Absolute OpenBSD: Unix for the Practical Paranoid, 2nd Edition – A good & long-overdue update – #bookreview

Absolute OpenBSD, 2nd Edition
Unix for the Practical Paranoid
Michael W. Lucas
(No Starch Press – Kindle, paperback)

This updated new edition likely will be hailed — and rightly so — as a major event by many dedicated users of OpenBSD. After all, the first edition of Michael W. Lucas’ book was published a full decade ago, back when, the author concedes, he still had hair.

OpenBSD’s founder and long-time administrator Theo de Raadt has called this new edition both “[t]he definitive book on OpenBSD” and “a long-overdue refresh.” The praise can’t get much higher in OpenBSD-land.

OpenBSD is a highly secure, Unix-like operating system frequently used in Domain Name System (DNS) servers, routers, and firewalls. It also can run on a wide array of computer hardware, ranging from new systems to old VAXes, 386 machines, Apple’s PowerPC Macintoshes, and most products from Sun.

“Old systems can run OpenBSD quite well,” Lucas notes. “I’ve run OpenBSD/i386 quite nicely on a 166 MHz processor with 128MB of memory. You probably have some old system lying around that’s perfectly adequate for learning OpenBSD.”

Indeed, he explains, “As a matter of legacy, OpenBSD will run on hardware that has been obsolete for decades because the hardware was in popular use when OpenBSD started, and the developers try to maintain compatibility and performance when possible.”

The OpenBSD software has an intriguing and complex history that involves the 1980s breakup of AT&T, lots of lawsuits, the Berkeley Software Distribution (BSD) project, the University of California, and the eventual emergence of the “BSD license.” The result was “perhaps the freest of the free operating systems,” Lucas says.

Today, Lucas emphasizes, “OpenBSD strives to be the most secure operating system in the world.” OpenBSD developers constantly work to try to “eliminate [security] problems before they exist,” he states.

“OpenBSD is a gift. You’re free to use it or not. As with any gift, you can do whatever you want with it. But you’re not free to bug the developers for features or support.”

His 491-page second edition offers a heavy dose–23 chapters–of how-to instructions. And readers are encouraged to read OpenBSD’s man (manual) pages online. In a book where the first chapter is titled “Getting Additional Help” and the second is titled “Installation Preparations,” you can guess that this is not aimed at absolute newcomers. Actually, Lucas says: “This book is written for experienced Unix users or system administrators who want to add OpenBSD to their repertoire.”

Still, if you want to learn and use OpenBSD, you will need this book — and some online documentation and very likely some advice from the OpenBSD community, as well. There don’t seem to be recent introduction-level books floating around. However, there are a few tutorial sites, including this one. And OpenBSD.org maintains a list of support and consulting specialists. Training also is available from a number of companies that can be found via the Web.

If you want to use OpenBSD but not spend much time learning it, you also can purchase a support contract and let someone else set up and maintain your system. Even then, you likely will want to have this new edition of Absolute OpenBSD handy for reference–and for learning, just in case, down the line, you change your mind.

Si Dunn

Learning Unix for OS X Mountain Lion – Working with the Terminal and Shell – #bookreview

Learning Unix for OS X Mountain Lion
(O’Reilly, paperbackKindle)

 When I showed this book–and its “Going Deep with the Terminal and Shell”–tagline to my Mac-centric wife, her first response was: “Why?”

Her Macintosh, she declared, already does everything she needs it to do, with no fuss. Why bother with terminals and shells–and Unix?

I, on the other hand, started working with computers back in the days when everything was done at the command line, programs and data were stored on recording tape, and 48K of RAM was stunning state of the art.

So I am happy with Dave Taylor’s observation in his new book that “there are over a thousand Unix commands included with OS X—and you can’t see most of them without accessing the command line. From sophisticated software development environments to web browsers, file transfer utilities to encryption and compression utilities, almost everything you can do in the Aqua interface—and more—can be done with a few carefully chosen Unix commands.”

Indeed, he notes, “…dipping into the primarily text-based Unix tools on your OS X system gives you more power and control over both your computer and your computing environment.”

