Slashdot Mirror

AccordionGuy writes "Paul Graham, who's known for his writings on Lisp and other Lisp-like languages as well as his essays on combatting spam has taken a bit of a detour from his usual topics. His latest essay is one that's a little more personal and that we can all relate to: Why Nerds Are Unpopular . It's a lengthy but engaging writeup of that chamber of horrors we call high school and why being smarter than the average bear is more of a liability than an asset during that stage in life. It's food for thought for those of us who've already been there, done that and been stuffed into lockers by the football team and it should give some hope to those who are going through it right now."

Lumpish Scholar writes ""The Sims Online" was one of the most anticipated releases of 2002; but (according to this Los Angeles Times story in the Baltimore Sun, "'The Sims Online' sold 105,000 copies, or only about a quarter of the initial shipment in December," and (as quoted in this article in the New York Times), "the company's president, John S. Riccitiello, said the number of subscribers was half what Electronic Arts expected." (Check out Google News for more articles, and a registration-free partner link to the New York Times story.) Meanwhile, the game's customer reviews at Amazon.com have an average rating of only two (out of five) stars."

ikeleib asks: "I'm in the process of developing a HVAC control system. The problem with most programmable thermostats and just about every other electronic devices is that they are hard to use. I've been trying to find a book on user interface design for electronic devices. All the books I've seen on interface design seem to focus on GUI's. Does anyone know of good books (or websites) on interface design for electronics? I'm talking about buttons and tiny screens, not web pages and dialog boxes. I've only been able to find one book (for $104)."

Les Gasser writes "Ahh, drag racing! If you've never experienced the scent of nitro or the flashing flames of a top fueler running 320MPH+ in 4+ seconds in a standing-start quarter mile run at dusk, you're missing world-class performance art. (See 'High Performance' for the classic on drag racing history and culture). Now the NYTimes (registration needed) has 'Gentlemen, Start Hacking Your Engines,' an article on 're-engineering' engine control computers for maximum performance, combining the drag racing and tech-geek traditions." Having learned everything I know about racing from Gran Turismo, I'm amazed to learn there's more than just buying a "racing chip".

kurtinatlanta writes "Though the news broke in September, no one cares about tax return preparation software until January. Apparently Intuit's activation scheme for TurboTax will only allow you to print or file your returns from the computer on which you first installed it. The phrase "one computer" in their license literally means one computer. Moving the software (i.e. disk reformat, buy new computer) requires buying it again. There are all kinds of negative reviews on amazon.com as a result. Is this problem real or overhyped?" There's a more recent story about the flap. The Intuit PR rep is quoted as saying that people can install the software on multiple computers using the same activation code, but I don't think an unworking installation really counts.

lma writes "Lyle Zapato, best-selling author (well, maybe just author) of Aluminum Foil Deflector Beanie: Practical Mind Control Protection for Paranoids , and developer of MindGuard, personal anti-psychotronic software for Amiga and Linux, is trying to find as many references to AFDBs or similar devices prior to 1991 as possible. Please help this important part of our cultural heritage from being lost, and email him with any references you can find." Well, there was my Uncle Milt..I mean...well, nevermind.

Bamafan77 writes "FastCompany's website has an interesting article about what it means to be successful that I think builds nicely upon a recent Slashdot discussion. That Slashdot thread was about a study that wanted to find out if there is a link between college rejection and success. This new article asks a more basic question that many people struggle with: what does it mean to be successful and how do I achieve it? This article is an excerpt from a new book by Po Bronson which details the personal lives of several people, many of whom are very talented and superficially successful, who switched gears to try to find that 'thing' they are impassioned about. One interesting excerpt that might particularly hit home to the Slashdot community is Bronson's tidbit about a Rockwell manager who left his job because, though it was mentally challenging, lacked a deeper level of gratification. What is this man doing now? He's a cop in East LA."

edstromp asks: "So I just heard about this neat device that lets you plug your cellphone into your home phone(s): CellSocket by Global Garden Group is one, but it only works on Nokia 5100's and 6100's. I am trying to convince my wife that we don't need a land line anymore (we both have cellphones), and I really think this would be the ticket. When you are home you can drop your cell into the cradle, and then all your home phone's will ring instead of your cell when someone calls your cell phone. Has anyone used one, and does anyone know if there are similar devices for other cellphones?"

An anonymous reader asks: "In The Feynman Lectures on Computation, Richard Feynman poses an interesting little puzzle involving the synchronization of finite state machines acting as generals and soldiers. While he was able to find an answer to the problem, the minimum time solution apparently eluded him, and he ended his description of the puzzle with the following Fermat-like declaration: 'Somebody has actually found a solution with this minimum time. That is very difficult though, and you should not be so ambitious. It is a nice problem, however, and I often spend time on airplanes trying to figure it out. I haven't cracked it yet.' My best attempt performs at about 3N, not quite the minimum time of 2N-2. So I'm asking Slashdot: Has anyone ever come across the minimum time solution to this puzzle? Or maybe someone here can figure it out!"

"Here is the full description of the problem, in Feynman's own words. Please remember that these are finite state machines, so you can't use any methods that involve counting the number of soldiers or assigning a number to each soldier.

Problem 3.4: Before turning to Turing machines, I will introduce you to a nice FSM problem that you might like to think about. It is called the 'Firing Squad' problem. We have an arbitrarily long line of identical finite state machines that I call 'soldiers'. Let us say there are N of them. At one end of the line is a 'general', another FSM. Here is what happens. The general shouts 'Fire'. The puzzle is to get all of the soldiers to fire simultaneously, in the shortest possible time, subject to the following constraints: firstly, time goes in units; secondly, the state of each FSM at time T+1 can only depend on the state of its next-door neighbors at time T; thirdly, the method you come up with must be independent of N, the number of soldiers. At the beginning, each FSM is quiescent. Then the general spits out a pulse, 'fire', and this acts as an input for the soldier immediately next to him. This soldier reacts as in some way, enters a new state, and this in turn affects the soldier next to him and so on down the line. All the soldiers interact in some way, yack yack yack, and at some point they become synchronized and spit out a pulse representing their 'firing'. (The general, incidentally, does nothing on his own initiative after starting things off.)

There are different ways of doing this, and the time between the general issuing his order and the soldiers firing is usually found to be between 3N and 8N. It is possible to prove that the soldiers cannot fire earlier than T=2N-2 since there would not be enough time for all the required information to move around. Somebody has actually found a solution with this minimum time. That is very difficult though, and you should not be so ambitious. It is a nice problem, however, and I often spend time on airplanes trying to figure it out. I haven't cracked it yet."

crevette asks: "I was looking on Amazon for some gizmo when I got a review from G. Cooke, TX, who is in the top 10 reviewers. Out of curiosity, I checked her reviews... She has 658 reviews, many on the same day, which include everything from knife sets to a plastic duck! She reviews many books on the same day... She must be spending hundreds of dollars on useless stuff every month. Worst of all, most of her reviews are 5 stars. Do you think those people are paid by Amazon or some company? Do you trust them? If not (like I tend to think) what can we do about it?"

BShive writes "Design Patterns is considered a classic for anyone in software development. The beginning third of the book is a solid introduction to patterns, while the last two thirds of the book is devoted to the patterns themselves. Many of the professionals out there probably already own a well-used copy of this book, but there are others who are wondering what all the fuss is about. The frequency of hearing about this text in discussions piqued my interest enough to buy it for myself. If you are interested in design patterns and are looking to use them, then this should be one of the books on your shelf." Read on for more. Design Patterns author Erich Gamma, et al pages 395 publisher Addison-Wesley rating 8 reviewer Ben Shive ISBN 0201633612 summary Design Patterns is considered a classic for anyone in software development. Many of the professionals out there probably already own a well-used copy of this book, but there are others who are wondering what all the fuss is about.

Introduction

I found the entire introductory section excellent, and a good read. It covers what design patterns are and explains how they are documented and categorized. Advice on where and how to employ design patterns to achieve reusable and flexible software is also covered to give you an expectation of what you can get out of the rest of the book. The What, Why, and How are covered nicely. Even with little previous exposure to patterns, I was able to understand the presented material easily and begin to see the applications.
Object Modeling Technique (OMT) notation is also introduced to explain the diagrams associated with the patterns and examples. If you have used UML, the diagrams and notations will be familiar to you since UML is influenced by OMT. Jim Rumbaugh, the creator of OMT, collaborated with Grady Booch to create the first version of UML.

As the author notes, having a solid knowledge of OOP is critical to being able to understand and use the information presented. If you don't fully understand OOP, pick up an introductory text first. An Introduction to Object-Oriented Programming by Timothy A. Budd or any similar book will get you up to speed. However, you will get the most out of Design Patterns with hands-on OOP experience.

Case Study

This chapter presents a case study in designing a WYSIWYG document editor to demonstrate how design patterns can be applied. Most of the examples in the book involve the user interface and I would have liked to see less emphasis on UI models. However, it still gives the reader insight into real applications of patterns. Not only do the authors point out how the pattern applies to each case, but they also present the problems associated with the application. The case study is not intended to set up a perfect example of pattern usage, but to explore it. The reader could go further with the design presented and think about how to solve the flaws pointed out along with the ones that have not been discussed. I liked the fact that they do not attempt to state that there is only one way to solve the problems presented, or that their solutions are even the best way. Too many authors fall into this trap.

Presenting: The Patterns

The three chapters on patterns make up the bulk of the book. The patterns are separated out into the three chapters by type: Creational, Structural, and Behavioral. Each chapter begins with an overview of what the patterns of the type can be used for, and how the chapter deals with the patterns as a group. At the end of each chapter there is a discussion section that summarizes the patterns, along with guidance on how to select the right one from the chapter.

Each pattern description contains a number of sections: Intent, Also Known As, Motivation, Applicability, Structure (in OMT), Participants, Collaborations, Consequences, Implementation, Sample Code, Known Uses, and Related Patterns. The breakdown makes it easy to determine if, why, and how you should use the pattern. The authors are justifiably concerned about using the wrong pattern for a given situation. The code snippets are also easy to work through as long as you know an OOP language. C++ is commonly used, with the occasional bit of Smalltalk code.

The three chapters that detail each pattern would be difficult to read right through. However, the opening and closing section of each chapter has valuable information and is worth reading and subsequently referring to some of the patterns discussed. I got the most out of these chapters by picking patterns that might apply to current projects I was working with and then exploring one in depth, branching over into other patterns in a non-linear fashion.

Conclusion

The closing chapter is relatively short, but makes some important points. The authors discuss what to expect from design patterns, some history and other references/influences. Re-factoring is discussed and how patterns will help mitigate this unavoidable process as the software evolves. Other benefits are also brought up briefly. The book closes with an invitation to give the authors feedback and to find patterns that you use. The best designs will use many design patterns that dovetail and intertwine to produce a greater whole.

Book Extras

The whole book has a quality feel to it that is missing from many current texts that cost nearly twice as much. Inside the front cover there is a quick reference to all of the patterns contained in the book with a brief description and page number. The back cover also contains a quick reference for diagram notation and the relationships between the design patters. This is all topped off by two bookmark ribbons attached to the spine.

The Age Issue

Design Patterns was originally published in 1995, and the book mentions that the patterns it contains are little changed from 1992! In the computer field this would be considered an ancient text with how fast software is updated and languages change. Despite this, since the material is not entirely dependent on a particular language or program it holds up quite well. The examples referred to for each pattern are older software that many will not recognize. An updated version would be nice, but being old does not condemn this book to being useless.

Summary

This is an excellent book even if it is beginning to show its age. The fact that it's still very useful is testimony to the quality of the material. A few readers might find the reading to be a bit dry, but the straightforward style was refreshing compared to some other texts. The authors stay focused on the topic and condense it appropriately without going off onto long tangents. Once I've followed through with applying some patterns to projects it might garner an even higher rating. Just from reading about some of the patterns, I could see how they could have applied to previous projects I've worked on, both large and small. The book was certainly a worthwhile investment. If a second version of this book ever comes out, I'd be sure to pick it up as well.

Chapters:
1. Introduction
2. A Case Study: Designing a Document Editor
3. Creational Patterns
4. Structural Patterns
5. Behavioral Patterns
6. Conclusion

Appendix:
A. Glossary
B. Guide to Notation
C. Foundation Classes

You can purchase Design Patterns from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

suhit writes "Infosync is reporting in this article that Fathammer has finally launched its X-Forge 3D Engine. The screenshots on Infosync are amazing, plus this means that researchers out there can finally port Neal Stephenson's Snow Crash style Metaverse to a handheld device."

oxgoad writes "Sun Microsystems, Federal Express, the National Radio Astronomy Observatory -- what do they have in common? All have used, or are currently using, the programming language Forth in critical subsystems of their products or processes. 'What is this language Forth?' you ask. Forth has been called 'One of the best-kept secrets in the computing world.' Read on for a review of the book Forth Application Techniques authored by Elizabeth D. Rather." Forth Application Techniques author Elizabeth D. Rather pages 148 publisher Forth, Inc. rating 5 reviewer oxgoad ISBN 0966215613 summary A concise introduction to the Forth programming language.

Who & What

Elizabeth D. Rather, president of Forth, Inc., would appear to be the second Forth programmer in the universe. This distinction came about in 1971 when she was brought in at the Kitt Peak NRAO to maintain code written in a quirky language developed by Chuck Moore. Running on a DDP-116 and a H316, this code was responsible for controlling the telescope, data acquisition, and graphical display. After a few years, Moore and Rather, along with Edward K. Conklin, formed Forth, Inc. to attempt commercialization of the language.

Forth Application Techniques attempts to provide a comprehensive introduction to the language for the neophyte Forth programmer. I would say that it pretty much succeeds as such, quietly plodding away through each primitive and feature. It is written in workbook style with various sample problems for the reader to complete. You might not be a Forth coder after reading the book cover to cover; however, you will have a working knowledge of the language and should be able to walk through legacy code with a minimum of difficulty.

If I might step aside from my role as unbiased book observer for a moment, I would like to make a few comments about the state of programming languages in general. It seems that quite often we take for granted essential, but practically invisible, tradesmen such as plumbers and garbage collectors. (Fire your janitor and your web designer -- guess which one you will miss first. Guess which one will still be employable 15 years from now.) Yet, without their services, our daily quality of life would certainly fail to meet our expectations.

Likewise, Forth seems to be an invisible language. No flash, no e-commerce, and no glamour. Such is the nature of embedded systems -- even though every Federal Express delivery driver carries a Forth-based device on his belt. This appears to have resulted in a dearth of quality books dealing with Forth. Search your favorite online book retailer and note the dozens of Forth books that are no longer in print.

While Scheme is from the ivory tower and Forth might be said to be from the machine shop, they do have something in common that is a possible deterrent to the popularity of Forth. Like Scheme, you either get Forth -- or you don't. Stack-based languages leave some programmers dazed and confused. And, as with most languages, it is possible to write some truly obfuscated code. Any language that will allow you to define the number 4 as a word that places the number 3 on the stack can be a frightening weapon in the hands of the contrary.

Kudos

Forth Application Techniques can be commended on its consistency. Careful attention has been given to typefaces to distinguish interpreter output from user input. All primitives and defined words are covered in a clear and unambiguous manner. The book is spiral bound in a plastic binding, and this lay-flat binding is great when using it at your computer or while eating lunch.

Quibbles

The same lay-flat spiral binding that is such a boon when working at the computer can be somewhat of a nuisance when when attempting to hand-hold the book -- the book tends to flop about and feels very insubstantial.

While Forth Application Techniques is very complete and accurate, it is also extremely passionless. You might compare it to a biology textbook discussion of sexual reproduction with no mention of romance. There is no discussion or examples of using Forth in ways that will bring enlightenment. To be fair, in the preface it states that the purpose of the book is to support Forth classes taught at Forth, Inc. This is something that is not entirely clear when examining online retailers' display of the book.

Also of note is that there are occasional features specific to Forth Inc.'s SwiftForth product documented in the book. I would not consider this a real issue as all instances are clearly denoted with an icon. With the exception of chapter 9, which is entirely Forth Inc. specific, the readability is not affected in any way.

Crimes

Forth Application Techniques has no index. With its workbook styling, most will not consider this to be a tragedy. All the same, it would be convenient to look up primitives and defined words.

Conclusions

Should you buy this book? That depends on your desired end result. It is adequate for a quick introduction to Forth. If you are intending to write production code I believe Forth Programmer's Handbook (from the same publisher, review forthcoming) would be a better choice. If possible, I would supplement either with a used copy of Leo Brodie's Starting Forth -- an out-of-print classic.

Where I foresee this book to be a great benefit is in ordering a half-dozen copies for your programming team prior to taking on a legacy project or when considering Forth as a new development platform. The members of your team that "get it" can then enlighten the others with this invisible language.

Table of Contents

• Preface: About This Book

1. Introduction
2. Simple Forth Primitives
3. Structured Programming In Forth
4. Data Storage
5. Strings And Characters
6. Number Conversion
7. Vectored Execution
8. Advanced Concepts
9. Multitasking
10. Style Recommendations

Disclosure

I received a review copy of this book from the publisher. Thus, my loyalties and opinions may be completely skewed. Caveat Lector.

Forth Application Techniques is available from Forth, Inc. and from some online merchants like Amazon. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

EnlightenmentFan writes "In When Things Start to Think, MIT Media Lab whiz Neil Gershenfeld predicts an appealing future of seamless, foolproof computers. User alert: Relentless optimism ahead. (I am ready to let MIT graft smart chips into my skin some day after my PC goes a week without crashing.) This is the book to buy for your folks to get them excited about nerds. It does also have some interesting stuff for nerds themselves." Read on for Enlightenment Fan's review. When Things Start to Think author Neil Gershenfeld pages 225 publisher Owl Books (paperback) rating For Slashdotters: 5 to read, 9 to give your folks reviewer EnlightenmentFan ISBN 080505880X summary Seamless, foolproof mini-computers coming up.

One underlying theme dear to Gershenfeld's heart is the death of traditional academic distinctions between physics and engineering, or between academia and commerce. Applied research is real research.

Another major theme is that older technologies should be treated with respect as we seek to supplement or replace them. For example, a laptop's display is much harder to read in most light than the paper in a book.

The book starts by drawing a contrast between Digital Revolution and Digital Evolution. Digital Revolution is the already-tired metaphor for universal connectivity to infinite information and memory via personal computers, the Internet, etc. Digital Evolution describes a more democratic future, from Gershenfeld's point of view, when computers are so smart, cheap, and ubiquitous that they do many ordinary chores to help ordinary people. When things talk to things, human beings are set free to do work they find more appealing.

"What are things that think?" asks the first section of the book.

Gershenfeld's whizbang examples won't be big news to Slashdot readers. My favorite, the Personal Fabricator, ("a printer that outputs working things instead of static objects")-- whose relationship to a full machine shop analog is like that of the Personal Computer to the old-fashioned mainframe. Gershenfeld actually has one of these in his lab (it outputs plastic doohickeys)--seeing it was one of the high points of my visit there.

"Why should things think?" asks the second section.

My favorite here is the Bill of Rights for machine users. (In true Baby-Boom style, it's of list of wants arbitrarily declared to be rights.) "You have the right to

• Have information available when you want it, where you want it, and in the form you want it

  Be protected from sending or receiving information that you don't want

  Use technology without attending to its needs"

Under the heading "Bad Words," Gershenfeld offers a snide but useful summary of many high-tech pop-sci buzzwords, showing how they get misused by people who don't understand their real content or context.

"How will things that think be developed?"

By making them small and cheap. By getting industry to pay the bills for targeted, practical research, using the Media Lab model TTT ("Things That Think.") By reorganizing education on the model of the Media Lab, where students learn things as they need them for practical projects, not all at once in a huge, abstract lump.

The book concludes with directions to various websites, including the Physics and Media Group (One of their projects these days is "Intrabody Signaling.") Slashdotters might also be interested in Gershenfeld's textbooks The Nature of Mathematical Modeling and The Physics of Information Technology.

