Slashdot Mirror

An anonymous reader writes "On October 25, 2012, as residents of the U.S. east coast made frantic preparations for the arrival of Hurricane Sandy, the captain of the HMS Bounty (a replica tall ship constructed fifty years earlier for the Marlon Brando film Mutiny on the Bounty) made a foolish decision, with the assent of his crew, to proceed with a scheduled voyage from New London, CT for St. Petersburg FL. CNN's Thom Patterson has written a long story with the benefit of survivor testimony to the NTSB and U.S. Coast Guard. Captain Robin Walbridge thought he could outrun the hurricane, and besides, he'd 'sailed into hurricanes before.' The crew (officially there were no passengers, a fact that allowed the ship to evade certain safety regulations) consisted of tall ship enthusiasts with widely varying amounts of nautical experience, perhaps taken by the vast historical literature on the great age of sailing. A day and a half into the voyage, Captain Walbridge altered his plan of sailing east of the storm, to sailing south and west of it. A day later, the Bounty was less than 200 miles from the eye of the storm; the engine room started to flood, and the pumps were jammed with debris being torn off by the storm's 70 mph winds. The end came early next day, the Bounty was knocked down by a huge wave, tossing the captain and several crew members overboard. The Coast Guard rescued fourteen of the crew members, but Claudene Christian (an adventure-loving novice who had enlisted as crew a few months before) was dead, and Captain Walbridge's body has not been found."

Rambo Tribble writes "This new, third edition of Sobell's book brings enhancements that add to the text's value as both a learning tool and a reference. This has always been a foundation book for those wanting a professional level of familiarity with Linux. The addition of chapters to introduce the Python language and MySQL database serves to offer the reader practical insights into additional Linux-related technologies." Read below for the rest of Rambo's review. A Practical Guide to Linux Commands, Editors, and Shell Programming (3rd Edition) author Mark G. Sobell pages 1200 pages publisher Prentice Hall rating 9/10 reviewer Rambo Tribble ISBN 978-0-13-308504-4 summary A concise, definitive guide for learning to manage Linux through the command line As the title suggests, this is a book about the Linux command line; GUI desktops are barely mentioned. This makes the text's primary audience computer professionals. As *nix professionals know, the command line not only offers quicker, more precise control of the system and its software, but is also far more portable across platforms. This is what allowed Sobell to extend his purview to encompass Mac OS X, in the second edition.

To be clear, this is not a volume to be taken lightly. It is a dense read, but is clearly written with concise and direct examples. In other words, it takes some concentration and effort to work through this book, but that effort is rewarded with a clear payoff of knowledge.

Sobell starts off by offering a basic introduction to Linux, exploring the roots of Unix and the evolution of Linux to become the mature and capable operating system it is today. Along the way, he delineates the aspects of the OS which define its character and form the basis of its appeal.

Next, he dives straight in to the particulars of running Linux from the command line. First, he outlines the CL environment and how to use it effectively. He is careful to point out the potential "gotchas" that can plague the uninformed neophyte. From there, he moves directly into the core commands, then the Linux filesystem and the shell environment. These subjects are at the heart of Linux system administration and while Sobell's treatment of them is necessarily brief, it is relevant and meaty.

In the book's second part, Sobell offers introductions to the most common editors to be found on Linux installations, vim and emacs. With a basic familiarity of how to edit text files, the reader is prepared to move into shell scripting, a powerful tool in controlling Linux and its suite of utilities and applications.

After a quick tour of shell environments, the author plunges into the common programming/scripting tools found on Linux, shell scripts, Perl, and Python. Once again, Sobell is obliged to brevity, but again he manages to provide a cohesive foundation that enables the reader to gain a good fundamental grasp of the subject, and a solid springboard for further learning.

The new chapter on Python introduces this cross-platform programming language, which enjoys growing popularity as a front-end development tool for Linux. Leveraging GUI toolkits, such as Qt or GTK+ , Python is considered by many to be the most effective choice for user-interface programming. The language is also commonly used in web server scripting. The Python coverage adds to Sobell's insightful treatment of the shell, shell scripts and editors already set forth in the volume.

The other new addition is a chapter on MySQL. MySQL has long enjoyed popularity as the "go to" database manager on Linux. Perhaps best known for being the "M" in "LAMP" web server setups, it is also commonly used as the back end for GUI programs, such as MythTV.

The coverage of programming tools wraps up with chapters on AWK, the pattern processing language, and sed, the stream editor. These essential tools of the command line provide useful data filtering and manipulation facilities.

The next section of the book is devoted to utilities providing secure network functions. OpenSSH and rsync are each given chapters which explore their capabilities in file management and secure communication use.

The command reference portion of the volume follows. Although it provides much the same information as the venerable on-line manual pages, it does so in a consistent voice with better illustrations and clear examples, something man pages are notoriously spotty on. Indeed, having Sobell's clear explanations, to compare, can be a great help in learning to interpret the often terse and sometimes arcane documentation the man pages provide.

Of course, 1150 pages, over a quarter of which is reference, doesn't leave time to repeat things or dwell in depth on any one topic. Sobell is often constrained to pages for subjects upon which numerous whole books have been written. With remarkable facility, however, he manages to clearly and directly convey the crux elements of each topic he addresses. This provides the reader with a broad and functional foundation in the basic elements of Linux/OS X system administration.

Bottom line: If you only get one book on the Linux command line and its tools, this should be it.

You can purchase A Practical Guide to Linux Commands, Editors, and Shell Programming (3rd Edition) from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Bennett Haselton writes "Recently I wrote an article about what I considered to be the sorry state of cooking instructions on the web (and how-to instructions in general), using as a jumping-off point a passage from Evgeny Morozov's new book To Save Everything, Click Here. My point was that most "newbie" instructions never seemed to get judged by the basic criteria by which all instructions should be judged: If you give these instructions to a group of beginners, and have them attempt to follow the instructions without any additional help from the author, what kind of results do they get? The original title of my article was "Better Cooking Through Algorithms," but due to some confusion in the submission process the title got changed to "Book Review: To Save Everything, Click Here" even though, as multiple commenters pointed out, it didn't make much sense as a "book review" since it only mentioned a short passage from the actual book. This article, on the other hand, really is intended as a review of The 4-Hour Chef, even though the article only covers a similarly tiny fraction of the book's 671-page length. That's because even before buying the book, I was determined to review it according to a simple process: Try three recipes from the book. Follow the directions step by step. (If any direction is ambiguous, then follow what could be a plausible interpretation of the directions.) My estimation of the quality of the book, as an instructional cooking guide for beginners, is then determined by the quality of the food produced by my attempt to follow the directions. (I've done this so many times for so many "beginner cookbooks," that I've probably lost my true "beginner" cook status in the process — which means that the results obtained by a real beginner using The 4-Hour Chef, would probably be a little worse than what I achieved.)" Read on for the rest of Bennett's Thoughts

I bought the book with tempered high hopes. Watching Tim Ferriss in his TV interviews and reading the enthusiasm that leaps off of every page (each recipe even comes with a "song pairing," music to jam out to while making the dish), it's hard not to take a quick liking to him. He comes across as a man who who really does want to share his passion and not just sell books. He's goofily handsome in that way that women and some men often confuse with "confidence", although he does seem to possess a lot of actual confidence. But enthusiasm is the enemy of objectivity, and I was determined to review the book according to the criterion of how well the directions actually work, not based on how much fun it would be to hang out with Tim. Even though it would probably be fun.

In his interview on Jimmy Fallon, for example, they looked like they were having a great time, but Jimmy told Tim that he read the book and tried following the directions for making bacon-infused bourbon, then proceeded to show some "action shots" of the result that he achieved: a jar of what looked like solid bacon fat, which Jimmy said he did not drink. OK, I thought, that means that whatever comes next, in that case the directions failed. Tim proceeded to explain that you have to be careful not to overblend it, and to leave it in the freezer long enough to be able to scrape more of the fat off, so that if you get a result that looks like Fallon's jar of goo, then that's probably what you did wrong. Great advice, but, not in the book. "Bacon-infused bourbon" sounds like precisely the kind of recipe that will sell a lot of books (not surprisingly, it's listed on the back cover of the book jacket), but which is hard to write good directions for.

In the same interview, Ferriss showed how he cooked sea bass sous vide in a hotel kitchen sink and then finished it by searing it with the hotel's travel iron, which he cheerfully admitted the hotel was not too happy about. I'm all for re-purposing common household items to find a new way to achieve something, but only if it's an improvement over the more mundane way of doing things; otherwise, it's just doing things inefficiently for the sake of being weird as an end in itself. (When I posted a photo of my bookshelf with a hollow-core wooden plank C-clamped to it at one end, with the other end used as an anchor for my XOOM tablet so I could watch movies while lying flat in bed, it was because that was the easiest way I could find to do that.) To be fair, Tim's suggestion of searing fish with a travel iron was probably intended to get the reader into the adventurous spirit, not as literal advice -- but then, my mission remains to evaluate the actual cooking advice, according to the results it produces.

The short answer: Of the three recipes I tried, one came out barely edible, and the other two were palatable mostly to the degree that the raw ingredients themselves were tasty, so I might as well have just snacked on the ingredients separately instead of combining them. All recipes definitely showed signs that they could have been greatly improved by being worked over by the process I described in my last article — i.e., show the recipes to a group of genuine newbies, listen to their feedback about all the points where they get stuck, then keep revising according to that feedback until you reach the point where the latest round of newbie testers is able to get through the directions with no problem. (You may notice that this sounds like a very obvious idea, but most how-to directions show very little sign of having been put through this kind of scrutiny.)

The first recipe in the book was for "Osso Buko", Ferriss's "knock-off" version of ossobuco, using lamb shanks instead of veal shanks. With $60 for a new porcelain Dutch oven, $20 for the lamb shanks, and other miscellaneous expenses, it cost me about $100 just to try the recipe to see if it worked (although Fred Meyer let me return the Dutch oven after I realized I was never going to try this again, and yes, I know you can find cheaper ones). A few times in the recipe, the directions used an unfamiliar term that I would have expected to be defined in a text for true beginners (for example, I didn't know what a "dry wine" was, and even the Wikipedia article wasn't much help, but the grocery store stockboy helped me out). The bigger problem was that at multiple points in the recipe, the instructions were too ambiguous to know if I was following them correctly, or I was unable to follow them exactly and didn't know how big of an adjustment I needed to make (e.g. what to do if the smallest shanks I could find were bigger than the recommended size). I still have no idea if the mediocre results were caused by one big screwup at one particular step, or the accumulation of many small deviations from what a real chef would have done.

Specifically: (1) The recipe calls for a Dutch oven. Ferriss has a brand he recommends, but can I use one from the local Fred Meyer? How big? The recipe doesn't say. I picked a five-quart since it was big enough to hold the lamb shanks. (2) The recipe calls for "lamb shanks." Fore shanks or hind shanks? Does it matter? My grocery store only has "lamb foreshanks" anyway. (3) The recipe says each shank should be 12 oz, but the smallest ones I could find were all 16 oz. What adjustments do I make? I have no idea. (4) The recipe called for "1/3 of a bottle" of wine, but later said to pour in enough "to cover 1/2-3/4 of the meat," and I couldn't do that without pouring in the whole bottle. I assumed the "cover 1/2 of the meat" direction took precedence over the "use 1/3 of the bottle" direction, but at that point I was sure that I'd deviated so far from the intent of the directions that the dish wasn't going to work. I put the whole thing into the oven at 350 degrees for two hours, which is about the only part of the recipe that I was sure that I followed correctly.

The results came out barely edible (I said "barely" — I still ate them, but I would never serve them or bring them to a party). Mostly it was a lot of work to cut through the tendons and small bones to get to the meat; if the Dutch oven was supposed to soften the meat so that everything fell off the bone, it didn't work.

The second recipe I tried was for crab cakes with harissa sauce. Right away I ran into a problem, since even in my fairly cosmopolitan city with multiple ethnic and specialty grocery stores, none of the ones I visited had ever heard of "harissa sauce." Now for directions that have been thoroughly beta-tested, this is where they would typically say, "Harissa sauce can be difficult to find, so here's where to look; otherwise, you can use this as a substitute." I found some forums saying you could use hot sauce, so I went with that. The crab cakes came out fine, but probably mostly due to the expensive crab ingredient, and I didn't like them enough to make them again.

The third recipe that I tried was for coconut cauliflower curry mash. The directions called for "crushed cashews," and said "If they're uncrushed, you can then crush them in your hands directly into the bowl. This is how Chuck Norris does it." By this time I was getting a little tired of the book being cute at the expense of being helpful — roasted cashews are physically impossible for most people to crush in their hands — but I flattened some under a rolling pin and followed the rest of the recipe. The result tasted OK, but probably only about as good as if I'd just mixed up the nuts and cauliflower and other ingredients and cooked them in a pot.

And that was the end of the ride for me. Three recipes and three results that I never thought about making again (one that was barely edible, and two that tasted only slightly better than the component ingredients mixed together, neither one all that good). Based on those sample results, my estimation is that for a true beginner going through the recipes in the book, the "success rate" would not be high enough to justify the time and money that they'd spend.

Full disclosure compels me to report that I did successfully prepare and "serve" one recipe in the book: bacon roses, which turned out about as well in my own kitchen as the ones he showed off on Jimmy Fallon. Most artificial roses have removable heads, and if you bake a couple of rolled-up slices of raw bacon, they come out resembling roses that can be threaded on the artificial-rose stems. But even then, the instructions in the book were overkill, requiring the reader to take a cupcake baking pan and drill holes in the bottom of each cupcake holder, so that you can cook the bacon in the cupcake holders while draining the fat out (but which also ruins the cupcake pan for the purpose of making actual cupcakes). For one thing, you can use silicone cupcake molds and just poke a hole in the bottom rather than drilling through aluminum; these can also be stacked when you're done, so that they take up much less storage space than a 12-muffin baking pan. But in any case I found that you could get perfectly good results just by rolling up the pieces of bacon and baking them sideways on a broiler rack; they hold their shape just as well as if you had baked them in the cupcake holders, since the rolled-up bacon hardly expands anyway. (This is the kind of thing that you also find if you have people beta-testing your recipes.)

To be fair, I'm only narrowly reviewing the book as an instructional guide to cooking. The book claims that the principles taught in its pages can be used to transform your life in a wide range of ways, including becoming world-class in "any skill" in about six months, which Ferriss says he has used to learn kickboxing, Spanish, shooting basketball 3-pointers, and Japanese horseback archery. Next on his list: writing cooking directions!

But now I'm being a smartass, and the truth is that there is potential for the recipes in these book to be transformed into something that could produce fantastic results in the hands of a beginner. Normally when I try out a "beginner's cookbook" — usually by using Amazon's "Look Inside" feature to sample a few recipes from the cookbook and print them out for free — if the first three recipes produce inedible results, I throw them out and never give the cookbook a second thought. But I'm more optimistic about re-working Ferriss's recipes in accordance with the beta-testing process above, for two reasons. First, he really does seem to have a passion for helping people and not just selling books (that's important, because it's hardly going to drive book sales to take recipes from the book and beta-test them and improve them as a free web-based project). Second, he has legions of fans who would probably volunteer as beta testers. I myself would be happy to volunteer, since the commitment of a beta tester is minimal, by design, because you're supposed to simulate the experience of a real user without overthinking it: go through the instructions one time, and record the quality of the result you get at the end. (Optionally, make a note of any ambiguous directions you encountered along the way, which might affect the quality of the end result.)