He lists some other, enticing reasons to learn and use the Unix tools available in OS X. There are, for example, “thousands of open source and otherwise freely downloadable Unix applications,” including the GNU Image Manipulation Program (GIMP) that is a convenient and affordable alternative to Adobe Photoshop.

“Fundamentally,” he says, “Unix is all about power and control.”

My wife is still not convinced having this power and control is necessary or important to  how she uses her Mac. But I predict many others will want to get this book.

It is an excellent how-to guide, with 214 pages organized into 10 chapters:

  • 1. Why Use Unix?
  • 2. Using the Terminal’
  • 3. Exploring the File System
  • 4. File Management
  • 5. Finding Files and Information
  • 6. Redirecting I/O
  • 7. Multitasking
  • 8. Taking Unix Online
  • 9. Of Windows and X11
  • 10. Where to Go from Here

Learning Unix for OS X Mountain Lion is well written and nicely illustrated with step-by-step Unix command examples, results displays, screen shots, and tips. It doesn’t try to cover everything, nor get too deep into detail.

Dave Taylor’s new book comfortably meets its goal of showing savvy OS X users how to use “all the basic commands you need to get started with Unix.”

There is, he points out, “a whole world of Unix inside your OS X system, and it’s time for you to jump in and learn how to be more productive and more efficient, and gain remarkable power as a Mac user.”

Si Dunn

Learning Unix for OS X Mountain Lion
For more information: paperbackKindle

Version Control with Git, 2nd Ed. – Bring order to software development’s collaborative chaos – #bookreview #programming

Version Control with Git, 2nd Edition
Jon Loeliger and Matthew McCullough
(O’Reilly, paperbackKindle)

When I first took a job in software development, individual programmers controlled code versions themselves, and they jealously guarded their releases with back-ups on multiple diskettes – 5.25” diskettes. The real floppies. (Yep, I’m so old I actually worked with a few 8-inch floppies, too.)

It’s a different world now. Code for one project often is developed, modified, tested and controlled by groups of people, sometimes big groups. And many of those who work with the project’s code are scattered all over the planet.

Thus, maintaining version control and keeping good backups are major management challenges for software developers today. There’s no more going home after work with 10 big floppies in your briefcase as a hedge against your office burning down overnight.

Git is a popular, if somewhat difficult, tool for tracking, branching, merging, and managing code revisions. The authors of Version Control with Git favor the term “version control system (VCS)” for this and other software packages that perform similar functions. (“Source code manager (SCM)” is another popular label.)

In their updated and expanded 2nd edition, here is how they sum up the imperative for strong version control:

“No cautious, creative person starts a project nowadays without a back-up strategy. Because data is ephemeral and be lost easily—through an errant code change or catastrophic disk crash, say— it is wise to maintain a living archive of all work. For text and code projects, the back-up strategy typically includes version control, or tracking and managing revisions. Each developer can make several revisions per day, and the ever-increasing corpus serves simultaneously as repository, project narrative, communication medium, and team and project management tool. Given its pivotal role, version control is most effective when tailored to the working habits and goals of the project team.”

Whether you do or do not yet have experience with a version control system, you can glean important information and numerous useful tips from this book’s 21 chapters and 434 pages. Version Control with Git covers a lot of vital ground in a well-organized how-to fashion, with plenty of code samples and related illustrations.

One example out of its many key lessons: “As the developer of content for a project using Git, you should create your own private copy, or clone, of the repository to do your development. This development repository should serve as your own work area where you can make changes without fear of colliding with, interrupting, or otherwise interfering with another developer.”

In another key lesson, they show how to use git stash, “the mechanism for capturing your work in progress, allowing you to save it and return to it later when convenient….the stash is a quick convenience mechanism that allows a complete and thorough capturing of your index and working directory in one simple command. It leaves your repository clean, uncluttered, and ready for an alternate development direction. Another single command restores that index and working directory state completely, allowing you to resume where you left off.”

In a software development environment where everything is a crisis and priorities change hourly on what should have been finished yesterday, git stash save and git stash pop may become two of your favorite commands.