You can purchase When Things Start To Think from bn.com, and Amazon has the book paperback discounted to $11.20. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

KeatonMill writes "The New York Times (as always, free registration) ran this article about a new search engine, called Grokker, created by a company called Groxis. Grokker builds a map of content catagories using metadata. So far, it is used in the Amazon.com online catalog and the Northern Light search engine. Groxis is also developing a version to use to search your own computer."

Slashback's updates tonight (read on below) have more on Dataplay, background on the PowerPC that Apple and IBM have been brewing, the return (triumphant?) of XviD, Neal Stephenson's next opus, and more.

Pins and needles, pawns and bishops. s20451 writes "It looked grim earlier in the week, but following a fifth game meltdown by Kramnik and a brilliant game 6 by Fritz, the computer has tied the match 3-3. Betting on the computer in game 6 would have brought you a 7-1 return! I'll be on the phone to Vegas."

The new, new, new economy has room for camels. SwiftOne writes "According to their website, The Perl Journal has gotten enough subscriptions to begin online release (the planning of which was previously covered, along with the concerns about not reaching their goal. The first (next) issue is expected in early November."

Maybe it was the 15th-mover disadvantage. melt writes "Dataplay, the Boulder-based manufacturer of quarter-sized recordable discs and drives, finally called it quits on Friday, October 11, 2002. The remaining 120 employees (who have been on furlough for the past few weeks) have been let go and the company has closed shop. They are looking for a buyer for the remaining pieces. Full story at the Rocky Mtn News web site."

Zoom in until you see little canyons ... Twirlip of the Mists writes "IBM's chief scientist for their iSeries family of servers (a.k.a. the AS/400 family) has an article on iseriesnetwork.com describing the somewhat confusing history of the POWER4 microprocessor. In light of recent speculation about a possible relationship between IBM and Apple, this article is of particular interest. It clears up-- at least partially-- some of the complex, incestuous relationships between the PowerPC architecture, the PowerPC processor family, and the POWER4 processor. As an added bonus, there's some talk about the upcoming POWER5 and POWER6 processors near the end. The key phrase (and disclaimer): 'expected to appear in 2004.'"

Shame on Sigma. Gruturo writes "After almost 3 months the XviD project and website have reopened, though Sigma Designs has not complied yet with all their requests (they still carry their copyright on many modified sources). In these last 2 1/2 months the project still went underway, although unofficially:
B-frames are practically ready, motion estimation algorithms have been improved, work started for Qpel implementation."

Please stop teasing us. If you liked Cryptonomicon, you've probably been impatiently watching the announcements of when the next Stephenson book would appear. wka writes "Previous false starts notwithstanding, Amazon says Neal Stephenson's new novel Quicksilver will be published in January."

And next week, building box-girder bridges. scubacuda writes "Lawmeme has released Part III to their Law School in a Nutshell series (Part I and Part II were previously featured on /.)"

canadian_right sent in this review of a self-published book available through the Xlibris service. He writes, "You've heard of the web service that will publish anyone's book for a reasonable fee, but wondered if any of the books are worth buying? If you like fantasy with a dash of science fiction you will likely enjoy Reflecting Fires." Reflecting Fires author Thomas Claburn pages 276 publisher Self Published via xlibris rating 7.5 of 10 reviewer Alexander J. Russell ISBN hardcover 0-7388-6621-0, Soft cover 0-7388-6622-9 summary Fantasy with a touch of SF

In times past great powers ruled the world, but left the for the 'Stardome', taking everyone's dreams with them. The 'Bright Mechanics' (magic) are in favour and the ruling elite do their best to suppress the 'Dark Mechanics' (science). As time passes the Bright Mechanics powers slowly wane as the Dark Mechanics flower. Fusils (fire arms), and other Dark Mechanics are just too useful. Cardinal Skye, the last of the truly powerful Adepts is not at all happy with this, and plots to use an ancient prophesy to turn the tide back in favour of the Bright Mechanics. But Skye isn't the only one plotting, and events take turns that no one expects.

Mr. Claburn has created an interesting and complete alternate world somewhat reminiscent of feudal Europe. There are Nobles with armies who scheme and plot, the Adepts who wield great personal power, and the followers of Helion. The Adepts, masters of the Bright Mechanics, play an active role in politics and war - sometime with and sometimes against the Nobles' causes. The great Adepts are feared and powerful figures who can influence great events with a few words. The church of Helion uses its influence in much more subtle ways, promoting peace and thoughtful meditation. The nobles and Adepts both seek the favour of Helion to lend their activities the glow of righteousness. Of course there is a huge underclass that does all the toiling, and a less numerous middles class of merchants and artisans. It is the middles class that is promoting the rise of the Dark Mechanics and their useful arts. And there is one more, mysterious, group called the Eclectics. The Eclectics are feared and reviled by the ruling powers as obscene monsters - half human, half machine. The Eclectics plans are unknown, but they wield fearsome mastery of the Dark Mechanics.

The book is well plotted. The story moves forward quickly with interesting and surprising twists as it goes. There are a number of political factions who react convincingly to the events of the story. Action, personal daring, quiet bravery, and backroom politics all help propel the story forward. The story covers about 30 years, and follows a few main characters over this period in detail. This is a cusp point for this society. The powers of the Adepts and their Bright Mechanics are waning, but the Adepts are doing their best to hide this fact. The once completely banned Dark Mechanics are becoming more and more tolerable as the devices created become more useful. Even the most old-fashioned Noble can see the use of firearms.

The Nobles are starting to embrace the Dark Mechanics to get an advantage over the Adepts, but events are accelerated when a young boy fulfils an ancient prophecy. Now, each faction is trying take advantage of the prophecy while the Eclectics slowly move forward their more patient plots. Events seem to sweeping everyone aside, but is someone still bending things to conform to a grand scheme?

Events leap forward at the beginning of the book, and this leads to one of the minor flaws in the story. Sometimes things leap forward too fast and leave you wishing you were able to read more details. At one point a character goes from young girl, to wife of a powerful political figure with no intervening events. It left me wondering how this man courted and won this strong willed girl. Did he just order her to marry? Did he seduce her with power, or was it true love (at first)? We are left wondering. This problem only happens two or three times in the beginning chapters. The last two thirds of the book move along at a more satisfying pace, and explore the characters and their lives in a fair amount of depth.

The language, to better suit the period, is sometimes flowery in its description, and formal in speech. I enjoyed the writer's style and use of language. The main characters are generally well rounded and stay in character. They sometime do surprising things, but you are never left thinking that 'they would never do that'. I did sometimes wish the novel was a bit longer and took more time exploring the characters lives.

The theme of the book can be read many ways, but to me it explored the lengths that the people currently in power will go to, to remain in power. Those in power want to stay in power, and aren't shy about exerting their influence to stay on top. Huge amounts of effort are expended to protect the status quo even when there are strong signs that a new order might be more profitable for both those in power and their subjects.

The decisions that the prejudices that people have ingrained into them by a lifetime of both overt and subtle teachings are also explored. Sometimes this can lead to self enlightenment, but too often it leads to squalid hate. Don't let this make you think the novel is preachy. It isn't. These things are drawn out in the natural course of the story, and simply add an interesting subtext to the action.

All in all, this novel proves that high quality novels are available outside of the normal distribution channels.

You can purchase Reflecting Fires from Xlibris or Amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

jvmatthe writes "Today's All Things Considered on NPR had a story about intellectual property and patents from America's history that could have been ripped from today's Slashdot headlines, yet it happened almost a century ago. It discussed how the Wright Brothers, considered the fathers of modern heaver-than-air-flight, had tried to lock up the skies after their patenting of the ideas used to build their airplanes. They had a long, bitter legal battle with Glenn H. Curtiss who also made airplanes; Curtiss is credited with being "the first to make a public flight in the United States, the first to sell a commercial airplane, the first to fly from one American city to another, and the first to receive a U.S. pilot license", among other things. Here's where it really gets interesting: the patent battles dragged on and apparently could have actually hindered the growth of the American airplane industry. It wasn't until World War I that people put aside their differences for the common good and the industry worked together in a spirit of free exchange of ideas! So, does is this a sign for how we might eventually get out of the patent mess we're in now? Some catastrophic event brings everyone together and the locking up of ideas with overly broad patents finally ends? For more reading, the NPR story focussed on Unlocking the Sky by Seth Shulman."

Slashback tonight with news of the Farscape backlash, an explanation for the slight shipping delay on your hypothetical new Human Transporter, an amusing chapter in the long and boring Nigerian spam book (check out the passport), and some tips on getting Linux on an Xbox. Enjoy! Update: 09/13 00:34 GMT by T : And a late add as well below with some important information for anyone intrigued by yesterday's mention of discarded AT&T microwave towers for sale.

You knew this had to be too good to be true. Joe Ryan from AmericanTower.com writes: "Please note that the information posted Wednesday regarding sites American Tower has for sale is not accurate. American Tower Corporation has a limited number of surplus towers for sale. The list of sites can be accessed through our sites for sale list at http://www.americantower.com/mainweb/SitesForSale.asp. These are the only towers that are for sale. Please also note that these Surplus sites are sold on a strictly "as is-where is."

Thanks for the correction.

If the site you are inquiring about is not on the "Sites For Sale" list, then it is not for sale."

Despite all the lobbying, the wait is on. dgreno writes "Like many other Slashdot readers, I stations signed up with Amazon.com to be notified when the Segway Human Transporter would be available for sale. Today Amazon sent me an email which included the following, "We've recently learned from our supplier that the item you requested to be notified about, Segway Human Transporter (also known as "Ginger" or "IT"), will not be available in the foreseeable future." I guess the sidewalks are safe for a while longer."

Don't they like devoted fans? $nyper writes "I just wanted to let everyone know that there is major backlash against the Sci-Fi channel from fans about the cancellation of Farscape. They appear to have miscalculated the Fans. For the past few days Sci-Fi's main office has been inundated with faxes, e-mails, and phone calls to keep the show alive for its 5th season. CNN Headline news also ran a story on the effort yesterday. What it boils down to is that at $1.5 million USD per episode the greatest science-fiction show on television is too expensive for Sci-Fi to produce. Even the top Executive at the Sci-Fi channel (Bonnie Hammer, Executive Vice President and General Manager), which is one of Farscape's biggest fans is currently only operating in figure head mode and is being made to keep quiet. Most think she would speak out in favor of the show but is worried about the status of her job at the moment. If you have any questions about what you can do to help out, just pop over to Farscape World for the best information. There is also a website setup for detailed up to the minute information about the struggle to save Farscape over at the main Save Farscape site including information being supplied under the table y a Sci-Fi channel mole. :)

After all the coverage Sci-Fi has stopped the construction crews assigned to tear down the sets and have re-entered negotiations regarding the show. The Jim Henson company that is responsible for the show's creation is also currently courting executives from Showtime and UPN about moving the show to another network for the 5th and future seasons."

This will not be made into a Dummies book for a few years yet. dsyu writes "Follow-up to a previous article -- the good folks at the X-Box Linux Project have posted step-by-step instructions on how to install SuSE 8 on your XBox."

The Nigerian Spam saga wends ever onward. An anonymous coward writes "'Mike Aba' and 'Obi Azuka' are the fake names used by a Nigerian criminal who tried to defraud me. As soon as I read the "DEAR FRIEND" of the first e-mail, I knew it was a scam, but for fun I decided to mislead the criminal into believing that I was falling for his scam. You can read the exchange of e-mails here. This type of fraud is known as the Nigerian Fee scam. Unfortunately, gullible people do fall for this scam. Hopefully this page will alert more people and make criminals like "Mike" less successful."

Robert Nagle writes: "Apache's HTTP server has been by many measures the most popular web server on the web, and perhaps the primary application that drives people to Linux and open source. Three years ago, Wrox published the definitive book on running the Apache server by Peter Wainwright. Excellent though the book was, it badly needed updating. In May 2002, Wrox published another book, Professional Apache 2.0, which covers the new generation of Apache server, as well as older 1.3x versions that are still running production servers around the world." Robert's review continues, below. Professional Apache 2.0 author Peter Wainwright pages 873 publisher Wrox rating 5 Stars reviewer Robert Nagle, Idiotprogrammer ISBN 1861007221 summary Excellent, comprehensive Guide to the latest version of Apache.

Although Apache changed a great deal in its version 2.0, it is a credit to the Apache folk that the config files and command line options have basically remained the same for sys admins. For this reason, the book seems to include a lot of material (CGI security, building, core modules) from the original book. However, a closer look reveals many changes. Almost every chapter includes a discussion about how features differ in both versions of Apache. The book does a good job of giving an overview of Apache's architectural changes and how the use of multi-processing modules (MPM) allow the admin to choose an optimal implementation of apache. This edition, noticeably bigger than the previous one, contains many more examples of how one can extend apache functionality (configuring for binary distribution, setting up virtual interfaces, load sharing). Many sections have been expanded. The discussion of security and SSL is more detailed, yet more succinct; so is the section on content negotiation, (which is twice as long as the previous book), doing proxy server configurations, rsync and benchmarking performance. The discussion on hardening the server was great and up-to-date, although I wish the book spent more time discussing on patching and upgrading.

What is new to the book? We find a longer discussion of graphic administration tools for Windows and Unix, including webmin (which actually I wanted more of). We also have discussions of newer modules such as mod_ruby, mod_python, mod_dav as well as a brief description on how to install tomcat alongside apache. The discussion of mod_dav was especially helpful and interesting to me (and I was especially glad that the author acknowledged the Subversion DAV module, something which is bound to become more important). The php stuff hasn't changed much (although at the time the book was published, 2.0 compatibility with PHP was still an iffy proposition). The book's discussion of mod_perl isn't significantly different, although it does point out migration issues and some additional features.

Generally, the book is clearly written and contains enough examples to find any configuration you want. A few parts required rereading (especially the part about proxies and proxypasses), and occasionally I needed a better explanation of what the example code was supposed to do.

No book can be everything for everybody, and nobody can accuse the book of not having enough content (it is after all more than 700 pages!). I found myself wishing for other things. The book briefly discussed 2.0's support for ipv6, but I longed for a fuller explanation and a more detailed example (Fortunately, I had seen a good ipv6 tutorial on Linux Journal ). Also, I would have liked more information about other web application servers (like zope that Apache sometimes coexists with, content frameworks (such as cocoon) and other goodies produced by the Apache Foundation. The author might legitimately feel that such subjects lie outside the book's scope, but such topics are becoming more important.

In summary: for newbies who are looking for a guide to start with: this is the definitive book to read. It's definitive and a little imposing, but it is well written and logically arranged.

For people already familiar with Apache 1.3 but looking for more depth about ipv6, php, content frameworks or Tomcat, it might be better to read books on those specific subjects instead of this one. Indeed, Wrox will soon be coming out with a book specifically on Apache and Tomcat.

For experienced system administrators, the material in this book may not be terribly new, but they will still appreciate the variety of configuration examples for managing large numbers of virtual hosts and the convenience of having documentation of the 1.3/2.0 differences at their fingertips.

You can purchase Professional Apache 2.0 from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Alexander Moskalyuk writes "Most of the people I know have a love-hate relationship with Kip Irvine's Assembly Language for Intel-based Computers. Ask any student who used this textbook and you will either get a cheerful 'I've used it, it's great, I learned Assembly, and it has lots of useful examples' or resentful 'The book is horrible, hard to follow and full of code that is irrelevant to the contents of a specific chapter.'" Alexander's review of the book (below) concentrates on its role as an instructional aid, and on the differences between the third and fourth editions. Assembly Language for Intel-Based Computers, 4th edition author Kip R. Irvine pages 676 publisher Prentice Hall rating 8/10 reviewer Alexander Moskalyuk ISBN 0130910139 summary Authoritative source on Intel assembly programming and Assembly language fundamentals

Popularity Contest of One A quick search on Amazon, however, reveals that for the keyword 'Assembly' Irvine's book is still the bestseller. The fourth edition of the text tops the list and the same was the case with the third edition. The university where I teach uses Irvine's textbook for its introductory Assembly courses. We've used third edition throughout last year, and decided to stick to the third edition (with fourth recommended) during this academic year as well, just to avoid having students cash out for a newer version of the same text. Since this is a Prentice Hall textbook targeted mostly towards Computer Science and Engineering programs, welcome to the world of academic pricing -- the list price of fourth edition is $76.

Third vs. Fourth

The first natural thing to do is to see whether the fourth edition of the text is superior to 1999's third edition. Just looking at the table of contents, you can see that a lot of new material has been added, even in the introductory chapters. Furthermore, fourth edition has a new version of the first Assembly program introduced to the reader. Instead of the notorious 'Hello, World' example, it's now adding three numbers. Hello, World would usually be the thing to introduce first in classes with C++ or Perl being primary languages. However, in Intel Assembly the example just confused students more, since printing the phrase "Hello, World" to the screen involved dealing with interrupts, and that topic would not be covered until later in the course.

Irvine also got rid of his "Using the Assembler" chapter, which might be a nuisance for some of the readers and relief for others. The book comes with Microsoft ASM and thus all examples assume using MASM for their compilation needs. In my class, however, NASM has always been the compiler of choice, partly because it's easier to introduce to novice programmers who have not been exposed to Assembly before, and partly because of the tradition -- NASM was the compiler that previous instructors used, and thus was available on university servers and familiar to tutors in the labs. Vaguely named "Advanced Topics" chapters are almost gone and now changed into much more informative "16-bit MS-DOS programming," "Expert MS-DOS programming," "BIOS level programming," "32-bit Windows programming" and "High-level language interface." The last chapter of the book is now the only one bearing the name "Advanced Topics" and discusses things like "Hardware control with I/O ports," "Intel instruction encoding" and "Floating-Point arithmetic."

Some appendices are gone as well. The third edition included such topics as "Binary and Hexadecimal tutorial" (now moved to be a part of the introductory chapters), "Using debug" (tutorial on using debug.exe on Microsoft platforms to trace the Assembly code -- it's a shame the appendix is pulled out of the book, since now either students have to learn the commands for debug.exe themselves or additional class time needs to be spent on that), "Microsoft CodeView" and "Borland TurboDebugger" (both gone for good) as well as "Guide to the sample programs" (in this new edition, that successfully migrated into "Installing and using the assembler").

Except for the shocking absence of debug.exe tutorial appendices, the fourth edition looks much more straightforward and useful. Speaking of appendices, there are four of them now - "Installing and using the assembler," which few people ever bother to read when in class, "Intel instruction set," which is the mother of all useful appendices (in fact, I've seen good students get by on nothing else but this appendix), "BIOS and MS-DOS interrupts" and "MASM reference." The CD by the way, includes MASM, source code and macros for the book, as well as evaluation version of TextPad.

Academic value

Kip Irvine is usually accused of bringing up examples that confuse novice readers and trying to show off with his knowledge of IA-32 Assembly. Read the Amazon reviews to find out more. Personally I have never had problems with his style of writing. There were, though, some mistakes in the third edition of the book that would make an instructor pull his hair to pieces. Typos, grammatical errors and words that did not get picked up by the spellchecker were acceptable, but when the sequence of operations during code execution was described incorrectly, you can hardly be accused of being too picky, since you get students relying on the book for knowledge and being mad at you for flagging their code wrong on the test.

If you have the third edition handy, pages 234 and 235 describe the RCL and RCR operations, providing the incorrect order of operations and thus forcing students who use this textbook to learn these instructions to arrive at incorrect results when given a snippet of code to trace. Page 232 in the fourth edition now has the correct sequence of operations.

I would lie to you if I told you that I've read the whole book. Very few people would actually need to go through seven hundred pages, and some of the things discussed might never be useful even if you spent the rest of your life programming Intel Assembly 40 hours a week. But from the information that I got after reading the chapters that interested me (mostly introductory material and all chapters that cover instruction set and interrupts), the text seemed to present material in a clear and straightforward manner, with abundant examples.