As they're written now, I don't think the recipes in the book would pass the definitional test of good directions: Give them to beginners, have them try to follow the steps, and record the results. I had essentially the same thought about the business-launching advice in Tim Ferriss's first book, The 4-Hour Workweek, which I only bought as a companion to the new book. Now I think The 4-Hour Workweek does contain a lot of useful self-help advice — for example, to get over your fear of the worst-case outcome by visualizing it entirely and realizing that it's not that bad. (Although I cracked up at the part about "outsourcing your work," thinking of a certain Verizon employee who took the advice too literally.) But for a book whose key premise is that you can liberate yourself from a 40-hour workweek, the advice about how to start a successful business to do this, occupies a surprisingly small portion of the book (pp. 150-200, if you leave out the subsequent chapter about how to automate your business once it's successful). Well, I've been a part of various entrepreneur communities since before I graduated college, and over the years I've seen many people follow some variation of the steps in those chapters, and the reality is that even if the founder does everything right, most new businesses still fizzle out just like my mediocre "osso buko."

The key difference, I think, is that any formula on how to start your own wildly successful business and shrink your workweek down to 4 hours, cannot work without a lot of luck — if it could, angel investors would just start hiring "entrepreneurs" to follow the formula exactly, if every one of those entrepreneurs (or even 25% of them) hit it out of the park with their new business venture, the investors would make out like gangbusters. Most methodical research suggests that actually only about 5% of VC-backed businesses hit their projected break-even on cash flow -- suggesting that even the best VCs can't find any combination of personal attributes, or action steps, that leads to entrepreneurial success without a big dose of luck. (Ferriss himself says that The 4-Hour Workweek was turned down by 28 out of 29 publishers, which sounds like a testament to the importance of persistence; but most authors whose work is turned down by the first 28 publishers, will usually get turned down by the 29th one too, and there was obviously a certain amount of luck in the fact that that didn't happen to him.)

On the other hand, following a recipe and producing a delicious dish, ought to be possible without luck. What you need, though, are precise directions that have been picked apart by beginner beta testers to remove any ambiguities, until you reach the point where the latest wave of beta testers was able to get through the directions with no confusion, and produce great results in nearly every case. The recipes in The 4-Hour Chef aren't at that point, but Tim Ferriss has the fan-based manpower at his disposal to test and transform those recipes into truly idiot-proof directions for delicious food, if he wants to.

First time accepted submitter sagecreek writes "Hadoop is an open-source, Java-based framework for large-scale data processing. Typically, it runs on big clusters of computers working together to crunch large chunks of data. You also can run Hadoop in "single-cluster mode" on a Linux machine, Windows PC or Mac, to learn the technology or do testing and debugging. The Hadoop framework, however, is not quickly mastered. Apache's Hadoop wiki cautions: "If you do not know about classpaths, how to compile and debug Java code, step back from Hadoop and learn a bit more about Java before proceeding." But if you are reasonably comfortable with Java, the well-written Hadoop Beginner's Guide by Garry Turkington can help you start mastering this rising star in the Big Data constellation." Read below for the rest of Si's review. Hadoop Beginner's Guide author Garry Turkington pages 374 publisher Packt Publishing rating 9/10 reviewer Si Dunn ISBN 9781849517300 summary Explains and shows how to use Hadoop software in Big Data settings. Dr. Turkington is vice president of data engineering and lead architect for London-based Improve Digital. He holds a doctorate in computer science from Queens University of Belfast in Northern Ireland. His Hadoop Beginner's Guide provides an effective overview of Hadoop and hands-on guidance in how to use it locally, in distributed hardware clusters, and out in the cloud.

Packt Publishing provided a review copy of the book. I have reviewed one other Packt book previously.

Much of the first chapter is devoted to "exploring the trends that led to Hadoop's creation and its enormous success." This includes brief discussions of Big Data, cloud computing, Amazon Web Services, and the differences between "scale-up" (using increasingly larger computers as data needs grow) and "scale-out" (spreading the data processing onto more and more machines as demand expands).

Dr. Turkington writes, "One of the most confusing aspects of Hadoop to a newcomer is its various components, projects, sub-projects, and their interrelationships."

His 374-page book emphasizes three major aspects of Hadoop: (1) its common projects; (2) the Hadoop Distributed File System (HDFS); and (3) MapReduce.

He explains, "Common projects comprise a set of libraries and tools that help the Hadoop product work in the real world."

The HDFS, meanwhile, "is a filesystem unlike most you may have encountered before." As a distributed filesystem, it can spread data storage across many nodes. "[I]t stores files in blocks typically at least 64 MB in size, much larger than the 4-32 KB seen in most filesystems." The book briefly describes several features, strengths, weaknesses, and other aspects of HDFS.

Finally, MapReduce is a well-known programming model for processing large data sets. Typically, MapReduce is used with clusters of computers that perform distributed computing. In the "Map" portion of the process, a single problem is split into many subtasks that are then assigned by a master computer to individual computers known as nodes (and there can be sub-nodes). During the "Reduce" part of the task, the master computer gathers up the processed data from the nodes, combines it and outputs a response to the problem that was posed to be solved. (MapReduce libraries are now available for many different computer languages, including Hadoop.)

"The developer focuses on expressing the transformation between source and result data sets, and the Hadoop framework manages all aspects of job execution, parallelization, and coordination," Dr. Turkington notes. He calls this "possibly the most important aspect of Hadoop. The platform takes responsibility for every aspect of executing the processing across the data. After the user defines the key criteria for the job, everything else becomes the responsibility of the system."

In this 11-chapter book, the first two chapters introduce Hadoop and explain how to install and run the software.

Three chapters are devoted to learning to work with MapReduce, from beginner to advanced levels. And the author stresses: "In the book, we will be learning how to write MapReduce programs to do some serious data crunching and how to run them on both locally managed and AWS-hosted Hadoop clusters." ["AWS" is "Amazon Web Services."]

Chapter 6, titled "When Things Break" zeroes in on Hadoop's "resilience to failure and an ability to survive failures when they do happen.much of the architecture and design of Hadoop is predicated on executing in an environment where failures are both frequent and expected." But node failures and numerous other problems still can arise, so the reader is given an overview of potential difficulties and how to handle them.

The next chapter, "Keeping Things Running," lays out what must be done to properly maintain a Hadoop cluster and keep it tuned and ready to crunch data.

Three of the remaining chapters show how Hadoop can be used elsewhere within an organization's systems and infrastructure, by personnel who are not trained to write MapReduce programs.

Chapter 8, for example, provides "A Relational View on Data with Hive." What Hive provides is "a data warehouse that uses MapReduce to analyze data stored on HDFS," Dr. Turkington notes. "In particular, it provides a query language called HiveQL that closely resembles the common Structured Query Language (SQL) standard."

Using Hive as an interface to Hadoop "not only accelerates the time required to produce results from data analysis, it significantly broadens who can use Hadoop and MapReduce. Instead of requiring software development skills, anyone with a familiarity with SQL can use Hive," the author states.

But, as Chapter 9 makes clear, Hive is not a relational database, and it doesn't fully implement SQL. So the text and code examples in Chapter 9 illustrate (1) how to set up MySQL to work with Hadoop and (2) how to use Sqoop to transfer bulk data between Hadoop and MySQL.

Chapter 10 shows how to set up and run Flume NG. This is a distributed service that collects, aggregates, and moves large amounts of log data from applications to Hadoop's HDFS.

The book's final chapter, "Where to Go Next," helps the newcomer see what else is available beyond the Hadoop core product. "There are," Dr. Turkington emphasizes, "a plethora of related projects and tools that build upon Hadoop and provide specific functionality or alternative approaches to existing ideas." He provides a quick tour of several of the projects and tools.

A key strength of this beginner's guide is in how its contents are structured and delivered. Four important headings appear repeatedly in most chapters. The "Time for action" heading singles out step-by-step instructions for performing a particular action. The "What just happened?" heading highlights explanations of "the working of tasks or instructions that you have just completed." The "Pop quiz" heading, meanwhile, is followed by short, multiple-choice questions that help you gauge your understanding. And the "Have a go hero" heading introduces paragraphs that "set practical challenges and give you ideas for experimenting with what you have learned."

Hadoop can be downloaded free from the Apache Software Foundation's Hadoop website.

Dr. Turkington's book does a good job of describing how to get Hadoop running on Ubuntu and other Linux distributions. But while he assures that "Hadoop does run well on other systems," he notes in his text: "Windows is supported only as a development platform, and Mac OS X is not formally supported at all." He refers users to Apache's Hadoop FAQ wiki for more information. Unfortunately, few details are offered there. So web searches become the best option for finding how-to instructions for Windows and Macs.

Running Hadoop on a Windows PC typically involves installing Cygwin and openSSH, so you can simulate using a Linux PC. But other choices can be found via sites such as Hadoop Wizard and Hadoop on Windows with Eclipse".

To install Hadoop on a Mac running OS X Mountain Lion, you will need to search for websites that offer how-to tips. Here is one example.

There are other ways get access to Hadoop on a single computer, using other operating systems or virtual machines. Again, web searches are necessary. The Cloudera Enterprise Free product is one virtual-machine option to consider.

Once you get past the hurdle of installing and running Hadoop, Garry Turkington's well-written, well-structured Hadoop Beginner's Guide can start you moving down the lengthy path to becoming an expert user.

You will have the opportunity, the book's tagline states, to "[l]earn how to crunch big data to extract meaning from the data avalanche."

Si Dunn is an author, screenwriter, and technology book reviewer.

You can purchase Hadoop Beginner's Guide from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

New submitter nifty-c writes "Singapore has invested heavily in higher education partnerships with the U.S. and launched an ambitious program of high-tech research with Western countries, but recent events have opened these links to controversy. Prof. Cherian George at Nanyang Technological University (NTU), Singapore, is a communication and information school professor and an outspoken critic of his government's censorship of the Internet. NTU recently fired him, sparking an outcry from critics who claim political interference. This week a group of faculty and affiliates at Harvard's Berkman Center for Internet & Society has 'strongly caution[ed]...colleagues working in the area of Internet and society in any dealings with Singaporean universities.'"

Last week you had a chance to ask former Republican staffer Derek Khanna about his well publicized firing, copyright law, and the state of the government. Read below to see his answers to your questions. Do You Still Identify Yourself as Republican?
by eldavojohn

I believe your paper would have been unpopular on both sides of the isle but did the Republican knee jerk reaction to it negatively affect your affinity with the Republican party and your efforts to further their cause? Setting aside your differences on Copyright Law with that party, are you still Republican?

Khanna: Absolutely still a Republican. In fact I actually quibble a bit with your premise. The conservative position is that our current system of copyright is not consistent with the Constitution and inhibits innovation by choosing winners and losers– and pretty much all conservative organizations have come out with that opinion. There is a difference between Republican and Conservative that I won’t get into here, but my opinions are conservative and the Republican Party reflects more of the conservative ideology.



Re:Do You Still Identify Yourself as Republican?
by alexander_686

Follow up question: If you had been a Democratic staffer, do you think you would have been fired or would have been treated differently?

That is, what is the interaction between the Republican party verses the general entrenched interests that influences both parties. I have seen many Democrats also advocate for strict IP laws.

Khanna: I’m not sure, I’m not really qualified to assess what happens on the other side of the aisle. But I would think that the memo would never have gotten written at all. The content industry traditionally supports Democrats. And the memo was written for a conservative audience based upon traditional conservative principles.



Law to guide vs. forbid
by Maximum Prophet

One complaint conservatives about liberals is that they tend to try to outlaw stuff reactively. The EPA comes to mind, forbidding property owners certain uses of their land. How can government encourage people to do the right thing without outlawing the wrong thing? How can the government "Speak Softly" but keep the "Big Stick" only when absolutely necessary? With respect to copyrights, could the government tell people it's wrong to let artists starve, while making it easy to justly compensate them for their work?

Khanna: I’m not going to go too off base here, but there are many solutions available other than regulation and forbidding conduct. Often times the market can sort it out, but if, and only if, you ensure that externalities are built in, and you ensure that the government hasn’t already messed with the incentive structures. I’m not really qualified to jump in on EPA issues. And I’m not entirely sure on the rest of your question, as a believer of the free market I don’t think that our copyright system should be built upon ensuring that ALL artists make lots of money and I think that generally the market will facilitate even easier methods of payments with newer technologies.



Re:Great minds think alike
by Tokolosh

My posting from nearly four years ago:

To quote the Constitution: "To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries." What does "limited Times" mean? We can agree that one day is insufficient to be an incentive. We can also agree that infinity is too long to promote progress. Therefore, it stands to reason that there is some optimal duration, which both maximizes the rewards for both the inventors, and society at large. Has any research been done to determine this optimum? Is current legislation based on anything other than what lobbyists can buy for their clients?

Khanna: Terrific question. First, limited times is a term left purposefully vague allowing for Congress to change how long copyright should be. This is a reason why I never said that copyright has to be 28 years – set in stone – as the Founders had (kind of it’s a bit more complicated). And my suggested terms are just suggestions – they were designed to be a starting point for hearings to bring in data.

But I think we have to make arguments for why longer than the Founder term is sound. Arguments like, “Our Founder system of 28 years was premised upon a market of x, and today the market is y, which requires a longer recoupment period for the content producer etc.” But of course that wouldn’t justify our current system of life + 70. In my Cato Unbound piece I go through some of the studies on this topic that pretty conclusively find that there is no incentive to content producers for such a long copyright period.

From the piece:

“Research further shows that our system of copyright is suboptimal at best and significantly counterproductive at worst. For much of our history, copyright required registration to receive the full benefit of the extension. If a longer copyright term were critical to provide sufficient incentive to content producers then we would expect, particularly when copyright terms were much shorter, that content producers would choose to extend their copyright. But during the era of registration, Congress found that only “a very small percentage of copyrights are ever renewed.”[2] They found that the rate of renewal in the 1880s was 15%, and less than half of all works were originally registered at all. If a much longer copyright term of life plus 70 years is so necessary, then why did all these content producers choose to only have 28 years of protection rather than the optional 42 years available at the time?

As William Patry argues in his book How to Fix Copyright,

Was there a single author in the world who said, ‘A term of copyright that only lasts for my life plus fifty years after I die is too short. I will not create a new work unless copyright is extent to last for my life plus seventy years’? There is no such person. (p 57)

Several studies have confirmed this as well. In 2009, a study on the production of movies in twenty-three countries that had extended the term of copyright(pdf) found no evidence that longer terms of copyright caused the creation of more works rather than the prior, shorter term. Another study from the University of Cambridge found that the optimal copyright term is 15 years(pdf), with a 99% confidence interval extending up to 38 years. Even the Congressional Research Service concluded that there was at most a small change in incentive in the extension of copyright term.

If there are no or only minimal benefits to this change, what are the costs?”

So in answer to your question there has been a lot of research. We have cross-country research so we know generally what works. And while the data may show slightly different things, it all shows that life + 70 offers us nothing and actually depresses available content. Current legislation is not based upon this discussion, I don’t recall that being the topic of discussion for the last extension, but it should be particularly when the industry comes knocking in 2019 to ask for life + 90 to keep Steamboat Willy from entering the public domain.

I got into some relevant detail in another more recent essay for Cato-Unbound:

“There are certainly legitimate arguments that copyright should be longer than that of our Founders because of certain market conditions that are different from their day – but there are not legitimate argument to say that a system of indefinite copyright abides by the Constitution or our the express intentions of our Founders.

Despite the American history on Copyright, some still argue that copyright should be or could be a perpetual right that exists forever. Many of them have lobbied successfully on a regular basis to ensure that certain highly-lucrative works never enter the public domain. Some against copyright reform hide behind the shadows of claiming that they are not for an indefinite copyright – but every twenty/thirty years they lobby to extend copyright from 56 years, to life + 50, to life +70. It’s very clear what their intentions are. They intend and have largely succeeded in destroying anything of value entering the public domain. Success in perverting the law should not be misinterpreted for constitutional fidelity despite their property law arguments using 18th century vernacular. These proponents are arguing for something very different from what the Founders believed.

