Step away from the ‘smartphone’ and try using your hands and mind to make something – #bookreview

The Make: Series of How-to Books

A British scientist made headlines a few years ago when she warned that young people no longer make or repair things. It has become all too easy for them now, she cautioned, to simply throw away old or broken devices and buy new ones.

A key point was that many things currently being discarded could be fixed or refurbished and put to new uses. It would just take a little effort, a little learning, and some imagination.

I ran into some of that “no longer make or repair things” attitude a few years ago while working temporarily as a substitute teacher. If you have ever been a substitute in a public high school or middle school, you likely know that students often view “subs” as an excuse to pay absolutely no attention to anything he or she says.

When I could get no interest or response to the day’s assigned work in a science class, I tried introducing a challenge: Imagine you have become stranded on a desert island in the Pacific Ocean, and you have just a few items with which to try to survive and attract the attention of a passing ship. The items ranged from coconuts and palm fronds to a pocket mirror, a small magnifying glass, a couple of cups, some string and a safety-pin.

I figured the kids might come up with some clever ways to (1) crack open the coconuts for food and liquid, (2) start a fire using a magnifying glass and dried palm fronds, (3) use the string and safety-pin to catch a fish to cook over the fire, (4) use the cups to boil seawater and capture the steam to make a little drinking water, and (5) prepare a separate pile of palm fronds to burn as a rescue signal to a passing ship.

Ha. At first, the students seemed intrigued and engaged by the challenge. They immediately started calling out survival “strategies.” Unfortunately, most of their ideas started with two concepts: “First, I’d go to the mall and buy…” or “First, I’d go online and buy….”

The reality of being stranded in isolation without immediate communication did not even register with them at first. When they did begin to try to imagine surviving without their smartphones, they quickly ran out of ideas and became sullen or antagonistic toward me.

This experience also became the straw that finally broke the back of my desire to continue as a substitute teacher. I had grown up at a time when making, tinkering, building, and repairing all were noble pursuits for a teenager interested in science, electronics, space and engineering. If I wanted a shortwave radio or a new type of model airplane or a small rocket I could launch in my back yard, I built them from scratch or combined pieces of previous projects. None of this experience registered with my students. And my next attempts to stir up enthusiasm for making and repairing things similarly fell flat.

Make It So?

Do you worry that your kids are growing up not knowing how to make things or fix things? Do you fret that you no longer remember how to make things or fix things?

Working with your hands, eyes and brain – and not just mindlessly swiping an index finger across a tiny screen – can be both physically and mentally rewarding.

Of course, the web is alive with “how to” information for making or repairing almost anything. And I make occasional pilgrimages to public libraries and bookstores to find reference materials and instruction books related to specific projects.

I am an unabashed fan of the “Make:” series of books from Maker Media. I don’t build all of their projects, but I do try out some of them. And I enjoy reading about zany, yet sometimes practical, stuff such as (1) how to use a magnet to tell if money is counterfeit, (2) how to create artwork that actually does something, using just a handful of electronic components, (3) how to generate electric power with several lemons connected in series, or (4) how to make some really good paper airplanes and paper helicopters. The “Make:” books consistently feature clear, well-organized instructional text, illustrations and photographs of how things go together.

Books such as Tinkering: Kids Learn by Making Stuff (2nd edition), Easy 1+2+3 Projects, and Planes, Gliders, and Paper Rockets can appeal to parents and children who are in elementary school or older. For older kids and their parents, or for would-be engineers, Make: books such as Bluetooth, Getting Started with Intel Edison, and 3D Printing Projects can be helpful and enlightening how-to guides. Books on numerous other topics also are offered.

Do your kids (and/or you) seem unhealthily addicted now to clutching and staring at smartphones all day? You may want to try putting the devices aside and seeing what you can create with your hands, your mind, some household materials and a few readily available gadgets that don’t require pricey data plans and contracts.

You can do it! Power off now! (Okay, for just a few minutes at first if you insist and if you have a really bad case of smartphone withdrawal.)

— Si Dunn

Advertisements

Mule in Action, 2nd Edition – Want to be an integration developer? Here’s a good start – #bookreview

 

Mule in Action, Second Edition

David Dossot, John D’Emic, Victor Romero

(Manning – paperback)

 

An enterprise service bus (ESB) can help you link together many different types of platforms and applications–old and new–and keep them communicating and passing data between each other.

“Mule,” this book’s authors note, “is a lightweight, event-driven enterprise service bus and an integration platform and broker.  As such, it resembles more a rich and diverse toolbox than a shrink-wrapped application.”