A nice addition to Chapter 1 was an explanation of how virtual machines work, since the university uses Java as its core programming language. The second chapter goes on smoothly with careful introduction into the architecture principles and then switches into overdrive, presenting students with information on "Multi-stage pipelining" followed by reasonably simple material on "How programs run."

The book jumps into IA-32 architecture, although I wish that for introductory class the text would stick to 8086 architecture, and then have the 32-bit registers introduced. But generally it's a thorough and informative text for anyone deciding to learn programming Assembly language on Intel platforms, or just beginning Computer Science majors deciding to find out how the stuff really works as opposed to playing with high-level APIs.

The table of contents can be found at publisher's Web site. There's also a Web page for the book, where the author has posted some chapters in PDF format. The chapters published for free include Chapter 1 - Basic Concepts, Chapter 2 - IA-32 Processor Architecture, Chapter 6 - Conditional Processing, Chapter 11 - 32-bit Windows Programming, Chapter 15 - BIOS-level programming as well as Preface and Table of contents.

You can purchase Assembly Language for Intel-Based Computers, 4th edition from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Xenopax writes "According to this story on the Sacramento Bee Americans are now more willing to throw away their first amendment rights for the false feeling of security than ever before. In fact many believe that the First amendment goes too far with its protection and think we should allow monitoring of religious groups for national security. Also many people believe the media shouldn't be allowed to question the government in times of war. One has to wonder if anyone cares about their constitutional rights any more, or if everyone would be happier living in 1984." The study is conducted by the Freedom Forum every year and is available for download.

BShive writes "Developing Applications with Java and UML focuses on building and modeling industrial-strength Java applications. The book takes you step-by-step through a product lifecycle and software process. You do not need to know UML or OO Design, as both new and experienced Java developers will benefit from reading this book. It is highly focused on process, so developers will have to put aside the 'jump in and code' attitude." Read on below for the remainder of his review. Developing Applications with Java and UML author Paul R. Reed, Jr. pages 463 publisher Addison-Wesley rating 9 reviewer Ben Shive ISBN 0201702525 summary Developing Applications with Java and UML focuses on building and modeling industrial-strength Java applications. The book takes you step-by-step through a product lifecycle and software process.

Each chapter begins with a brief summary and a list of the goals. After reading the book through, both should be useful. Each chapter also closes with a 'checkpoint' that summarizes what has been covered in the chapter and what is to come.

The first chapter sets up the entire book by outlining some of the project problems encountered in software development. Once the author gets into development models, the Unified Process from Rational Software, a huge and detailed software process, is introduced. The book focuses on only using the elements that provide the biggest 'bang for the buck'. The Unified Process is the focal process of the book, but the Synergy Process is a free alternative, only lacking some additional guidelines and how-to's. A short overview of UML is covered, along with its' place is in the software process. He notes that a project that just uses UML in a vacuum without a sound process and plan will fail.

The second chapter briefly discusses the Java language alongside the concept of Object Oriented Programming. Experienced Java programmers could skip this section if they wished. The section is worth skimming as a lead-in to the explanation of how Java and UML are a good fit.

Chapter three, Starting the Project is the first time the book delves into the meat of how to structure a project. The example scenario that is followed through the book is introduced, and throughout the book real-world examples are used that relate to the sample project. Every theory in the book that is translated into some kind of example the reader can pull apart and examine.

Through the next few chapters use-cases and class diagrams are covered, leading up to building a user interface (UI) prototype. Personally, I've never used UML for anything but sculpting class diagrams for export. This is the point in the book where I started to see how the rest of the project is able to use UML and tie it all together. Being able to model the classes and easily export them is very powerful, but even more so when combined with the rest of the ways you can employ UML in your project.

The following chapters are much like the first few that began to talk about the sample project. There is no Java code until chapter 9, halfway through the book. This is not the book to get if you are only interested in how to use UML as a base to dump out some code.

Throughout the book the content remained interesting, and relevant. Do not expect to sit down and read it from beginning to end. There is a great deal of material covered and no topic that was inadequately explored. Using the sample project consistently throughout the process was invaluable, along with the samples and source code provided. Alongside the process, the real life anecdotes and comments provided were a welcome addition instead of an intrusion. The author is someone who's seen the mistakes that could be avoided. For example, an application with 70,000 lines of Java code that only contained two classes.

Having talked about the depth and detail of the book, this was also one of the bad points as well simply since it takes so long to get through. People already well experienced in running a project with similar phases will find it much faster reading. The other issue is the expense of the tools and products involved. Rational Rose, the Rational Unified Process and WebLogic are rather expensive products. Thankfully there are alternatives that he mentions in the book, and others as well. Visio, the Synergy Process and Tomcat are all possible alternates. Surprisingly, Tomcat is used in his example setup.

I had left the rating at 8 throughout most of my reading while considering the positives and negatives. However, when I finished the book I bumped the rating up to 9 simply because of the wealth of information I learned. Anyone aspiring to run a team project with Java should read this book. In the corporate arena, most of the battle is not the code, but understanding what the users want and what will be created. Following any kind of process will improve the result, even if only a few key elements are used.

Chapters:
1. The Project Dilemma
2. Java, Object-Oriented Analysis and Design, and UML
3. Starting the Project
4. Use-Cases
5. Classes
6. Building a User Interface Prototype
7. Dynamic Elements of the Application
8. The Technology Landscape
9. Data Persistence: Storing the Objects
10. Infrastructure and Architecture Review
11. Constructing a Solution: Servlets, JSP and JavaBeans
12. Constructing a Solution: Servlets, JSP and Enterprise JavaBeans

Appendix:
A. The Unified Project Plans
B. The Synergy Process Project Plan
C. Estimating Projects on the Basis of Use-Cases
D. Sample Project Output
E. BEA WebLogic Application Server

You can purchase Developing Applications with Java and UML from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

spellcheckur writes "Techno-mag-turned-fashion-rag Wired Magazine has an article about MIT kids counting cards in Las Vegas. I wish I could have made seven figures while I was still in college. Maybe I should get a how-to book." Also, any chance is a good chance to mention The Eudaemonic Pie.

CoffeePlease writes "At the time of his death in 1790, when more than 5,000 of his glass armonicas had been built, Ben Franklin had collected no money from his glass armonica. He refused to patent any of his inventions, saying: 'As we enjoy great Advantages from the Inventions of others we should be glad of an Opportunity to serve others by any Invention of ours, and this we should do freely and generously.' Read more here and here. A historical/sci-fi novel by Louise Marley has come out on the subject also. It would be interesting to find out if any other early inventors shared Franklin's generous views on patents." There's even a FAQ.

WCityMike writes "Amazon has quietly revoked the $50 rebate for Mac OS X 10.2 it was supposedly offering through September 3. The rebate form was updated to reflect this a few hours later. While theories as to why abound (including supposed involvement from Apple), some have reasonably pointed out that Amazon may not have expected as voluminous a response as they got, making the rebate a potentially major cash loss had it continued at that volume. People who already placed their orders should probably contact Amazon, while the rest of us can simply continue hoping Apple will offer its own 'rebate'." I think maybe it was a mistake; the rebate form I saw originally never had Mac OS X 10.2 on it.

WCityMike writes "Amazon has quietly revoked the $50 rebate for Mac OS X 10.2 it was supposedly offering through September 3. The rebate form was updated to reflect this a few hours later. While theories as to why abound (including supposed involvement from Apple), some have reasonably pointed out that Amazon may not have expected as voluminous a response as they got, making the rebate a potentially major cash loss had it continued at that volume. People who already placed their orders should probably contact Amazon, while the rest of us can simply continue hoping Apple will offer its own 'rebate'." I think maybe it was a mistake; the rebate form I saw originally never had Mac OS X 10.2 on it.

WCityMike writes "Amazon has quietly revoked the $50 rebate for Mac OS X 10.2 it was supposedly offering through September 3. The rebate form was updated to reflect this a few hours later. While theories as to why abound (including supposed involvement from Apple), some have reasonably pointed out that Amazon may not have expected as voluminous a response as they got, making the rebate a potentially major cash loss had it continued at that volume. People who already placed their orders should probably contact Amazon, while the rest of us can simply continue hoping Apple will offer its own 'rebate'." I think maybe it was a mistake; the rebate form I saw originally never had Mac OS X 10.2 on it.

WCityMike writes "Apple's decision to offer no upgrade fee to existing Mac OS X users caused a great deal of unrest amidst Macintosh users, but Amazon may have made the argument a bit moot by offering a $50 mail-in rebate, thus bringing the price down to $79 for all users. Check out their listing for 10.2, or the mail-in rebate form. I wonder if, when Apple notices all its orders are coming in through Amazon, they'll get the point?"

WCityMike writes "Apple's decision to offer no upgrade fee to existing Mac OS X users caused a great deal of unrest amidst Macintosh users, but Amazon may have made the argument a bit moot by offering a $50 mail-in rebate, thus bringing the price down to $79 for all users. Check out their listing for 10.2, or the mail-in rebate form. I wonder if, when Apple notices all its orders are coming in through Amazon, they'll get the point?"

Your intrepid reporter took a jaunt down to the H2K2 conference this past weekend, held in the lovely Hotel Pennsylvania. The conference had much more floor space than they had two years ago, and it seemed like more attendance as well. Wireless networks were available, though overcrowded, and if you didn't encrypt your communications, well, you've probably already paid the price. My notes on the conference and the sessions I attended are below, followed by a couple of reader submissions.

The conference took up the 18th floor of the Hotel Pennsylvania[1], with the second floor being devoted to network operations/music/gawking at the old computers. Unlike the last conference, both major session tracks were on the same floor, preventing the logjams that occurred in 2000 when hundreds of people decided to use the elevators every hour between sessions. Lesson learned for future conference organizers: don't split your major crowd-drawing events between floors if you can possibly help it.

Siva Vaidhyanathan was the first keynote speaker. He described the internet as a cynical technology -- a technology which promotes seeing things as they are, not veiled by smokescreen or corporate PR -- and noted the attacks on cynical technologies since Sept. 11, tying that in to the copyright wars with Valenti, the DMCA, WIPO, and so on. It was good, well-reasoned speech, but honestly, Slashdot readers have heard it before so I'm not going to spend much time on it.

Andy Mueller-Maguhn (probably best known to U.S. readers as the European At-Large ICANN representative) and Paul Garrin of Name.space gave a talk about ICANN and the DNS. Mueller-Maguhn described the attendance at ICANN's Montevideo meeting: about 450 people overall, of which 320 were representatives of the Intellectual Property community (RIAA, MPAA, many others), 100 or so from the world's various governments, and even a few technical people. He drove home the fact that the IP people have the funds and personnel to participate in these meetings, and that few other organizations do. Mueller-Maguhn was critical of the recent decisions by various U.S. civil liberties groups to stop trying to affect ICANN (nothing they've done has had any effect) and to start working on the U.S. Commerce department to cause change in the DNS -- Mueller-Maguhn prefers to work within the system, even when his efforts bear no fruit. Garrin talked briefly about Name.space's efforts to provide a free-speech alternative to the current DNS system.

Goldstein and Macki of 2600, and Robin Gross of the EFF, discussed the DeCSS case. Again, this a topic thoroughly covered on Slashdot, so I see no need to recap the talk. They noted that Jon Johansen is still facing charges in Norway, and that the EFF is still interesting in overturning various provisions of the DMCA, so if you have a situation that might represent a good test case, please contact them.

The next day, Eric Grimm and Robin Gross did a presentation on the DMCA, almost a continuation of the DeCSS presentation. Notice and takedown, ReplayTV, the Eldred and Golan lawsuits against the most recent copyright extensions; Slashdot covers these pretty well.

This was followed by journalist Declan McCullagh and cryptographer Matt Blaze, with a talk titled "Educating Lawmakers: is it possible?". McCullagh told his favorite anecdotes about Congressional stupidity, while Blaze described his interactions with the NSA during the dark days of crypto prohibition. Blaze described his work on the Clipper chip, which may be before the time of some Slashdot readers: in a nutshell, the U.S. government decided that they would promote a cryptographic solution which had a Federal backdoor, allowing users to secure their secrets against anyone but the government. Blaze expressed interest in it, and was invited to visit Ft. Meade, where he was given a sample Clipper chip by NSA techies -- except they weren't sure if he would allowed to take it out of the facility. The techies gave him a brown paper bag to carry out the sample -- a burn bag for *classified* materials. Which he successfully carried out, with Clipper chip inside. Blaze discovered major flaws in Clipper's backdoor, which would have allowed anyone to gain access through it, and which eventually helped torpedo the Clipper plan. (Of course, Microsoft's Palladium plan will accomplish much the same purpose: just as the Federal government had final control over the design of Clipper, Microsoft will have final control of your PC, making government wiretapping trivial, so saying "key escrow is dead" is not even close to true.) Blaze concluded by describing his testimony before the Senate Intelligence Committee: he noted that when he consulted with other witnesses after the testimony, each of them had independently decided to liberate one of the stationery notepads provided in the hearing chamber for a souvenir, and "one of us got the gavel".

Aaron McGruder gave a very interesting speech. I had barely heard of him before (not a Boondocks reader, sorry), so I wasn't sure what to expect. McGruder covered his experiences getting into cartooning, and described getting his thoughts into a few hundred newspapers daily as a "hack," which I suppose it is. His speech was mostly about his cartooning and recent politics -- suffice it to say that he isn't a fan of Bush and the current corporate government.

Philip Kaplan, best known for fuckedcompany.com, talked about the secrets of making money on the net. His secret is basically: when you scratch an itch for yourself, scratch it for others as well, since probably thousands of people worldwide have the same itch you do. He also described some of the trials and tribulations of running his dot-com deadpool site, the inevitable legal hassles, etc.

Jello Biafra wasn't originally scheduled to speak, but happened to be in town. His address last time with the refrain of "Become the media" brought the house down, and he gave a late-night wide-ranging ramble working from handwritten notes which again proved to be quite popular. The talk centered mainly on music, with a secondary helping of politics, touching on his legal troubles with the rest of his former band, current developments in digital music, and ad-busting counter-culture efforts (he was following Mark Hosler of Negativland). Biafra came prepared with some old vinyl albums of corporate morale-boosting and sales songs -- imagine songs composed at corporate retreats and sung by miscellaneous employees, extolling the joys of using company X's products, or a song about the joys of being a Ford employee's wife who (of course) stays home to cook him dinner and bring his slippers when he comes home after a hard day at work. Hilarious stuff.

On Sunday, Maximilian Dornseif gave a talk about digital demonstrations. Obstructive demonstrations and sit-ins are more popular in Europe than in the U.S., and they are branching out into digital versions, electronic sit-ins that attempt to slow down or DDOS targeted websites for political ends. Dornseif described several previous attempts: programs distributed to automatically reload a targeted website, for instance. Some of them were quite sophisticated, including one with smart date-checking to make sure it was used only during the designated protest time. Dornseif described his ideals for an electronic protest, to make it as similar as possible to a real-world one: persons involved should be identifiable, outside observers should be able to know the goal of the protest, etc. Overall, an electronic protest should have strong parallels to physical protests, so that if the judicial system examines the legality of what you are doing, the judge is tempted to find it a legitimate protest rather than an illegitimate attack by cyber-criminals. Dornseif suggested making "slow" connections to HTTP servers ("G" sleep 10 "E" sleep 10 "T" sleep 10 ...), as well as "accept flooding" -- completing the TCP handshake, but not actually making any HTTP request -- these are "slow" versions of regular connections, which make effective DOS's, but also mimic regular users and might find acceptance in the courts as part of a planned protest.

Finally we come to some of the most interesting presentations. The lockpicking presentation, by Barry "The Key" Wels and Mike Glasser, was given to an utterly packed room. Wels and Glasser described many common and uncommon types of locks, and proceeded to pick them with great success. Those combination Master locks that are so popular on high school lockers? Takes one second to open any of those with the proper tool, a bent piece of metal that allows the shackle to simply pop out. You might want to invest in better protection for your varsity jacket. Thought your bicycle U-bolt lock was too strong to cut? It only takes ten seconds to pick it with the right tool, a circular pick that mimics any key. This might help explain the two bicycles I've had stolen in New York City. Normal house deadbolts? Maybe 30 seconds. They covered an assortment of high-security locks, such as ones with side dimple keys instead of teeth, 3 or 4-edged keys, disk keys, locks with magnetic pins, and so on. It was a remarkable presentation, and Mr. Wels especially represents a true hacker in every good sense of the word. He suggested starting at locktools.nl or security.nl or lockpicking.org if you'd like to try your hand.

Douglas Rushkoff was next with a wide-ranging speech about the true role of hackers in modern society. I probably can't do justice to his argument - read through his website, which has a lot of various essays and articles, if you want to get a sense of it -- but essentially he made a very Matrix-like argument about hackers, storytellers, the media, and empowerment. Starting from a premise that stories control reality (as an example he used the Ewoks in Star Wars, who were convinced to die for the Rebellion by the stories told to them by C3PO), he said that recently we have been empowered to alter and participate in our own stories (empowerment through devices such as the joystick, remote control and computer keyboard, each of which allows us to control our experiences), but this time is now ending. We are currently in a Golden Age of interactivity, where most of the attackers that attempted to control computing and the internet in round 1 have been beat down (the dot-com bust), but they're coming back, and hackers are the only ones who have the ability to see through the veils (computer GUIs and the like) that blind us to true reality. Very fun to listen to, and way too full of information to summarize effectively. I'll leave you with one memorable analogy -- Rushkoff said business and government were like bacteria and fungus, they have to stay in balance and if you suppress one of them the other one grows out of control. Not a bad analogy at all considering the times we live in.

Eric Blossom gave another fascinating presentation about GNU radio, whose goal is to develop a Free software-defined radio system that runs on commodity hardware. Software-defined radios are a tremendous concept which are going to cause revolution when they are deployed. Think about a PC or other electronic device that has complete access to every bit of information in every radio-frequency wave passing through it, in constant wireless communications with any nearby similar device. Maybe if the devices are close, they adopt a high-frequency unlicensed band to communicate, if they're farther apart they pick a lower frequency ... Slashdot gets a lot of Ask Slashdot questions which say roughly "What open source software project should I work on?" or "I know I like computers, what should I do in college?" We delete most of them. Here is the answer for everyone who asks those questions: software-defined radio. Trust me. It's going to be big. The GNU radio people are concentrating mainly on television applications right now, because the tuners and such are readily available, and they have a lot of pieces which each work but still have a lot of work to do to create a turnkey system.

Ryan Lackey and Avi Freedman talked about the past, present and future of Sealand. We've covered this pretty extensively on Slashdot. Havenco is doing acceptably well, with their only significant problem being that the major European ISPs keep going bankrupt. They hinted that they are planning to do more things to promote free speech in the very near future - they already run an anonymous remailer and host a copy of DeCSS. An offhand comment by Freedman gave me a very good idea of what they're planning, but I'm not going to spoil their surprise by mentioning it here.

And finally, the time-honored Social Engineering panel. Again, the largest conference room available was packed with attendees. After a few funny stories about legendary hacks, Goldstein read the AT&T memo and noted, "If that's not an invitation I don't know what is." Coincidentally or not, the two lines which Verizon had installed in the conference room were mysteriously unable to dial long distance numbers or AT&T, though they had been able to yesterday. (Um, the phone companies are slow but they're not stupid - when a conference of phone hackers wants phone lines installed, it has to set off a few alarm bells somewhere.) When Goldstein eventually got an AT&T operator, she was suspicious and refused to assist him - obviously she had read the memo. :) Goldstein decided to hit easier targets, and starting paging through the phone book, eventually settling on a Starbucks outlet. He was able to get a Starbucks employee to provide him with customers' credit card information, without much difficulty. If you used an American Express card to make a $3.57 purchase at a Manhattan Starbucks on Sunday morning, you might want to check your next statement (although the A/V crew kept the card number from being heard by the crowd). Next up was the Russian Tea Room, a high-class restaurant in Manhattan, where Goldstein had no difficulty in changing some poor woman's reservations and getting her phone number, then calling her and notifying her of the changed reservations, due to a "health inspection". He said he'd call and change them back to the original time, showing the hacker's spirit: inquisitiveness without destructiveness.