Frankly they lost the argument 226 years ago. The Founders explicitly rejected this position.”



Down the Pipe
by CanHasDIY

Is there any future legislation that you know of / heard about during your time as a staffer that we, the People, should get a heads-up on? Specifically, anything nefarious regarding things like copyright, patents, digital property and/or privacy, et. al?

Khanna: Patents need to be fixed and we obviously need major privacy legislation such as ECPA reform etc. I talked about some of the upcoming privacy issues in my interview with Techdirt. I was always particularly concerned with drone strikes against US citizens so I’m happy that is finally receiving some real attention by MSM and the American people.

As I wrote in my piece in the National Review, I think we can do a much better job in allocating visas to high-skilled workers – and I think there is an actual way to accomplish that goal as outlined in the article or other ideas along a similar thought process (perhaps by providing greater help for small businesses acquiring H-1Bs).

But more on topic, we should keep an eye on the Transpacific Partnership Treaty (TPP) because it will be codifying provisions of the DMCA that are very problematic. The DMCA has been used to make some technology “contraband” and to stifle political speech. While we need to protect intellectual property, the DMCA has proved to be a terrible law. It should not be entirely surprising that the DMCA may need revisions and oversight. The DMCA was passed three years before the iPod, six years before Google Books and nine years before the Kindle. But now that it's clear that the DMCA is being interpreted in a way clearly contrary for which it was passed, it’s incumbent upon Congress to act.The idea of putting the DMCA into an international agreement is a very bad idea. If in the United States it has been used to justify censorship of political speech, imagine what other countries will do that don’t have the First Amendment and are looking for legal structure to justify censorship.

This is a big fight and as a Congressional staffer we weren’t allowed to read it – so very scary stuff and I think an unprecedented level of secrecy on this. I also touched upon this in the Cato Unbound piece:

“This treaty includes provisions on intellectual property that are above and beyond those in the Berne Convention. Setting controversial and contested copyright terms in stone through treaty was wrong then, and it’s wrong now. It’s an affront to the legislative process to try to “re-codify” legislative wins into treaty agreements. That would make it significantly more difficult to ever change course.

The length of copyright terms has always received significant debate and disagreement. This was likely the intention of the Founders in not specifying what a "limited time" meant within the Constitution itself. But current drafts of the TPP allegedly establish the law at life plus 70 years. Additionally, it would include or even expand portions of the Digital Millennium Copyright Act (DMCA) relating to anti-circumvention technologies. To be clear, I am strongly against unauthorized copyright infringement, but the DMCA outlawing of anti-circumvention technologies is extremely controversial—and rightfully so.

The DMCA created rules that until recently made it illegal to jailbreak your own iPhone or to develop a program to read a Kindle book aloud to someone who is blind. The DMCA still bars developing, selling, providing, or even linking to technologies that play legal DVDs purchased in a different region, or to convert a DVD you own to a playable file on your computer. Because no licensed DVD playing software is currently available for the Linux operating system, if a Linux user wishes to play a DVD that they have legally bought, they cannot legally play it on their own computer. The DMCA’s rules have also made legitimate fair uses of copyrighted material much harder. Using snippets of video for classrooms is legal fair use, but to do so, teachers have to use illegal technology to “rip” the DVD to a playable and editable file, or they must illegally download the file online.

Within the leaked details of the TPP Treaty there are many troubling features, but perhaps most troubling is the secrecy surrounding the negotiations. Members have been allowed to view documents, but most of their staff and the general public have been denied access. Outside of the national security realm, this type of secrecy in regard to a treaty is particularly troubling and perhaps unprecedented. Another troubling aspect is that despite this secrecy, there have been “stakeholder” presentations representing one particular side and vested interest, rather than the perspective of the general public or the requirements of our Constitution. One of the stakeholder presentations at the latest TPP negotiations was titled "The Walt-Disney Company: Creativity, Brought to you by Copyright.” At the same time, representatives from the Electronic Freedom Foundation (EFF) were denied access and not allowed in the building for recent negotiations.”

But the recent decision by the Librarian of Congress really takes the cake, which made it illegal to unlock your own cellphone. In a recent article I stated that:

“Congress's inaction in the face of the decision by the Librarian of Congress represents a dereliction of duty. It should pass a new law codifying that adaptive technology for the blind, backing up DVD's to your computer, and unlocking and jail breaking your phone are lawful activities regardless of the decisions of the Librarian of Congress.” (article)

Our White House petition on this issue is currently at 75,000 but we have to get to 100,000 by February 23, 2013. This will be a big opportunity for advocates of sounds technology policy.



Hope?
by Hatta

How do we Americans manage to retain any hope for any sort of positive change when people who are paid to identify beneficial reforms get fired for upsetting special interests? Doesn't your case prove that it's impossible to effect reform through the system? Do you belive that Democracy in America still exists, and if so, why?

Khanna: Democracy is more than just people voting and it’s more than just activism for your candidate of choice. The people have immense power when they are united and coordinated. Unfortunately, most organizing up till now has required major organizations to set-up – but not anymore.

Members of Congress are particularly sensitive to interests from their constituents as expressed through letters, e-mail and phone calls to their office. This is why a united and coordinated movement can be so successful in stopping legislation. But activist movements, like the SOPA protest, cannot rest after stopping one bad piece of legislation. Instead, we must take the next step which is actually passing good legislation.

I imagine that ad-hoc groups of people who agree on some policy idea will form to both stop bad legislation but also to push good legislation. It will take a while to transition to that, but once that is done, then we will have much more of an effect and a substantive democracy. But that will require activism and involvement.

The cellphone unlocking issue is a perfect example of where the people could actually fix policy. The traditional players in DC are unlikely to do so on their own, the wireless industry likes the ruling, and many of the other technology companies may see this as an issue where they have little to gain– so it’s up to the people themselves to step up and say this ruling is crazy. The idea that average people can be arrested for unlocking their phones is insane. I hope that the people step up for their own property rights.



Lawmakers becoming Obsolete
by SinisterRainbow

The United States was founded as Republic, primarily (so it is said) because having individual voices was impossible with the technology of the time. However, we live in an age where the Internet has given us instant communication and access to vast information, where we can relatively securely pass information around, and where especially, we can have every voice heard to write our own bills and laws. Iceland may be small, but they have proven it's more than just a theory. We have open source books, open source software, open encyclopedia, with more 'open' type projects all the time - which have proved immensely successful and very efficient when it comes to money. However, the trend is in the opposite direction, with more power given to lawmakers and large corporations (in the de facto sense at least as contributions are now unlimited, it raises the bar of entry), and congress with it's two main parties, are in a huge poker match. What do you see as the pros and cons against an open-Bill type of system, where the power of the people get a more realistic voice, where the history can be saved for eternity, where the slightest changes can all be remembered using repositories, where anyone can contribute, where it would save multi-millions of dollars in taxes, where multiple types of Bills can be presented and the one the people wish for most receives the most votes? You have represented a party that claims they stand for smaller government, yet it's one that has increased government size as much and many times, more than democrats. Shouldn't such a system be at the forefront of Republican agenda? Or has big business lined the pockets so fat of every member in congress that this is not possible without some type of revolution..?

Khanna: You are correct that the Republican Party claims they are the party of smaller government, yet they have failed to deliver while they were in power – and conservatives are frustrated with the party for that reason. I think that Democrats have been worse in that regard, but clearly the Bush years were very bad ones for fiscal conservatism.

Your idea for a more open government and transparency is interesting, but while I want the people to be more involved in our process I do like the idea – in concept – of representative democracy (I’m not sure exactly what you are saying in that regard).



Would you do it the exact same way again?
by rmdingler

Hindsight being on the order of 20/15 or so, would you make the same bold statement, or, knowing the consequences and repercussions, would you be a bit more tactful and attempt to reform the system from within?

Khanna: I tried to reform the system from within – by doing my job. In this situation, discretion and tact was used as much as possible.



Now What?
by eldavojohn

You told other staffers when you left: Don't be discouraged by the potential consequences. You work for the American people. It's your job, your obligation to be challenging existing paradigms and put forward novel solutions to existing problems.

So now what? What's your plan? I mean, you can tell them not to be discouraged but that's a pretty hefty weight to put on your own shoulders. Anyone who gets a check from the content industry (and I think that's everyone in DC) is going to blacklist you. Do you see yourself taking a Ralph Nader-like approach to politics? How do you even get your foot back in the door? You do realize that if you don't return or rise to another kind of constituent-focused power that your above encouragement will fall upon deaf ears as you will become the example of what happens to an outspoken staffer?

Khanna: Yes, I stand by that statement. We need creative destruction of failed ideas and we need a thriving competition for promising new ideas. Not solving problems but “getting along” is not enough to fix our system at this point.

In normal times, the system can function by each of us playing a minimal role in its proper functioning – but when the system is like it is today, it requires those of us who are paying attention to be more active participants. Democracy is tough, it requires active engagement and participation.

As for me, I have a bunch of plans in the works. Right now I’m working on the cellphone unlocking issue that I mentioned because it’s outrageous and unacceptable. But it’s also a misstep by the other side and therefore it’s a strategic opportunity to restore property rights. Doing so will start to change the overall discussion on technology policy and it’s a winnable battle. I hope you will consider signing and promoting our White House petition and getting us over 100,000 by the end of the week.

I plan on continuing to write and research on sensible technology policies for our country through my fellowship with Yale Law and hopefully being a part in successful advocacy movements going forward.

Follow me on twitter to find out about my next steps. Or shoot me on twitter @Dkhanna11 and e-mail if you have ideas (Khannaderek@gmail.com).

Bennett Haselton writes "Evgeny Morozov's forthcoming book To Save Everything, Click Here describes how an overly helpful 'kitchen of the future' might stifle the learning process and threaten culinary innovation. True, but we could certainly do better than the current state of how-to directions (in cooking and most other subjects) that you can find today on Google. I suggest that the answer lies not in intelligent kitchen technology, but in designing an algorithm that would produce the best possible how-to directions -- where the 'best' directions are judged according to the results that are achieved by genuine beginners who attempt to follow the directions without help." Read below for the rest of Bennett's review.
Editor's Note: This article was not intended as a full review, but rather a commentary on one point in the book. The author's actual review of the book will appear in March. To Save Everything, Click Here author Evgeny Morozov pages 432 publisher PublicAffairs rating 9/10 reviewer Bennett Haselton ISBN 1610391381 summary Argues that we badly need a new, post-Internet way to debate the moral consequences of digital technologies

Evgeny Morozov's new book To Save Everything, Click Here (due out in March), about "the folly of technological solutionism", is that rare animal: a book I would recommend to everyone even if I disagree with about 2/3 of the conclusions in the text. The arguments in the book didn't always change my mind, but they made me reformulate many of my own arguments in the other direction.

In most sections of the book, Morozov attacks the beliefs of "solutionists" who believe that a particular program or algorithm can solve a social program. Usually, I thought his criticisms of a given algorithmic "solution" were spot-on. But I often found myself thinking of a different algorithm that I thought would solve the problem much more effectively than the one Morozov was critiquing. This, naturally, could be construed as missing the point of the book. However, I'm prepared to defend any of the alternative algorithms that I came up with, or bet money on how it would fare in the real world. I'll have a full review of the book when it's released, but I think many of Morozov's argument are interesting enough to deserve an article in their own right.

For example, Morozov describes a new kitchen technology that guides would-be chefs through the process of preparing a meal, by illuminating pathways on the kitchen floor to show the cook where they're supposed to walk next, and then using laser pointers and visual aids to guide them through what they're supposed to do when they get there. If you want to know how to expertly carve a fish, for example, the ceiling-mounted lasers will trace out the exact cuts that you're supposed to make on the fish's skin. The description sounds like a parody of what people think the Big Bang Theory geeks would like their kitchen to do for them.

Morozov argues, not unreasonably, that "[t]o subject [cooking] fully to the debilitating logic of efficiency is to deprive humans of the ability to achieve mastery in this activity, to make human flourishing impossible and to impoverish our lives," and that "deviating from recipes is what creates culinary innovations." Well that's one of the 1/3 of his arguments that I agree with. Besides, if you can afford the cost of a laser-guided kitchen just to cook meals for yourself, you could probably use the same amount of money to take a professional cooking class, order takeout every day to tide you over until you know how to make decent stuff on your own, and still have money left over. If you're using it instead to try and cook to impress party guests, how's that going to work? If you're making the food where your guests can see you being guided around by lasers, they're going to think (correctly) that you don't know how to cook, and if you're making the food in a back room where you're out of sight of the guests, you might as well order takeout and have it smuggled in through the back door.

On the other hand, Morozov says in his next paragraph: "In a world where only a select few could master the tricks of the trade, such 'augmented' kitchens would probably be welcome, if only for their promise to democratize access to this art. But this is not the world we inhabit: detailed recipes and instructional videos on how to cook the most exquisite dish have never been easier to find on Google."

That's where he lost me. I have vastly different views on this, which can be summed up in three points:

• The qualify of most "how-to" instructions aimed at beginners, judged by the results they produce in the hands of actual beginners, is far worse than most people believe.

• Moreover, for reasons I'll describe later, the incentives created by the free market in general (and Google in particular) more or less guarantee this result: How-to directions exist that cover nearly every human activity, but most of the directions are not particularly good.

• I have an idea for a different algorithm (surprise!) that Google, or any other similarly positioned web titan, could use to change the incentives of web publishers, leading them to write how-to instructions that would produce much better results when followed by actual beginners.

The morass of cooking how-tos on the web are a good example. Partly from always having other things that I'd rather learn, and partly from being perfectly happy eating lots of plain fruits and vegetables (good for your health, but not for your cooking skills), I had survived to early adulthood hardly knowing anything about real cooking. Being a decently smart person, I figured that made me well suited to judge the effectiveness of the countless cookbooks written "for people who don't know how to cook". Because I firmly believe that if you follow a set of directions precisely (or, if the directions are written ambiguously, then if you follow some plausible interpretation of each step in the directions), and the result doesn't come out as predicted, then it's the directions that failed, not you. If another set of instructions would have produced better results, then those directions are better. This is not rocket science, but many cooking directions in cookbooks and on the Internet are glaringly missing key pieces of information that would have made the directions better, by the above definition.

Now, I understand the importance of experimenting and deviating from recipes and tailoring things to your own tastes, but I think that has to come after you've produced an edible dish that you can use as a baseline. I make scrambled eggs a little bit differently every time -- curry powder, mussels, capers, tabasco sauce, blue cheese (just not all in the same pan, please) -- but the only reason that's possible is because the simple directions for plain scrambled eggs actually work. When I say that most cooking directions don't work, I mean that if you follow them precisely (but without any prior cooking knowledge), they don't even get you to the baseline of an edible result that you can then use as a jumping-off point to try your own variations.

The odd thing about cooking is that of all the people whose cooking I liked so much that I asked them where they learned how to cook, all of them said that they learned from an in-person instructor (usually a family member); I have yet to meet any really good cooks who learned their skills from written recipes or web videos. This suggests that the learning materials on the Internet are falling short. (By contrast, I know plenty of people who have learned PHP programming or similar skills out of a book.)

And from my experiences helping out friends in the kitchen who had more cooking experience but who were trying to follow a particular recipe, it seemed that their most valuable skill was knowing the crucial parts of the recipe that were missing, or wrong. And then they would use their non-beginner knowledge fill in the missing steps or make the necessary corrections as we went along. With the current mediocre state of most cooking directions out there, that's surely a useful skill. However, it does mean that you could make most recipes produce much better results in the hands of a beginner, if you simply fixed all those parts that were missing, or wrong.

