Machine Learning for Hackers – Analyzing & displaying data using R – #bookreview #in #programming

Machine Learning for Hackers
By Drew Conway and John Myles White
(O’Reilly,
paperback, list price $39.99; Kindle edition, list price $31.99)

The word “hacker has a very bad reputation in many parts of the computer world.

This book’s two authors, however, offer a different and much more positive view. “Far from the stylized depictions of nefarious teenagers or Gibsonian cyber-punks portrayed in pop culture, “they write, “we believe a hacker is someone who likes to solve problems and experiment with new technologies.”

In their view: “If you’ve ever sat down with the latest O’Reilly book on a new computer language and knuckled out coded until you were well past ‘Hello, World,’ then you’re a hacker. “ You’re also a hacker, in their view, “if you’ve dismantled a new gadget until you understood the entire machinery’s architecture….”

As for machine learning, they define it “[a]t the highest level of abstraction…as a set of tools and methods that attempt to infer patterns and extract insight from a record of the observable world.” In more concrete terms, machine learning “blends concepts and techniques from many different traditional fields, such as mathematics, statistics, and computer science.” At the computer programming level, machine learning is defined as “a toolkit of algorithms that enables computers to train themselves to automate useful tasks.”

Conway’s and White’s new book, Machine Learning for Hackers, is rich with challenges for experienced programmers who love to crunch data. Its code examples use the R programming language, a “software environment for statistical computing and graphics.” It can be downloaded free for Windows, MacOS, or a variety of UNIX platforms from The R Project for Statistical Computing.

What you don’t get in this book is an R language tutorial. Instead of “Hello, World!” in the introductory chapter, you jump straight into working with a very interesting data set and generating histograms dealing with distributions of UFO sightings.

It is assumed that you have done some programming, and the authors note that you can find basic R tutorials online or in other books.

With a case-studies approach, each chapter of the 303-page book focuses on a particular problem in machine learning, and the authors show how to analyze sample databases and create simple machine learning algorithms.

The chapters are:

  1. Using R
  2. Data Exploration
  3. Classification: Spam Filtering
  4. Ranking: Priority Inbox
  5. Regression: Predicting Page Views
  6. Regularization: Text Regression
  7. Optimization: Breaking Codes
  8. PCA [principal components analysis]: Building a Market Index
  9. MDS [multidimensional scaling]: Visually Exploring US Senator Similarity
  10. kNN [The k-Nearest Neighbors algorithm]: Recommended Systems
  11. Analyzing Social Graphs
  12. Model Comparison

Some of the other projects the authors present include: using linear progression to predict the number of page views for 1,000 top websites; doing statistical comparisons and contrasts of U.S. Senators based on their voting records; and building “a ‘who to follow’ recommendation engine” for Twitter that doesn’t violate Twitter’s terms of service or its API’s “strict rate limit.”

Conway and White offer some fairly heady and challenging learning experiences for those who would like to work with pattern recognition algorithms and big piles of data.

“The notion of observing data, learning from it, and then automating some process of recognition is at the heart of machine learning,” the authors note, “forms the primary arc of this book.”

#

Si Dunn is a novelist, screenwriter, freelance book reviewer, and former software technical writer and software/hardware QA test specialist. He also is a former newspaper and magazine photojournalist. His latest book is Dark Signals, a Vietnam War memoir. He is the author of an e-book detective novel, Erwin’s Law, now also available in paperback, plus a novella, Jump, and several other books and short stories.

 

Advertisements

A Bug Hunter’s Diary: A Guided Tour through the Wilds of Software Security – #programming #bookreview

A Bug Hunter’s Diary: A Guided Tour through the Wilds of Software Security
By Tobias Klein
(No Starch Press, paperback, list price $39.95; Kindle edition, list price $31.95)

If your passion or desire is to find and kill software bugs and fight hackers, you should check out this well-written how-to book.

Tobias Klein, an information security specialist, has tracked down many difficult bugs and identified security vulnerabilities in some of the world’s best-known software, including Apple’s iOS, the Mac OS X kernel, web browsers, and the VLC media player, among others.