Overall, I had a great time at the conference, and so did a couple of non-computer geeks that I dragged along with me. I'm looking forward to H2K4 already.

[1] That's the third time I've linked to that Dave Barry piece, and it's still funny.

Reader lokii202 takes a look at the Social Engineering presentation: lokii202 writes "I attended the Social Engineering panel discussion today at the H.O.P.E. conference, and thought it might be nice to follow up on the previous article about AT&T's Hacker Warning memo. The AT&T security number was tried and the attempt failed, although one of the members of the large crowd in attendence offered up an AT&T HRID number. The operator got suspicious and shut us down.

However, no fair 'cause they were ready for it. Starbucks, to our enjoyment, had no such warning memo circulating, and here are the results...

Our panelist made a call over a standard phone line to a Starbuck's store using a calling card. Asked the underling if they were having network problems. Underling, following the standard underling procedure, got the Assistant Manager. AM told us that yes, they were having problems with the credit card system. Oops. Within about 5 minutes he was reading off transaction times, dates, and more chillingly an American Express card number and expiration date. Our panelist stopped the guy before he exposed the whole number (the phone was hooked into a P.A. system for the conference and the experiment). The point was made very clearly.

Next, our guy called up the Russian Tea Room, which is a pretty classy joint in NYC, and posed as the flustered husband who needed to change dinner reservations for this evening. He had no names, no prior knowledge, etc. He managed to get some poor guys' reservations changed to 9pm and also got the guy's cell number. Next, he called the guy and posed as a Russian Tea Room host and apologized that his reservations were changed to 9pm, due to a health department inspection.

That was kinda funny.

High tech gizmos and uber-gear might get one pretty far, but when you come down to it security starts with the user. This demonstration, and others like it at H2K2, made it embarassingly apparent that to obtain sensitive data one only needs a little ingenuity and some acting skills."

Reader weave takes a look at the whole conference (this may seem repetitive, but it's good to look at things through others' eyes...) He writes "H2K2 (or HOPE 2002 or Hackers On Planet Earth 2002) was held this past weekend in New York City at the Hotel Pennsylvania. I've been to previous HOPE conferences and this one was much better than ones in the past, but it still had a few problems.

Aaron McGruder, the creator of Boondocks comic strip was keynote. Jello Biafra makes a repeat appearance as well as some other past favorites, such as the "former spy" Robert Steele, as well as some surprise guests such as former Taliban fighter, Aukai Collins.

This is my personal review of h2k2. There were so many things happening at once that one person can't obviously see it all. This is based on what I saw, experienced, felt, and my personal opinions.

Keynote Speaker: Aaron MgGruder, author of Boondocks, spoke on Saturday. This was my favorite speaker and worth the price of admission. He was invited because he did a short sequence of strips covering the DeCSS subject and, as Emmanuel Goldstein said, "the only person in popular media to get it right." Aaron was very articulate, intelligent, and of course, opinionated. What I liked most about him was his admitting that he does not know it all. He made fun of political experts who sit around and debate political topics based on what they are spoon fed by popular media. He says there is not much difference between us and people who live in censored countries except they KNOW they aren't getting the full story. We all think we are smart and know it all. His advice to people who love to rant about political topics, "Shut the hell up, you don't know anything."

McGruder thinks our society is falling apart and the only thing that can fix it is revolution. He has hope, but not much. He spoke about Bush's line that countries that hurt American are going to have to pay, which means we kill a bunch of their innocent civilians so they get to claim that we will then have to pay, where they kill a bunch of us. McGruder's solution is that people should just go kill the leaders of these nations. He then back-pedaled (remembering the place was probably full of feds) and disclaimed that he wasn't advocating that anyone go out and shoot Bush (who he has no love for). He reminded us that if Bush was killed, we'd be left with Cheney, who is far far worse in his opinion. "If Cheney was President, Afghanistan and Iraq would be glass, and we may give the neighboring countries 30 minutes of warning to get away from the borders."

Jello Biafra: Jello was keynote at H2K in 2000 and returned this year to speak late Saturday night. He was well loved by most people there, based on the reactions I saw that night. I didn't like him. He reminded me of Rush Limbaugh except on the left side. Loads of rhetoric, wild claims, and positioning himself as an expert. He was supposed to speak for one hour, and then the film "Freedom Downtime" was to be shown. He rambled on for two and a half hours, then took his shoe off and asked for donations for his legal defense fund involving his former record label. People flocked up and stuffed it full of money as he started to spin records. At this point it was 12:30am and I gave up and went to my room and and got some sleep.

Robert Steele : Former spy, and backer of a concept called "Open Source Intelligence" where countries share intelligence information freely with each other and their citizens. His speech on Hacking National Intelligence was, to me, frightening. He claims that 9/11 involved a serious failure of our intelligence network and Washington is trying to whitewash it all. He also claims that he has no doubt at all that New York City will be the target of another terrorist attack soon. "When foreigners think of the U.S. they think of New York City. It is the center of capitalism." He is an excellent speaker. I hope he returns next time.

During his talk, he introduced Aukai Collins who told us of his experiences fighting for bin Laden (during the 90s when we were paying bin Laden's salary and he allegedly was a good guy). When the embassy bombings started to occur, he went to the CIA and offered himself as an intelligence source. He worked for them and the FBI a few years and during that time was invited by bin Laden's runners to come work closely with him. When he bought this opportunity to get close to bin Laden to his superiors, they told him not to go. He feels we lost probably our only opportunity to get one of our guys close to bin Laden. He has written a book on this called My Jihad.

If this so far sounds like h2k2 was more politics than tech, I got the same impression. I skipped out on most of the DMCA updates and other legal updates. They were hosted by members of EFF and their lawyers. The small bits I saw sounded very informative and I applaud their works in these areas. Since I've kept up on all the news on these cases, I decided to skip these forums.

The best of the tech presentations was Fun with 802.11b hosted by Dragorn, Porkchop, and StAtic FuSIOn. (I sometimes hate silly handles). During the days before h2k2, they mapped out over 400 open wireless networks accessible from within three blocks of the hotel in midtown Manhattan. They demonstrated passive snoopers like kismet and showed us different directional high-gain antennas. Their recommendation for a good PCMCIA 802.11b card was Cisco's 352, which I of course didn't have. I ran out and bought an SMC card for my company laptop before the conference and had a tech load Linux on my laptop. I told him he could pick the distro of his choice, but unfortunately he picked the one I'm least familiar with, Slackware. I could not get the damn card working for the life of me. I wanted to scream.

A big disappointment was the Cult of the Dead Cow Extravaganza . It was to be held down on the lower level in the network room and broadcast up to the conference rooms on the 18th floor. Well, it didn't work. I was upstairs and they mucked with the equipment for an hour trying to get a a/v feed going. After all this time of wondering whether we should fight our way downstairs to watch it in person, we got an announcement. "Sorry, but we can't get it to work. Oh, by the way, they have already started downstairs."

Urge to kill. My friend and I wondered how they screwed this one up and traced the wires to a display table and behind a closed stairwell door. We looked at each other and said "Nooo". We popped into a neighboring stairwell as everyone fought for the elevators. We went down one floor then popped over to the stairwell that we saw the wires going down. Sure enough, they had run the wires down the open portion of the stairs so they were hanging by their own weight for a distance of about 22 floors (the hotel has 18 number floors, about 4 lettered floors like A, B, C, D, a mezzanine floor, and lobby floor). I'm not sure what the stress would be introduced by a cable hanging by its own weight for that kind of distance, but I bet the center copper core couldn't bear it and broke inside.

So we run downstairs and saw some talented but unwanted female singing about how great the CDC was. Then someone else got up and swung a black briefcase looking device around. Had no idea what it was because we couldn't understand squat in the back. Basically we said to hell with them all, and left.

So while the presentations were hit and miss, the overall best part of the conference were the attendees. Freaks, geeks, and misfits everywhere, all being good to each other, curious, intelligent, and sometimes a bit too paranoid. Of course it was mostly guys, but there were women as well as one person who had a male voice but noticeable breasts and a feminine face and shape. Many other guys dressed up a bit too flamboyant for my tastes as well. My point being, everyone was accepted for who they are and all got along great together. I didn't meet a single person who I talked to who was rude, or unwilling to strike up a conversation. The network room had wired and wireless internet access and was open 24 hours a day and the source for some of the most fun at the conference. But by all means, the best part of h2k2 was the attendees and they are the reason why I will want to go again in the future."

Your intrepid reporter took a jaunt down to the H2K2 conference this past weekend, held in the lovely Hotel Pennsylvania. The conference had much more floor space than they had two years ago, and it seemed like more attendance as well. Wireless networks were available, though overcrowded, and if you didn't encrypt your communications, well, you've probably already paid the price. My notes on the conference and the sessions I attended are below, followed by a couple of reader submissions.

The conference took up the 18th floor of the Hotel Pennsylvania[1], with the second floor being devoted to network operations/music/gawking at the old computers. Unlike the last conference, both major session tracks were on the same floor, preventing the logjams that occurred in 2000 when hundreds of people decided to use the elevators every hour between sessions. Lesson learned for future conference organizers: don't split your major crowd-drawing events between floors if you can possibly help it.

Siva Vaidhyanathan was the first keynote speaker. He described the internet as a cynical technology -- a technology which promotes seeing things as they are, not veiled by smokescreen or corporate PR -- and noted the attacks on cynical technologies since Sept. 11, tying that in to the copyright wars with Valenti, the DMCA, WIPO, and so on. It was good, well-reasoned speech, but honestly, Slashdot readers have heard it before so I'm not going to spend much time on it.

Andy Mueller-Maguhn (probably best known to U.S. readers as the European At-Large ICANN representative) and Paul Garrin of Name.space gave a talk about ICANN and the DNS. Mueller-Maguhn described the attendance at ICANN's Montevideo meeting: about 450 people overall, of which 320 were representatives of the Intellectual Property community (RIAA, MPAA, many others), 100 or so from the world's various governments, and even a few technical people. He drove home the fact that the IP people have the funds and personnel to participate in these meetings, and that few other organizations do. Mueller-Maguhn was critical of the recent decisions by various U.S. civil liberties groups to stop trying to affect ICANN (nothing they've done has had any effect) and to start working on the U.S. Commerce department to cause change in the DNS -- Mueller-Maguhn prefers to work within the system, even when his efforts bear no fruit. Garrin talked briefly about Name.space's efforts to provide a free-speech alternative to the current DNS system.

Goldstein and Macki of 2600, and Robin Gross of the EFF, discussed the DeCSS case. Again, this a topic thoroughly covered on Slashdot, so I see no need to recap the talk. They noted that Jon Johansen is still facing charges in Norway, and that the EFF is still interesting in overturning various provisions of the DMCA, so if you have a situation that might represent a good test case, please contact them.

The next day, Eric Grimm and Robin Gross did a presentation on the DMCA, almost a continuation of the DeCSS presentation. Notice and takedown, ReplayTV, the Eldred and Golan lawsuits against the most recent copyright extensions; Slashdot covers these pretty well.

This was followed by journalist Declan McCullagh and cryptographer Matt Blaze, with a talk titled "Educating Lawmakers: is it possible?". McCullagh told his favorite anecdotes about Congressional stupidity, while Blaze described his interactions with the NSA during the dark days of crypto prohibition. Blaze described his work on the Clipper chip, which may be before the time of some Slashdot readers: in a nutshell, the U.S. government decided that they would promote a cryptographic solution which had a Federal backdoor, allowing users to secure their secrets against anyone but the government. Blaze expressed interest in it, and was invited to visit Ft. Meade, where he was given a sample Clipper chip by NSA techies -- except they weren't sure if he would allowed to take it out of the facility. The techies gave him a brown paper bag to carry out the sample -- a burn bag for *classified* materials. Which he successfully carried out, with Clipper chip inside. Blaze discovered major flaws in Clipper's backdoor, which would have allowed anyone to gain access through it, and which eventually helped torpedo the Clipper plan. (Of course, Microsoft's Palladium plan will accomplish much the same purpose: just as the Federal government had final control over the design of Clipper, Microsoft will have final control of your PC, making government wiretapping trivial, so saying "key escrow is dead" is not even close to true.) Blaze concluded by describing his testimony before the Senate Intelligence Committee: he noted that when he consulted with other witnesses after the testimony, each of them had independently decided to liberate one of the stationery notepads provided in the hearing chamber for a souvenir, and "one of us got the gavel".

Aaron McGruder gave a very interesting speech. I had barely heard of him before (not a Boondocks reader, sorry), so I wasn't sure what to expect. McGruder covered his experiences getting into cartooning, and described getting his thoughts into a few hundred newspapers daily as a "hack," which I suppose it is. His speech was mostly about his cartooning and recent politics -- suffice it to say that he isn't a fan of Bush and the current corporate government.

Philip Kaplan, best known for fuckedcompany.com, talked about the secrets of making money on the net. His secret is basically: when you scratch an itch for yourself, scratch it for others as well, since probably thousands of people worldwide have the same itch you do. He also described some of the trials and tribulations of running his dot-com deadpool site, the inevitable legal hassles, etc.

Jello Biafra wasn't originally scheduled to speak, but happened to be in town. His address last time with the refrain of "Become the media" brought the house down, and he gave a late-night wide-ranging ramble working from handwritten notes which again proved to be quite popular. The talk centered mainly on music, with a secondary helping of politics, touching on his legal troubles with the rest of his former band, current developments in digital music, and ad-busting counter-culture efforts (he was following Mark Hosler of Negativland). Biafra came prepared with some old vinyl albums of corporate morale-boosting and sales songs -- imagine songs composed at corporate retreats and sung by miscellaneous employees, extolling the joys of using company X's products, or a song about the joys of being a Ford employee's wife who (of course) stays home to cook him dinner and bring his slippers when he comes home after a hard day at work. Hilarious stuff.

On Sunday, Maximilian Dornseif gave a talk about digital demonstrations. Obstructive demonstrations and sit-ins are more popular in Europe than in the U.S., and they are branching out into digital versions, electronic sit-ins that attempt to slow down or DDOS targeted websites for political ends. Dornseif described several previous attempts: programs distributed to automatically reload a targeted website, for instance. Some of them were quite sophisticated, including one with smart date-checking to make sure it was used only during the designated protest time. Dornseif described his ideals for an electronic protest, to make it as similar as possible to a real-world one: persons involved should be identifiable, outside observers should be able to know the goal of the protest, etc. Overall, an electronic protest should have strong parallels to physical protests, so that if the judicial system examines the legality of what you are doing, the judge is tempted to find it a legitimate protest rather than an illegitimate attack by cyber-criminals. Dornseif suggested making "slow" connections to HTTP servers ("G" sleep 10 "E" sleep 10 "T" sleep 10 ...), as well as "accept flooding" -- completing the TCP handshake, but not actually making any HTTP request -- these are "slow" versions of regular connections, which make effective DOS's, but also mimic regular users and might find acceptance in the courts as part of a planned protest.

Finally we come to some of the most interesting presentations. The lockpicking presentation, by Barry "The Key" Wels and Mike Glasser, was given to an utterly packed room. Wels and Glasser described many common and uncommon types of locks, and proceeded to pick them with great success. Those combination Master locks that are so popular on high school lockers? Takes one second to open any of those with the proper tool, a bent piece of metal that allows the shackle to simply pop out. You might want to invest in better protection for your varsity jacket. Thought your bicycle U-bolt lock was too strong to cut? It only takes ten seconds to pick it with the right tool, a circular pick that mimics any key. This might help explain the two bicycles I've had stolen in New York City. Normal house deadbolts? Maybe 30 seconds. They covered an assortment of high-security locks, such as ones with side dimple keys instead of teeth, 3 or 4-edged keys, disk keys, locks with magnetic pins, and so on. It was a remarkable presentation, and Mr. Wels especially represents a true hacker in every good sense of the word. He suggested starting at locktools.nl or security.nl or lockpicking.org if you'd like to try your hand.

Douglas Rushkoff was next with a wide-ranging speech about the true role of hackers in modern society. I probably can't do justice to his argument - read through his website, which has a lot of various essays and articles, if you want to get a sense of it -- but essentially he made a very Matrix-like argument about hackers, storytellers, the media, and empowerment. Starting from a premise that stories control reality (as an example he used the Ewoks in Star Wars, who were convinced to die for the Rebellion by the stories told to them by C3PO), he said that recently we have been empowered to alter and participate in our own stories (empowerment through devices such as the joystick, remote control and computer keyboard, each of which allows us to control our experiences), but this time is now ending. We are currently in a Golden Age of interactivity, where most of the attackers that attempted to control computing and the internet in round 1 have been beat down (the dot-com bust), but they're coming back, and hackers are the only ones who have the ability to see through the veils (computer GUIs and the like) that blind us to true reality. Very fun to listen to, and way too full of information to summarize effectively. I'll leave you with one memorable analogy -- Rushkoff said business and government were like bacteria and fungus, they have to stay in balance and if you suppress one of them the other one grows out of control. Not a bad analogy at all considering the times we live in.

Eric Blossom gave another fascinating presentation about GNU radio, whose goal is to develop a Free software-defined radio system that runs on commodity hardware. Software-defined radios are a tremendous concept which are going to cause revolution when they are deployed. Think about a PC or other electronic device that has complete access to every bit of information in every radio-frequency wave passing through it, in constant wireless communications with any nearby similar device. Maybe if the devices are close, they adopt a high-frequency unlicensed band to communicate, if they're farther apart they pick a lower frequency ... Slashdot gets a lot of Ask Slashdot questions which say roughly "What open source software project should I work on?" or "I know I like computers, what should I do in college?" We delete most of them. Here is the answer for everyone who asks those questions: software-defined radio. Trust me. It's going to be big. The GNU radio people are concentrating mainly on television applications right now, because the tuners and such are readily available, and they have a lot of pieces which each work but still have a lot of work to do to create a turnkey system.

Ryan Lackey and Avi Freedman talked about the past, present and future of Sealand. We've covered this pretty extensively on Slashdot. Havenco is doing acceptably well, with their only significant problem being that the major European ISPs keep going bankrupt. They hinted that they are planning to do more things to promote free speech in the very near future - they already run an anonymous remailer and host a copy of DeCSS. An offhand comment by Freedman gave me a very good idea of what they're planning, but I'm not going to spoil their surprise by mentioning it here.

And finally, the time-honored Social Engineering panel. Again, the largest conference room available was packed with attendees. After a few funny stories about legendary hacks, Goldstein read the AT&T memo and noted, "If that's not an invitation I don't know what is." Coincidentally or not, the two lines which Verizon had installed in the conference room were mysteriously unable to dial long distance numbers or AT&T, though they had been able to yesterday. (Um, the phone companies are slow but they're not stupid - when a conference of phone hackers wants phone lines installed, it has to set off a few alarm bells somewhere.) When Goldstein eventually got an AT&T operator, she was suspicious and refused to assist him - obviously she had read the memo. :) Goldstein decided to hit easier targets, and starting paging through the phone book, eventually settling on a Starbucks outlet. He was able to get a Starbucks employee to provide him with customers' credit card information, without much difficulty. If you used an American Express card to make a $3.57 purchase at a Manhattan Starbucks on Sunday morning, you might want to check your next statement (although the A/V crew kept the card number from being heard by the crowd). Next up was the Russian Tea Room, a high-class restaurant in Manhattan, where Goldstein had no difficulty in changing some poor woman's reservations and getting her phone number, then calling her and notifying her of the changed reservations, due to a "health inspection". He said he'd call and change them back to the original time, showing the hacker's spirit: inquisitiveness without destructiveness.

Overall, I had a great time at the conference, and so did a couple of non-computer geeks that I dragged along with me. I'm looking forward to H2K4 already.