Take, for example, my misadventures making jalapeno poppers. Going to a friend's Super Bowl party, I figured that jalapeno poppers would be an easy thing to make, with just under 200 how-to videos on Youtube and about 600 matching recipe pages on Google, most of them calling for only four ingredients. How hard could it be?

Well, there are two important things that should be in every jalapeno popper recipe, or the recipe is doing more harm than good just by being out there on the web. One is that when you're slicing and handling the raw jalapenos, you have to wear gloves, or the capsaicin in the jalapeno -- which is also the active ingredient in pepper spray -- will leave a burning feeling on your fingers that lasts for about the next 24 hours. (If you touch your eye with your finger, you might even have to go to the emergency room.)

The other indispensable piece of information is that to make the jalapeno poppers edible, you have to remove the seeds and the white ribs from the inside -- not just the white center of the jalapeno (which slides out easily), but the white part of the ribs, which have to be scraped off of the outer wall (a grapefruit spoon works great, otherwise a paring knife or a regular sharp knife will do). Most recipes do tell you to remove the seeds. But the white ribs left inside the jalapeno are just as hot, and if you don't cut them out, the finished product will have a hotness that's too overpowering to taste anything else. (This video shows how to do it right.)

So what's the problem? Here's a table listing the first 10 Google matches for "jalapeno popper recipes", rated according to whether they contain those two must-have pieces of information that a beginner would need. (If the directions said to "devein" the jalapeno or "remove the membranes", I gave it an "Almost" in the second column -- because a first-timer is likely to think that this refers to removing the white center of the jalapeno, and not realize that you also have to remove the ribs attached to the edges. I'm being strict here, because it would have taken almost no effort for the recipe writers to be clear about this, and if you don't do that step correctly, you will have to throw out the finished product.)

Recipe source Tell reader to wear gloves? Tell reader to remove jalapeno ribs? Food Network (Emeril Lagasse) No Almost (instructions say "membranes removed") AllRecipes.com No No Food.com No No KraftRecipes.com No Almost (says to remove "veins") InspiredTaste.net Yes. (Sort of. The directions end halfway down the page, and then another set of written directions starts from the beginning. That's confusing, but I'll give it to them.) Yes. (In both sets of directions. Good job guys!) ThePioneerWoman.com No Yes Epicurious.com No Almost ("devein") About.com No (not counting the comments section, where someone warns other readers to use gloves because they burned their hands following the directions) No RecipeGirl.com No. (This is weird: gives tips on how to neutralize the stinging capsaicin once it gets on your hands, but never actually says to put gloves on.) Almost ("seeds and ribs") JalapenoMadness.com No No

Videos scored a little better, if you're generous and give full credit to any video that shows the scooping out of the jalapenos to include the ribs attached to the sides, even if the verbal directions don't spell that out precisely. Here are the ratings for the first 10 Youtube matches for "jalapeno poppers recipe":

Source (Youtube user) Tell viewer to wear gloves? Tell viewer to remove jalapeno ribs? allrecipes Yes No bettyskitchen No Yes PrincessDiana161 Yes Yes MudRFunR Yes Yes cookingwithcaitlin1 Yes Yes Michael Hultquist (Jalapeno Madness) No No BarbecueWeb No No kooktocook No No Adley Stump No No thatsletitia No No

In most of the videos that didn't explicitly include the step about putting gloves on, the cooks themselves were not wearing gloves. What did their hands feel like later?

eHow.com does have a helpful page about how to treat capsaicin burns from handling jalapenos. Perhaps that's their penance for the fact that half of their 'jalapeno poppers' recipes don't tell you to put gloves on.

If you could have made poppers based on these incomplete instructions, because you knew to put gloves on or to scrape the ribs out, good for you -- you possess the background knowledge to fill in the parts of the directions that were missing, or wrong. But that doesn't do the real newbies any good.

I went to this trouble because I want to beat you over the head with the crucial fact here: Most directions suck. They suck not just in absolute terms (burning your hands, or the mouths of people who eat the jalapenos with the ribs still in them) but they especially suck relative to how easily they could have been fixed. There is no excuse for putting up a recipe for jalapeno poppers that doesn't tell the reader to put gloves on, or that only tells the reader to "remove the seeds". And I've run into the same phenomenon over and over -- whether looking for directions on how to lower memory consumption of a web server, or how to get stains out of a carpet, or how to replace a 12V direct-current power supply with a cartridge of 8 AA batteries in series -- where not only did the directions not work, but I later found out that they could have worked if the author had simply added one or two key pieces of information.

However it seems that almost everyone believes that the quality of directions on the web is much higher than it actually is -- where, by "quality", I'm talking about the results that would be achieved by a beginner following the directions. (If I had asked you, "Where can I find a good recipe for jalapeno poppers?", is there about a 100% chance you would have said, "Google"?) I assume people overestimate the usefulness of all the how-tos out there, for two reasons: (a) they glance at the directions but don't try them themselves, so they just assume the directions work; or (b) they already know how to do the task being described, so when they read the directions, their brain automatically fills in the missing steps or makes the necessary corrections. That doesn't mean the directions would work in the hands of a true beginner.

Unfortunately, the quality of the directions on the web, is perfectly explained by the incentives created by Google. If there's any niche in the how-to space that is not already filled by some article on the web, an author can easily grab some extra web traffic by writing the first page about that topic. For a popular topic like how to make jalapeno poppers, there's enough traffic going around that dozens or hundreds of authors can put up their own how-to pages and each collect just enough web traffic to make it worthwhile. Thus, every "directional" niche will be filled, and some will be filled to overflowing.

Within a particular niche, however, there's not much incentives to make the directions particularly good -- where "good" means "produces good results when followed by someone with no prior knowledge in this area". Whether your directions work or not, they'll attract about the same level of traffic from Google. Even if the author later realizes that the insertion of a few key steps would make their instructions better, there's no incentive for them to do it -- that's not going to make your how-to page rise up in the Google rankings above the other pages on the same topic.

Which brings me to my proposed solution. It would take a company with a giant pre-existing web presence to pull it off (not quite on the level of Google, but at least an eHow or a Food.com). But it would take almost no maintenance on the part of the company themselves, once the process was put in place.

To incentivize people to create instructions that actually work, a given how-to guide would go through three phases:

1. After the directions are written, genuine newbies (recruited from the web site's usual visitors -- people who just want to learn something new in an area where they have no prior expertise) attempt to follow the directions and tell the author about any problems they ran into, or steps in the directions that seemed ambiguous. If the author thinks some reader is just being an overly nit-picky moron, they're free to ignore their questions and suggestions, but they would do so at the risk of their directions faring poorly in the next phase.

2. Once the initial wave of corrections and clarifications is finished, the directions are put into a pool marked "Ready to be rated!", where they are rated by the next group of genuine newbies who attempt to follow them. Each reader rates the directions simply: If they followed the directions and got the result they expected, then thumbs up, otherwise, thumbs down. If multiple readers spot a mistake or an omission that somehow got missed in the first phase, then the author can make the necessary changes and start the second phase over. (To prevent the author of the directions from "gaming the system" at this stage, the volunteer newbies should be selected at random from a large pool of people who sign up saying "I'm game for learning how to do anything new." If you let people self-select to go to the directions and rate them, then this enables the author to stack the deck by having all of their friends go to the page and give their directions a high rating.)

3. Finally, once the directions have reached some acceptably high percentage of positive ratings, they get released into the general pool of directions/how-tos/recipes of which the site can promise, "80% of newbies were able to follow these directions successfully." If the system works -- and if the volunteer readers in step #2 are representative of the skill level of the site's general readership -- it should be expected that most readers should be able to follow the directions and get good results at that point.

Almost all of the "how-to" directions that I've read, on any topic, could have benefited from being put through the wringer as described by the steps above. It's not merely that I think this algorithm would produce good directions; it's that my definition of good directions is precisely those directions that would pass the test in step #2.

As for what incentivizes the authors to produce directions that make it through this process, perhaps the hosting site could split the ad revenue with them from the pages containing the author's directions. Perhaps the hosting site could just reward them with a link from the article to the author's professional home page. Or maybe people would happily submit the instructions for free if it went towards a non-profit repository of helpful information, a la Wikipedia. (The huge difference from Wikipedia though, is that if you're an expert on George Washington, it's easy to write a good article about George Washington; but if you're an expert on cooking, that makes it hard to write a set of cooking directions that would fill in all the blanks needed by a beginner. Hence the multi-step vetting process above.)

It's tempting to think this is process would be "overkill" for a simple recipe, but that fails to consider the magnitude of the time savings when multiplied across the hundreds or thousands of people who will read the information over the course of its lifetime on the web. If the author spends an extra 10 minutes on the instructions to clarify things in such a way that saves just 1 minute of reading time for the average reader, when that 1 minute of time savings is multiplied by hundreds of readers, it's clearly an overall time-saver. (What disgusts me about the jalapeno popper recipes is that the authors could have saved me a whole day of painful burning on my fingers, if they had just taken 10 seconds to include the step about putting on gloves -- that would have been an overall time-saver even if only one person had read the recipe.)

So Morozov was right that we don't need laser-guided kitchens guiding us through the algorithm of carving a fish, but we should consider that an entirely different kind of algorithm could change everything for a beginning cook, or a person trying to learn any other skill from scratch. The Star Trek kitchen in To Save Everything, Click Here makes for an easy target for Morozov's argument, but that kitchen technology is hardly making enough inroads to threaten cooking as we know it -- I'll bet you'd never heard of it until this article. Bad directions, on the other hand, are so ubiquitous that we've accepted them as a part of our way of life, and we've all but forgotten to think how they could be made better. Like Robert Kennedy, I see people looking at their capsaicin-burned hands and their inedible jalapeno poppers with the ribs still attached and asking, "Why?", and I imagine eHow.com lining up newbies to critique their recipes until each recipe achieves a high rating from beginners based on the actual results that they got, and ask, "Why not?"

You can purchase To Save Everything, Click Here from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael Ross writes "Upon hearing the name "Enyo," one may wonder if the speaker is referring to the Greek war goddess, or if it is the name of some Celtic New Age music with a Latin twist. In the world of front-end software development, Enyo is a cross-platform open-source JavaScript framework that can be used to build HTML5 web applications for the desktop and for mobile devices, including those powered by iOS and Android. The project website bills it as "an object-oriented JavaScript application framework emphasizing modularity and encapsulation." Any programmer interested in learning Enyo — or at least exploring what it is capable of — can consult the online documentation and the forums, but a more time-efficient approach might be to read a book focusing on the topic, such as Enyo: Up and Running, written by Roy Sutton, a contributor to the project." Read below for the rest of Michael's review. Enyo: Up and Running author Roy Sutton pages 74 pages publisher O'Reilly Media rating 6/10 reviewer Michael J. Ross ISBN 978-1449343125 summary A brief introduction to a mobile-inspired JavaScript framework. The book was published by O'Reilly Media on 6 February 2013, under the ISBN 978-1449343125. (My thanks to O'Reilly for providing a review copy.) On the publisher's page, visitors can find limited information about the book and its author, some reader reviews, links to purchase the electronic and print versions, and a page for errata (of which there are none, as of this writing). At 74 pages in length, this title comprises seven chapters, plus an appendix explaining how to set up a local development environment for working with Enyo, with a few options to choose from. Thus, the appendix is where most readers should and likely will start. In the preface, the author notes that the book assumes "some familiarity with HTML, CSS, or JavaScript"; that "or" should be an "and," since all three technologies are foundational to Enyo.

The first chapter introduces Enyo by examining a fairly simple web app — one that displays a traffic light on the web page. Naturally, in a black-and-white book such as this, the red/yellow/green colors are all in grayscale. Much more importantly, of the seven jsFiddle-hosted code examples provided in the chapter, the first five do not work (as of this writing), apparently because in each case there exists in the code some sort of control character, displayed as a red dot. (In the third example, the dot character is in the JavaScript and not the HTML.) Readers should delete that character and click the "Run" button, to see the intended results. The last two examples work only because the dot character comes after the closing </script> tag. It is baffling how these flaws could have gone undetected by the production staff and technical reviewers.

The material seems to raise as many questions as it answers. Assuming that the code printed in the book works (no downloadable code archive is offered), readers will probably be left pondering questions such as: Is create: function() some sort of constructor? Why isn't a new color passed through the call this.colorChanged()? Why is oldValue apparently not used? Where is setColor() defined? While it is a good idea to entice the reader to try a new technology by showing its capabilities, if that reader is expected to understand the example code presented, then it should be fully explained; otherwise, it should not be presented. As an alternative, the author could have limited the discussion to what functionality Enyo provides to the programmer, without listing source code in print or on jsFiddle. This would have provided the reader with greater motivation to invest the time and effort in learning what can be a challenging subject.

As a result of these early problems, this first chapter does not get the book off to a promising start. The second chapter, "Core Concepts," is perhaps the one that should have begun the book, because it describes many of the core ideas critical to Enyo: kinds, encapsulation, published properties, events, signals, inheritance, constructors, and statics. However, the pace is too fast for beginners, and more examples are needed to explain the concepts, step-by-step. By the bottom of page 11, countless readers will likely be bewildered with the terse discussion of getter and setter functions, "changed" functions, construction, and passed values (which are properties or not). Also, readers will again encounter the aforesaid problem of the red dot character breaking the example code on jsFiddle. (Further instances in the book will not be documented here.) The third chapter continues the discussion, focusing on components, menu and form controls, and functions, as well as some components for animation and making web requests. All of the information looks correct. The only puzzling aspect is why break tags are used (on page 22) instead of a CSS display: block; declaration.

User interface is addressed in the next two chapters, the first of which presents layout components commonly needed for Enyo apps — scrollers, repeaters, fittables, lists, and panels. The second one explores CSS styling of an Enyo app, performance considerations of apps on handheld devices, debugging, common mistakes, jsFiddle, internationalization, and localization. With these chapters, the narrative in the book becomes noticeably more comprehensible.

The penultimate chapter — essentially comprising two pages — delineates some options that the Enyo developer has for deploying a newly-built app to any one of the supported platforms. This chapter, like all the earlier ones, ends with a summary that is so brief, and applicable to so few pages, that each one seems pointless. Why do publishers feel obligated to include these useless chapter summaries in almost every technical book? The final chapter is a one-page conclusion, in which the author encourages readers to learn more and become involved in the Enyo community.

This book is more of an introduction, although no reason is provided as to why it was not instead made a more extensive treatment of the subject. Upon completing the book, the average reader will probably conclude that she did not absorb enough knowledge of the Enyo core to begin immediately developing apps using this framework, and the best course of action might be to start over again on page 1, or perhaps seek out a second source, before optionally returning to this one for a second run-through. The material could have been structured so all information is presented sequentially — so the reader does not encounter concepts yet unseen — with more step-by-step explanations.

Rather than presenting the reader with code snippets that have no relation to one another, it would have been much more interesting and motivating if the author had devised and explained code that incrementally builds into a nontrivial app. Furthermore, the example source code should have been made available on the publisher's website, so readers could avoid typing it from the text or extracting it from jsFiddle if they wished to try it in their local development environments.

In terms of typography, the font size of this book is a bit too small, especially for extended reading, and for people with subpar vision. This is even more true for the code snippets, which are in an even smaller font. In many of the lines of prose, the words are too close to one another — a problem exhibited in a few other recent O'Reilly titles. Did the production team feel it necessary to further compress a 74-page book?! In fact, proper names, such as those of components, are oftentimes broken between two lines in the text — sometimes nonsensically, e.g., "FittableR" followed by "owsLayout" (page 32). The book contains several errata: "This is [not] to say" (page viii), "such as [a] local installation" (viii), "url" (27), "we might modify add" (34), "woud" (35), "one [of] the most" (35), and "allow you [to] easily debug" (56). For such a slender volume, the production quality seems to have received less attention than it deserved.

