Here’s the book scaring me this Halloween: America the Vulnerable – #bookreview #data #security

Subtitled “Inside the New Threat Matrix of Digital Espionage, Crime, and Warfare,” America the Vulnerable is written by Joel Brenner, former inspector general at the National Security Agency.

Brenner has recent experience at the highest levels in national intelligence, counterintelligence and data security. And he has studied firsthand many of the threats and attacks against our national, corporate and personal interests.

“During my tenure in government,” he writes, “I came to understand how steeply new technology has tipped the balance in favor of those–from freelance hackers to Russian mobsters to terrorists to states like China and Iran–who want to learn the secrets we keep, whether for national, corporate, or personal security.” He adds: “The truth I saw was brutal and intense: Electronic thieves are stripping us blind.”

Everything from Social Security numbers to technological secrets that cost billions to develop are being taken — stolen from military and corporate data networks and individual computers, possibly including yours.

His book will leave you wide-eyed and wondering who is surreptitiously poking around inside your computer right at this moment and what they are taking or “borrowing” for sinister purposes.

 Likely the Chinese and the Iranians and Russian mobsters and others, including hackers, are in there or have been there recently.

And Brenner explains how you may be unknowingly helping them find and transfer sensitive and vital information, even when you do something seemingly innocuous as plugging in a thumb drive to your laptop.

You won’t need to watch any monster movies to get scared this Halloween. Brenner’s book or its Kindle version can give you a very serious case of chills and frights. 

Si Dunn

Advertisements

The Art of R Programming: A Tour of Statistical Software Design – #programming #bookreview

The Art of R Programming: A Tour of Statistical Software Design
By Norman Matloff
(No Starch Press, list price $39.95, paperback)

What? You haven’t heard of R, the programming language?

“R is a scripting language for statistical data manipulation and analysis,” writes Norman Matloff, an experienced and widely published writer who is a professor of computer science at the University of California, Davis. He is also a former statistics professor.

R, he notes in this excellent overview of the programming language, has a rather complicated past.

“It was inspired by, and is mostly compatible with the statistical language S developed by AT&T. The name S, for statistics, was an allusion to another programming language with a one-letter name developed at AT&T—the famous C language. S later was sold to a small firm, which added a graphical user interface (GUI) and named the result S-plus.”

According to Matloff, “R has become more popular than S or S-plus, both because it’s free and because more people are contributing to it. R is sometimes called GNU S, to reflect its open source nature. (The GNU Project is a major collection of open source software.)”

So much for its history. Who uses R? A lot of people involved in statistics and data science. “It is widely used,” Matloff reports, “in every field where there is data—business, industry, government, medicine, academia, and so on.”

Here’s the good news about his good book. If you’ve never heard of R or if it’s something you’ve only recently considered trying, Matloff shows you how to get started quickly both in interactive mode and batch mode.

And you don’t begin by tiresomely displaying “Hello, world.” You start at the heart of R. You make a simple data set, which, in R parlance, is called a vector. You concatenate three numbers, in this case 1, 2 and 4.

“More precisely,” Matloff states, “we are concatenating three one-element vectors that consist of those numbers.” He adds: “It’s hard to imagine R code, or even an interactive R session, that doesn’t involve vectors.”

From there, his book smoothly delves into a wide range of R topics, including basic types, data structures, closures, recursion, anonymous functions, object-oriented programming, and interfacing R to other programming languages.

The Art of R Programming is rich with short, instructive code examples, including examples that initially have bugs but are corrected and given explanations for why the first try went awry.

The book’s marketing materials note that archaeologists use R to trace how ancient civilizations spread, and drug companies use it to try to figure out which medications are safe and effective. And actuaries use it, of course, to “assess financial risks and keep markets moving smoothly.”

But R can be used in much more commonplace settings, as well. You don’t have to know statistics, and you don’t have to be a professional programmer. You can be a beginner wanting to become expert. Or you can be, and remain, a hobbyist programmer.

R commands typically are submitted “by typing in a terminal window rather than clicking a mouse in a GUI, and most R users do not use a GUI,” Matloff cautions.

But: “This doesn’t mean that R doesn’t do graphics. On the contrary, it includes tools for producing graphics of great utility and beauty, but they are used for system output, such as plots, not for user input.”

Never fear, however. A number of free GUIs are available for R, and Matloff gives links to several.

Two appendices in Matloff’s book cover downloading, installing and running R. The place to begin is the Comprehensive R Archive Network (CRAN), where “thousands of user-written packages” are available. And there are “precompiled binaries for Windows, Linux, and Mac OS X on CRAN,” Matloff points out.

No Starch Press, the book’s publisher, pledges that it delivers “the finest in geek entertainment.” Many readers likely will say this handsome, well-structured and well-written R overview meets that promise.