[1] That's the third time I've linked to that Dave Barry piece, and it's still funny.

Reader lokii202 takes a look at the Social Engineering presentation: lokii202 writes "I attended the Social Engineering panel discussion today at the H.O.P.E. conference, and thought it might be nice to follow up on the previous article about AT&T's Hacker Warning memo. The AT&T security number was tried and the attempt failed, although one of the members of the large crowd in attendence offered up an AT&T HRID number. The operator got suspicious and shut us down.

However, no fair 'cause they were ready for it. Starbucks, to our enjoyment, had no such warning memo circulating, and here are the results...

Our panelist made a call over a standard phone line to a Starbuck's store using a calling card. Asked the underling if they were having network problems. Underling, following the standard underling procedure, got the Assistant Manager. AM told us that yes, they were having problems with the credit card system. Oops. Within about 5 minutes he was reading off transaction times, dates, and more chillingly an American Express card number and expiration date. Our panelist stopped the guy before he exposed the whole number (the phone was hooked into a P.A. system for the conference and the experiment). The point was made very clearly.

Next, our guy called up the Russian Tea Room, which is a pretty classy joint in NYC, and posed as the flustered husband who needed to change dinner reservations for this evening. He had no names, no prior knowledge, etc. He managed to get some poor guys' reservations changed to 9pm and also got the guy's cell number. Next, he called the guy and posed as a Russian Tea Room host and apologized that his reservations were changed to 9pm, due to a health department inspection.

That was kinda funny.

High tech gizmos and uber-gear might get one pretty far, but when you come down to it security starts with the user. This demonstration, and others like it at H2K2, made it embarassingly apparent that to obtain sensitive data one only needs a little ingenuity and some acting skills."

Reader weave takes a look at the whole conference (this may seem repetitive, but it's good to look at things through others' eyes...) He writes "H2K2 (or HOPE 2002 or Hackers On Planet Earth 2002) was held this past weekend in New York City at the Hotel Pennsylvania. I've been to previous HOPE conferences and this one was much better than ones in the past, but it still had a few problems.

Aaron McGruder, the creator of Boondocks comic strip was keynote. Jello Biafra makes a repeat appearance as well as some other past favorites, such as the "former spy" Robert Steele, as well as some surprise guests such as former Taliban fighter, Aukai Collins.

This is my personal review of h2k2. There were so many things happening at once that one person can't obviously see it all. This is based on what I saw, experienced, felt, and my personal opinions.

Keynote Speaker: Aaron MgGruder, author of Boondocks, spoke on Saturday. This was my favorite speaker and worth the price of admission. He was invited because he did a short sequence of strips covering the DeCSS subject and, as Emmanuel Goldstein said, "the only person in popular media to get it right." Aaron was very articulate, intelligent, and of course, opinionated. What I liked most about him was his admitting that he does not know it all. He made fun of political experts who sit around and debate political topics based on what they are spoon fed by popular media. He says there is not much difference between us and people who live in censored countries except they KNOW they aren't getting the full story. We all think we are smart and know it all. His advice to people who love to rant about political topics, "Shut the hell up, you don't know anything."

McGruder thinks our society is falling apart and the only thing that can fix it is revolution. He has hope, but not much. He spoke about Bush's line that countries that hurt American are going to have to pay, which means we kill a bunch of their innocent civilians so they get to claim that we will then have to pay, where they kill a bunch of us. McGruder's solution is that people should just go kill the leaders of these nations. He then back-pedaled (remembering the place was probably full of feds) and disclaimed that he wasn't advocating that anyone go out and shoot Bush (who he has no love for). He reminded us that if Bush was killed, we'd be left with Cheney, who is far far worse in his opinion. "If Cheney was President, Afghanistan and Iraq would be glass, and we may give the neighboring countries 30 minutes of warning to get away from the borders."

Jello Biafra: Jello was keynote at H2K in 2000 and returned this year to speak late Saturday night. He was well loved by most people there, based on the reactions I saw that night. I didn't like him. He reminded me of Rush Limbaugh except on the left side. Loads of rhetoric, wild claims, and positioning himself as an expert. He was supposed to speak for one hour, and then the film "Freedom Downtime" was to be shown. He rambled on for two and a half hours, then took his shoe off and asked for donations for his legal defense fund involving his former record label. People flocked up and stuffed it full of money as he started to spin records. At this point it was 12:30am and I gave up and went to my room and and got some sleep.

Robert Steele : Former spy, and backer of a concept called "Open Source Intelligence" where countries share intelligence information freely with each other and their citizens. His speech on Hacking National Intelligence was, to me, frightening. He claims that 9/11 involved a serious failure of our intelligence network and Washington is trying to whitewash it all. He also claims that he has no doubt at all that New York City will be the target of another terrorist attack soon. "When foreigners think of the U.S. they think of New York City. It is the center of capitalism." He is an excellent speaker. I hope he returns next time.

During his talk, he introduced Aukai Collins who told us of his experiences fighting for bin Laden (during the 90s when we were paying bin Laden's salary and he allegedly was a good guy). When the embassy bombings started to occur, he went to the CIA and offered himself as an intelligence source. He worked for them and the FBI a few years and during that time was invited by bin Laden's runners to come work closely with him. When he bought this opportunity to get close to bin Laden to his superiors, they told him not to go. He feels we lost probably our only opportunity to get one of our guys close to bin Laden. He has written a book on this called My Jihad.

If this so far sounds like h2k2 was more politics than tech, I got the same impression. I skipped out on most of the DMCA updates and other legal updates. They were hosted by members of EFF and their lawyers. The small bits I saw sounded very informative and I applaud their works in these areas. Since I've kept up on all the news on these cases, I decided to skip these forums.

The best of the tech presentations was Fun with 802.11b hosted by Dragorn, Porkchop, and StAtic FuSIOn. (I sometimes hate silly handles). During the days before h2k2, they mapped out over 400 open wireless networks accessible from within three blocks of the hotel in midtown Manhattan. They demonstrated passive snoopers like kismet and showed us different directional high-gain antennas. Their recommendation for a good PCMCIA 802.11b card was Cisco's 352, which I of course didn't have. I ran out and bought an SMC card for my company laptop before the conference and had a tech load Linux on my laptop. I told him he could pick the distro of his choice, but unfortunately he picked the one I'm least familiar with, Slackware. I could not get the damn card working for the life of me. I wanted to scream.

A big disappointment was the Cult of the Dead Cow Extravaganza . It was to be held down on the lower level in the network room and broadcast up to the conference rooms on the 18th floor. Well, it didn't work. I was upstairs and they mucked with the equipment for an hour trying to get a a/v feed going. After all this time of wondering whether we should fight our way downstairs to watch it in person, we got an announcement. "Sorry, but we can't get it to work. Oh, by the way, they have already started downstairs."

Urge to kill. My friend and I wondered how they screwed this one up and traced the wires to a display table and behind a closed stairwell door. We looked at each other and said "Nooo". We popped into a neighboring stairwell as everyone fought for the elevators. We went down one floor then popped over to the stairwell that we saw the wires going down. Sure enough, they had run the wires down the open portion of the stairs so they were hanging by their own weight for a distance of about 22 floors (the hotel has 18 number floors, about 4 lettered floors like A, B, C, D, a mezzanine floor, and lobby floor). I'm not sure what the stress would be introduced by a cable hanging by its own weight for that kind of distance, but I bet the center copper core couldn't bear it and broke inside.

So we run downstairs and saw some talented but unwanted female singing about how great the CDC was. Then someone else got up and swung a black briefcase looking device around. Had no idea what it was because we couldn't understand squat in the back. Basically we said to hell with them all, and left.

So while the presentations were hit and miss, the overall best part of the conference were the attendees. Freaks, geeks, and misfits everywhere, all being good to each other, curious, intelligent, and sometimes a bit too paranoid. Of course it was mostly guys, but there were women as well as one person who had a male voice but noticeable breasts and a feminine face and shape. Many other guys dressed up a bit too flamboyant for my tastes as well. My point being, everyone was accepted for who they are and all got along great together. I didn't meet a single person who I talked to who was rude, or unwilling to strike up a conversation. The network room had wired and wireless internet access and was open 24 hours a day and the source for some of the most fun at the conference. But by all means, the best part of h2k2 was the attendees and they are the reason why I will want to go again in the future."

Your intrepid reporter took a jaunt down to the H2K2 conference this past weekend, held in the lovely Hotel Pennsylvania. The conference had much more floor space than they had two years ago, and it seemed like more attendance as well. Wireless networks were available, though overcrowded, and if you didn't encrypt your communications, well, you've probably already paid the price. My notes on the conference and the sessions I attended are below, followed by a couple of reader submissions.

The conference took up the 18th floor of the Hotel Pennsylvania[1], with the second floor being devoted to network operations/music/gawking at the old computers. Unlike the last conference, both major session tracks were on the same floor, preventing the logjams that occurred in 2000 when hundreds of people decided to use the elevators every hour between sessions. Lesson learned for future conference organizers: don't split your major crowd-drawing events between floors if you can possibly help it.

Siva Vaidhyanathan was the first keynote speaker. He described the internet as a cynical technology -- a technology which promotes seeing things as they are, not veiled by smokescreen or corporate PR -- and noted the attacks on cynical technologies since Sept. 11, tying that in to the copyright wars with Valenti, the DMCA, WIPO, and so on. It was good, well-reasoned speech, but honestly, Slashdot readers have heard it before so I'm not going to spend much time on it.

Andy Mueller-Maguhn (probably best known to U.S. readers as the European At-Large ICANN representative) and Paul Garrin of Name.space gave a talk about ICANN and the DNS. Mueller-Maguhn described the attendance at ICANN's Montevideo meeting: about 450 people overall, of which 320 were representatives of the Intellectual Property community (RIAA, MPAA, many others), 100 or so from the world's various governments, and even a few technical people. He drove home the fact that the IP people have the funds and personnel to participate in these meetings, and that few other organizations do. Mueller-Maguhn was critical of the recent decisions by various U.S. civil liberties groups to stop trying to affect ICANN (nothing they've done has had any effect) and to start working on the U.S. Commerce department to cause change in the DNS -- Mueller-Maguhn prefers to work within the system, even when his efforts bear no fruit. Garrin talked briefly about Name.space's efforts to provide a free-speech alternative to the current DNS system.

Goldstein and Macki of 2600, and Robin Gross of the EFF, discussed the DeCSS case. Again, this a topic thoroughly covered on Slashdot, so I see no need to recap the talk. They noted that Jon Johansen is still facing charges in Norway, and that the EFF is still interesting in overturning various provisions of the DMCA, so if you have a situation that might represent a good test case, please contact them.

The next day, Eric Grimm and Robin Gross did a presentation on the DMCA, almost a continuation of the DeCSS presentation. Notice and takedown, ReplayTV, the Eldred and Golan lawsuits against the most recent copyright extensions; Slashdot covers these pretty well.

This was followed by journalist Declan McCullagh and cryptographer Matt Blaze, with a talk titled "Educating Lawmakers: is it possible?". McCullagh told his favorite anecdotes about Congressional stupidity, while Blaze described his interactions with the NSA during the dark days of crypto prohibition. Blaze described his work on the Clipper chip, which may be before the time of some Slashdot readers: in a nutshell, the U.S. government decided that they would promote a cryptographic solution which had a Federal backdoor, allowing users to secure their secrets against anyone but the government. Blaze expressed interest in it, and was invited to visit Ft. Meade, where he was given a sample Clipper chip by NSA techies -- except they weren't sure if he would allowed to take it out of the facility. The techies gave him a brown paper bag to carry out the sample -- a burn bag for *classified* materials. Which he successfully carried out, with Clipper chip inside. Blaze discovered major flaws in Clipper's backdoor, which would have allowed anyone to gain access through it, and which eventually helped torpedo the Clipper plan. (Of course, Microsoft's Palladium plan will accomplish much the same purpose: just as the Federal government had final control over the design of Clipper, Microsoft will have final control of your PC, making government wiretapping trivial, so saying "key escrow is dead" is not even close to true.) Blaze concluded by describing his testimony before the Senate Intelligence Committee: he noted that when he consulted with other witnesses after the testimony, each of them had independently decided to liberate one of the stationery notepads provided in the hearing chamber for a souvenir, and "one of us got the gavel".

Aaron McGruder gave a very interesting speech. I had barely heard of him before (not a Boondocks reader, sorry), so I wasn't sure what to expect. McGruder covered his experiences getting into cartooning, and described getting his thoughts into a few hundred newspapers daily as a "hack," which I suppose it is. His speech was mostly about his cartooning and recent politics -- suffice it to say that he isn't a fan of Bush and the current corporate government.

Philip Kaplan, best known for fuckedcompany.com, talked about the secrets of making money on the net. His secret is basically: when you scratch an itch for yourself, scratch it for others as well, since probably thousands of people worldwide have the same itch you do. He also described some of the trials and tribulations of running his dot-com deadpool site, the inevitable legal hassles, etc.

Jello Biafra wasn't originally scheduled to speak, but happened to be in town. His address last time with the refrain of "Become the media" brought the house down, and he gave a late-night wide-ranging ramble working from handwritten notes which again proved to be quite popular. The talk centered mainly on music, with a secondary helping of politics, touching on his legal troubles with the rest of his former band, current developments in digital music, and ad-busting counter-culture efforts (he was following Mark Hosler of Negativland). Biafra came prepared with some old vinyl albums of corporate morale-boosting and sales songs -- imagine songs composed at corporate retreats and sung by miscellaneous employees, extolling the joys of using company X's products, or a song about the joys of being a Ford employee's wife who (of course) stays home to cook him dinner and bring his slippers when he comes home after a hard day at work. Hilarious stuff.

On Sunday, Maximilian Dornseif gave a talk about digital demonstrations. Obstructive demonstrations and sit-ins are more popular in Europe than in the U.S., and they are branching out into digital versions, electronic sit-ins that attempt to slow down or DDOS targeted websites for political ends. Dornseif described several previous attempts: programs distributed to automatically reload a targeted website, for instance. Some of them were quite sophisticated, including one with smart date-checking to make sure it was used only during the designated protest time. Dornseif described his ideals for an electronic protest, to make it as similar as possible to a real-world one: persons involved should be identifiable, outside observers should be able to know the goal of the protest, etc. Overall, an electronic protest should have strong parallels to physical protests, so that if the judicial system examines the legality of what you are doing, the judge is tempted to find it a legitimate protest rather than an illegitimate attack by cyber-criminals. Dornseif suggested making "slow" connections to HTTP servers ("G" sleep 10 "E" sleep 10 "T" sleep 10 ...), as well as "accept flooding" -- completing the TCP handshake, but not actually making any HTTP request -- these are "slow" versions of regular connections, which make effective DOS's, but also mimic regular users and might find acceptance in the courts as part of a planned protest.

Finally we come to some of the most interesting presentations. The lockpicking presentation, by Barry "The Key" Wels and Mike Glasser, was given to an utterly packed room. Wels and Glasser described many common and uncommon types of locks, and proceeded to pick them with great success. Those combination Master locks that are so popular on high school lockers? Takes one second to open any of those with the proper tool, a bent piece of metal that allows the shackle to simply pop out. You might want to invest in better protection for your varsity jacket. Thought your bicycle U-bolt lock was too strong to cut? It only takes ten seconds to pick it with the right tool, a circular pick that mimics any key. This might help explain the two bicycles I've had stolen in New York City. Normal house deadbolts? Maybe 30 seconds. They covered an assortment of high-security locks, such as ones with side dimple keys instead of teeth, 3 or 4-edged keys, disk keys, locks with magnetic pins, and so on. It was a remarkable presentation, and Mr. Wels especially represents a true hacker in every good sense of the word. He suggested starting at locktools.nl or security.nl or lockpicking.org if you'd like to try your hand.

Douglas Rushkoff was next with a wide-ranging speech about the true role of hackers in modern society. I probably can't do justice to his argument - read through his website, which has a lot of various essays and articles, if you want to get a sense of it -- but essentially he made a very Matrix-like argument about hackers, storytellers, the media, and empowerment. Starting from a premise that stories control reality (as an example he used the Ewoks in Star Wars, who were convinced to die for the Rebellion by the stories told to them by C3PO), he said that recently we have been empowered to alter and participate in our own stories (empowerment through devices such as the joystick, remote control and computer keyboard, each of which allows us to control our experiences), but this time is now ending. We are currently in a Golden Age of interactivity, where most of the attackers that attempted to control computing and the internet in round 1 have been beat down (the dot-com bust), but they're coming back, and hackers are the only ones who have the ability to see through the veils (computer GUIs and the like) that blind us to true reality. Very fun to listen to, and way too full of information to summarize effectively. I'll leave you with one memorable analogy -- Rushkoff said business and government were like bacteria and fungus, they have to stay in balance and if you suppress one of them the other one grows out of control. Not a bad analogy at all considering the times we live in.

Eric Blossom gave another fascinating presentation about GNU radio, whose goal is to develop a Free software-defined radio system that runs on commodity hardware. Software-defined radios are a tremendous concept which are going to cause revolution when they are deployed. Think about a PC or other electronic device that has complete access to every bit of information in every radio-frequency wave passing through it, in constant wireless communications with any nearby similar device. Maybe if the devices are close, they adopt a high-frequency unlicensed band to communicate, if they're farther apart they pick a lower frequency ... Slashdot gets a lot of Ask Slashdot questions which say roughly "What open source software project should I work on?" or "I know I like computers, what should I do in college?" We delete most of them. Here is the answer for everyone who asks those questions: software-defined radio. Trust me. It's going to be big. The GNU radio people are concentrating mainly on television applications right now, because the tuners and such are readily available, and they have a lot of pieces which each work but still have a lot of work to do to create a turnkey system.

Ryan Lackey and Avi Freedman talked about the past, present and future of Sealand. We've covered this pretty extensively on Slashdot. Havenco is doing acceptably well, with their only significant problem being that the major European ISPs keep going bankrupt. They hinted that they are planning to do more things to promote free speech in the very near future - they already run an anonymous remailer and host a copy of DeCSS. An offhand comment by Freedman gave me a very good idea of what they're planning, but I'm not going to spoil their surprise by mentioning it here.

And finally, the time-honored Social Engineering panel. Again, the largest conference room available was packed with attendees. After a few funny stories about legendary hacks, Goldstein read the AT&T memo and noted, "If that's not an invitation I don't know what is." Coincidentally or not, the two lines which Verizon had installed in the conference room were mysteriously unable to dial long distance numbers or AT&T, though they had been able to yesterday. (Um, the phone companies are slow but they're not stupid - when a conference of phone hackers wants phone lines installed, it has to set off a few alarm bells somewhere.) When Goldstein eventually got an AT&T operator, she was suspicious and refused to assist him - obviously she had read the memo. :) Goldstein decided to hit easier targets, and starting paging through the phone book, eventually settling on a Starbucks outlet. He was able to get a Starbucks employee to provide him with customers' credit card information, without much difficulty. If you used an American Express card to make a $3.57 purchase at a Manhattan Starbucks on Sunday morning, you might want to check your next statement (although the A/V crew kept the card number from being heard by the crowd). Next up was the Russian Tea Room, a high-class restaurant in Manhattan, where Goldstein had no difficulty in changing some poor woman's reservations and getting her phone number, then calling her and notifying her of the changed reservations, due to a "health inspection". He said he'd call and change them back to the original time, showing the hacker's spirit: inquisitiveness without destructiveness.

Overall, I had a great time at the conference, and so did a couple of non-computer geeks that I dragged along with me. I'm looking forward to H2K4 already.

[1] That's the third time I've linked to that Dave Barry piece, and it's still funny.

Reader lokii202 takes a look at the Social Engineering presentation: lokii202 writes "I attended the Social Engineering panel discussion today at the H.O.P.E. conference, and thought it might be nice to follow up on the previous article about AT&T's Hacker Warning memo. The AT&T security number was tried and the attempt failed, although one of the members of the large crowd in attendence offered up an AT&T HRID number. The operator got suspicious and shut us down.