Overall, this offering does not reach O'Reilly's usual high standards. It's a shame, because it seems like such a promising topic — one that could be more thoroughly explored in a larger volume. Perhaps this feedback, and that of other readers, could be folded into a second edition. This is a real possibility, given that the author notes in his conclusion that he considers the book an active project, and intends to keep it up-to-date with the changes to Enyo itself. In the meantime, this is a promising start that can give readers a taste of Enyo's potential for building modern web apps for desktop and mobile platforms.

Michael Ross is a freelance web developer and writer.

You can purchase Enyo: Up and Running from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

parallel_prankster writes "Amazon users are addressing the drone controversy with sarcasm. Maisto International Inc.'s model Predator drones are selling out on Amazon.com Inc.'s website as parody reviews highlight how the toys can help children hone killing skills, mocking a controversial U.S. practice. The toy is a replica of the RQ-1 Predator, an unmanned aircraft that the U.S. Air Force has used in combat over Afghanistan, Pakistan, Serbia, Iraq and Yemen, according to the product description on Amazon. Only one of the $49.99 military-style toy jets is available for purchase on Amazon's site, which is brimming with assessments laced with dark humor. 'You can't spell slaughter without laughter,' one pithy joker wrote."

Many of us have plug-in external batteries of one sort to recharge our smart phones when we're away from power outlets. Or we have gigantic aftermarket batteries that make our phones so fat they barely fit in our pockets. So there is this company, Lilliputian Power Systems, that is just starting to market a tiny, butane-powered fuel cell they call the Nectar that plugs into your cell phone (or whatever) through a USB port and supposedly charges it for up to two weeks. That's a lot better than an add-on battery. It looks expensive, although the power "pods" aren't too pricey at $19.99 for two. But wait a minute: Why aren't fuel cells, not internal combustion engines, the "range extenders" in plug-in hybrid cars? A decade back, fuel cells were going to revolutionize our power delivery and consumption systems. A cell phone charger is cute, but is that really all we can get fuel cells to do?

Nerval's Lobster writes "Gavin Newsom, former mayor of San Francisco and current lieutenant governor of California, argues in his new book Citizenville that citizens need to take the lead in solving society's problems, sidestepping government bureaucracy with a variety of technological tools. It's more efficient for those engineers and concerned citizens to take open government data and use it to build apps that serve a civic function—such as Google Earth, or a map that displays crime statistics—than for government to try and provide these tools itself. But Newsom doesn't limit his attacks on government bureaucracy to politicians; he also reserves some fire for the IT departments, which he views as an outdated relic. 'The traditional IT department, which set up and maintained complex, centralized services—networks, servers, computers, e-mail, printers—may be on its way out,' he writes. 'As we move toward the cloud and technology gets easier to use, we'll have less need for full-time teams of people to maintain our stuff.' Despite his advocacy of the cloud and collaboration, he's also ambivalent about Wikileaks. 'It has made government and diplomacy much more challenging and ultimately less honest,' he writes at one point, 'as people fear that their private communications might become public.' Nonetheless, he thinks WikiLeaks and its ilk are ultimately here to stay: 'It is happening, and it's going to keep happening, and it's going to intensify.' In the end, he feels the benefits of collaboration and openness outweigh the drawbacks." Keep reading for the rest of Nick's review. Citizenville: How to Take the Town Square Digital and Reinvent Government author Gavin Newsom, Lisa Dickey pages 272 publisher Penguin Press HC rating 7/10 reviewer Nick Kolakowski ISBN 1594204721 summary A rallying cry for revolutionizing democracy in the digital age Gavin Newsom has enjoyed quite a career in government: after serving two terms as mayor of San Francisco, he became lieutenant governor of California. Maintaining the status quo of our current political system, one could argue, is in his best interest. Yet in his new book Citizenville (co-written with Lisa Dickey, who’s collaborated with a number of famous people on their books), Newsom argues that government should take a backseat to citizens solving society’s problems via collaboration and technology.

“We have to disenthrall ourselves, as Abraham Lincoln used to say, of the notion that politicians and government institutions will solve our problems,” he writes at one point. “The reality is, we have to be prepared to solve our own problems.” The government structure that facilitates such troubleshooting, he adds, “makes use of social media, networks, peer-to-peer engagement, and other technological tools.” In other words, government should open up its vast datasets so that armies of developers and engineers can transform that data into software we can all use.

According the book’s thesis, it’s more efficient for those engineers and concerned citizens to take open government data and use it to build apps that serve a civic function—such as Google Earth, or a map that displays crime statistics—than for government to try and provide these tools itself. It’s easier for citizens to engage with their representatives via Twitter and online chat rooms than gather in a physical room, where voices can be shouted down. He acknowledges that collaboration and technology has its limits: there will always be a need for elected leaders to help manage things, and nobody wants every bit of private data open to widespread scrutiny (to his credit, Newsom acknowledges his own issues with making his official schedule and meetings public).

It’s even possible, he suggests, to make civic involvement look more like “Farmville” or an online game—the “Citizenville” of the title. While he positions this idea as more of a metaphor than something that should be pushed into a reality, he repeatedly suggests that a “mashup of gaming and civic engagement,” powered by “real physical rewards,” could get people to interact more fully with their communities.

But there’s also a significant threat to this vision of supreme interconnectedness: government bureaucracy, which moves slowly and hates releasing anything—such as statistical data—that might cause politicians embarrassment.

“Our government is clogged with a dense layer of bureaucracy, a holdover from an earlier era that adds bloat and expense,” Newsom writes. “But technology can get rid of that clay layer by making it possible for people to bypass the usual bureaucratic morass.” Social networks have made interaction with government a two-way street, forcing politicians to listen to constituent concerns well before the next Election Day.

Newsom doesn’t limit his attacks on government bureaucracy to politicians; he also reserves some fire for the IT departments, which he views as an outdated relic. “The traditional IT department, which set up and maintained complex, centralized services—networks, servers, computers, e-mail, printers—may be on its way out,” he writes. “When the computer revolution began, IT departments were truly needed, as people had no idea how to set up and use the new technologies infiltrating their work space.”

Things these days are different, he argues: “As we move toward the cloud and technology gets easier to use, we’ll have less need for full-time teams of people to maintain our stuff.”

Newsom was mayor, of course, when city network engineer Terry Childs locked down San Francisco’s FiberWAN fiber-optic network and refused to give up the password. Freezing the network also stopped government emails and payroll. After days of outside contractors trying—and failing—to break into the system, Newsom finally had to march into Childs’ jail cell and practically beg him to surrender the 28-digit code. Whether that experience slanted Newsom against IT departments in general is hard to tell, but it’s clear from the book that he’s embraced cloud services as the way of the future.

That being said, Newsom does believe that online collaboration and sharing have their limits as forces for good. He’s not the biggest fan of WikiLeaks. “It has made government and diplomacy much more challenging and ultimately less honest,” he writes at one point, “as people fear that their private communications might become public.” Nonetheless, he thinks WikiLeaks and its ilk are ultimately here to stay: “It is happening, and it’s going to keep happening, and it’s going to intensify.” Privacy isn’t dead, but it’s definitely on life support.

Newsom also isn’t a starry-eyed ingénue: he knows that bureaucracy is firmly baked into how we do things, and he knows that all these shiny technological tools won’t necessarily make government more efficient overnight. However, he’s also relentlessly optimistic in technology’s ability to bring about change—even if that change proves detrimental to our current system.

You can purchase Citizenville: How to Take the Town Square Digital and Reinvent Government from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

First time accepted submitter NewtonBoxers writes "Considering the amount of time most of us spend at work, it's surprising how few novels are set in the workplace and base their plot on the goings-on there. Perhaps, having spent a long day slaving in the corporate salt mines, many of us would rather forget about such humdrum matters and take refuge in books that offer us more excitement. Others, though, seem to enjoy the humor that can derive from the very things that drive us mad – management incompetence, byzantine procedures, pointless meetings... in short the stuff of everyday office life. We read Dilbert, we watch The Office, and we could do a lot worse than read Augustus Gump's very funny second novel, The Rise and Fall of T. John Dick. " Read on for the rest of NewtonBoxers's review. The Rise and Fall of T. John Dick author Augustus Gump pages 282 publisher Mainland Press rating 9 reviewer NewtonBoxers ISBN 978-0970874689 summary An enjoyable piece of workplace humor This book is a sequel to The Management Secrets of T. John Dick, which was published a few years ago. Like the first book, The Rise and Fall of T. John Dick is written in the voice of a bumbling, self-important marketing executive at SuperPumps, a manufacturing company in North Carolina. The company makes pumps of some kind, but this is not really important, least of all to TJ, who doesn't like to let too much knowledge of what his company actually makes interfere with his ability to focus on the big picture.

Also like the first book, much of the humor comes from the contrast between TJ's view of himself and the truth apparent to his colleagues and to the reader. In this, he might be compared to Charles Pooter in George Grossmith's Diary of a Nobody. TJ sees himself as a man of vision, able to "think outside the box" and "see the big picture." None of the sticky situations in which his actions land the company are ever his fault, and if his greatness fails to shine, that is surely due to the incompetence of those who surround him. He also sees himself as the natural successor to Rich, the company President, who, he is convinced, sees him not just as an employee, but as a personal friend and the one man in the company he can rely on.

The story starts at a trade show in Las Vegas, where someone plays a prank on TJ as he takes a nap at his company's booth after a long night involving powerful cocktails and strange women with even stranger predictions for his future – the first of several references to Macbeth. I don't want to spoil the fun, so suffice it to say that the prank turns out to work in TJ's favor and also to benefit the company to the tune of a large order from a Japanese customer. On the back of this, TJ is propelled to the position of acting president of SuperPumps, while Rich is in a coma, thanks to an accident for which TJ is, of course, in no way to blame.

TJ's efforts to display his leadership qualities run up against colleagues who refuse to take him seriously. This is especially true of Ronnie, VP of Finance, nicknamed the Ostrich, who takes particular pleasure in entangling him in his own complicated procedures. This leads to some very funny scenes, as he tries to maintain order in chaotic meetings and stamp his authority on his new subordinates. He pours money into a ridiculous promotional campaign for a revolutionary single-nozzle pump, which turns out to have two nozzles. On being informed by the Ostrich that he himself has gained an unwelcome nickname, he responds by drawing up an official company nickname policy. Meanwhile his home life is complicated by his wife's refusal to go along with his marriage mission statement and the unexpected discovery of an exotic dancer in his hot tub. Back at the plant, TJ stumbles upon a piece of skullduggery which threatens the future of the company. He is rapidly discovering that being the boss is not quite what he expected.

The focus of the story may be the humor derived from TJ's character, but the plot includes several twists and turns, with the pace really picking up in the last third of the book. In the end, TJ finds he has to rely on the very people he has dismissed as obstacles to his greatness in order to save the day. It briefly seems that he has learned a lesson from this, but the book's closing conversation with the Ostrich, to whom he owes more than anyone, suggests otherwise. This actually comes as a relief to the Ostrich, who is fond of TJ the way he is, a fondness shared by the other characters, Grace, his outrageously unfaithful but affectionate wife and Greg, the male burlesque dancer who follows Grace from Las Vegas and is welcomed into the house by TJ, who is convinced he is gay.

As an IT manager, I frequently run up against people who display at least some of the characteristics of T. John Dick. They are infuriating, of course, but, since shooting them would be against company policy, I find it a lot better for my blood pressure to follow the example of the Ostrich and focus on their funny side. "The Rise and Fall of T. John Dick" will draw laughter and groans of recognition in equal measure, but the strange thing is that, like the Ostrich, you will end up sympathizing with the main character. At the end of the book, the Ostrich, amused by the apparent parallels between TJ and Macbeth, brings up the "fatal flaw" of Shakespearian tragic heroes and asks TJ what he thinks his flaw might be. TJ's response is typical:

I thought for a long moment, but it was no good. "I can't think of one," I replied at last.

T. John Dick is no tragic hero. He is however, a great comic creation. I recommend this book for anyone with experience of working in a corporate environment or who enjoys workplace humor.

You can purchase The Rise and Fall of T. John Dick from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael Ross writes "Web designers, graphics artists, and others who create and edit digital images, have a number of commercial image-manipulation packages from which they can choose — such as Adobe Photoshop and Adobe Fireworks (originally developed by Macromedia). Yet there are also many alternatives in the open-source world, the most well-known being GNU Image Manipulation Program. GIMP is available for all major operating systems, and supports all commonly-used image formats. This powerful application is loaded with features, including plug-ins and scripting. Yet detractors criticize it as being complicated (as if Photoshop is intuitively obvious). Admittedly, anyone hoping to learn it could benefit from a comprehensive guide, such as The Book of GIMP." Keep reading for the rest of Michael's review. The Book of GIMP: A Complete Guide to Nearly Everything author Olivier Lecarme and Karine Delvare pages 676 pages publisher No Starch Press rating 9/10 reviewer Michael J. Ross ISBN 978-1593273835 summary A comprehensive tutorial and reference to GIMP 2.8. Authored by Olivier Lecarme and Karine Delvare, The Book of GIMP: A Complete Guide to Nearly Everything was published by No Starch Press on 22 January 2013, with the ISBN 978-1593273835. The publisher's page offers minimal information on the book and its authors, as well as a skimpy table of contents, and a free sample chapter (the fifth one, on composite photography). Lecarme has a companion website where visitors will find additional resources, including bonus filters, a forum (albeit almost empty), and a selection of the example images used in the book.

This title's 676 pages are organized into 22 chapters and six appendices. The first eight chapters compose "Part I — Learning GIMP"; the remaining chapters compose "Part II — Reference"; and the appendices compose the third part. In a brief but pleasant introduction, the authors encourage readers to follow along by installing GIMP on a local machine. Installation instructions can be found in Appendix E (which arguably should be the first appendix, to get readers started with a local installation). The book is based upon the most recent stable version of GIMP, namely 2.8, which reportedly introduced significant improvements over earlier versions.

As one might expect, the first chapter introduces the basics of the GIMP user interface, explaining how to find and open images, use the menu system in the main image dock, and perform basic editing operations, such as resizing and cropping. It also presents some essential concepts in GIMP — filters, layers, and drawing tools — and then discusses the use of a tablet in conjunction with GIMP. The next six chapters each focus on a major category of image work: photo retouching, drawing and illustration, logos and textures, composite photography, animation, and image preprocessing. The last chapter in the group covers utilizing GIMP for crafting the visual design of a website. The only problem I found in the narrative is the inconsistency in terminology, primarily the references to something as a "dock" on some occasions, and other times as a "window"; also, the "multi-dialog window" (page 4) is later called the "multi-docks window" (page 18). Nonetheless, the prose is straightforward and concise; there is a lot of information contained in each section. Consequently, anyone reading these tutorial chapters should take them at a modest pace, and frequently compare the authors' narrative and one's understanding of it with the screenshots and/or one's own results if following along (a practice I strongly recommend for this particular book, so one will better internalize the broad ideas as well as the details).

Each chapter concludes with a set of exercises, whose questions tend to be much more open-ended and difficult than those normally found in technical books. In fact, readers may be frustrated how some of the exercises challenge one to perform task completely unmentioned in the corresponding chapter. For instance, the very first one in the book, Exercise 1.1 (page 24), asks the reader to build a new dock with dialogs, even though at no point in the chapter was the reader told how to do anything remotely like this. Appendix B contains tips for a minority of the exercises.