Si Dunn

Configuring Microsoft SharePoint 2010 – Self-Study Guide for MCTS exam 70-667 – #microsoft #bookreview

Configuring Microsoft SharePoint 2010
By Dan Holme and Alistair Matthews
(Microsoft Press, list price $69.99, paperback)

If one of your goals in life is to deploy and manage Microsoft SharePoint Server 2010 farms, here’s your book.

You definitely need it if you are already involved in configuring, customizing and supporting SharePoint and want to take the Microsoft Certified Technology Specialist (MCTS) exam 70-667.

This “2-in-1 Self-Paced Training Kit” follows the successful formula used in many other Microsoft certification test preparation guides.

First, you work through a series of lessons and reviews covering each objective in the exam. Then you apply what you have learned to some real-world case scenarios, and you do some practice exercises. Finally, you plug in the CD that accompanies the book and try your hand at the practice tests.

“You can work through hundreds of questions using multiple testing modes to meet your specific learning needs,” Microsoft promises.

In other words, the material is there if you’re willing to push yourself to learn it. And there is a lot to learn when you work with SharePoint.

One small example: one of the book’s “Best Practices” entries points out that “[y]ou might imagine that the best practice to scale out a farm is simply to add more servers and to continue adding all services to each server. In fact, in larger and more complex environments[,] performance is optimized by dedicating servers to specific tasks.” And the entry briefly explains why.

Another short example: the book describes how “[a]fter you complete your SharePoint installation and the SharePoint Products Configuration Wizard, you often run the Initial Farm Configuration Wizard.” But then it explains why you should not use this tool to configure My Sites, “because the resulting configuration is not considered secure.”

Indeed, the co-authors add, that combination can set up a situation where, conceivably, a My Site owner could use scripting attacks “to get Farm Administrator privileges.”

The book has 821 pages and is divided into 12 chapters:

  1. Creating a SharePoint 2010 Intranet
  2. Administering and Automating SharePoint
  3. Managing Web Applications
  4. Administering and Securing SharePoint Content
  5. Service Applications and the Managed Metadata Service
  6. Configuring User Profiles and Social Networking
  7. Administering SharePoint Search
  8. Implementing Enterprise Service Applications
  9. Deploying and Upgrading to SharePoint 2010
  10. Administering SharePoint Customization
  11. Implementing Business Continuity
  12. Monitoring and Optimizing SharePoint Performance

As an added inducement to buy the book, it includes a discount voucher good for 15 percent off the price of one Microsoft Certification exam.

Again, Configuring Microsoft SharePoint 2010 is not a book for SharePoint beginners.

 The co-authors note: “The MCTS exam and this book assume that you have at least one year of experience configuring SharePoint and related technologies, including Internet Information Services (IIS), Windows Server 2008, Active Directory, DNS, SQL Server, and networking infrastructure services.”

The writers recommend using virtual machines to do the training exercises in their book. And they assume you will “use virtualization software that supports snapshots, so that you can roll back to a previous state after performing an exercise.”

They also give information and limitations on using multiple virtual machines on a single host. And their book providess download links to evaluation versions of the software needed to do the exercises.

The book’s accompanying CD offers one other learning convenience: an e-book version of the hefty text.

Si Dunn

Two New Microsoft Books for Visual Basic & Visual Studio – #programming #bookreview

The two new books are Microsoft Visual Basic 2010 Developer’s Handbook by Klaus Löffelmann and Sarika Calla Purohoit ($59.99, paperback;  $47.99, Kindle ), and Coding Faster: Getting More Productive with Microsoft Visual Studio by Zain Naboulsi and Sara Ford (list price $39.95, paperback;  list price $31.99, Kindle) .

If you don’t yet have some background in object-oriented programming, you may not be ready to have either of these hefty, well-produced books. But if you are gearing up to develop or update programs in Visual Basic, you likely can benefit from both.

Why both? The reason is simple. “These days,” the co-authors of the Developer’s Handbook point out, “programming in Visual Basic means that you are very likely to spend 99.999 percent of your time in Microsoft Visual Studio. The rest of the time you probably spend searching for code files from other projects and binding them into your current project…”

The Developer’s Handbook is divided into six well-written parts and 28 chapters, with plenty of screenshots, code examples and programming tips.

The parts are:

  1. Beginning with Language and Tools
  2. Object-Oriented Programming
  3. Programming with .NET Framework Data Structures
  4. Development Simplifications in Visual Basic 2010
  5. Language-Integrated Query—LINQ
  6. Parallelizing Applications (programming with the Task Parallel Library, TPL)

Most of the chapters have exercises where you can “interactively try out new material learned in the main text.” All of the code samples can be downloaded from two sites described in the book.