However, no fair 'cause they were ready for it. Starbucks, to our enjoyment, had no such warning memo circulating, and here are the results...

Our panelist made a call over a standard phone line to a Starbuck's store using a calling card. Asked the underling if they were having network problems. Underling, following the standard underling procedure, got the Assistant Manager. AM told us that yes, they were having problems with the credit card system. Oops. Within about 5 minutes he was reading off transaction times, dates, and more chillingly an American Express card number and expiration date. Our panelist stopped the guy before he exposed the whole number (the phone was hooked into a P.A. system for the conference and the experiment). The point was made very clearly.

Next, our guy called up the Russian Tea Room, which is a pretty classy joint in NYC, and posed as the flustered husband who needed to change dinner reservations for this evening. He had no names, no prior knowledge, etc. He managed to get some poor guys' reservations changed to 9pm and also got the guy's cell number. Next, he called the guy and posed as a Russian Tea Room host and apologized that his reservations were changed to 9pm, due to a health department inspection.

That was kinda funny.

High tech gizmos and uber-gear might get one pretty far, but when you come down to it security starts with the user. This demonstration, and others like it at H2K2, made it embarassingly apparent that to obtain sensitive data one only needs a little ingenuity and some acting skills."

Reader weave takes a look at the whole conference (this may seem repetitive, but it's good to look at things through others' eyes...) He writes "H2K2 (or HOPE 2002 or Hackers On Planet Earth 2002) was held this past weekend in New York City at the Hotel Pennsylvania. I've been to previous HOPE conferences and this one was much better than ones in the past, but it still had a few problems.

Aaron McGruder, the creator of Boondocks comic strip was keynote. Jello Biafra makes a repeat appearance as well as some other past favorites, such as the "former spy" Robert Steele, as well as some surprise guests such as former Taliban fighter, Aukai Collins.

This is my personal review of h2k2. There were so many things happening at once that one person can't obviously see it all. This is based on what I saw, experienced, felt, and my personal opinions.

Keynote Speaker: Aaron MgGruder, author of Boondocks, spoke on Saturday. This was my favorite speaker and worth the price of admission. He was invited because he did a short sequence of strips covering the DeCSS subject and, as Emmanuel Goldstein said, "the only person in popular media to get it right." Aaron was very articulate, intelligent, and of course, opinionated. What I liked most about him was his admitting that he does not know it all. He made fun of political experts who sit around and debate political topics based on what they are spoon fed by popular media. He says there is not much difference between us and people who live in censored countries except they KNOW they aren't getting the full story. We all think we are smart and know it all. His advice to people who love to rant about political topics, "Shut the hell up, you don't know anything."

McGruder thinks our society is falling apart and the only thing that can fix it is revolution. He has hope, but not much. He spoke about Bush's line that countries that hurt American are going to have to pay, which means we kill a bunch of their innocent civilians so they get to claim that we will then have to pay, where they kill a bunch of us. McGruder's solution is that people should just go kill the leaders of these nations. He then back-pedaled (remembering the place was probably full of feds) and disclaimed that he wasn't advocating that anyone go out and shoot Bush (who he has no love for). He reminded us that if Bush was killed, we'd be left with Cheney, who is far far worse in his opinion. "If Cheney was President, Afghanistan and Iraq would be glass, and we may give the neighboring countries 30 minutes of warning to get away from the borders."

Jello Biafra: Jello was keynote at H2K in 2000 and returned this year to speak late Saturday night. He was well loved by most people there, based on the reactions I saw that night. I didn't like him. He reminded me of Rush Limbaugh except on the left side. Loads of rhetoric, wild claims, and positioning himself as an expert. He was supposed to speak for one hour, and then the film "Freedom Downtime" was to be shown. He rambled on for two and a half hours, then took his shoe off and asked for donations for his legal defense fund involving his former record label. People flocked up and stuffed it full of money as he started to spin records. At this point it was 12:30am and I gave up and went to my room and and got some sleep.

Robert Steele : Former spy, and backer of a concept called "Open Source Intelligence" where countries share intelligence information freely with each other and their citizens. His speech on Hacking National Intelligence was, to me, frightening. He claims that 9/11 involved a serious failure of our intelligence network and Washington is trying to whitewash it all. He also claims that he has no doubt at all that New York City will be the target of another terrorist attack soon. "When foreigners think of the U.S. they think of New York City. It is the center of capitalism." He is an excellent speaker. I hope he returns next time.

During his talk, he introduced Aukai Collins who told us of his experiences fighting for bin Laden (during the 90s when we were paying bin Laden's salary and he allegedly was a good guy). When the embassy bombings started to occur, he went to the CIA and offered himself as an intelligence source. He worked for them and the FBI a few years and during that time was invited by bin Laden's runners to come work closely with him. When he bought this opportunity to get close to bin Laden to his superiors, they told him not to go. He feels we lost probably our only opportunity to get one of our guys close to bin Laden. He has written a book on this called My Jihad.

If this so far sounds like h2k2 was more politics than tech, I got the same impression. I skipped out on most of the DMCA updates and other legal updates. They were hosted by members of EFF and their lawyers. The small bits I saw sounded very informative and I applaud their works in these areas. Since I've kept up on all the news on these cases, I decided to skip these forums.

The best of the tech presentations was Fun with 802.11b hosted by Dragorn, Porkchop, and StAtic FuSIOn. (I sometimes hate silly handles). During the days before h2k2, they mapped out over 400 open wireless networks accessible from within three blocks of the hotel in midtown Manhattan. They demonstrated passive snoopers like kismet and showed us different directional high-gain antennas. Their recommendation for a good PCMCIA 802.11b card was Cisco's 352, which I of course didn't have. I ran out and bought an SMC card for my company laptop before the conference and had a tech load Linux on my laptop. I told him he could pick the distro of his choice, but unfortunately he picked the one I'm least familiar with, Slackware. I could not get the damn card working for the life of me. I wanted to scream.

A big disappointment was the Cult of the Dead Cow Extravaganza . It was to be held down on the lower level in the network room and broadcast up to the conference rooms on the 18th floor. Well, it didn't work. I was upstairs and they mucked with the equipment for an hour trying to get a a/v feed going. After all this time of wondering whether we should fight our way downstairs to watch it in person, we got an announcement. "Sorry, but we can't get it to work. Oh, by the way, they have already started downstairs."

Urge to kill. My friend and I wondered how they screwed this one up and traced the wires to a display table and behind a closed stairwell door. We looked at each other and said "Nooo". We popped into a neighboring stairwell as everyone fought for the elevators. We went down one floor then popped over to the stairwell that we saw the wires going down. Sure enough, they had run the wires down the open portion of the stairs so they were hanging by their own weight for a distance of about 22 floors (the hotel has 18 number floors, about 4 lettered floors like A, B, C, D, a mezzanine floor, and lobby floor). I'm not sure what the stress would be introduced by a cable hanging by its own weight for that kind of distance, but I bet the center copper core couldn't bear it and broke inside.

So we run downstairs and saw some talented but unwanted female singing about how great the CDC was. Then someone else got up and swung a black briefcase looking device around. Had no idea what it was because we couldn't understand squat in the back. Basically we said to hell with them all, and left.

So while the presentations were hit and miss, the overall best part of the conference were the attendees. Freaks, geeks, and misfits everywhere, all being good to each other, curious, intelligent, and sometimes a bit too paranoid. Of course it was mostly guys, but there were women as well as one person who had a male voice but noticeable breasts and a feminine face and shape. Many other guys dressed up a bit too flamboyant for my tastes as well. My point being, everyone was accepted for who they are and all got along great together. I didn't meet a single person who I talked to who was rude, or unwilling to strike up a conversation. The network room had wired and wireless internet access and was open 24 hours a day and the source for some of the most fun at the conference. But by all means, the best part of h2k2 was the attendees and they are the reason why I will want to go again in the future."

skunkeh writes: "Amazon have launched a brand new web service interface to their huge database of products. The interface can be used through SOAP or by requesting XML pages via URL, and their development kit comes with example code in Java and Perl. A Python wrapper is also available, and I have released some sample code in PHP."

Hettinga writes: "Through many popular books and articles in the New York Times, Peter Wayner has done more to promote the field of applied financial cryptography, and in particular open source financial cryptography, than any other author writing today. His new book, Translucent Databases, from Flyzone Press, is no exception." Read on for the rest of the review. Translucent Databases author Peter Wayner pages 185 publisher Flyzone Press rating Outstanding. 5 Stars. Buy this Book. reviewer Robert Hettinga ISBN 0-9675844-1-8 summary Translucent Databases cure "Database Nation" and the "Transparent Society"?

Translucent Databases has all the hallmarks of Wayner's books: clear, easy to read exposition of the main issues, why they're important, and, in his technical books, excellently documented code written for the most popular platforms for the technology in question.

This book in particular should be an instant classic because like all great books, it takes what should be a very simple idea, encrypted databases, and expands it to some amazing conclusions.

For a long time now, I've been interested in what I call the geodesic economy, where all information, including information controlling financial assets, is fractally "surfacted", like so much grease in soapy dishwater, as far out into the edges of a ubiquitous internetwork as Moore's Law will allow, using financial cryptography protocols to secure transactions and markets on a nominally insecure, but ubiquitous, public internetwork.

People who are familiar with my thinking about such things over the past 8 years will see quite quickly why I think Peter's new book is so important. Transparent databases represent a way not only to link the batch-settled, book-entry debit-for-credit world of modern financial operations with a more simply founded, but much more sophisticated world which uses cryptographic tokens representing control of various financial and real assets. They also show us how to actually account for those tokens in such a fashion that every financial actor in that market, man or machine, can trust that their bearer certificates are authentic ones, and done in such a fashion that a given token retains its cryptographic integrity, including the functionally anonymous characteristics that made it so cheap to use in the first place.

The singular feature of Wayner's translucent databases is that, like internet bearer transactions themselves, the cryptography securing data in them can happen in the client, and not a centrally vulnerable server. More to the point, by using data stored in this fashion, the data can be dispersed as far out in the network as... well, Moore's Law allows, in extremely fast and lightweight files, and, instead of creating summaries of data for reports, the data can be polled for as close to its source as possible, instantaneously, in realtime, instead of being rolled up into increasingly larger batch-processed summaries taking weeks, sometimes months, to produce and audit.

There are obvious implications for my own particular hobby-horses, like anonymous but accurate double spend databases for bearer transactions, where only a simple blinded m-of-n cryptographic hash of a given promise to pay is necessary to prevent the duplication of that promise to more than one person at a time. However, for the rest of us :-), Wayner also points to a whole host of much less esoteric applications in the lots of the usual places where absolute privacy and extremely authentic information, is at a premium. Examples for military, medical, and anti-rape databases, for accounting systems and securities transactions, and even for internet poker -- the paradigm of completely untrusted parties cooperating for what each player hopes will be his own, preferrably cash, benefit -- are all presented in clear writing and running code.

There has been a lot of lip-service in the privacy community about "owning" your own data. Unfortunately, by involving the state at all, these "advocates" almost always favor inadvertantly draconian political solutions to the problem presented by the ubiquity of database technology and its otherwise beneficial presense in our lives. They ususally present this nonsense as a "sacrifice" for the "greater good" that would make Hayek's Road to Serfdom look like Lilac Sunday at the local arboretum.

In Translucent Databases, Wayner shows, in precise detail, with code, how to solve that problem, without trusting lawyers, much less guys with guns.

Though quite a short read, the scope of the book itself is quite considerable. Wayner starts from simple hashes of data to merely obscure it, through various kinds of encryption, quantization of data, and even accounting with encrypted data using what amounts to virtual cumulative crossfoots like the kind you would see on all good accounting reports. In so doing, Wayner explains, quite simply, something that people like Eric Hughes made great, complicated hay out of years ago with gangling theories of encrypted "open" books.

Ultimately, Wayner really does end up where a lot of us think databases will be someday, particularly in finance: repositories of data accessible only by digital bearer tokens using various blind signature protocols, neatly, and quite literally, "dis-integrating" the ability of databases to be used against us as a tool of totalitarianism, exemplified most recently by Simpson Garfinkel in his book Database Nation , and, oddly enough, not because someone or other wants to strike a blow against the empire, but simply because it's safer -- and cheaper -- to do that way.

Every database programmer should have a copy of this simple and elegant book on his reference bookshelf. Particularly if he cares about the integrity of his data, the liability to the database's owner should information be misappropriated, and, not least, about freedom itself in a world of ubiquitous, and, frankly, necessary, stored detail: details about practically every person on earth, their property and finances, and, ultimately, everything they do.

Translucent Databases presents a simple, frankly beautiful, solution to David Brin's world of ubiquitous surveillance, one not requiring, as Brin seems to want, "trust" of state force-monopolists, much less their lawyers and apparatchiks.

In fact, it's such an elegant solution that, as Schopenhauer liked to say about the public acceptance of important new ideas, soon enough, people will say it was obvious all along.

Robert Hettinga is founder of IBUC, the Internet Bearer Underwriting Corporation, which will, hopefully, someday, :-), use translucent databases full of internet bearer certificates to reduce transaction costs by three orders of magnitude. You can purchase Translucent Databases through the publisher. Slashdot welcomes readers' book reviews -- to submit yours, read the book review guidelines, then visit the submission page.

Hettinga writes: "Through many popular books and articles in the New York Times, Peter Wayner has done more to promote the field of applied financial cryptography, and in particular open source financial cryptography, than any other author writing today. His new book, Translucent Databases, from Flyzone Press, is no exception." Read on for the rest of the review. Translucent Databases author Peter Wayner pages 185 publisher Flyzone Press rating Outstanding. 5 Stars. Buy this Book. reviewer Robert Hettinga ISBN 0-9675844-1-8 summary Translucent Databases cure "Database Nation" and the "Transparent Society"?

Translucent Databases has all the hallmarks of Wayner's books: clear, easy to read exposition of the main issues, why they're important, and, in his technical books, excellently documented code written for the most popular platforms for the technology in question.

This book in particular should be an instant classic because like all great books, it takes what should be a very simple idea, encrypted databases, and expands it to some amazing conclusions.

For a long time now, I've been interested in what I call the geodesic economy, where all information, including information controlling financial assets, is fractally "surfacted", like so much grease in soapy dishwater, as far out into the edges of a ubiquitous internetwork as Moore's Law will allow, using financial cryptography protocols to secure transactions and markets on a nominally insecure, but ubiquitous, public internetwork.

People who are familiar with my thinking about such things over the past 8 years will see quite quickly why I think Peter's new book is so important. Transparent databases represent a way not only to link the batch-settled, book-entry debit-for-credit world of modern financial operations with a more simply founded, but much more sophisticated world which uses cryptographic tokens representing control of various financial and real assets. They also show us how to actually account for those tokens in such a fashion that every financial actor in that market, man or machine, can trust that their bearer certificates are authentic ones, and done in such a fashion that a given token retains its cryptographic integrity, including the functionally anonymous characteristics that made it so cheap to use in the first place.

The singular feature of Wayner's translucent databases is that, like internet bearer transactions themselves, the cryptography securing data in them can happen in the client, and not a centrally vulnerable server. More to the point, by using data stored in this fashion, the data can be dispersed as far out in the network as... well, Moore's Law allows, in extremely fast and lightweight files, and, instead of creating summaries of data for reports, the data can be polled for as close to its source as possible, instantaneously, in realtime, instead of being rolled up into increasingly larger batch-processed summaries taking weeks, sometimes months, to produce and audit.

There are obvious implications for my own particular hobby-horses, like anonymous but accurate double spend databases for bearer transactions, where only a simple blinded m-of-n cryptographic hash of a given promise to pay is necessary to prevent the duplication of that promise to more than one person at a time. However, for the rest of us :-), Wayner also points to a whole host of much less esoteric applications in the lots of the usual places where absolute privacy and extremely authentic information, is at a premium. Examples for military, medical, and anti-rape databases, for accounting systems and securities transactions, and even for internet poker -- the paradigm of completely untrusted parties cooperating for what each player hopes will be his own, preferrably cash, benefit -- are all presented in clear writing and running code.

There has been a lot of lip-service in the privacy community about "owning" your own data. Unfortunately, by involving the state at all, these "advocates" almost always favor inadvertantly draconian political solutions to the problem presented by the ubiquity of database technology and its otherwise beneficial presense in our lives. They ususally present this nonsense as a "sacrifice" for the "greater good" that would make Hayek's Road to Serfdom look like Lilac Sunday at the local arboretum.

In Translucent Databases, Wayner shows, in precise detail, with code, how to solve that problem, without trusting lawyers, much less guys with guns.

Though quite a short read, the scope of the book itself is quite considerable. Wayner starts from simple hashes of data to merely obscure it, through various kinds of encryption, quantization of data, and even accounting with encrypted data using what amounts to virtual cumulative crossfoots like the kind you would see on all good accounting reports. In so doing, Wayner explains, quite simply, something that people like Eric Hughes made great, complicated hay out of years ago with gangling theories of encrypted "open" books.

Ultimately, Wayner really does end up where a lot of us think databases will be someday, particularly in finance: repositories of data accessible only by digital bearer tokens using various blind signature protocols, neatly, and quite literally, "dis-integrating" the ability of databases to be used against us as a tool of totalitarianism, exemplified most recently by Simpson Garfinkel in his book Database Nation , and, oddly enough, not because someone or other wants to strike a blow against the empire, but simply because it's safer -- and cheaper -- to do that way.

Every database programmer should have a copy of this simple and elegant book on his reference bookshelf. Particularly if he cares about the integrity of his data, the liability to the database's owner should information be misappropriated, and, not least, about freedom itself in a world of ubiquitous, and, frankly, necessary, stored detail: details about practically every person on earth, their property and finances, and, ultimately, everything they do.

Translucent Databases presents a simple, frankly beautiful, solution to David Brin's world of ubiquitous surveillance, one not requiring, as Brin seems to want, "trust" of state force-monopolists, much less their lawyers and apparatchiks.

In fact, it's such an elegant solution that, as Schopenhauer liked to say about the public acceptance of important new ideas, soon enough, people will say it was obvious all along.

Robert Hettinga is founder of IBUC, the Internet Bearer Underwriting Corporation, which will, hopefully, someday, :-), use translucent databases full of internet bearer certificates to reduce transaction costs by three orders of magnitude. You can purchase Translucent Databases through the publisher. Slashdot welcomes readers' book reviews -- to submit yours, read the book review guidelines, then visit the submission page.

Hettinga writes: "Through many popular books and articles in the New York Times, Peter Wayner has done more to promote the field of applied financial cryptography, and in particular open source financial cryptography, than any other author writing today. His new book, Translucent Databases, from Flyzone Press, is no exception." Read on for the rest of the review. Translucent Databases author Peter Wayner pages 185 publisher Flyzone Press rating Outstanding. 5 Stars. Buy this Book. reviewer Robert Hettinga ISBN 0-9675844-1-8 summary Translucent Databases cure "Database Nation" and the "Transparent Society"?

Translucent Databases has all the hallmarks of Wayner's books: clear, easy to read exposition of the main issues, why they're important, and, in his technical books, excellently documented code written for the most popular platforms for the technology in question.

This book in particular should be an instant classic because like all great books, it takes what should be a very simple idea, encrypted databases, and expands it to some amazing conclusions.

For a long time now, I've been interested in what I call the geodesic economy, where all information, including information controlling financial assets, is fractally "surfacted", like so much grease in soapy dishwater, as far out into the edges of a ubiquitous internetwork as Moore's Law will allow, using financial cryptography protocols to secure transactions and markets on a nominally insecure, but ubiquitous, public internetwork.