The bulk of the book, "Part II — Reference," offers almost 400 pages of details on every aspect of GIMP: the user interface, its displays, layers, colors, selections, masks, drawing tools, transformation tools, filters, animation tools, scanning and printing images, image formats, scripts and plug-ins, and other methods of customizing the application — with each chapter starting with the basics. All of the information is terrific, but the thoughtful reader may wonder why the book begins with advanced topics — such as photo retouching, composite photography, animation, and website design — and later presents the detailed explanations of all the aforementioned aspects of using GIMP. It seems to me that it would have been better to present the Part II chapters first, and then present the advanced topics currently in Part I, except for what is now Chapter 1 ("Getting Started"), which would still be a fine way to begin the explication.

The third and final part contains half a dozen appendices, the first of which is a fascinating exploration of the science of human vision and the three main models of digital color representation. As noted earlier, the second appendix contains tips and hints for some of the chapter exercises. The third appendix is brief, but contains a wealth of online resources for anyone who would like to learn more about GIMP and its community. The next appendix contains a list of frequently asked questions and their answers, and is well worth reading. The fifth chapter explains how to install GIMP on computers running GNU/Linux, Unix, various Linux distros, Windows, and Mac OS X. The final appendix addresses batch processing of images, including the use of ImageMagick.

The production quality of this book is excellent (judging by the print copy kindly provided to me by No Starch Press for review). It was a smart choice on the part of the authors to request full-color images on every page, and the publisher's decision to do so, given the book's visual subject — even though it resulted in a heavier product (3.4 pounds).

Naturally, as a book discussing an image editor, this one makes extensive use of example photos and other images, which are extremely helpful to the reader. Only a few problems were evident; for instance, Figures 1.24 and 1.25 are so small that the cropping pointers are almost invisible. In some cases the descriptions or screenshots do not match what I saw when following along; for instance, on page 3, the author states that the three startup windows (Toolbox, Image, and multi-dialog) by default occupy the full width of the screen, which contradicts the screenshot in Figure 1.1, which shows the Image window at partial width.

The writing is generally clear and easy to follow, even though some of the phrasing is odd (e.g., "source text" to mean "source code"), perhaps because both authors are French. That could also account for the errata — for instance, "on [the] left" (page 15) and "its there" (page 22) — of which there were remarkably few for a book of this length.

If any reader is looking for a free and full-featured image-editing program, then by all means consider GIMP, as well as this outstanding tutorial and reference book.

Michael J. Ross is a freelance web developer and writer.

You can purchase The Book of GIMP: A Complete Guide to Nearly Everything from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

benrothke writes "In its first week, Going Clear: Scientology, Hollywood, and the Prison of Belief was #3 on the New York Times Best Sellers list and will likely be #1 soon. The fact that the book is in print is somewhat miraculous given the voracious appetite Scientology has for litigation. It is the first time that such an expose could have been written and found such wide-scale reading. An interesting analysis of this fact is found in Why the Media Is No Longer Afraid of Scientology by Kim Masters. But as mesmerizing an expose as the book is, I doubt that this will be more than a speed bump to Scientology's growth and fund raising." Keep reading to be clear about what Ben has to say. Going Clear: Scientology, Hollywood, and the Prison of Belief author Lawrence Wright pages 448 publisher Knopf rating 10/10 reviewer Ben Rothke ISBN 978-0307700667 summary Compelling and engrossing book, thoroughly researched and extensively fact checked Scientology has long called anyone who has written against them as having a vendetta. It calls former adherents heretics with a vendetta. But after such hyperbole, it is illogical and questionable that Pulitzer Prize winning author Lawrence Wright would risk a distinguished career to write an expose simply based on those with a vendetta. But to cover all bases, including those of litigation, the books nearly 50 pages of notes puts Wright and his publisher in a strongly defensible position in case the church decided to litigate.

Wright is aware of the dangers of writing against the church, as he details the story of Paulette Cooper. Cooper, whose 1971 book The Scandal of Scientology, was sued nearly 20 times by the church and harassed for years due to its contents. The book details that an FBI raid a few years later found a Scientology file about Operation Freakout, which had the purpose of getting Cooper in a mental institution or jail.

The book places Church President David Miscavige is a negative light (over 20 people in the book accuse him of abuse, including being kicked, punched, slapped, choked and more). Karin Pouw, a Scientology spokeswoman states that details about Miscavige are false and defamatory.

The church created a web site for what it believes are errors in the book. While Wright is short on drama, the web site hyperbolically states that the book is "so ludicrous it belongs in a supermarket tabloid". The web site states that British publishers have chosen not to print it "which speaks volumes about their confidence in its factual accuracy". The truth is that British libel laws are so onerous and archaic, that publishers are reticent to publish such a work. While it might not be published in the UK, it is easily available via the Amazon UK web site.

In Going Clear, Wright has created a fair and balanced overview (if such a thing is actually possible) about Scientology. The book has interview material and facts from over 200 current and former members of the Church of Scientology, and takes a historical look of its history, and that of its founder L. Ron Hubbard and successor, current President David Miscavige.

In the introduction, Wright notes that he was drawn to write the book by the questions that many people have about Scientology; such as: what is it that make the religion so alluring? What do its adherents get out of it? Why do popular personalities associate themselves with a faith that is likely to create a kind of public relations martyrdom? He notes that these questions are not unique to Scientology, but that they certainly underscore its story.

As 372 pages covering 3 parts and 11 chapters, Wright is a mesmerizing author that creates a non-fiction spellbinding page-turner. The 4 main characters of the book are Hubbard, Miscavige and actors Tom Cruise and John Travolta.

In chapter 2, the book details the many discrepancies between the legend of L. Ron Hubbard and fact. While Scientologist's may think that Wright has a vengeance against the group, he writes that it is a fact that Hubbard was genuinely a fascinating man. He writes that Hubbard was an explorer, best-selling author and the founder of a worldwide religious movement. At the same time, Wright's research found that the truth is counter to some of the postulated facts about Hubbard's naval career, his miraculous recovery from wartime injuries and overall naval accomplishments.

As to the manipulation of facts, in the final pages of the book, Wrights notes some of Hubbard's medical records do not corroborate his version of the actual events. Some of the naval medals that Hubbard supposedly won were not created until after Hubbard left active service. The supposed Purple Heart medal for being wounded while serving on duty that Hubbard claimed to receive was also different from the Purple Heart medals given out at the time.

In Dianetics: The Modern Science of Mental Health, Hubbard specifically names psychotherapy as being dangerous and impractical. Hubbard felt that other methods of mental science are based on principles that are opposed to the principles of Scientology, and Hubbard had an anathema of psychiatry and psychology until his dying day.

Wright observes that Dianetics arrived at a moment when the aftershocks of World War 2 were still being felt. And that behind the exhilarations of victory, there was immense trauma for millions of Americans. With Dianetics, Hubbard offered a do-it-yourself manual to that claimed to demystify the secrets of the human mind and produce guaranteed results, for free, and that was bound to attract a large audience.

Wright notes that given Hubbard's biography, it would be easy to dismiss Hubbard as a fraud. But that would fail to explain his total absorption in his project. Hubbard would spend the rest of his life elaborating his theory and obsessively construct the intricate bureaucracy design to spread and enshrine his understanding of human behavior.

Wright notes that for all of Hubbard's enormous wealth, he spent much of his time in his ship cabin alone, auditing himself with an E-Meter (the electronic device used Scientology auditing sessions) and developing his spiritual technology. Wright rhetorically notes that while Hubbard may have been grandiose and delusional, if Hubbard was a fraud and a con, why would he bother creating such a system?

As objective as Wright is, he takes no quarter when he details Scientology's approach to children. Hubbard viewed children as adults in small bodies. While they were physically small, Hubbard felt that they were responsible for their own behavior. Young children would be sentenced to virtual prisons for weeks, for minor infractions such as messing up an incoming telex.

In Scientology parlance, such an individual was a suppressive person. One young girl, who was deaf and mute was placed in a locker for a week because Hubbard thought it might cure her deafness.

A large part of the book deals with celebrities and how Scientology sees celebrities as a boon to the church. Wrights notes that Scientology orients itself toward celebrities and by doing so, the church awards famousness a spiritual value. People who seek fame in the entertainment industry will gravitate to Hollywood, where the Scientology Celebrity Center is waiting for them, validating their ambitions and promising a recruits a way in. The church has long pursued a marketing strategy that relies on celebrity endorsements to promote the religion.

Some celebrities prominent in the book are Paul Haggis, Travolta, Nancy Cartwright (famous for being the voice of Bart Simpson) and Tom Cruise. Haggis is an ex-Scientologist, recently leaving the church after nearly 40 years, who is interviewed in the book.

Wright is highly critical of Cruise, who he notes that probably no member of the church derives as much material benefit as Cruise does. Cruise then consequently bears a moral responsibility for the myriad indignities (which the book points out in great detail) inflicted on members of the Sea Organization (a unit of the Church, encompassing its most dedicated members), sometimes directly because of his membership.

Wright concludes with the notion that Scientology wants to be understood as a scientific approach to spiritual enlightenment, but has no grounding in science at all. Serious academic study of the church has to date been constrained by the church's vindictive and litigious reputation. Researchers and academics are terrified by Scientology and reluctant to direct their research into the church. The book observes that compared with other religions, the published literature on Scientology is improvised and clouded by bogus assertions.

In Going Clear: Scientology, Hollywood, and the Prison of Belief, Wright has composed a bombshell of an expose. This is a compelling and engrossing book, thoroughly researched and extensively fact checked. The book is a perfect read for a long flight as it is riveting and fascinating. Wright has a unique ability to keep the narrative flowing and interesting.

But with all that, it is not a Silent Spring, which 50 years ago helped launch the environmental movement. Had the book come out 20 years ago, it is likely that lawsuits from the church would have prevented its release until today. Yet the passive public has a short memory and Scientology has believers that sign billion year contracts with the church. As salacious as every page of this book is, one is hard-pressed to envision the church of Scientology contracting or being hurt in any way by this book.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Going Clear: Scientology, Hollywood, and the Prison of Belief from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

benrothke writes "In its first week, Going Clear: Scientology, Hollywood, and the Prison of Belief was #3 on the New York Times Best Sellers list and will likely be #1 soon. The fact that the book is in print is somewhat miraculous given the voracious appetite Scientology has for litigation. It is the first time that such an expose could have been written and found such wide-scale reading. An interesting analysis of this fact is found in Why the Media Is No Longer Afraid of Scientology by Kim Masters. But as mesmerizing an expose as the book is, I doubt that this will be more than a speed bump to Scientology's growth and fund raising." Keep reading to be clear about what Ben has to say. Going Clear: Scientology, Hollywood, and the Prison of Belief author Lawrence Wright pages 448 publisher Knopf rating 10/10 reviewer Ben Rothke ISBN 978-0307700667 summary Compelling and engrossing book, thoroughly researched and extensively fact checked Scientology has long called anyone who has written against them as having a vendetta. It calls former adherents heretics with a vendetta. But after such hyperbole, it is illogical and questionable that Pulitzer Prize winning author Lawrence Wright would risk a distinguished career to write an expose simply based on those with a vendetta. But to cover all bases, including those of litigation, the books nearly 50 pages of notes puts Wright and his publisher in a strongly defensible position in case the church decided to litigate.

Wright is aware of the dangers of writing against the church, as he details the story of Paulette Cooper. Cooper, whose 1971 book The Scandal of Scientology, was sued nearly 20 times by the church and harassed for years due to its contents. The book details that an FBI raid a few years later found a Scientology file about Operation Freakout, which had the purpose of getting Cooper in a mental institution or jail.

The book places Church President David Miscavige is a negative light (over 20 people in the book accuse him of abuse, including being kicked, punched, slapped, choked and more). Karin Pouw, a Scientology spokeswoman states that details about Miscavige are false and defamatory.

The church created a web site for what it believes are errors in the book. While Wright is short on drama, the web site hyperbolically states that the book is "so ludicrous it belongs in a supermarket tabloid". The web site states that British publishers have chosen not to print it "which speaks volumes about their confidence in its factual accuracy". The truth is that British libel laws are so onerous and archaic, that publishers are reticent to publish such a work. While it might not be published in the UK, it is easily available via the Amazon UK web site.

In Going Clear, Wright has created a fair and balanced overview (if such a thing is actually possible) about Scientology. The book has interview material and facts from over 200 current and former members of the Church of Scientology, and takes a historical look of its history, and that of its founder L. Ron Hubbard and successor, current President David Miscavige.

In the introduction, Wright notes that he was drawn to write the book by the questions that many people have about Scientology; such as: what is it that make the religion so alluring? What do its adherents get out of it? Why do popular personalities associate themselves with a faith that is likely to create a kind of public relations martyrdom? He notes that these questions are not unique to Scientology, but that they certainly underscore its story.

As 372 pages covering 3 parts and 11 chapters, Wright is a mesmerizing author that creates a non-fiction spellbinding page-turner. The 4 main characters of the book are Hubbard, Miscavige and actors Tom Cruise and John Travolta.

In chapter 2, the book details the many discrepancies between the legend of L. Ron Hubbard and fact. While Scientologist's may think that Wright has a vengeance against the group, he writes that it is a fact that Hubbard was genuinely a fascinating man. He writes that Hubbard was an explorer, best-selling author and the founder of a worldwide religious movement. At the same time, Wright's research found that the truth is counter to some of the postulated facts about Hubbard's naval career, his miraculous recovery from wartime injuries and overall naval accomplishments.

As to the manipulation of facts, in the final pages of the book, Wrights notes some of Hubbard's medical records do not corroborate his version of the actual events. Some of the naval medals that Hubbard supposedly won were not created until after Hubbard left active service. The supposed Purple Heart medal for being wounded while serving on duty that Hubbard claimed to receive was also different from the Purple Heart medals given out at the time.

In Dianetics: The Modern Science of Mental Health, Hubbard specifically names psychotherapy as being dangerous and impractical. Hubbard felt that other methods of mental science are based on principles that are opposed to the principles of Scientology, and Hubbard had an anathema of psychiatry and psychology until his dying day.

Wright observes that Dianetics arrived at a moment when the aftershocks of World War 2 were still being felt. And that behind the exhilarations of victory, there was immense trauma for millions of Americans. With Dianetics, Hubbard offered a do-it-yourself manual to that claimed to demystify the secrets of the human mind and produce guaranteed results, for free, and that was bound to attract a large audience.

Wright notes that given Hubbard's biography, it would be easy to dismiss Hubbard as a fraud. But that would fail to explain his total absorption in his project. Hubbard would spend the rest of his life elaborating his theory and obsessively construct the intricate bureaucracy design to spread and enshrine his understanding of human behavior.

Wright notes that for all of Hubbard's enormous wealth, he spent much of his time in his ship cabin alone, auditing himself with an E-Meter (the electronic device used Scientology auditing sessions) and developing his spiritual technology. Wright rhetorically notes that while Hubbard may have been grandiose and delusional, if Hubbard was a fraud and a con, why would he bother creating such a system?

As objective as Wright is, he takes no quarter when he details Scientology's approach to children. Hubbard viewed children as adults in small bodies. While they were physically small, Hubbard felt that they were responsible for their own behavior. Young children would be sentenced to virtual prisons for weeks, for minor infractions such as messing up an incoming telex.

In Scientology parlance, such an individual was a suppressive person. One young girl, who was deaf and mute was placed in a locker for a week because Hubbard thought it might cure her deafness.