Using a diary approach, plus code examples and illustrations, Klein describes a bug he has just discovered in a software package. Then he illustrates how it creates a security vulnerability that a hacker could exploit, and he describes how to fix or at least reduce its risks.

Chapters 2 through 8 each focus on separate bugs, and Klein includes a list of “lessons learned” for programmers who want to avoid creating similar problems.

Klein’s well-illustrated book is organized as follows:

  • Chapter 1: Bug Hunting – (a brief overview.)
  • Chapter 2: Back to the ‘90s – (shows how he discovered a bug and vulnerability in a Tivo movie file that allowed him to crash a VLC media player and gain control of the instruction pointer.)
  • Chapter 3: Escape from the WWW Zone – (illustrates how and where he found a bug in the Solaris kernel and the “exciting challenge” of demonstrating how it could be exploited for arbitrary code execution.)
  • Chapter 4: Null Pointer FTW – (describes “a really beautiful bug” that opened a vulnerability into “the FFmpeg multimedia library that is used by many popular software projects, including Google Chrome, VLC media player, MPlayer, and Xine to name just a few.”)
  • Chapter 5: Browse and You’re Owned – (discusses how he found an exploitable bug in an ActiveX control for Internet Explorer.)
  • Chapter 6: One Kernel to Rule Them All – (focuses on how he decided to search for bugs in some third-party Microsoft Windows drivers and found one in an antivirus software package.)
  • Chapter 7: A Bug Older than 4.4BSD – (how he found an exploitable bug in the XNU kernel OS X.)
  • Chapter 8: The Ringtone Massacre – (how he found an exploitable bug in an early version of the iPhone’s MobileSafari browser that enabled him to modify ringtone files and access the program counter.)
  • Appendix A: Hints for Hunting – (“…some vulnerability classes, exploitation techniques, and common issues that can lead to bugs.”)
  • Appendix B: Debugging – (about debuggers and the debugging process.)
  • Appendix C: Mitigation – (discusses mitigation techniques.)

Tobias Klein is the author of two previous information security books that were published in Germany. Because hackers use many of the same tools as those seeking to keep them out, there is an important limit on how much detail Klein is able to impart in this book.

As he notes in a disclaimer: “The goal of this book is to teach readers how to identify, protect against, and mitigate software security vulnerabilities. Understanding the techniques used to find and exploit vulnerabilities is necessary to thoroughly grasp the underlying problems and appropriate mitigation techniques. Since 2007, it is no longer legal to create or distribute “hacking tools” in Germany, my home country. Therefore, to comply with the law, no full working exploit code is provided in this book. The examples simply show the steps used to gain control of the execution flow (the instruction pointer or program counter control) of a vulnerable program.”

Si Dunn

Here’s the book scaring me this Halloween: America the Vulnerable – #bookreview #data #security

Subtitled “Inside the New Threat Matrix of Digital Espionage, Crime, and Warfare,” America the Vulnerable is written by Joel Brenner, former inspector general at the National Security Agency.

Brenner has recent experience at the highest levels in national intelligence, counterintelligence and data security. And he has studied firsthand many of the threats and attacks against our national, corporate and personal interests.

“During my tenure in government,” he writes, “I came to understand how steeply new technology has tipped the balance in favor of those–from freelance hackers to Russian mobsters to terrorists to states like China and Iran–who want to learn the secrets we keep, whether for national, corporate, or personal security.” He adds: “The truth I saw was brutal and intense: Electronic thieves are stripping us blind.”

Everything from Social Security numbers to technological secrets that cost billions to develop are being taken — stolen from military and corporate data networks and individual computers, possibly including yours.

His book will leave you wide-eyed and wondering who is surreptitiously poking around inside your computer right at this moment and what they are taking or “borrowing” for sinister purposes.

 Likely the Chinese and the Iranians and Russian mobsters and others, including hackers, are in there or have been there recently.

And Brenner explains how you may be unknowingly helping them find and transfer sensitive and vital information, even when you do something seemingly innocuous as plugging in a thumb drive to your laptop.

You won’t need to watch any monster movies to get scared this Halloween. Brenner’s book or its Kindle version can give you a very serious case of chills and frights. 

Si Dunn