, and a former technical writer and software/hardware QA test specialist.

The Tangled Web: A Guide to Securing Modern Web Applications – #programming #bookreview

The Tangled Web: A Guide to Securing Modern Web Applications
By Michal Zalewski
(No Starch Press, paperback, list price $49.95 ; Kindle edition, list price $31.95)

When Michal Zalewski writes, people listen. And many software programmers pay — or should pay — very close attention to what he recommends.

Zalewski is an internationally respected information security expert who has uncovered hundreds of major Internet security vulnerabilities

“The dream of inventing a brand-new browser security model,” he states in The Tangled Web, “is strong within the community, but it is always followed by the realization that it would require rebuilding the entire Web. Therefore, much of the practical work focuses on more humble extensions to the existing approach, necessarily increasing the complexity of the security-critical sections of the browser codebase.”

Today’s Web indeed is a mess, a complex morass of “design flaws and implementation shortcomings” within a technology “that never aspired to its current status and never had a chance to pause and look back at previous mistakes,” he says. And: “The resulting issues have emerged as some of the most significant and prevalent threats to data security today….”

In his well-written new “Guide to Securing Modern Web Applications,” Zalewski states that “a substantial dose of patience, creativity, and real technical expertise is required from all the information security staff.”

Anyone who works with the Web application stack needs to clearly understand its built-in security vulnerabilities and the consequences that can occur when unwanted penetrations occur.

Zalewski’s 299-page book is structured into three parts – Anatomy of the Web, Browser Security Features, and A Glimpse of Things to Come — and 18 chapters:

  1. Security in the World of Web Applications
  2. It Starts with a URL
  3. Hypertext Transfer Protocol
  4. Hypertext Markup Language
  5. Cascading Style Sheets
  6. Browser-Side Scripts
  7. Non-HTML Document Types
  8. Content Rendering with Browser Plug-ins
  9. Content Isolation Logic
  10. Origin Inheritance
  11. Life Outside Same-Origin Rules
  12. Other Security Boundaries
  13. Content Recognition Mechanisms
  14. Dealing with Rogue Scripts
  15. Extrinsic Site Privileges
  16. New and Upcoming Security Features
  17. Other Browser Mechanisms of Note
  18. Common Web Vulnerabilities

Zalewski’s other published works include Silence on the Wire and Google’s Browser Security Handbook.

Despite the software industry’s many efforts to find security “silver bullets,” Zalewski contends that “[a]ll signs point to security being largely a nonalgorithmic problem for now.” What still works best, he says are three “rudimentary, empirical recipes”:

  1. Learning from (preferably other people’s) mistakes
  2. Developing tools to detect and correct problems
  3. Planning to have everything compromised.

“These recipes are deeply incompatible with many business management models,” he warns, “but they are all that have really worked for us so far.”

Zalewski’s book puts a bright, uncomfortable spotlight on the fundamental insecurities of Web browsers, but it also shows you how to improve the security of Web applications.

Whether you program Web apps, or manage Web app programmers, or are studying to become a Web app programmer, you likely need this book.

Si Dunn‘s latest book is a detective novel, Erwin’s Law. His other published works include Jump, a novella, and a book of poetry, plus several short stories, all available on Kindle. He is a freelance book reviewer for the Dallas Morning News and a former technical writer and software/hardware QA tester.