The book describes installing versions of Git for Linux and Microsoft Windows, and for running within Cygwin. It also can be run on Mac OS X and Solaris systems. Meanwhile, most of the book’s chapters focus on using the Git command line tool. But the new 2nd edition also devotes a chapter to what many Git users consider the most vital tool that has emerged from the big online community that now surrounds Git: GitHub.com.

Developers often clone a repository from GitHub. Several types of public and private repositories also can be created there. And so-called “social coding” is available. Indeed, many open source projects are hosted on GitHub, and some of them attract people who simply watch the coding, while others do coding in personal “forks” that may or not prove helpful to those more officially involved in the project. Yet another popular use of GitHub is finding useful code examples in particular programming languages.

Whether Git is in your working future or it’s already here, or if you’re still wondering if it can help you, definitely check out Version Control with Git.

Si Dunn

Build Awesome Command-Line Applications in Ruby – #programming #bookreview

Build Awesome Command-Line Applications in Ruby
David Bryant Copeland
(Pragmatic Bookshelf,
paperback)

The word “awesome” now is grossly overused in contemporary culture. And I hate it in book titles.

That being said, Build Awesome Command-Line Applications in Ruby is an excellent how-to guide, particularly if you have a little bit of UNIX and some basic Ruby programming in your background.

The book is “aimed at both developers and system administrators who have some familiarity with Ruby and who find themselves automating things on the command line (or wish they could),” David Bryant Copeland writes. And he adds: “Writing command-line apps in Ruby is also a great way to really learn Ruby and become a better programmer, since you can apply it directly to your day-to-day tasks.”

Mac and Linux users will have the easiest time with this book’s code examples. Things get a little bit more complicated for Windows users, especially those with no UNIX experience and not much programming background, either. The author, fortunately, lays out some workarounds.

For example, on UNIX systems, the first line of code commonly is called the shebang. In a piece of Ruby code, the shebang might look something like this: #!/usr/bin/ruby. (That example tells where the Ruby interpreter is installed.) But, at a Windows command prompt, if Ruby has been installed correctly and is in the path, the # character simply will be interpreted as the start of a comment line, and the rest of the shebang will be ignored when code is run directly, such as: ruby hello_world.rb.

In this book, David Bryant Copeland’s focus definitely is code. “There is a lot of code,” he says, “and we’ll do our best to take each new bit of it step by step.” As the book progresses, two command-line applications are developed, enhanced, and improved. One is a database-backup app, and the other is a command suite, “an app that provides a set of commands, each representing a different function of a related concept.”

This is not a Ruby primer, so get some experience in that language first before tackling this book. But if you are now reasonably comfortable with Ruby coding on a graphical user interface (GUI) and want some new challenges, consider moving to the command line and use this excellent book as your guide.

The requirements are minimal: a free Ruby download and a text editor or a UNIX-like shell. But the payoff is very good.

In his 10 chapters, the author discusses and illustrates “every detail of command-line application development, from user input, program output, and code organization to code handling, testing, and distribution” while the two example applications are created, tested, and enhanced.

There is plenty to learn, and Build Awesome Command-Line Applications in Ruby does a fine job of  leading you through the process in short-chapter steps.

Si Dunn

Three new specialized how-to books for SharePoint, JQuery & Mac OS X Lion Server – #bookreview #in #programming

Here are three new books for those with at least some basic to intermediate experience with Microsoft SharePoint, or web development, or Mac OS X Lion.

Microsoft SharePoint 2010: Creating and Implementing Real-World Projects
By Jennifer Mason, Christian Buckley, Brian T. Jackett, and Wes Preston
(Microsoft Press,
paperback, list price $34.99; Kindle edition, list price $27.99)

If you have some background in Microsoft SharePoint and want to dig deeper, this book can help you learn how to use SharePoint to create real-world solutions to ten common business problems.

Each chapter is devoted to a single project, such as creating a FAQ system to help users quickly find answers to their questions, setting up a help desk solution to track service requests, or building a simple project management system.