Meanwhile, the main goal of Coding Faster: Getting More Productive with Microsoft Visual Studio is “to arm you with techniques that you can apply immediately to improve productivity,” the book’s co-authors state. “Use the content in this book anywhere, anytime, to dramatically reduce the time required to perform just about any task in Visual Studio.”

They note: “Within these pages are—for the first time ever—the keyboard mapping shortcuts, commands, and menu paths for features, along with detailed descriptions of how to use them.”

Coding Faster covers the 2005, 2008 and 2010 versions of Visual Studio. The 444-page book is divided into two major sections – “Productivity Techniques” and “Extensions for Visual Studio”—and eight chapters, all copiously illustrated with screenshots. The chapters are:

  1. Getting Started
  2. Projects and Items
  3. Getting to Know the Environment
  4. Working with Documents
  5. Finding Things
  6. Writing Code
  7. Debugging
  8. Visual Studio Extensions

Coding Faster is a “fully revised and expanded version” of a previous guidebook: Visual Studio Tips: 251 Ways to Improve Your Productivity, and the new book (more than 365 tips) provides a link to an online appendix for additional tips.

If you have some programming experience but are new to developing or updating Visual Basic programs, Coding Faster could be a very handy guidebook for getting good at Visual Studio in a hurry.

Si Dunn

CoffeeScript: Accelerated JavaScript Development – #bookreview #programming

CoffeeScript: Accelerated JavaScript Development
By Trevor Burnham
(Pragmatic Bookshelf, $29.00, paperback)

JavaScript was thrown together in 10 days and “was never meant to be the most important programming language in the world,” says Trevor Burnham, a web developer and founder of DataBraid, a startup focused on “developing data analysis and visualization tools.”

Yet, JavaScript was “understood by all major browsers,” despite their numerous differences, and it quickly became the “lingua franca of the Web,” he says in his well-written new book.

JavaScript also became a headache for many programmers struggling to learn it well enough to provide support and develop new applications.

“JavaScript is vast…[and] offers many of the best features of functional languages while retaining the feel of an imperative language,” Burnham notes. “This subtle power is one of the reasons that JavaScript tends to confound newcomers: functions can be passed around as arguments and returned from other functions; objects can be passed around as arguments and returned from other functions; objects can have new methods added at any time; in short, functions are first-class objects.”

Unfortunately, “JavaScript doesn’t have a standard interpreter,” he adds. “Instead, hundreds of browsers and server-side frameworks run JavaScript in their own way. Debugging cross-platform inconsistencies is a huge pain.”

Enter CoffeeScript, first released on Christmas Day, 2009 as “JavaScript’s less ostentatious kid brother.”

Coding in CoffeeScript requires fewer characters and fewer lines. And “the compiler tries its best to generate JavaScript Lint-compliant output, which is a great filter for common human errors and nonstandard idioms,” Burnham writes.

Another benefit: “CoffeeScript code and JavaScript code can interact freely,” he notes.

His book, aimed at CoffeeScript newcomers, assumes you have at least a little knowledge of JavaScript. But you don’t have to be a JavaScript Ninja, he assures.

He starts at the classic “Hello, world” level of CoffeeScript, including installing the CoffeeScript compiler, deciding which text editors are best, and learning how to write and debug simple CoffeeScript code.

From there, he moves quickly into showing you how to put CoffeeScript to work and develop a simple multiplayer game.

There are several different ways to run CoffeeScript, and there are different requirements, depending on whether your machine is Mac, Windows or Linux. Burnham describes these in his text and in an appendix, and he gives links to more information.

He also shows how to use a browser-based compiler for developing his book’s example application. But he does not recommend using the browser-based compiler for production work.

His book has six chapters and four appendices:

  • Chapter 1 – Getting Started
  • Chapter 2 – Functions, Scope, and Context
  • Chapter 3 – Collections and Iteration
  • Chapter 4 – Modules and Classes
  • Chapter 5 – Web Interactivity with jQuery
  • Chapter 6 – Server-Side Apps with Node.js
  • A1 – Answers to Exercises
  • A2 – Ways of Running CoffeeScript
  • A3 – Cheat Sheet for JavaScripters
  • A4 – Bibliography

CoffeeScript: Accelerated JavaScript Development offers a focused blend of examples and exercises to help speed up basic competency with CoffeeScript. In learning how to build the multiplayer game application, you use CoffeeScript to write both the client (with jQuery) and the server (with Node.js).

Since CoffeeScript and JavaScript are intertwined, you also can gain a better understanding of JavaScript by learning to code in CoffeeScript, ” Burnham promises.

In a foreword to the book, CoffeeScript’s creator, Jeremy Ashkenas, hails Burnham’s work as “a gentle introduction to CoffeeScript led by an expert guide.”