Mule in Action, Second Edition, is a comprehensive and generally well-written overview of Mule 3 and how to put its open-source building blocks together to create integration solutions and develop them with Mule. The book provides very good focus on sending, receiving, routing, and transforming data, key aspects of an ESB.

More attention, however, could have been paid to clarity and detail in Chapter 1, the all-important chapter that helps Mule newcomers get started and enthused.

This second edition is a recent update of the 2009 first edition. Unfortunately, the Mule screens have changed a bit since the book’s screen shots were created for the new edition. Therefore, some of the how-to instructions and screen images do not match what the user now sees. This gets particularly confusing while trying to learn how to configure a JMS outbound endpoint for the first time, using Mule Studio’s graphical editor. The instructions seem insufficient, and the mismatch of screens can leave a beginner unsure how to proceed.

The same goes for configuring the message setting in the Logger element. The text instructs: “You’ll set the message attribute to print a String followed by the payload of the message, using the Mule Expression Language.” But no example is given. Fortunately, a reviewer on Amazon has posted a correct procedure. In his view, the message attribute should be: We received a message: #[message.payload]  –without any quote marks around it. (It works.)

Of course, this book is not really aimed at beginners–it’s for developers, architects, and managers (even though there will be Mule “beginners” in those ranks). Fortunately, it soon moves away from relying solely on Mule Studio’s graphical editor. The book’s examples, as the authors note, “mostly focus on the XML configurations of flows.” Thus, there are many XML code examples to work with, plus occasional screen shots of the flows as they appear in Mule Studio. And you can use other IDEs to work with the XML, if you prefer.

Indeed, the authors note, “no functionality in the CE version of Mule is dependent on Mule Studio.”

Overall, this is a very good book, and it definitely covers a lot of ground, from “discovering” Mule to becoming a Mule developer of integration applications, and using certain tools (such as business process management systems) to augment the applications you develop. I just wish a little more how-to clarity had been delivered in Chapter 1.

Si Dunn

Making Sense of NoSQL – A balanced, well-written overview – #bigdata #bookreview

Making Sense of NoSQL

A Guide for Managers and the Rest of Us
Dan McCreary and Ann Kelly
(Manning, paperback)

This is NOT a how-to guide for learning to use NoSQL software and build NoSQL databases. It is a meaty, well-structured overview aimed primarily at “technical managers, [software] architects, and developers.” However, it also is written to appeal to other, not-so-technical readers who are curious about NoSQL databases and where NoSQL could fit into the Big Data picture for their business, institution, or organization.

Making Sense of NoSQL definitely lives up to its subtitle: “A guide for managers and the rest of us.”

Many executives, managers, consultants and others today are dealing with expensive questions related to Big Data, primarily how it affects their current databases, database management systems, and the employees and contractors who maintain them. A variety of  problems can fall upon those who operate and update big relational (SQL) databases and their huge arrays of servers pieced together over years or decades.

The authors, Dan McCreary and Ann Kelly, are strong proponents, obviously, of the NoSQL approach. It offers, they note, “many ways to allow you to grow your database without ever having to shut down your servers.” However, they also realize that NoSQL may not a good, nor affordable, choice in many situations. Indeed, a blending of SQL and NoSQL systems may be a better choice. Or, making changes from SQL to NoSQL may not be financially feasible at all. So they have structured their book into four parts that attempt to help readers “objectively evaluate SQL and NoSQL database systems to see which business problems they solve.”

Part 1 provides an overview of NoSQL, its history, and its potential business benefits. Part 2 focuses on “database patterns,” including “legacy database patterns (which most solution architects are familiar with), NoSQL patterns, and native XML databases.” Part 3 examines “how NoSQL solutions solve the real-world business problems of big data, search, high availability, and agility.” And Part 4 looks at “two advanced topics associated with NoSQL: functional programming and system security.”

McCreary and Kelly observe that “[t]he transition to functional programming requires a paradigm shift away from software designed to control state and toward software that has a focus on independent data transformation.” (Erlang, Scala, and F# are some of the functional languages that they highlight.) And, they contend: “It’s no longer sufficient to design a system that will scale to 2, 4, or 8 core processors. You need to ask if your architecture will scale to 100, 1,000, or even 10,000 processors.”

Meanwhile, various security challenges can arise as a NoSQL database “becomes popular and is used by multiple projects” across “department trust boundaries.”

Computer science students, software developers, and others who are trying to stay knowledgeable about Big Data technology and issues should also consider reading this well-written book.