The projects are based on “various scenarios encountered by the authors as we have used SharePoint as a tool to build solutions that address business needs….Each of the solutions has been implemented in one or more organization,” they state.

Do not jump into Microsoft SharePoint 2010: Creating and Implementing Real-World Projects until you have gained “a general understanding of the basics of SharePoint,” the authors caution. And note that SharePoint is not easily defined as one “type” of product.

If you keep in mind the process of building a house, they write, “SharePoint is like the various tools and materials, and the final business solutions you build are like the house. There are many features and tools in SharePoint, and within this book, you will see different ways to combine and structure them into business solutions.”

Their 403-page book is well written and cleanly organized with short paragraphs and many headings, step lists and illustrations. It also has an extensive index.

#

JQuery: Novice to Ninja, 2nd Edition
By Earle Castledine and Craig Sharkie
(SitePoint,
paperback, list price $39.95; Kindle edition, list price $29.95)

Technology changes fast, and web developers curious about JQuery will welcome this updated edition of Earle Castledine’s and Craig Sharkie’s book that first appeared in 2010.

This also is not a book for beginners. “You should,” the authors note, “already have intermediate to advanced HTML and CSS skills, as JQuery uses CSS-style selectors to zero in on page elements. Some rudimentary programming knowledge will be helpful to have,” they add, “as JQuery—despite its clever abstractions—is still based on JavaScript.” 

The authors offer high praise for the power of JQuery: “Aside from being a joy to use, one of the biggest benefits of JQuery is that it handles a lot of infuriating cross-browser issues for you. Anyone who has written serious JavaScript in the past can attest that cross-browser inconsistencies will drive you mad.”

They describe how to download and include the latest version of JQuery in web pages. And their book is organized to introduce JQuery features and code examples while also showing you, step by step, how to build a complete working application.

JQuery: Novice to Ninja, 2nd Edition has plenty of illustrations and is well indexed and written in a friendly, approachable style. 

#

Using Mac OS X Lion Server
By Charles Edge
(O’Reilly,
paperback, list price $29.99; Kindle edition, list price $23.99)

Yes, intermediate and advanced system administrators will find some useful information in this well-written and nicely illustrated guide.

“But the book,” says author Charles Edge, “is really meant for new system administrators: the owner of the small business, the busy parent trying to manage all of those iPhone and iPads the kids are running around with, the teacher with a classroom full of iMacs or iPads, and of course, the new podcaster, just looking for a place to host countless hours of talking about the topic of her choice.”

What Using Mac OS X Lion Server  does not cover is “managing a Lion Server from the command line, scripting client management, or other advanced topics.”

The topics it does cover include: Planning for and installing a server; sharing and backing up files; sharing address books, calendars, and iChat; Wikis, webs and blogs; building a mail server; building a podcasting server; managing Apple computers and iOS devices; network services; and deploying Mac OS X computers.

The author cautions: “In many ways, the traditional system administrator will find Lion challenging in its consumeristic approach. There is a lot of power under the hood, but the tools used to manage the server have been simplified so that anyone can manage it, not just veteran Unix gods.”

#

Si Dunn is a novelist, screenwriter, freelance book reviewer, and former software technical writer and software/hardware QA test specialist. He also is a former newspaper and magazine photojournalist. His latest book is Dark Signals, a Vietnam War memoir. He is the author of an e-book detective novel, Erwin’s Law, now also available in paperback, plus a novella, Jump, and several other books and short stories.

Machine Learning for Hackers – Analyzing & displaying data using R – #bookreview #in #programming

Machine Learning for Hackers
By Drew Conway and John Myles White
(O’Reilly,
paperback, list price $39.99; Kindle edition, list price $31.99)

The word “hacker has a very bad reputation in many parts of the computer world.

This book’s two authors, however, offer a different and much more positive view. “Far from the stylized depictions of nefarious teenagers or Gibsonian cyber-punks portrayed in pop culture, “they write, “we believe a hacker is someone who likes to solve problems and experiment with new technologies.”