It lives up to that good billing, with many short code examples and many short tutorials and exercises that can lead quickly to building both a working app and a working understanding of CoffeeScript.

Si Dunn

Privacy and Big Data – #bookreview #nonfiction

Privacy and Big Data
By Terence Craig and Mary E. Ludloff
(O’Reilly Media, $19.99, paperback; $16.99, Kindle)

Worried about the safety of your personal data?

That genie, unfortunately is long out of the bottle—and very likely spread all over the planet now.

In Privacy and Big Data, authors Terence Craig and Mary E. Ludloff provide an eye-opening examination of “how the digital footprints we leave in our daily lives can be easily mashed up and, through expertise and technology, deliver startling accurate pictures of our behavior as well as increasingly accurate predictions of our future actions.”

Those digital pictures of who we are, who we vote for, what we buy and where we go can be worth a great deal of money and/or power to those who collect them. Indeed, they constitute “big data” and can be worth much more than gold, Craig and Ludloff contend.

“Far more is known today about us as individuals than ever before. How organizations, businesses, and government agencies use this information to track and predict our behavior is becoming one of the fundamental issues of the 21st century,” they state.

Privacy and Big Data is not a lengthy book, just 106 pages. Yet it packs plenty of punch in the form of useful, unsettling and sometimes surprising information, as well as thought-provoking examples, discussions and questions. The two writers – “executives from a growing startup in the big data and analytics industry” – draw upon extensive experience “deal[ing] with the issues of privacy every day as we support industries like financial services, retail, health care, and social media.”

Their well-written work is organized into five chapters and an appendix. Each chapter, meanwhile, has its own bibliography with links to additional materials and information.

Chapter 1, “The Perfect Storm,” looks at what has happened to privacy in the digital age and how we got to this point, starting with ARPANET (the “(Advanced Research Projects Agency Network”) in 1969, which later gave rise to the Internet. In the authors’ view: “There is a perfect storm brewing; a storm fueled by innovations that have altered how we talk and communicate with each other. Who could have predicted 20 years ago that the Internet would have an all-encompassing effect on our lives? Outside of sleeping, we are connected to the Web 24/7, using our laptops, phones, or iPads to check our email, read our favorite blogs, look for restaurants and jobs, read our friends’ Facebook walls, buy books, transfer money, get directions, tweet and foursquare our locations, and organize protests against dictatorships from anywhere in the world. Welcome to the digital age.”

Chapter 2, “The Right to Privacy in the Digital Age,” focuses on “what privacy encompasses, how our privacy norms have been shaped in the U.S. and abroad, the tension between privacy and other freedoms (or lack thereof), and how, for those of us who fully participate in all the digital age has to offer, it may very well be the end of privacy as we know it.”

Chapter 3, “The Regulators,” explores how the world has many geographical boundaries, from national borders down to city limits and even smaller demarcations, including individual agencies, departments and committees. Businesses large and small also operate within specific structural boundaries. Yet the Internet, the authors point out, recognizes no such limits. they examine “how…countries regulate the collection, use, and protection of their citizen’s personal information,” amid countless competing governmental and business agendas.

In Chapter 4, “The Players,” the authors warn: “Wherever you go, whatever you do, anywhere in this world, some ‘thing’ is tracking you. Your laptop, and other personal devices, like an iPad, Smartphone, or Blackberry, all play a role, and contribute to building a very detailed dossier of your likes, concerns, preferred airlines, favorite vacation spots, how much money you spend, political affiliations, who you’re friends with, the magazines you subscribe to, the make and model of the car you drive, the kinds of foods you buy, the list goes on.” The writers identify four broad categories of data grabbers and note that “while the[se] players are playing, consumer privacy continues to erode.” They discuss some specific things you can do to try to reduce your exposure. But, they caution, “What happens on the Internet stays on the Internet forever.”

Finally, in Chapter 5, “Making Sense of It All,” the authors pose several challenging questions and offer their views on possible answers. The questions include: “In the digital world we now inhabit, is privacy outmoded or even possible? Should we just get over it and move on? Should we embrace transparency and its many benefits and disadvantages? And if we do, or have it forced upon us, can we expect the same from our governments, our corporations, and powerful individuals? Will they be held to the same standard? If not, since information is power, what will our world look like?”

Two writers seldom agree on everything, and that is true in this book. In their Appendix titled “Afterword,” Craig and Ludloff state that they have tried to present a wide range of views on important questions, yet sometimes differ in their personal views regarding privacy and big data. They offer brief summaries of where they came from and how their viewpoints have been shaped by life events.

In a world where computers, phones, cars, cameras and many other household, work and public devices gather, store and disseminate data about us, this book can help readers think harder about what information — and freedoms — we may be giving up, willingly and unwittingly, in the name of convenience and connectivity.

Si Dunn

#