Si Dunn

Testing Cloud Services – How to Test SaaS, PaaS and IaaS – #cloud #bookreview

Testing Cloud Services

How to Test SaaS, PaaS & IaaS
Kees Blokland, Jeroen Mengerink and Martin Pol
(Rocky Nook – paperback, Kindle)

Cloud computing now affects almost all of us, at least indirectly. But some of us have to deal directly with one or more “clouds” on a regular basis. We select or implement particular cloud services for our employers or for our own businesses. Or, we have to maintain those services and fix any problems encountered by co-workers or employees.

Testing Cloud Services, written by three well-experienced test specialists, emphasizes that the time to begin testing SaaS (Software as a Service), PaaS (Platform as a Service), or IaaS (Infrastructure as a Service) is not after you have made your selections. You should begin testing them during the selection and installation processes and keep testing them regularly once they are live.

“Cloud computing not only poses challenges for testing, it also provides interesting new testing options,” the authors note. “For example, cloud computing can be used for test environments or test tools. It can also mean that all test activities and the test organization as a whole are brought to the cloud. This will be called Testing as a Service.”

Their well-written, six-chapter book deals with numerous topics related to using and testing cloud services, including the role of the test manager, identifying the risks of cloud computing and testing those risks, and picking the right test measures for the chosen services.

In Chapter 5, a significant portion of the book is devoted both to test measures and test management. “Testing SaaS is very different from testing PaaS or IaaS,” the writers state. Much of the lengthy chapter focuses on SaaS, but it also addresses PaaS and IaaS, and the authors describe the following test measures:

  • Testing during selection of cloud services
  • Testing performance
  • Testing security
  • Testing for manageability
  • Testing availability/continuity
  • Testing functionality
  • Testing migrations
  • Testing due to legislation and regulations
  • Testing in production

Particularly if you are a newcomer to choosing, testing, and maintaining cloud services, this book can be an informative and helpful how-to guide.

Si Dunn

The Practice of Network Security Monitoring – You’re compromised, so deal with it. #security #bookreview

The Practice of Network Security Monitoring

Understanding Incident Detection and Response
Richard Bejtlich
(No Starch Press – paperback, Kindle)

Security expert Richard Bejtlich’s focus in his new book is not on “the planning and defense phases of the security cycle.” Instead, he emphasizes how to handle “systems that are already compromised or that are on the verge of being compromised.”

His well-organized, well-written, 341-page book aims to help you “start detecting and responding to digital intrusions using network-centric operations, tools, and techniques.”

Bejtlich has long emphasized a “detection-centered philosophy” built around a straightforward central tenet: “Prevention eventually fails.” No matter how many digital walls and moats you build around your network, someone will find a way to tunnel in, parachute in, or sneak in via an unsuspecting employee’s $9.95 thumb drive.

“It’s becoming smarter,” he writes, “to operate as though your enterprise is always compromised. Incident response is no longer an infrequent, ad-hoc affair. Rather, incident response should be a continuous business process with defined metrics and objectives.”

You may recognize some of Bejtlich’s previous books on network security monitoring (NSM): The Tao of Network Security Monitoring; Extrusion Detection; and Real Digital Forensics.

The Practice of Network Security Monitoring is tailored toward two key audiences: (1) security professionals who have little or no experience with NSM; and (2) “more senior incident handlers, architects, and engineers who need to teach NSM to managers, junior analysts, or others who may be technically less adept.”

Readers, he add, should understand “the basic use of the Linux and Windows operating systems, TCP/IP networking, and the essentials of network attack and defense.”

The examples in Bejtlich’s book rely on open source and vendor-neutral tools, primarily from Doug Burks’ Security Onion (SO) distribution.

The 13-chapter book is organized into four parts:

  • Part I: Getting Started – Introduces NSM and sensor placement issues.
  • Part II: Security Onion Deployment – Shows how to install and configure SO.
  • Part III: Tools – Examines the “key software shipped with SO and how to use these applications.”
  • Part IV: NSM in Action – Looks at “how to use NSM processes and data to detect and respond to intrusions.”

Following the technical chapters, Bejtlich offers some concluding thoughts on network security management, cloud computing, and establishing an effective workflow for NSM. “NSM isn’t just about tools,” he writes. “NSM is an operation, and that concept implies workflow, metrics, and collaboration. A workflow establishes  a series of steps that an analyst follows to perform the detection and response mission. Metrics, like the classification and count of incidents and time elapsed from incident detection to containment, measure the effectiveness of the workflow. Collaboration enables analysts to work smarter and faster.”

He also observes: “It is possible to defeat adversaries if we stop them before they accomplish their mission. As it has been since the early 1990s, NSM will continue to be a powerful, cost-effective way to counter intruders.”