In their view: “If you’ve ever sat down with the latest O’Reilly book on a new computer language and knuckled out coded until you were well past ‘Hello, World,’ then you’re a hacker. “ You’re also a hacker, in their view, “if you’ve dismantled a new gadget until you understood the entire machinery’s architecture….”

As for machine learning, they define it “[a]t the highest level of abstraction…as a set of tools and methods that attempt to infer patterns and extract insight from a record of the observable world.” In more concrete terms, machine learning “blends concepts and techniques from many different traditional fields, such as mathematics, statistics, and computer science.” At the computer programming level, machine learning is defined as “a toolkit of algorithms that enables computers to train themselves to automate useful tasks.”

Conway’s and White’s new book, Machine Learning for Hackers, is rich with challenges for experienced programmers who love to crunch data. Its code examples use the R programming language, a “software environment for statistical computing and graphics.” It can be downloaded free for Windows, MacOS, or a variety of UNIX platforms from The R Project for Statistical Computing.

What you don’t get in this book is an R language tutorial. Instead of “Hello, World!” in the introductory chapter, you jump straight into working with a very interesting data set and generating histograms dealing with distributions of UFO sightings.

It is assumed that you have done some programming, and the authors note that you can find basic R tutorials online or in other books.

With a case-studies approach, each chapter of the 303-page book focuses on a particular problem in machine learning, and the authors show how to analyze sample databases and create simple machine learning algorithms.

The chapters are:

  1. Using R
  2. Data Exploration
  3. Classification: Spam Filtering
  4. Ranking: Priority Inbox
  5. Regression: Predicting Page Views
  6. Regularization: Text Regression
  7. Optimization: Breaking Codes
  8. PCA [principal components analysis]: Building a Market Index
  9. MDS [multidimensional scaling]: Visually Exploring US Senator Similarity
  10. kNN [The k-Nearest Neighbors algorithm]: Recommended Systems
  11. Analyzing Social Graphs
  12. Model Comparison

Some of the other projects the authors present include: using linear progression to predict the number of page views for 1,000 top websites; doing statistical comparisons and contrasts of U.S. Senators based on their voting records; and building “a ‘who to follow’ recommendation engine” for Twitter that doesn’t violate Twitter’s terms of service or its API’s “strict rate limit.”

Conway and White offer some fairly heady and challenging learning experiences for those who would like to work with pattern recognition algorithms and big piles of data.

“The notion of observing data, learning from it, and then automating some process of recognition is at the heart of machine learning,” the authors note, “forms the primary arc of this book.”

#

Si Dunn is a novelist, screenwriter, freelance book reviewer, and former software technical writer and software/hardware QA test specialist. He also is a former newspaper and magazine photojournalist. His latest book is Dark Signals, a Vietnam War memoir. He is the author of an e-book detective novel, Erwin’s Law, now also available in paperback, plus a novella, Jump, and several other books and short stories.

 

Programming Perl, 4th Ed. – The long-awaited update has arrived – #bookreview #programming #in #perl

Programming Perl, 4th Edition
By Tom Christiansen, brian d foy and Larry Wall, with Jon Orwant
(O’Reilly, paperback, list price $54.99)

Since 1991, Programming Perl has been considered both the Bible of Perl and the go-to reference guide for those who use this popular “mixed heritage” programming language.

Publication of this newly updated edition is good news for the legions of programmers who use Perl every day or are in the process of learning it.

Programming Perl last was updated 12 years ago, just when Perl v5.6 was being released. The current Perl release is v5.14, and, as the authors note, “Perl v5.16 is coming out soon.” This 4th edition focuses on v5.14 and its major new features and improvements. But it also previews features that will be offered in v5.16.

The new edition (1130 pages) has several new chapters for Perl programmers, and a few now-out-of-date chapters and experiments have been removed. Among the updates are “greatly improved” Unicode support, “even better” regular expressions, and more emphasis on CPAN (the Comprehensive Perl Archive Network), to highlight just a few.

This is not a guide for programmers planning to tinker Perl 6. The authors contend: “Perl 6 is really a ‘kid sister’ language to Perl 5, and not just a major update to Perl 5 that version numbers have trained you to expect. This book isn’t about that other language. It’s still about Perl 5, the version that most people in the world (even the Perl 6 folks) are still using quite productively.”