People who are familiar with my thinking about such things over the past 8 years will see quite quickly why I think Peter's new book is so important. Transparent databases represent a way not only to link the batch-settled, book-entry debit-for-credit world of modern financial operations with a more simply founded, but much more sophisticated world which uses cryptographic tokens representing control of various financial and real assets. They also show us how to actually account for those tokens in such a fashion that every financial actor in that market, man or machine, can trust that their bearer certificates are authentic ones, and done in such a fashion that a given token retains its cryptographic integrity, including the functionally anonymous characteristics that made it so cheap to use in the first place.

The singular feature of Wayner's translucent databases is that, like internet bearer transactions themselves, the cryptography securing data in them can happen in the client, and not a centrally vulnerable server. More to the point, by using data stored in this fashion, the data can be dispersed as far out in the network as... well, Moore's Law allows, in extremely fast and lightweight files, and, instead of creating summaries of data for reports, the data can be polled for as close to its source as possible, instantaneously, in realtime, instead of being rolled up into increasingly larger batch-processed summaries taking weeks, sometimes months, to produce and audit.

There are obvious implications for my own particular hobby-horses, like anonymous but accurate double spend databases for bearer transactions, where only a simple blinded m-of-n cryptographic hash of a given promise to pay is necessary to prevent the duplication of that promise to more than one person at a time. However, for the rest of us :-), Wayner also points to a whole host of much less esoteric applications in the lots of the usual places where absolute privacy and extremely authentic information, is at a premium. Examples for military, medical, and anti-rape databases, for accounting systems and securities transactions, and even for internet poker -- the paradigm of completely untrusted parties cooperating for what each player hopes will be his own, preferrably cash, benefit -- are all presented in clear writing and running code.

There has been a lot of lip-service in the privacy community about "owning" your own data. Unfortunately, by involving the state at all, these "advocates" almost always favor inadvertantly draconian political solutions to the problem presented by the ubiquity of database technology and its otherwise beneficial presense in our lives. They ususally present this nonsense as a "sacrifice" for the "greater good" that would make Hayek's Road to Serfdom look like Lilac Sunday at the local arboretum.

In Translucent Databases, Wayner shows, in precise detail, with code, how to solve that problem, without trusting lawyers, much less guys with guns.

Though quite a short read, the scope of the book itself is quite considerable. Wayner starts from simple hashes of data to merely obscure it, through various kinds of encryption, quantization of data, and even accounting with encrypted data using what amounts to virtual cumulative crossfoots like the kind you would see on all good accounting reports. In so doing, Wayner explains, quite simply, something that people like Eric Hughes made great, complicated hay out of years ago with gangling theories of encrypted "open" books.

Ultimately, Wayner really does end up where a lot of us think databases will be someday, particularly in finance: repositories of data accessible only by digital bearer tokens using various blind signature protocols, neatly, and quite literally, "dis-integrating" the ability of databases to be used against us as a tool of totalitarianism, exemplified most recently by Simpson Garfinkel in his book Database Nation , and, oddly enough, not because someone or other wants to strike a blow against the empire, but simply because it's safer -- and cheaper -- to do that way.

Every database programmer should have a copy of this simple and elegant book on his reference bookshelf. Particularly if he cares about the integrity of his data, the liability to the database's owner should information be misappropriated, and, not least, about freedom itself in a world of ubiquitous, and, frankly, necessary, stored detail: details about practically every person on earth, their property and finances, and, ultimately, everything they do.

Translucent Databases presents a simple, frankly beautiful, solution to David Brin's world of ubiquitous surveillance, one not requiring, as Brin seems to want, "trust" of state force-monopolists, much less their lawyers and apparatchiks.

In fact, it's such an elegant solution that, as Schopenhauer liked to say about the public acceptance of important new ideas, soon enough, people will say it was obvious all along.

Robert Hettinga is founder of IBUC, the Internet Bearer Underwriting Corporation, which will, hopefully, someday, :-), use translucent databases full of internet bearer certificates to reduce transaction costs by three orders of magnitude. You can purchase Translucent Databases through the publisher. Slashdot welcomes readers' book reviews -- to submit yours, read the book review guidelines, then visit the submission page.

Hettinga writes: "Through many popular books and articles in the New York Times, Peter Wayner has done more to promote the field of applied financial cryptography, and in particular open source financial cryptography, than any other author writing today. His new book, Translucent Databases, from Flyzone Press, is no exception." Read on for the rest of the review. Translucent Databases author Peter Wayner pages 185 publisher Flyzone Press rating Outstanding. 5 Stars. Buy this Book. reviewer Robert Hettinga ISBN 0-9675844-1-8 summary Translucent Databases cure "Database Nation" and the "Transparent Society"?

Translucent Databases has all the hallmarks of Wayner's books: clear, easy to read exposition of the main issues, why they're important, and, in his technical books, excellently documented code written for the most popular platforms for the technology in question.

This book in particular should be an instant classic because like all great books, it takes what should be a very simple idea, encrypted databases, and expands it to some amazing conclusions.

For a long time now, I've been interested in what I call the geodesic economy, where all information, including information controlling financial assets, is fractally "surfacted", like so much grease in soapy dishwater, as far out into the edges of a ubiquitous internetwork as Moore's Law will allow, using financial cryptography protocols to secure transactions and markets on a nominally insecure, but ubiquitous, public internetwork.

People who are familiar with my thinking about such things over the past 8 years will see quite quickly why I think Peter's new book is so important. Transparent databases represent a way not only to link the batch-settled, book-entry debit-for-credit world of modern financial operations with a more simply founded, but much more sophisticated world which uses cryptographic tokens representing control of various financial and real assets. They also show us how to actually account for those tokens in such a fashion that every financial actor in that market, man or machine, can trust that their bearer certificates are authentic ones, and done in such a fashion that a given token retains its cryptographic integrity, including the functionally anonymous characteristics that made it so cheap to use in the first place.

The singular feature of Wayner's translucent databases is that, like internet bearer transactions themselves, the cryptography securing data in them can happen in the client, and not a centrally vulnerable server. More to the point, by using data stored in this fashion, the data can be dispersed as far out in the network as... well, Moore's Law allows, in extremely fast and lightweight files, and, instead of creating summaries of data for reports, the data can be polled for as close to its source as possible, instantaneously, in realtime, instead of being rolled up into increasingly larger batch-processed summaries taking weeks, sometimes months, to produce and audit.

There are obvious implications for my own particular hobby-horses, like anonymous but accurate double spend databases for bearer transactions, where only a simple blinded m-of-n cryptographic hash of a given promise to pay is necessary to prevent the duplication of that promise to more than one person at a time. However, for the rest of us :-), Wayner also points to a whole host of much less esoteric applications in the lots of the usual places where absolute privacy and extremely authentic information, is at a premium. Examples for military, medical, and anti-rape databases, for accounting systems and securities transactions, and even for internet poker -- the paradigm of completely untrusted parties cooperating for what each player hopes will be his own, preferrably cash, benefit -- are all presented in clear writing and running code.

There has been a lot of lip-service in the privacy community about "owning" your own data. Unfortunately, by involving the state at all, these "advocates" almost always favor inadvertantly draconian political solutions to the problem presented by the ubiquity of database technology and its otherwise beneficial presense in our lives. They ususally present this nonsense as a "sacrifice" for the "greater good" that would make Hayek's Road to Serfdom look like Lilac Sunday at the local arboretum.

In Translucent Databases, Wayner shows, in precise detail, with code, how to solve that problem, without trusting lawyers, much less guys with guns.

Though quite a short read, the scope of the book itself is quite considerable. Wayner starts from simple hashes of data to merely obscure it, through various kinds of encryption, quantization of data, and even accounting with encrypted data using what amounts to virtual cumulative crossfoots like the kind you would see on all good accounting reports. In so doing, Wayner explains, quite simply, something that people like Eric Hughes made great, complicated hay out of years ago with gangling theories of encrypted "open" books.

Ultimately, Wayner really does end up where a lot of us think databases will be someday, particularly in finance: repositories of data accessible only by digital bearer tokens using various blind signature protocols, neatly, and quite literally, "dis-integrating" the ability of databases to be used against us as a tool of totalitarianism, exemplified most recently by Simpson Garfinkel in his book Database Nation , and, oddly enough, not because someone or other wants to strike a blow against the empire, but simply because it's safer -- and cheaper -- to do that way.

Every database programmer should have a copy of this simple and elegant book on his reference bookshelf. Particularly if he cares about the integrity of his data, the liability to the database's owner should information be misappropriated, and, not least, about freedom itself in a world of ubiquitous, and, frankly, necessary, stored detail: details about practically every person on earth, their property and finances, and, ultimately, everything they do.

Translucent Databases presents a simple, frankly beautiful, solution to David Brin's world of ubiquitous surveillance, one not requiring, as Brin seems to want, "trust" of state force-monopolists, much less their lawyers and apparatchiks.

In fact, it's such an elegant solution that, as Schopenhauer liked to say about the public acceptance of important new ideas, soon enough, people will say it was obvious all along.

Robert Hettinga is founder of IBUC, the Internet Bearer Underwriting Corporation, which will, hopefully, someday, :-), use translucent databases full of internet bearer certificates to reduce transaction costs by three orders of magnitude. You can purchase Translucent Databases through the publisher. Slashdot welcomes readers' book reviews -- to submit yours, read the book review guidelines, then visit the submission page.

Hettinga writes: "Through many popular books and articles in the New York Times, Peter Wayner has done more to promote the field of applied financial cryptography, and in particular open source financial cryptography, than any other author writing today. His new book, Translucent Databases, from Flyzone Press, is no exception." Read on for the rest of the review. Translucent Databases author Peter Wayner pages 185 publisher Flyzone Press rating Outstanding. 5 Stars. Buy this Book. reviewer Robert Hettinga ISBN 0-9675844-1-8 summary Translucent Databases cure "Database Nation" and the "Transparent Society"?

Translucent Databases has all the hallmarks of Wayner's books: clear, easy to read exposition of the main issues, why they're important, and, in his technical books, excellently documented code written for the most popular platforms for the technology in question.

This book in particular should be an instant classic because like all great books, it takes what should be a very simple idea, encrypted databases, and expands it to some amazing conclusions.

For a long time now, I've been interested in what I call the geodesic economy, where all information, including information controlling financial assets, is fractally "surfacted", like so much grease in soapy dishwater, as far out into the edges of a ubiquitous internetwork as Moore's Law will allow, using financial cryptography protocols to secure transactions and markets on a nominally insecure, but ubiquitous, public internetwork.

People who are familiar with my thinking about such things over the past 8 years will see quite quickly why I think Peter's new book is so important. Transparent databases represent a way not only to link the batch-settled, book-entry debit-for-credit world of modern financial operations with a more simply founded, but much more sophisticated world which uses cryptographic tokens representing control of various financial and real assets. They also show us how to actually account for those tokens in such a fashion that every financial actor in that market, man or machine, can trust that their bearer certificates are authentic ones, and done in such a fashion that a given token retains its cryptographic integrity, including the functionally anonymous characteristics that made it so cheap to use in the first place.

The singular feature of Wayner's translucent databases is that, like internet bearer transactions themselves, the cryptography securing data in them can happen in the client, and not a centrally vulnerable server. More to the point, by using data stored in this fashion, the data can be dispersed as far out in the network as... well, Moore's Law allows, in extremely fast and lightweight files, and, instead of creating summaries of data for reports, the data can be polled for as close to its source as possible, instantaneously, in realtime, instead of being rolled up into increasingly larger batch-processed summaries taking weeks, sometimes months, to produce and audit.

There are obvious implications for my own particular hobby-horses, like anonymous but accurate double spend databases for bearer transactions, where only a simple blinded m-of-n cryptographic hash of a given promise to pay is necessary to prevent the duplication of that promise to more than one person at a time. However, for the rest of us :-), Wayner also points to a whole host of much less esoteric applications in the lots of the usual places where absolute privacy and extremely authentic information, is at a premium. Examples for military, medical, and anti-rape databases, for accounting systems and securities transactions, and even for internet poker -- the paradigm of completely untrusted parties cooperating for what each player hopes will be his own, preferrably cash, benefit -- are all presented in clear writing and running code.

There has been a lot of lip-service in the privacy community about "owning" your own data. Unfortunately, by involving the state at all, these "advocates" almost always favor inadvertantly draconian political solutions to the problem presented by the ubiquity of database technology and its otherwise beneficial presense in our lives. They ususally present this nonsense as a "sacrifice" for the "greater good" that would make Hayek's Road to Serfdom look like Lilac Sunday at the local arboretum.

In Translucent Databases, Wayner shows, in precise detail, with code, how to solve that problem, without trusting lawyers, much less guys with guns.

Though quite a short read, the scope of the book itself is quite considerable. Wayner starts from simple hashes of data to merely obscure it, through various kinds of encryption, quantization of data, and even accounting with encrypted data using what amounts to virtual cumulative crossfoots like the kind you would see on all good accounting reports. In so doing, Wayner explains, quite simply, something that people like Eric Hughes made great, complicated hay out of years ago with gangling theories of encrypted "open" books.

Ultimately, Wayner really does end up where a lot of us think databases will be someday, particularly in finance: repositories of data accessible only by digital bearer tokens using various blind signature protocols, neatly, and quite literally, "dis-integrating" the ability of databases to be used against us as a tool of totalitarianism, exemplified most recently by Simpson Garfinkel in his book Database Nation , and, oddly enough, not because someone or other wants to strike a blow against the empire, but simply because it's safer -- and cheaper -- to do that way.

Every database programmer should have a copy of this simple and elegant book on his reference bookshelf. Particularly if he cares about the integrity of his data, the liability to the database's owner should information be misappropriated, and, not least, about freedom itself in a world of ubiquitous, and, frankly, necessary, stored detail: details about practically every person on earth, their property and finances, and, ultimately, everything they do.

Translucent Databases presents a simple, frankly beautiful, solution to David Brin's world of ubiquitous surveillance, one not requiring, as Brin seems to want, "trust" of state force-monopolists, much less their lawyers and apparatchiks.

In fact, it's such an elegant solution that, as Schopenhauer liked to say about the public acceptance of important new ideas, soon enough, people will say it was obvious all along.

Robert Hettinga is founder of IBUC, the Internet Bearer Underwriting Corporation, which will, hopefully, someday, :-), use translucent databases full of internet bearer certificates to reduce transaction costs by three orders of magnitude. You can purchase Translucent Databases through the publisher. Slashdot welcomes readers' book reviews -- to submit yours, read the book review guidelines, then visit the submission page.

Torulf would like to start an ongoing discussion on books that anyone in the IT field would benefit in having in their library: "Here's a topic that might generate some interesting discussions. I'm a student trying to get general knowledge of the IT business. The question here is about what is regarded 'basic knowledge' and where to find it. As we all know (I hope), a lot of knowledge can really only be learned through experience. In many cases, however, a read through the theory will save you a lot of time. As books are also easier to look up than experience, below is a suggestion of a reading list that might give a decent general knowledge in the field. Please fill out the gaps with what you think is required knowledge for anyone working in the industry. Mostly this is about a general overview of the different areas of the IT industry, but if you have suggestions of good material for becoming an expert in some particular field, by all means, share your knowledge." Torulf has compiled a fairly long list of books, below, however your own suggestions are always welcome.

"To start off the discussion, here are a few suggestions as to likely candidates. The books are linked to Amazon since they can provide a fairly quick and complete description of the books online.

Programming:
Learning a few languages certainly won't hurt. Here are some suggestions:

• The C programming language
• The C++ programming language
• Programming Perl
• Programming Python
• A Book about Java
• A Book on SQL
• A Book about Functional languages (LISP, ML, etc.)

Design:
For any non-trivial task, it is suggested that you design before you code.

• Design Patterns
• UML Distilled

User Interfaces:
A lot of programmers are more than clueless in this area. These at least won't hurt:

• Designing Visual Interfaces
• Usability Engineering
• POET

Graphics:
Some general knowledge about graphics.

• Real-Time Rendering
• Computer Graphics

Business/Management:
Here's something about management and financing. I don't really know about a good reference for marketing applied to the IT industry. This is the area where the average geek is even more ignorant than concerning UI.

• High Tech Start Up
• The Mythical Man Month
• Code Complete

Security:
Alright, this list should be a lot longer.

• Security Engineering

Misc.
And last some stuff that didn't fit in any of the categories above.

• Modern Operating Systems
• Computer Networks
• A few operating systems
• A book about markup languages, ie HTML, XML, DHTML, etc
• A book about Algorithms and Data Structures in general
• At least some basic knowledge about Hardware
• Wireless systems seem to be growing. It might pay off to learn something about Symbian, J2ME etc."

Now that's a start to a comprehensive IT Library if I've ever seen one. How do you all feel about this list (if not the specific selections, then at least the material being covered)? If you were to make changes or additions, what would they be?

Torulf would like to start an ongoing discussion on books that anyone in the IT field would benefit in having in their library: "Here's a topic that might generate some interesting discussions. I'm a student trying to get general knowledge of the IT business. The question here is about what is regarded 'basic knowledge' and where to find it. As we all know (I hope), a lot of knowledge can really only be learned through experience. In many cases, however, a read through the theory will save you a lot of time. As books are also easier to look up than experience, below is a suggestion of a reading list that might give a decent general knowledge in the field. Please fill out the gaps with what you think is required knowledge for anyone working in the industry. Mostly this is about a general overview of the different areas of the IT industry, but if you have suggestions of good material for becoming an expert in some particular field, by all means, share your knowledge." Torulf has compiled a fairly long list of books, below, however your own suggestions are always welcome.

"To start off the discussion, here are a few suggestions as to likely candidates. The books are linked to Amazon since they can provide a fairly quick and complete description of the books online.

Programming:
Learning a few languages certainly won't hurt. Here are some suggestions:

• The C programming language
• The C++ programming language
• Programming Perl
• Programming Python
• A Book about Java
• A Book on SQL
• A Book about Functional languages (LISP, ML, etc.)

Design:
For any non-trivial task, it is suggested that you design before you code.

• Design Patterns
• UML Distilled

User Interfaces:
A lot of programmers are more than clueless in this area. These at least won't hurt:

• Designing Visual Interfaces
• Usability Engineering
• POET

Graphics:
Some general knowledge about graphics.

• Real-Time Rendering
• Computer Graphics

Business/Management:
Here's something about management and financing. I don't really know about a good reference for marketing applied to the IT industry. This is the area where the average geek is even more ignorant than concerning UI.

• High Tech Start Up
• The Mythical Man Month
• Code Complete

Security:
Alright, this list should be a lot longer.

• Security Engineering

Misc.
And last some stuff that didn't fit in any of the categories above.

• Modern Operating Systems
• Computer Networks
• A few operating systems
• A book about markup languages, ie HTML, XML, DHTML, etc
• A book about Algorithms and Data Structures in general
• At least some basic knowledge about Hardware
• Wireless systems seem to be growing. It might pay off to learn something about Symbian, J2ME etc."

Now that's a start to a comprehensive IT Library if I've ever seen one. How do you all feel about this list (if not the specific selections, then at least the material being covered)? If you were to make changes or additions, what would they be?

Torulf would like to start an ongoing discussion on books that anyone in the IT field would benefit in having in their library: "Here's a topic that might generate some interesting discussions. I'm a student trying to get general knowledge of the IT business. The question here is about what is regarded 'basic knowledge' and where to find it. As we all know (I hope), a lot of knowledge can really only be learned through experience. In many cases, however, a read through the theory will save you a lot of time. As books are also easier to look up than experience, below is a suggestion of a reading list that might give a decent general knowledge in the field. Please fill out the gaps with what you think is required knowledge for anyone working in the industry. Mostly this is about a general overview of the different areas of the IT industry, but if you have suggestions of good material for becoming an expert in some particular field, by all means, share your knowledge." Torulf has compiled a fairly long list of books, below, however your own suggestions are always welcome.

"To start off the discussion, here are a few suggestions as to likely candidates. The books are linked to Amazon since they can provide a fairly quick and complete description of the books online.