Si Dunn

Juniper MX Series – A comprehensive guide for network engineers – #bookreview #juniper #networking

Juniper MX Series
Douglas Richard Hanks Jr., and Harry Reynolds
(O’Reilly, paperbackKindle)

This comprehensive, well-written handbook is aimed directly at network engineers who want to know more about the feature-rich Juniper MX Series of routers.

Actually, “handbook” is a bit of a misnomer. It takes two hands to comfortably handle this hefty, comprehensive, 864-page guide.

The two authors, both network engineers themselves, note that the Juniper MX Series is “[o]ne of the most popular routers in the enterprise and service provider market….”

They add: “The Juniper MX was designed to be a network virtualization beast. You can virtualize the physical interfaces, logical interfaces, data plane, network services, and even have virtualized services span several Juniper MX routers. What traditionally was done with an entire army of routers can now be consolidated and virtualized into a single Juniper MX router.”

The book’s chapters are:

  • 1.      Juniper MX Architecture
  • 2.      Bridging, VLAN Mapping, IRB, and Virtual Switches
  • 3.      Stateless Filters, Hierarchical Policing, and Tri-Color Marking
  • 4.      Routing Engine Protection and DDOS Prevention
  • 5.      Trio Class of Service
  • 6.      MX Virtual Chassis
  • 7.      Trio Inline Services
  • 8.      Multi-Chassis Link Aggregation
  • 9.      Junos High Availability on MX Routers

The chapters, organized by feature sets, include review questions (with answers conveniently located nearby), so you can track your learning progress.

The authors have extensive experience with the Juniper MX router series. Douglas Richard Hanks Jr., is a data center architect with Juniper Networks. Harry Reynolds has more than 30 years’ experience in networking, with a focus on LANs and LAN interconnection.

Si Dunn

For more information: (paperbackKindle)

Ethics of Big Data – Thoughtful insights into key issues confronting big-data ‘gold mines’ – #management #bookreview

Ethics of Big Data
Kord Davis, with Doug Patterson
(O’Reilly, paperbackKindle)

“Big Data” and how to mine it for profit are red-hot topics in today’s business world. Many corporations now find themselves sitting atop virtual gold mines of customer information. And even small businesses now are attempting to find new ways to profit from their stashes of sales, marketing, and research data. 

Like it or not, you can’t block all of the cookies or tracking companies or sites that are following you, and each time you surf the web, you leave behind a “data exhaust” trail that has monetary value to others. Indeed, one recent start-up, Enliken, (“Data to the People”), is offering a way for computer users to gain some control over their data exhaust trail’s monetary value and choose who benefits from it, including some charities.

Ethics of Big Data does not seek to lay down a “hard-and-fast list of rules for the ethical handling of data.” The new book also doesn’t “tell you what to do with your data.” Its goals are “to help you engage in productive ethical discussions raised by today’s big-data-driven enterprises, propose a framework for thinking and talking about these issues, and introduce a methodology for aligning actions with values within an organization.”

It’s heady stuff, packed into just 64 pages. But the book is well written and definitely thought-provoking. It can serve as a focused guide for corporate leaders and others now hoping to get a grip on their own big-data situations, in ways that will not alienate their customers, partners, and stakeholders.

In the view of the authors: “For both individuals and organizations, four common elements define what can be considered a framework for big data:

  • “Identity – What is the relationship between our offline identity and our online identity?”
  • “Privacy – Who should control access to data?”
  • “Ownership – Who owns data, can rights be transferred, and what are the obligations of people who generate and use that data?”
  • “Reputation – How can we determine what data is trustworthy? Whether about ourselves, others, or anything else, big data exponentially increases the amount of information and ways we can interact with it. This phenomenon increases the complexity of managing how we are perceived and judged.”

Big-data technology itself is “ethnically neutral,” the authors contend, and it “has no value framework. Individuals and corporations, however, do have value systems, and it is only by asking and seeking answers to ethical questions that we can ensure big data is used in a way that aligns with those values.”

At the same time: “Big data is pushing corporate action further and more fully into individual lives through the sheer volume, variety, and velocity of the data being generated. Big-data product design, development, sales, and management actions expand their influence and impact over individuals’ lives that may be changing the common meanings of words like privacy, reputation, ownership, and identity.”

What will happen next as (1) big data continues to expand and intrude and (2) people and organizations  push back harder, is still anybody’s guess. But matters of ethics likely will remain at the center of the conflicts.

Indeed, some big-data gold mines could suffer devastating financial and legal cave-ins if greed is allowed to trump ethics.

Si Dunn