Perl was “[i]nitially designed as a glue language for Unix,” they add. So there is a distinct Unix bias even at the “Hello World” level in this book, and this may leave some Windows-centric beginners lost, puzzled and turning to the web for basic tips on how to program in Perl on Windows machines.

Perl novices, in fact, should not start just with this book but add it once they know they plan to stick with Perl programming. The authors recommend beginning first with Learning Perl by Randal Schwartz, brian d foy, and Tom Phoenix. They also provide an extensive list of other documents and resources for beginning, intermediate and expert Perl programmers.

Nonetheless, the authors states that “Perl is an easy language to learn and use, and we hope to convince you that we’re right. One thing that’s easy about Perl is that you don’t have to say much before you say what you want to say.”

Easy to learn, yes. But there’s also a lot to learn, as this well-written, hefty book shows and illustrates.

#

Si Dunn is a novelist, screenwriter, freelance book reviewer, and former software technical writer and software/hardware QA test specialist. He also is a former newspaper and magazine photojournalist. His latest book is Dark Signals, a Vietnam War memoir available soon in paperback. He is the author of a detective novel, Erwin’s Law, a novella, Jump, and several other books and short stories.

Node for Front-End Developers – Writing server-side JavaScript applications – #bookreview #in

Node for Front-End Developers
By Garann Means
(O’Reilly, paperback, list price $14.99; Kindle edition, list price $7.99)

Node is a JavaScript platform used to create server-side applications, communicate with the client, work with data, create dynamic web pages, and handle other tasks.

According to the Joyent Incorporated’s nodejs website: “Node.js is a platform built on Chrome’s JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.”

Node’s library has many modules created by developers who have focused on automating server-side development. But Garann Means’ new, 45-page book shows how you can get started programming for back-end servers using Node and JavaScript.  

Node.js is easy to download.  And, according to Node for Front-End Developers: “Node is easy to set up or very easy to set up. Node runs on Unix-compatible systems and, more recently, Windows.”

The how-to-get-started instructions, however, are a bit sparse in this thin book, and virtually nonexistent for Windows. Beginners who don’t have much experience with JavaScript may puzzle over a number of basic “What now?” and “WTF?” issues. 

Sparse information for Node beginners, however, is not limited to Node for Front-End Developers. I checked several other sources of  Node documentation and found similar problems. You’re just supposed to know this stuff, I guess. 

As one example, I followed the book’s instructions to create Node’s important package.json file, then discovered that what I had downloaded from Nodejs already contained a package.json file. In fact, it was now in several subdirectories. Was I supposed to edit it, instead? Delete it and replace it with my file? Had I just screwed up the installation by creating my own file?

After a lot of horsing around with node and npm at the command line and getting strange results at the not-quite “Hello World” level, I happened across a small note on the GitHub.com website. It stated that Node’s “Windows builds are not yet satisfactorily stable but it is possible to get something running.”

Especially if you resort to package managers to help you out.  And maybe get assistance from a Node guru. [See UPDATE below.]

Yes, I was indeed attempting a Windows setup, and I did get Node to partially work. But after several tries at reinstalling, rebooting, debugging, and attempting to supplement the book with conflicting bits of  information downloaded from the web, I gave up having “fun” with Node. (UPDATE: Recently, I reviewed my command line procedures a bit, looked again at my files and subdirectory structure and tried again. This time, Node works fine at the “Hello, World” level and beyond. I stand by my criticism that this book’s how-to-get-started instructions should be made clearer for Windows users. But I am at fault, too, for not figuring out what I was doing wrong much sooner.)  

Your results likely will be much better than mine, especially if you have more than novice experience with JavaScript.  and are using something other than (and better than?) a Windows machine. 

As for Node for Front-End Developers, the rest of the book appears to be an easy-to-use guide to getting a basic understanding of the Node platform. The code examples look good and are preceded by well-written explanations. I have now tested some of them successfully and plan to try a few of the longer, more-complex examples soon. wish I could have tested more of them. But I intend to keep this book and try Node again once easier and more stable Windows options are available.