Programming:
Learning a few languages certainly won't hurt. Here are some suggestions:

• The C programming language
• The C++ programming language
• Programming Perl
• Programming Python
• A Book about Java
• A Book on SQL
• A Book about Functional languages (LISP, ML, etc.)

Design:
For any non-trivial task, it is suggested that you design before you code.

• Design Patterns
• UML Distilled

User Interfaces:
A lot of programmers are more than clueless in this area. These at least won't hurt:

• Designing Visual Interfaces
• Usability Engineering
• POET

Graphics:
Some general knowledge about graphics.

• Real-Time Rendering
• Computer Graphics

Business/Management:
Here's something about management and financing. I don't really know about a good reference for marketing applied to the IT industry. This is the area where the average geek is even more ignorant than concerning UI.

• High Tech Start Up
• The Mythical Man Month
• Code Complete

Security:
Alright, this list should be a lot longer.

• Security Engineering

Misc.
And last some stuff that didn't fit in any of the categories above.

• Modern Operating Systems
• Computer Networks
• A few operating systems
• A book about markup languages, ie HTML, XML, DHTML, etc
• A book about Algorithms and Data Structures in general
• At least some basic knowledge about Hardware
• Wireless systems seem to be growing. It might pay off to learn something about Symbian, J2ME etc."

Now that's a start to a comprehensive IT Library if I've ever seen one. How do you all feel about this list (if not the specific selections, then at least the material being covered)? If you were to make changes or additions, what would they be?

Torulf would like to start an ongoing discussion on books that anyone in the IT field would benefit in having in their library: "Here's a topic that might generate some interesting discussions. I'm a student trying to get general knowledge of the IT business. The question here is about what is regarded 'basic knowledge' and where to find it. As we all know (I hope), a lot of knowledge can really only be learned through experience. In many cases, however, a read through the theory will save you a lot of time. As books are also easier to look up than experience, below is a suggestion of a reading list that might give a decent general knowledge in the field. Please fill out the gaps with what you think is required knowledge for anyone working in the industry. Mostly this is about a general overview of the different areas of the IT industry, but if you have suggestions of good material for becoming an expert in some particular field, by all means, share your knowledge." Torulf has compiled a fairly long list of books, below, however your own suggestions are always welcome.

"To start off the discussion, here are a few suggestions as to likely candidates. The books are linked to Amazon since they can provide a fairly quick and complete description of the books online.

Programming:
Learning a few languages certainly won't hurt. Here are some suggestions:

• The C programming language
• The C++ programming language
• Programming Perl
• Programming Python
• A Book about Java
• A Book on SQL
• A Book about Functional languages (LISP, ML, etc.)

Design:
For any non-trivial task, it is suggested that you design before you code.

• Design Patterns
• UML Distilled

User Interfaces:
A lot of programmers are more than clueless in this area. These at least won't hurt:

• Designing Visual Interfaces
• Usability Engineering
• POET

Graphics:
Some general knowledge about graphics.

• Real-Time Rendering
• Computer Graphics

Business/Management:
Here's something about management and financing. I don't really know about a good reference for marketing applied to the IT industry. This is the area where the average geek is even more ignorant than concerning UI.

• High Tech Start Up
• The Mythical Man Month
• Code Complete

Security:
Alright, this list should be a lot longer.

• Security Engineering

Misc.
And last some stuff that didn't fit in any of the categories above.

• Modern Operating Systems
• Computer Networks
• A few operating systems
• A book about markup languages, ie HTML, XML, DHTML, etc
• A book about Algorithms and Data Structures in general
• At least some basic knowledge about Hardware
• Wireless systems seem to be growing. It might pay off to learn something about Symbian, J2ME etc."

Now that's a start to a comprehensive IT Library if I've ever seen one. How do you all feel about this list (if not the specific selections, then at least the material being covered)? If you were to make changes or additions, what would they be?

Torulf would like to start an ongoing discussion on books that anyone in the IT field would benefit in having in their library: "Here's a topic that might generate some interesting discussions. I'm a student trying to get general knowledge of the IT business. The question here is about what is regarded 'basic knowledge' and where to find it. As we all know (I hope), a lot of knowledge can really only be learned through experience. In many cases, however, a read through the theory will save you a lot of time. As books are also easier to look up than experience, below is a suggestion of a reading list that might give a decent general knowledge in the field. Please fill out the gaps with what you think is required knowledge for anyone working in the industry. Mostly this is about a general overview of the different areas of the IT industry, but if you have suggestions of good material for becoming an expert in some particular field, by all means, share your knowledge." Torulf has compiled a fairly long list of books, below, however your own suggestions are always welcome.

"To start off the discussion, here are a few suggestions as to likely candidates. The books are linked to Amazon since they can provide a fairly quick and complete description of the books online.

Programming:
Learning a few languages certainly won't hurt. Here are some suggestions:

• The C programming language
• The C++ programming language
• Programming Perl
• Programming Python
• A Book about Java
• A Book on SQL
• A Book about Functional languages (LISP, ML, etc.)

Design:
For any non-trivial task, it is suggested that you design before you code.

• Design Patterns
• UML Distilled

User Interfaces:
A lot of programmers are more than clueless in this area. These at least won't hurt:

• Designing Visual Interfaces
• Usability Engineering
• POET

Graphics:
Some general knowledge about graphics.

• Real-Time Rendering
• Computer Graphics

Business/Management:
Here's something about management and financing. I don't really know about a good reference for marketing applied to the IT industry. This is the area where the average geek is even more ignorant than concerning UI.

• High Tech Start Up
• The Mythical Man Month
• Code Complete

Security:
Alright, this list should be a lot longer.

• Security Engineering

Misc.
And last some stuff that didn't fit in any of the categories above.

• Modern Operating Systems
• Computer Networks
• A few operating systems
• A book about markup languages, ie HTML, XML, DHTML, etc
• A book about Algorithms and Data Structures in general
• At least some basic knowledge about Hardware
• Wireless systems seem to be growing. It might pay off to learn something about Symbian, J2ME etc."

Now that's a start to a comprehensive IT Library if I've ever seen one. How do you all feel about this list (if not the specific selections, then at least the material being covered)? If you were to make changes or additions, what would they be?

Torulf would like to start an ongoing discussion on books that anyone in the IT field would benefit in having in their library: "Here's a topic that might generate some interesting discussions. I'm a student trying to get general knowledge of the IT business. The question here is about what is regarded 'basic knowledge' and where to find it. As we all know (I hope), a lot of knowledge can really only be learned through experience. In many cases, however, a read through the theory will save you a lot of time. As books are also easier to look up than experience, below is a suggestion of a reading list that might give a decent general knowledge in the field. Please fill out the gaps with what you think is required knowledge for anyone working in the industry. Mostly this is about a general overview of the different areas of the IT industry, but if you have suggestions of good material for becoming an expert in some particular field, by all means, share your knowledge." Torulf has compiled a fairly long list of books, below, however your own suggestions are always welcome.

"To start off the discussion, here are a few suggestions as to likely candidates. The books are linked to Amazon since they can provide a fairly quick and complete description of the books online.

Programming:
Learning a few languages certainly won't hurt. Here are some suggestions:

• The C programming language
• The C++ programming language
• Programming Perl
• Programming Python
• A Book about Java
• A Book on SQL
• A Book about Functional languages (LISP, ML, etc.)

Design:
For any non-trivial task, it is suggested that you design before you code.

• Design Patterns
• UML Distilled

User Interfaces:
A lot of programmers are more than clueless in this area. These at least won't hurt:

• Designing Visual Interfaces
• Usability Engineering
• POET

Graphics:
Some general knowledge about graphics.

• Real-Time Rendering
• Computer Graphics

Business/Management:
Here's something about management and financing. I don't really know about a good reference for marketing applied to the IT industry. This is the area where the average geek is even more ignorant than concerning UI.

• High Tech Start Up
• The Mythical Man Month
• Code Complete

Security:
Alright, this list should be a lot longer.

• Security Engineering

Misc.
And last some stuff that didn't fit in any of the categories above.

• Modern Operating Systems
• Computer Networks
• A few operating systems
• A book about markup languages, ie HTML, XML, DHTML, etc
• A book about Algorithms and Data Structures in general
• At least some basic knowledge about Hardware
• Wireless systems seem to be growing. It might pay off to learn something about Symbian, J2ME etc."

Now that's a start to a comprehensive IT Library if I've ever seen one. How do you all feel about this list (if not the specific selections, then at least the material being covered)? If you were to make changes or additions, what would they be?

Torulf would like to start an ongoing discussion on books that anyone in the IT field would benefit in having in their library: "Here's a topic that might generate some interesting discussions. I'm a student trying to get general knowledge of the IT business. The question here is about what is regarded 'basic knowledge' and where to find it. As we all know (I hope), a lot of knowledge can really only be learned through experience. In many cases, however, a read through the theory will save you a lot of time. As books are also easier to look up than experience, below is a suggestion of a reading list that might give a decent general knowledge in the field. Please fill out the gaps with what you think is required knowledge for anyone working in the industry. Mostly this is about a general overview of the different areas of the IT industry, but if you have suggestions of good material for becoming an expert in some particular field, by all means, share your knowledge." Torulf has compiled a fairly long list of books, below, however your own suggestions are always welcome.

"To start off the discussion, here are a few suggestions as to likely candidates. The books are linked to Amazon since they can provide a fairly quick and complete description of the books online.

Programming:
Learning a few languages certainly won't hurt. Here are some suggestions:

• The C programming language
• The C++ programming language
• Programming Perl
• Programming Python
• A Book about Java
• A Book on SQL
• A Book about Functional languages (LISP, ML, etc.)

Design:
For any non-trivial task, it is suggested that you design before you code.

• Design Patterns
• UML Distilled

User Interfaces:
A lot of programmers are more than clueless in this area. These at least won't hurt:

• Designing Visual Interfaces
• Usability Engineering
• POET

Graphics:
Some general knowledge about graphics.

• Real-Time Rendering
• Computer Graphics

Business/Management:
Here's something about management and financing. I don't really know about a good reference for marketing applied to the IT industry. This is the area where the average geek is even more ignorant than concerning UI.

• High Tech Start Up
• The Mythical Man Month
• Code Complete

Security:
Alright, this list should be a lot longer.

• Security Engineering

Misc.
And last some stuff that didn't fit in any of the categories above.

• Modern Operating Systems
• Computer Networks
• A few operating systems
• A book about markup languages, ie HTML, XML, DHTML, etc
• A book about Algorithms and Data Structures in general
• At least some basic knowledge about Hardware
• Wireless systems seem to be growing. It might pay off to learn something about Symbian, J2ME etc."

Now that's a start to a comprehensive IT Library if I've ever seen one. How do you all feel about this list (if not the specific selections, then at least the material being covered)? If you were to make changes or additions, what would they be?

Torulf would like to start an ongoing discussion on books that anyone in the IT field would benefit in having in their library: "Here's a topic that might generate some interesting discussions. I'm a student trying to get general knowledge of the IT business. The question here is about what is regarded 'basic knowledge' and where to find it. As we all know (I hope), a lot of knowledge can really only be learned through experience. In many cases, however, a read through the theory will save you a lot of time. As books are also easier to look up than experience, below is a suggestion of a reading list that might give a decent general knowledge in the field. Please fill out the gaps with what you think is required knowledge for anyone working in the industry. Mostly this is about a general overview of the different areas of the IT industry, but if you have suggestions of good material for becoming an expert in some particular field, by all means, share your knowledge." Torulf has compiled a fairly long list of books, below, however your own suggestions are always welcome.

"To start off the discussion, here are a few suggestions as to likely candidates. The books are linked to Amazon since they can provide a fairly quick and complete description of the books online.

Programming:
Learning a few languages certainly won't hurt. Here are some suggestions:

• The C programming language
• The C++ programming language
• Programming Perl
• Programming Python
• A Book about Java
• A Book on SQL
• A Book about Functional languages (LISP, ML, etc.)

Design:
For any non-trivial task, it is suggested that you design before you code.

• Design Patterns
• UML Distilled

User Interfaces:
A lot of programmers are more than clueless in this area. These at least won't hurt:

• Designing Visual Interfaces
• Usability Engineering
• POET

Graphics:
Some general knowledge about graphics.

• Real-Time Rendering
• Computer Graphics

Business/Management:
Here's something about management and financing. I don't really know about a good reference for marketing applied to the IT industry. This is the area where the average geek is even more ignorant than concerning UI.

• High Tech Start Up
• The Mythical Man Month
• Code Complete

Security:
Alright, this list should be a lot longer.

• Security Engineering

Misc.
And last some stuff that didn't fit in any of the categories above.

• Modern Operating Systems
• Computer Networks
• A few operating systems
• A book about markup languages, ie HTML, XML, DHTML, etc
• A book about Algorithms and Data Structures in general
• At least some basic knowledge about Hardware
• Wireless systems seem to be growing. It might pay off to learn something about Symbian, J2ME etc."

Now that's a start to a comprehensive IT Library if I've ever seen one. How do you all feel about this list (if not the specific selections, then at least the material being covered)? If you were to make changes or additions, what would they be?

Torulf would like to start an ongoing discussion on books that anyone in the IT field would benefit in having in their library: "Here's a topic that might generate some interesting discussions. I'm a student trying to get general knowledge of the IT business. The question here is about what is regarded 'basic knowledge' and where to find it. As we all know (I hope), a lot of knowledge can really only be learned through experience. In many cases, however, a read through the theory will save you a lot of time. As books are also easier to look up than experience, below is a suggestion of a reading list that might give a decent general knowledge in the field. Please fill out the gaps with what you think is required knowledge for anyone working in the industry. Mostly this is about a general overview of the different areas of the IT industry, but if you have suggestions of good material for becoming an expert in some particular field, by all means, share your knowledge." Torulf has compiled a fairly long list of books, below, however your own suggestions are always welcome.

"To start off the discussion, here are a few suggestions as to likely candidates. The books are linked to Amazon since they can provide a fairly quick and complete description of the books online.

Programming:
Learning a few languages certainly won't hurt. Here are some suggestions:

• The C programming language
• The C++ programming language
• Programming Perl
• Programming Python
• A Book about Java
• A Book on SQL
• A Book about Functional languages (LISP, ML, etc.)

Design:
For any non-trivial task, it is suggested that you design before you code.

• Design Patterns
• UML Distilled

User Interfaces:
A lot of programmers are more than clueless in this area. These at least won't hurt:

• Designing Visual Interfaces
• Usability Engineering
• POET

Graphics:
Some general knowledge about graphics.

• Real-Time Rendering
• Computer Graphics

Business/Management:
Here's something about management and financing. I don't really know about a good reference for marketing applied to the IT industry. This is the area where the average geek is even more ignorant than concerning UI.

• High Tech Start Up
• The Mythical Man Month
• Code Complete

Security:
Alright, this list should be a lot longer.

• Security Engineering

Misc.
And last some stuff that didn't fit in any of the categories above.

• Modern Operating Systems
• Computer Networks
• A few operating systems
• A book about markup languages, ie HTML, XML, DHTML, etc
• A book about Algorithms and Data Structures in general
• At least some basic knowledge about Hardware
• Wireless systems seem to be growing. It might pay off to learn something about Symbian, J2ME etc."

Now that's a start to a comprehensive IT Library if I've ever seen one. How do you all feel about this list (if not the specific selections, then at least the material being covered)? If you were to make changes or additions, what would they be?

Torulf would like to start an ongoing discussion on books that anyone in the IT field would benefit in having in their library: "Here's a topic that might generate some interesting discussions. I'm a student trying to get general knowledge of the IT business. The question here is about what is regarded 'basic knowledge' and where to find it. As we all know (I hope), a lot of knowledge can really only be learned through experience. In many cases, however, a read through the theory will save you a lot of time. As books are also easier to look up than experience, below is a suggestion of a reading list that might give a decent general knowledge in the field. Please fill out the gaps with what you think is required knowledge for anyone working in the industry. Mostly this is about a general overview of the different areas of the IT industry, but if you have suggestions of good material for becoming an expert in some particular field, by all means, share your knowledge." Torulf has compiled a fairly long list of books, below, however your own suggestions are always welcome.

"To start off the discussion, here are a few suggestions as to likely candidates. The books are linked to Amazon since they can provide a fairly quick and complete description of the books online.

Programming:
Learning a few languages certainly won't hurt. Here are some suggestions:

• The C programming language
• The C++ programming language
• Programming Perl
• Programming Python
• A Book about Java
• A Book on SQL
• A Book about Functional languages (LISP, ML, etc.)

Design:
For any non-trivial task, it is suggested that you design before you code.

• Design Patterns
• UML Distilled

User Interfaces:
A lot of programmers are more than clueless in this area. These at least won't hurt:

• Designing Visual Interfaces
• Usability Engineering
• POET

Graphics:
Some general knowledge about graphics.

• Real-Time Rendering
• Computer Graphics

Business/Management:
Here's something about management and financing. I don't really know about a good reference for marketing applied to the IT industry. This is the area where the average geek is even more ignorant than concerning UI.

• High Tech Start Up
• The Mythical Man Month
• Code Complete

Security:
Alright, this list should be a lot longer.

• Security Engineering

Misc.
And last some stuff that didn't fit in any of the categories above.

• Modern Operating Systems
• Computer Networks
• A few operating systems
• A book about markup languages, ie HTML, XML, DHTML, etc
• A book about Algorithms and Data Structures in general
• At least some basic knowledge about Hardware
• Wireless systems seem to be growing. It might pay off to learn something about Symbian, J2ME etc."

Now that's a start to a comprehensive IT Library if I've ever seen one. How do you all feel about this list (if not the specific selections, then at least the material being covered)? If you were to make changes or additions, what would they be?

Torulf would like to start an ongoing discussion on books that anyone in the IT field would benefit in having in their library: "Here's a topic that might generate some interesting discussions. I'm a student trying to get general knowledge of the IT business. The question here is about what is regarded 'basic knowledge' and where to find it. As we all know (I hope), a lot of knowledge can really only be learned through experience. In many cases, however, a read through the theory will save you a lot of time. As books are also easier to look up than experience, below is a suggestion of a reading list that might give a decent general knowledge in the field. Please fill out the gaps with what you think is required knowledge for anyone working in the industry. Mostly this is about a general overview of the different areas of the IT industry, but if you have suggestions of good material for becoming an expert in some particular field, by all means, share your knowledge." Torulf has compiled a fairly long list of books, below, however your own suggestions are always welcome.

"To start off the discussion, here are a few suggestions as to likely candidates. The books are linked to Amazon since they can provide a fairly quick and complete description of the books online.

Programming:
Learning a few languages certainly won't hurt. Here are some suggestions:

• The C programming language
• The C++ programming language
• Programming Perl
• Programming Python
• A Book about Java
• A Book on SQL
• A Book about Functional languages (LISP, ML, etc.)

Design:
For any non-trivial task, it is suggested that you design before you code.

• Design Patterns
• UML Distilled

User Interfaces:
A lot of programmers are more than clueless in this area. These at least won't hurt:

• Designing Visual Interfaces
• Usability Engineering
• POET

Graphics:
Some general knowledge about graphics.

• Real-Time Rendering
• Computer Graphics

Business/Management:
Here's something about management and financing. I don't really know about a good reference for marketing applied to the IT industry. This is the area where the average geek is even more ignorant than concerning UI.

• High Tech Start Up
• The Mythical Man Month
• Code Complete

Security:
Alright, this list should be a lot longer.

• Security Engineering

Misc.
And last some stuff that didn't fit in any of the categories above.

• Modern Operating Systems
• Computer Networks
• A few operating systems
• A book about markup languages, ie HTML, XML, DHTML, etc
• A book about Algorithms and Data Structures in general
• At least some basic knowledge about Hardware
• Wireless systems seem to be growing. It might pay off to learn something about Symbian, J2ME etc."

Now that's a start to a comprehensive IT Library if I've ever seen one. How do you all feel about this list (if not the specific selections, then at least the material being covered)? If you were to make changes or additions, what would they be?