A large part of the book deals with celebrities and how Scientology sees celebrities as a boon to the church. Wrights notes that Scientology orients itself toward celebrities and by doing so, the church awards famousness a spiritual value. People who seek fame in the entertainment industry will gravitate to Hollywood, where the Scientology Celebrity Center is waiting for them, validating their ambitions and promising a recruits a way in. The church has long pursued a marketing strategy that relies on celebrity endorsements to promote the religion.

Some celebrities prominent in the book are Paul Haggis, Travolta, Nancy Cartwright (famous for being the voice of Bart Simpson) and Tom Cruise. Haggis is an ex-Scientologist, recently leaving the church after nearly 40 years, who is interviewed in the book.

Wright is highly critical of Cruise, who he notes that probably no member of the church derives as much material benefit as Cruise does. Cruise then consequently bears a moral responsibility for the myriad indignities (which the book points out in great detail) inflicted on members of the Sea Organization (a unit of the Church, encompassing its most dedicated members), sometimes directly because of his membership.

Wright concludes with the notion that Scientology wants to be understood as a scientific approach to spiritual enlightenment, but has no grounding in science at all. Serious academic study of the church has to date been constrained by the church's vindictive and litigious reputation. Researchers and academics are terrified by Scientology and reluctant to direct their research into the church. The book observes that compared with other religions, the published literature on Scientology is improvised and clouded by bogus assertions.

In Going Clear: Scientology, Hollywood, and the Prison of Belief, Wright has composed a bombshell of an expose. This is a compelling and engrossing book, thoroughly researched and extensively fact checked. The book is a perfect read for a long flight as it is riveting and fascinating. Wright has a unique ability to keep the narrative flowing and interesting.

But with all that, it is not a Silent Spring, which 50 years ago helped launch the environmental movement. Had the book come out 20 years ago, it is likely that lawsuits from the church would have prevented its release until today. Yet the passive public has a short memory and Scientology has believers that sign billion year contracts with the church. As salacious as every page of this book is, one is hard-pressed to envision the church of Scientology contracting or being hurt in any way by this book.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Going Clear: Scientology, Hollywood, and the Prison of Belief from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Timothy Lord starts this video with these words: "Sensors are a big deal at CES this year. They are small devices that track everything from the location of your pets to how many steps you have taken today." And so he chatted with Phillip Bolliger, founder of Swiss company Koubachi AG, which makes Wi-Fi sensors that help you give your plants the right amount of water and light and to keep them at the right temperature. As of this writing, the prices on their online store are in Euros, not dollars, but the sensors are now available through Amazon with U.S. pricing. Koubachi also has a free app for your iOS device, and a Facebook app for your computer or Android device, that will help you give your plants the right amount of fertilizer and other love even if you don't buy a Koubachi sensor.

Bennett Haselton writes "Here are three hacks that I adopted in the last few weeks, each of which solved a minor problem that I had lived with for so long that I no longer thought of it as a problem — until a solution came along, which was like a small weight off my shoulders. None of these hacks will help impress anyone with your technical prowess; I'm just putting them here because they made my life easier." Read on for the rest of Bennett's thoughts. 1. Fully charged spare batteries for your smartphone

OK, now before everyone starts shouting "DUH!", I can tell you that I was at a conference right before New Year's, and every day from about 11 a.m. onward, I heard people saying that their phones were about to die, that they would either about to drop off the grid or would have to spend the next half-hour shackled to an outlet via their phone charger, etc. I never once heard anyone mentioning swapping in a spare phone battery, and according to my own survey of my friends, none of them have ever tried it either. But that conference was my first trip after ordering two spare batteries for my Stratosphere from Verizon ($10 each), and it was also the first trip where I never had to waste a second thinking about how to stretch out the phone's battery life or how much time I had left. Just swap in the second battery at around 3 PM, and then swap in the third one at around 10 PM, if there was still anything worth staying out for.

You could instead get "extended life" batteries for certain models of phones as well, but they cost much more than the standard batteries, and some users report that they make the phone noticeably heavier and bulkier. There are also portable phone chargers — which charge themselves from wall outlets, and then carry a charge that can be used to re-charge the phone through the micro-USB connection — but of course they're bigger and heavier than spare batteries, and you have to leave the phone connected to it while the phone is recharging. I didn't see the need for either of those products after picking up two regular spare batteries.

The most inconvenient part of the process was recharging the multiple batteries at the end of the day — since I didn't have a standalone battery charger, I could only recharge the batteries by charging them in the phone itself, swapping each one out after it had spent an hour charging (if I stayed awake that long). To that end, it would be convenient if more phone manufacturers would make battery-only chargers, so that at the end of the day you could plug your depleted spare batteries into their own re-charger at the same time that you're using the normal phone charger to charge the battery currently in the phone, then go to sleep and let everything charge up overnight. There standalone chargers for some phone batteries, like the Blackberry, but they're in the minority. (Meanwhile, iPhones do not have user-serviceable batteries at all; when the battery dies and becomes non-rechargeable, you're supposed to take it to an Apple repair center to be replaced.)

It seems odd to me that phone manufacturers spend millions of dollars figuring out how to extend the battery life of their phones, and here's a solution that works for almost everyone who has a zippered pocket for spare batteries (and a phone other than an iPhone). But I didn't think of it for years, nobody else that I've talked to ever thought of it either, phone manufacturers don't steer people toward this option, and most of them don't make standalone chargers that would make the process easier. Well, now you know.

2. Hacked furniture to hold a tablet PC above your bed

For years I'd occasionally watched movies on my laptop in bed, and I always felt bit of a strain on my back or neck while sitting up and leaning against a pillow, but eventually the movie would distract me if it was any good at all. Then a week ago, in an act laden with heavy-handed but unintentional symbolism, I dumped all of the books out of one of my bookshelves to make it easier to watch TV without getting out of bed:

The protruding shelf is attached to the bookcase with a pair of metal clamps, and then weighed down with some heavy books to counterbalance the weight of the tablet. (You want the clamps tight enough that the shelf can't move at all, relative to the bookcase.) The tablet holder, a Zuwit 360 Degree tablet stand, is attached to the end of the shelf using its own built-in clamp, and then bent into a downward arc to hold the tablet.

In case you're wondering why I didn't just clamp the tablet holder to a nightstand next to the bed, the answer is that none of the tablet holders I looked at had a flexible gooseneck that would extend far enough. (Remember, the gooseneck doesn't just have to reach from the edge of the bed to above your head; it has to arch up and then bend downward to hold the tablet from above, all while giving you enough slack to reposition the tablet in the air if you want to.) I assume there's a practical upper limit on how long the manufacturers want the gooseneck to be; if it's too long, then when it's extended sideways it could bend under its own weight plus the weight of whatever it's holding. Hence the shelf extending out over the mattress.

To make this work, you need a gooseneck tablet holder like the Zuwit that specifically has short teeth protruding over the edge of whatever it's holding, to grip it so that it won't fall when the tablet is held upside-down. (I'd originally tried this with a BESTEK tablet holder, but the tablet gripper didn't have teeth coming down in front of the screen, so the tablet would occasionally fall out and land on my head.)

It was a bit of work to put together, but I've never felt rested in a more comfortable position while watching a 2-hour movie. All cheaper than installing a flatscreen in your ceiling, and better, actually, since you can reach up and rotate the tablet whenever you change position.

But as a proof-of-concept only, this is a pretty ugly piece of furniture, and while I'm able to get in and out of bed easily without hitting the protruding shelf, it gets more complicated if you're ever have "company." In my case, there's enough space behind the bookcase that I can tilt it backward, moving the protruding shelf and the tablet holder so that they're no longer over the bed. This solves the problem of how to get it out of the way, but not the fact that it's still a pretty ugly conversation piece. You can un-clamp the protruding shelf from the bookcase and hide it away, but you're still left with a bulky, empty bookcase oddly perched at the end of your bed, and that's too much of a pain to lift and move some place every time you want to assemble the tablet holder or disassemble it when you have company coming over. I want to take another go at it using a shelf attached to a stack of milk cartons — which would be even uglier, but much lighter and easier to disassemble and move out of the way.

Speaking of milk cartons and ideas that make my chiropractor happy:

3. Hacked furniture to hold a tablet in front of an exercise machine

So that's what I did with the BESTEK tablet holder that didn't work for holding the tablet upside-down in bed; it works perfectly well attached to a stack of milk cartons, where the tablet only has to be held sideways. Again, ugly. But again, easy to disassemble and hide if I know company's coming over.

Of course there's a space on the elliptical trainer (underneath the control panel) for holding books, tablets, and other reading/viewing material, but it requires you to crane your neck downward to focus on that space, and I always felt uncomfortable looking in that direction for more than a few minutes while exercising. The obvious idea was to hold up the tablet by attaching the gooseneck tablet holder to the control panel of the elliptical itself, but (a) the body around the control panel is mostly hollow plastic, which has too much "give" for the clamp to attach to it securely; (b) if the tablet is attached to the machine directly, then it jiggles while the machine is moving, making it hard to watch the screen; and (c) the gooseneck still doesn't reach far enough to hold the tablet higher than eye level, which is best for your posture if you're looking at it while exercising.

Hence, the tower of milk cartons. Now when I first went to the local Container Store and was told that a stack of five milk cartons would cost $60, I assumed I was being subjected to the usual downtown Bellevue yuppie price-gouging that also gave us $500 "minimalist" bookshelves available in the same store, but, no, that is actually what non-stolen milk crates actually cost. (They're so easy to walk off with, and useful as "modular furniture," that the International Dairy Foods Association as launched a campaign to get people to stop stealing them.) With a bit of experimenting, you can find the right height for the gooseneck tablet holder, and position the tablet so that it's far enough from your face for comfortable viewing, while still close enough that you can touch the screen. (The stack of books in the topmost crate keeps it from tipping over from the weight of the tablet.)

Of course if you work out on an elliptical at a gym, it's a bit less convenient to carry a stack of milk crates in with you. Maybe a tablet accessories company should come out with a portable, collapsible tripod that rests securely on the ground while extending upward to provide a thick, flat surface about 5 feet above the floor — where a gooseneck tablet holder could be clamped onto the flat surface and then hold the tablet itself in front of the user's face at the right altitude.

Then if you start watching a movie on the tablet while working out and you don't make it all the way through, you can finish the movie on the tablet while it's suspended above your head in bed. Gives you something to do while swapping out the batteries in your phone and waiting for them to recharge.

Bennett Haselton writes "Here are three hacks that I adopted in the last few weeks, each of which solved a minor problem that I had lived with for so long that I no longer thought of it as a problem — until a solution came along, which was like a small weight off my shoulders. None of these hacks will help impress anyone with your technical prowess; I'm just putting them here because they made my life easier." Read on for the rest of Bennett's thoughts. 1. Fully charged spare batteries for your smartphone

OK, now before everyone starts shouting "DUH!", I can tell you that I was at a conference right before New Year's, and every day from about 11 a.m. onward, I heard people saying that their phones were about to die, that they would either about to drop off the grid or would have to spend the next half-hour shackled to an outlet via their phone charger, etc. I never once heard anyone mentioning swapping in a spare phone battery, and according to my own survey of my friends, none of them have ever tried it either. But that conference was my first trip after ordering two spare batteries for my Stratosphere from Verizon ($10 each), and it was also the first trip where I never had to waste a second thinking about how to stretch out the phone's battery life or how much time I had left. Just swap in the second battery at around 3 PM, and then swap in the third one at around 10 PM, if there was still anything worth staying out for.

You could instead get "extended life" batteries for certain models of phones as well, but they cost much more than the standard batteries, and some users report that they make the phone noticeably heavier and bulkier. There are also portable phone chargers — which charge themselves from wall outlets, and then carry a charge that can be used to re-charge the phone through the micro-USB connection — but of course they're bigger and heavier than spare batteries, and you have to leave the phone connected to it while the phone is recharging. I didn't see the need for either of those products after picking up two regular spare batteries.

The most inconvenient part of the process was recharging the multiple batteries at the end of the day — since I didn't have a standalone battery charger, I could only recharge the batteries by charging them in the phone itself, swapping each one out after it had spent an hour charging (if I stayed awake that long). To that end, it would be convenient if more phone manufacturers would make battery-only chargers, so that at the end of the day you could plug your depleted spare batteries into their own re-charger at the same time that you're using the normal phone charger to charge the battery currently in the phone, then go to sleep and let everything charge up overnight. There standalone chargers for some phone batteries, like the Blackberry, but they're in the minority. (Meanwhile, iPhones do not have user-serviceable batteries at all; when the battery dies and becomes non-rechargeable, you're supposed to take it to an Apple repair center to be replaced.)

It seems odd to me that phone manufacturers spend millions of dollars figuring out how to extend the battery life of their phones, and here's a solution that works for almost everyone who has a zippered pocket for spare batteries (and a phone other than an iPhone). But I didn't think of it for years, nobody else that I've talked to ever thought of it either, phone manufacturers don't steer people toward this option, and most of them don't make standalone chargers that would make the process easier. Well, now you know.

2. Hacked furniture to hold a tablet PC above your bed

For years I'd occasionally watched movies on my laptop in bed, and I always felt bit of a strain on my back or neck while sitting up and leaning against a pillow, but eventually the movie would distract me if it was any good at all. Then a week ago, in an act laden with heavy-handed but unintentional symbolism, I dumped all of the books out of one of my bookshelves to make it easier to watch TV without getting out of bed:

The protruding shelf is attached to the bookcase with a pair of metal clamps, and then weighed down with some heavy books to counterbalance the weight of the tablet. (You want the clamps tight enough that the shelf can't move at all, relative to the bookcase.) The tablet holder, a Zuwit 360 Degree tablet stand, is attached to the end of the shelf using its own built-in clamp, and then bent into a downward arc to hold the tablet.

In case you're wondering why I didn't just clamp the tablet holder to a nightstand next to the bed, the answer is that none of the tablet holders I looked at had a flexible gooseneck that would extend far enough. (Remember, the gooseneck doesn't just have to reach from the edge of the bed to above your head; it has to arch up and then bend downward to hold the tablet from above, all while giving you enough slack to reposition the tablet in the air if you want to.) I assume there's a practical upper limit on how long the manufacturers want the gooseneck to be; if it's too long, then when it's extended sideways it could bend under its own weight plus the weight of whatever it's holding. Hence the shelf extending out over the mattress.

To make this work, you need a gooseneck tablet holder like the Zuwit that specifically has short teeth protruding over the edge of whatever it's holding, to grip it so that it won't fall when the tablet is held upside-down. (I'd originally tried this with a BESTEK tablet holder, but the tablet gripper didn't have teeth coming down in front of the screen, so the tablet would occasionally fall out and land on my head.)

It was a bit of work to put together, but I've never felt rested in a more comfortable position while watching a 2-hour movie. All cheaper than installing a flatscreen in your ceiling, and better, actually, since you can reach up and rotate the tablet whenever you change position.

But as a proof-of-concept only, this is a pretty ugly piece of furniture, and while I'm able to get in and out of bed easily without hitting the protruding shelf, it gets more complicated if you're ever have "company." In my case, there's enough space behind the bookcase that I can tilt it backward, moving the protruding shelf and the tablet holder so that they're no longer over the bed. This solves the problem of how to get it out of the way, but not the fact that it's still a pretty ugly conversation piece. You can un-clamp the protruding shelf from the bookcase and hide it away, but you're still left with a bulky, empty bookcase oddly perched at the end of your bed, and that's too much of a pain to lift and move some place every time you want to assemble the tablet holder or disassemble it when you have company coming over. I want to take another go at it using a shelf attached to a stack of milk cartons — which would be even uglier, but much lighter and easier to disassemble and move out of the way.