The book’s chapters are:

  • Chapter 1, Getting Node Set Up
  • Chapter 2, Serving Simple Content
  • Chapter 3, Interaction with the Client
  • Chapter 4, Server-Side Templates
  • Chapter 5, Data Sources and Flow Control
  • Chapter 6, Model-View-Controller and Sharing Code

How-to-get-started instructions are vital in any programming and developer’s book, in my view. And they need careful preparation and presentation for every major operating system that is supported.

Countless beginners are looking for new programming and development paths and challenges, and many of them will buy books that are beyond their experience level so they can try to learn faster and backfill as they go. Most of them also won’t have the latest-and-greatest hardware and software. Therefore, minimum requirements need to be spelled out clearly, as well.

Don’t let my blunderings with Windows dissuade you from considering this book. Node has been hot, and if you have JavaScript experience at the browser level, Node for Front-End Developers can help you learn how to work on back-end servers, too.

It pays to be versatile in today’s fast-paced tech world.

But yeah, I probably do need a Mac and a Linux machine flanking my Windows PC.

#

Si Dunn is a novelist, screenwriter, freelance book reviewer, and former software technical writer and software/hardware QA test specialist. His latest book is Dark Signals, a Vietnam War memoir available soon in paperback. He also is the author of a detective novel, Erwin’s Law, a novella, Jump, and several other books and short stories.

Inside Cyber Warfare, 2nd Edition – You’re at the front line & you can’t retreat – #bookreview

Inside Cyber Warfare (2nd Edition)
By Jeffery Carr
(O’Reilly, paperback, list price $39.99; Kindle edition, list price $31.99)

A global war for survival is in full battle, and you — or at least one or more of your computers — may now be right at the front line, already in the fight.

Actually, in cyber warfare, there is no “front line.”  As this important book makes unnervingly clear, attacks on business and military data, on financial systems, and on personal information now can — and do — come at any time from anywhere on the planet.

The attackers can be governments, military units, criminal groups, terrorist organizations, hacker gangs, lone-wolf thieves and even mischief makers with little or no agenda except chaos. And what seems to be a damaging infiltration from one nation actually may be controlled by, and coming from, computers in several other nations.

Indeed, some recently successful and damaging attacks against supposedly well-secured systems have been launched from sites very difficult to identify, using networks of infected computers scattered across several continents, including the United States. And the owners of the infected computers had no idea their machines were involved.

Jeffrey Carr’s updated book is aimed at political and military leaders, policy makers,  and corporate executives responsible for securing data systems and sensitive information. Yet everyday computer users need to read it, too, to have a clearer sense of what we are all up against now. We must understand the risks well enough to help pressure lawmakers, corporate leaders and others to make good choices regarding data security and protecting intellectual property.

The author is a cyber intelligence expert and consultant whose specialty is investigating “cyber attacks against governments and infrastructures by state and non-state hackers.”

Carr’s well-written second edition covers such topics as: the cyber-warfare capabilities of a wide range of nation-states, from Australia and Nigeria to China, the Russian Federation and the United States; how organized crime operates and profits in cyberspace; the difficulty of responding to international cyber attacks as acts of war; and national and international legal issues that affect cyber warfare.

Some foreign governments, Carr points out, are believed to condone and even sponsor cyber attacks. Others are well aware of the digital lawbreakers operating within their borders, yet prosecute only a selected few cases. For example, Carr notes, “in the Russian Federation, the police are interested only in arresting hackers for financial crimes against Russian companies. Hacking attacks cloaked in nationalism are not only not prosecuted by Russian authorities, but they are encouraged…” through a variety of proxies.

Against technically savvy, well-funded and government-coddled hackers, your outdated virus protection software and your dogs’-names passwords are very thin, very porus shields, indeed. 

Carr offers a number of recommendations to American policymakers who must wrestle with Internet and data security issues, plus protection of intellectual property. One of his strongest recommendations is a call for the Department of Defense to throw Windows out the Pentagon’s windows and replace it with Red Hat Linux.

“Red Hat Linux,” he writes, “is a proven secure OS with less than 90% of the bugs found per 1,000 lines of code than in Windows. Many decision makers don’t know that it is the most certified operating system in the world, and it’s already in use by some of the US government’s most secretive agencies.” He adds: “Linux certainly has its vulnerabilities, but the math speaks for itself. Shoot Windows and eliminate the majority of the malware threat with one stroke.”

He also wants sharp crackdowns on “US companies that provide Internet services to individuals and companies who engage in illegal activities, provide false WHOIS information, and other indicators that they are potential platforms for cyber attacks.”

But anyone who connects a computer to the Internet and is active on social media needs to be aware of the risks and high stakes involved in the cyber warfare now being fought between and among governments, criminal groups, terrorist organizations, hacker gangs and lone-wolf troublemakers.

Even as you read this, your personal computer or your company’s servers may be secretly helping North Korea, Iran, China, a drug cartel or a lone, bored hacker launch a cyber attack somewhere else in the world.

You may not be a high-value data target. Yet, even with just one laptop computer, you can become an unwilling and unknowing foot soldier for the wrong side.

These are scary thoughts, and you can’t wish them away. Read this important book to get the big, unnerving picture.

Then start thinking–fast–of ways to better protect your computers, data, intellectual property and personal information.

Si Dunn‘s latest book is a detective novel, Erwin’s Law. His other published works include Jump, a novella, and a book of poetry, plus several short stories, including The 7th Mars Cavalry, all available on Kindle. He is a screenwriter, a freelance book reviewer, and a former technical writer and software/hardware QA test specialist.

PDF Explained – A lot more happens than meets the eye – #programming #bookreview

PDF Explained
By John Whitington
(O’Reilly, paperback, list price $19.99; Kindle edition, list price $9.99)

For many of us, a PDF is a PDF. And a file is just a file. As data goes by.

We give little thought to what actually happens when we download and read — or use word processing software to produce — a document in Portable Document Format, PDF, the International Organization for Standardization (ISO) standard for document exchange.

Yet as John Whitington, author of this informative and important new book, notes: “A typical PDF file contains many thousands of objects, multiple compression mechanisms, different font formats, and a mixture of vector and raster graphics together with a wide variety of metadata and ancillary content.”

Whitington’s clearly written and appropriately illustrated work is aimed at four specific groups of readers:

  1. “Adobe Acrobat users who want to understand the reasons behind the facilities it provides, rather than just how to use them. For example: encryption options, trim and crop boxes, and page labels.”
  2. “Power users who want to use command-line software to process PDF documents in batches by merging, splitting, and optimizing them.”
  3. “Programmers writing code to read, edit, or create PDF files.”
  4. “Industry professionals in search, electronic publishing, and printing who want to understand how to use PDF’s metadata and workflow features to build coherent systems.”

One of the first hands-on things you do in this book is build a small document in PDF from scratch using a simple text editor and pdftk, a free, open-source command line tool for Microsoft Windows, Mac OS X, and Unix. (Spoiler alert: The document will display the traditional “Hello, World!”)

Following the introduction and the chapter on building a simple PDF from scratch, the remaining eight chapters explore: 

  • File structure
  • Document structure
  • Graphics
  • Text and fonts
  • Document metadata and navigation
  • Encrypted documents
  • Working with pdftk
  • PDF software and documentation

 Whitington has the right background and credentials for creating PDF Explained.

He is, according to the book’s biographical blurb, “the author of one of the few complete PDF implementations, CamlPDF, which implements the PDF file format from the bit level up. After graduating from the University of Cambridge, he founded Coherent Graphics Ltd, developers of command line PDF tools for Windows, Mac OS X, and Unix, and the Proview PDF Editor for Mac OS X.”

Si Dunn‘s latest book is a detective novel, Erwin’s Law. His other published works include Jump, a novella, and a book of poetry, plus several short stories, including The 7th Mars Cavalry, all available on Kindle. He is a screenwriter, a freelance book reviewer and a former technical writer and software/hardware QA test specialist.