Speaking of milk cartons and ideas that make my chiropractor happy:

3. Hacked furniture to hold a tablet in front of an exercise machine

So that's what I did with the BESTEK tablet holder that didn't work for holding the tablet upside-down in bed; it works perfectly well attached to a stack of milk cartons, where the tablet only has to be held sideways. Again, ugly. But again, easy to disassemble and hide if I know company's coming over.

Of course there's a space on the elliptical trainer (underneath the control panel) for holding books, tablets, and other reading/viewing material, but it requires you to crane your neck downward to focus on that space, and I always felt uncomfortable looking in that direction for more than a few minutes while exercising. The obvious idea was to hold up the tablet by attaching the gooseneck tablet holder to the control panel of the elliptical itself, but (a) the body around the control panel is mostly hollow plastic, which has too much "give" for the clamp to attach to it securely; (b) if the tablet is attached to the machine directly, then it jiggles while the machine is moving, making it hard to watch the screen; and (c) the gooseneck still doesn't reach far enough to hold the tablet higher than eye level, which is best for your posture if you're looking at it while exercising.

Hence, the tower of milk cartons. Now when I first went to the local Container Store and was told that a stack of five milk cartons would cost $60, I assumed I was being subjected to the usual downtown Bellevue yuppie price-gouging that also gave us $500 "minimalist" bookshelves available in the same store, but, no, that is actually what non-stolen milk crates actually cost. (They're so easy to walk off with, and useful as "modular furniture," that the International Dairy Foods Association as launched a campaign to get people to stop stealing them.) With a bit of experimenting, you can find the right height for the gooseneck tablet holder, and position the tablet so that it's far enough from your face for comfortable viewing, while still close enough that you can touch the screen. (The stack of books in the topmost crate keeps it from tipping over from the weight of the tablet.)

Of course if you work out on an elliptical at a gym, it's a bit less convenient to carry a stack of milk crates in with you. Maybe a tablet accessories company should come out with a portable, collapsible tripod that rests securely on the ground while extending upward to provide a thick, flat surface about 5 feet above the floor — where a gooseneck tablet holder could be clamped onto the flat surface and then hold the tablet itself in front of the user's face at the right altitude.

Then if you start watching a movie on the tablet while working out and you don't make it all the way through, you can finish the movie on the tablet while it's suspended above your head in bed. Gives you something to do while swapping out the batteries in your phone and waiting for them to recharge.

Bennett Haselton writes "Here are three hacks that I adopted in the last few weeks, each of which solved a minor problem that I had lived with for so long that I no longer thought of it as a problem — until a solution came along, which was like a small weight off my shoulders. None of these hacks will help impress anyone with your technical prowess; I'm just putting them here because they made my life easier." Read on for the rest of Bennett's thoughts. 1. Fully charged spare batteries for your smartphone

OK, now before everyone starts shouting "DUH!", I can tell you that I was at a conference right before New Year's, and every day from about 11 a.m. onward, I heard people saying that their phones were about to die, that they would either about to drop off the grid or would have to spend the next half-hour shackled to an outlet via their phone charger, etc. I never once heard anyone mentioning swapping in a spare phone battery, and according to my own survey of my friends, none of them have ever tried it either. But that conference was my first trip after ordering two spare batteries for my Stratosphere from Verizon ($10 each), and it was also the first trip where I never had to waste a second thinking about how to stretch out the phone's battery life or how much time I had left. Just swap in the second battery at around 3 PM, and then swap in the third one at around 10 PM, if there was still anything worth staying out for.

You could instead get "extended life" batteries for certain models of phones as well, but they cost much more than the standard batteries, and some users report that they make the phone noticeably heavier and bulkier. There are also portable phone chargers — which charge themselves from wall outlets, and then carry a charge that can be used to re-charge the phone through the micro-USB connection — but of course they're bigger and heavier than spare batteries, and you have to leave the phone connected to it while the phone is recharging. I didn't see the need for either of those products after picking up two regular spare batteries.

The most inconvenient part of the process was recharging the multiple batteries at the end of the day — since I didn't have a standalone battery charger, I could only recharge the batteries by charging them in the phone itself, swapping each one out after it had spent an hour charging (if I stayed awake that long). To that end, it would be convenient if more phone manufacturers would make battery-only chargers, so that at the end of the day you could plug your depleted spare batteries into their own re-charger at the same time that you're using the normal phone charger to charge the battery currently in the phone, then go to sleep and let everything charge up overnight. There standalone chargers for some phone batteries, like the Blackberry, but they're in the minority. (Meanwhile, iPhones do not have user-serviceable batteries at all; when the battery dies and becomes non-rechargeable, you're supposed to take it to an Apple repair center to be replaced.)

It seems odd to me that phone manufacturers spend millions of dollars figuring out how to extend the battery life of their phones, and here's a solution that works for almost everyone who has a zippered pocket for spare batteries (and a phone other than an iPhone). But I didn't think of it for years, nobody else that I've talked to ever thought of it either, phone manufacturers don't steer people toward this option, and most of them don't make standalone chargers that would make the process easier. Well, now you know.

2. Hacked furniture to hold a tablet PC above your bed

For years I'd occasionally watched movies on my laptop in bed, and I always felt bit of a strain on my back or neck while sitting up and leaning against a pillow, but eventually the movie would distract me if it was any good at all. Then a week ago, in an act laden with heavy-handed but unintentional symbolism, I dumped all of the books out of one of my bookshelves to make it easier to watch TV without getting out of bed:

The protruding shelf is attached to the bookcase with a pair of metal clamps, and then weighed down with some heavy books to counterbalance the weight of the tablet. (You want the clamps tight enough that the shelf can't move at all, relative to the bookcase.) The tablet holder, a Zuwit 360 Degree tablet stand, is attached to the end of the shelf using its own built-in clamp, and then bent into a downward arc to hold the tablet.

In case you're wondering why I didn't just clamp the tablet holder to a nightstand next to the bed, the answer is that none of the tablet holders I looked at had a flexible gooseneck that would extend far enough. (Remember, the gooseneck doesn't just have to reach from the edge of the bed to above your head; it has to arch up and then bend downward to hold the tablet from above, all while giving you enough slack to reposition the tablet in the air if you want to.) I assume there's a practical upper limit on how long the manufacturers want the gooseneck to be; if it's too long, then when it's extended sideways it could bend under its own weight plus the weight of whatever it's holding. Hence the shelf extending out over the mattress.

To make this work, you need a gooseneck tablet holder like the Zuwit that specifically has short teeth protruding over the edge of whatever it's holding, to grip it so that it won't fall when the tablet is held upside-down. (I'd originally tried this with a BESTEK tablet holder, but the tablet gripper didn't have teeth coming down in front of the screen, so the tablet would occasionally fall out and land on my head.)

It was a bit of work to put together, but I've never felt rested in a more comfortable position while watching a 2-hour movie. All cheaper than installing a flatscreen in your ceiling, and better, actually, since you can reach up and rotate the tablet whenever you change position.

But as a proof-of-concept only, this is a pretty ugly piece of furniture, and while I'm able to get in and out of bed easily without hitting the protruding shelf, it gets more complicated if you're ever have "company." In my case, there's enough space behind the bookcase that I can tilt it backward, moving the protruding shelf and the tablet holder so that they're no longer over the bed. This solves the problem of how to get it out of the way, but not the fact that it's still a pretty ugly conversation piece. You can un-clamp the protruding shelf from the bookcase and hide it away, but you're still left with a bulky, empty bookcase oddly perched at the end of your bed, and that's too much of a pain to lift and move some place every time you want to assemble the tablet holder or disassemble it when you have company coming over. I want to take another go at it using a shelf attached to a stack of milk cartons — which would be even uglier, but much lighter and easier to disassemble and move out of the way.

Speaking of milk cartons and ideas that make my chiropractor happy:

3. Hacked furniture to hold a tablet in front of an exercise machine

So that's what I did with the BESTEK tablet holder that didn't work for holding the tablet upside-down in bed; it works perfectly well attached to a stack of milk cartons, where the tablet only has to be held sideways. Again, ugly. But again, easy to disassemble and hide if I know company's coming over.

Of course there's a space on the elliptical trainer (underneath the control panel) for holding books, tablets, and other reading/viewing material, but it requires you to crane your neck downward to focus on that space, and I always felt uncomfortable looking in that direction for more than a few minutes while exercising. The obvious idea was to hold up the tablet by attaching the gooseneck tablet holder to the control panel of the elliptical itself, but (a) the body around the control panel is mostly hollow plastic, which has too much "give" for the clamp to attach to it securely; (b) if the tablet is attached to the machine directly, then it jiggles while the machine is moving, making it hard to watch the screen; and (c) the gooseneck still doesn't reach far enough to hold the tablet higher than eye level, which is best for your posture if you're looking at it while exercising.

Hence, the tower of milk cartons. Now when I first went to the local Container Store and was told that a stack of five milk cartons would cost $60, I assumed I was being subjected to the usual downtown Bellevue yuppie price-gouging that also gave us $500 "minimalist" bookshelves available in the same store, but, no, that is actually what non-stolen milk crates actually cost. (They're so easy to walk off with, and useful as "modular furniture," that the International Dairy Foods Association as launched a campaign to get people to stop stealing them.) With a bit of experimenting, you can find the right height for the gooseneck tablet holder, and position the tablet so that it's far enough from your face for comfortable viewing, while still close enough that you can touch the screen. (The stack of books in the topmost crate keeps it from tipping over from the weight of the tablet.)

Of course if you work out on an elliptical at a gym, it's a bit less convenient to carry a stack of milk crates in with you. Maybe a tablet accessories company should come out with a portable, collapsible tripod that rests securely on the ground while extending upward to provide a thick, flat surface about 5 feet above the floor — where a gooseneck tablet holder could be clamped onto the flat surface and then hold the tablet itself in front of the user's face at the right altitude.

Then if you start watching a movie on the tablet while working out and you don't make it all the way through, you can finish the movie on the tablet while it's suspended above your head in bed. Gives you something to do while swapping out the batteries in your phone and waiting for them to recharge.

benrothke writes "In the 4th edition of A Gift of Fire: Social, Legal, and Ethical Issues for Computing Technology, author Sara Baase takes a broad look at the social, legal and ethical issues around technology and their implications. Baase notes that her primary goal in writing the book is for computer professionals to understand the implications of what they create and how it fits into society. The book is an interesting analysis of a broad set of topics. Combined with Baase's superb writing skills, the book is both an excellent reference and a fascinating read." Read below for the rest of Ben's review. A Gift of Fire: Social, Legal, and Ethical Issues for Computing Technology (4th Edition) author Sara Baase pages 496 publisher Prentice Hall rating 9/10 reviewer Ben Rothke ISBN 978-0132492676 summary Superb reference on social and other issues in computing The books gets it title from the mythical tale of Prometheus, who stole heavenly fire and gave it to the human race, which then used it to empower civilization. Someone commented to the author that perhaps Pandora's Boxmay be a better metaphor to use, as Pandora's Box held all of the ills of mankind.

While Baase wrote the book to be used in her computer science course, the book is not an indigestible academic tome; rather a very topical reference. Its 9 densely packed chapters covering nearly 450 pages provide a comprehensive locus.

While legal themes are pervasive throughout the book, Baase writes that she is a computer scientist and not a lawyer and that appropriate legal counsel should be obtained before drawing any legal conclusions.

Chapter 1 opens with an overview of how change and unexpected developments effect IT projects and information technology. And that is the overall theme of the book, of how new things often have unexpected problems and results. Anyone familiar with the Risks Digestedited by Peter Neumann will be at home with these topics.

The chapter details the notion of a kill switchand details some of the potential uses and risks involved, and how that more often than not, theses kill switches are improperly designed and deployed.

The chapter concludes with the important thought that there are no simple answers (contrary to popular media belief) and that we can't solve ethical problems by simply applying a formula, algorithm or deploying a piece of software. This is due to the complexity of human nature and that ethical theories don't always provide clear and incontrovertible positions on all issues.

The chapter closes, like all of the chapters in the book with a series of review exercises, general exercises, assignments (remember this is a textbook), a list of books and articles for further reading, and an extremely detailed set of endnotes. Each chapter has a long set of endnotes due to Baase's attention to details and excellent research. This assignments and exercises for the class the book is used for can be downloaded here. Baase also has a web site with other supplementary information and resources.

Chapter 2 details various issues around data and personal privacy. An interesting fact detailed is that Maricopa Country in Arizona was one of the first municipalities to put complete public records on the web. Little did county official know that such an action would eventually lead the county to have the highest rate of identity theft in the USA.

The chapter also compares US privacy regulations with that of the European Union (EU). Baase notes that the perception is that US privacy policy is far behind that of the EU. But what many people don't realize is that the US and EU have very different cultures and traditions, which manifest itself in how each regulates privacy.

Baase writes that the EU tends to put more emphasis on regulation and centralization; whereas the US puts more emphasis on contracts, consumer pressure, flexibility and freedom of the market. The US also has higher penalties for abuse of personal information via deceptive and unfair business practices.

Chapter 7 deals with how to evaluate and control technology and is the most insightful chapter in the book. Baase writes of the inherent conflict between a democracy and open Internet, while dealing with the plethora of incorrect, foolish and biased information. She makes note of some totalitarian regimes that prohibit anti-government use of social media. She illustrates cases where these countries (China and Syria are just two of them) that create bogus dissident sites, find out which people are sympathetic to the cause, and then arrests these people.

Baase details and defends against many neo-Luddite views of computers, technology and quality of life. Baase provides numerous anecdotes of environmental and other anti-technology groups that rail against technology, but use computers and the web. She writes of the editor who considers himself a neo-Luddite, a person who sees technology as inherently evil; yet disseminates his views via email, computers and laser printers. Compare this with members of various anti-vaccination movements, who are obvious to the millions of lives saved by vaccinations.

The chapter also details some of the duplicitous views of Kirkpatrick Sale, another neo-Luddite who rages against the computer machine, while simultaneously benefiting significantly from it, and using it.

Baase defends technology in writing that those who are critical of modern technology point out their weaknesses, but often ignore the weakness of the alternatives. An example she gives is the millions of acres once needs to grow feed for horses and the hundreds of tons of horse manure dropped on the streets of cities, as recent as a century ago. Candles, gas lamps and kerosene filled homes with fumes and soot; doesn't that make electricity a valuable commodity?

Baase gives many other examples of the problems and controversial issues surrounding technology. But more importantly, notes, and celebrates the enormous benefits that computer technology and the Internet has brought us.

The only significant negative of the book is its price tag. While it is officially a textbook, it is manifest in its suggested retail price of $102.00. Note though the book is available on Amazon for much cheaper, in addition to used copies which are even less.

Social media, computers and other aspect of technology have brought massive changes to society. Many of these changes are highly beneficial, others not. There are myriad questions that need to be asked, and ideas that need to be understood, and the books covers and answers those in details.

For those looking for an across-the-board superb reference on social and other issues in computing, A Gift of Fire: Social, Legal, and Ethical Issues for Computing Technology is a terrific resource and an invaluable reference guide.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase A Gift of Fire: Social, Legal, and Ethical Issues for Computing Technology (4th Edition) from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

benrothke writes "In the 4th edition of A Gift of Fire: Social, Legal, and Ethical Issues for Computing Technology, author Sara Baase takes a broad look at the social, legal and ethical issues around technology and their implications. Baase notes that her primary goal in writing the book is for computer professionals to understand the implications of what they create and how it fits into society. The book is an interesting analysis of a broad set of topics. Combined with Baase's superb writing skills, the book is both an excellent reference and a fascinating read." Read below for the rest of Ben's review. A Gift of Fire: Social, Legal, and Ethical Issues for Computing Technology (4th Edition) author Sara Baase pages 496 publisher Prentice Hall rating 9/10 reviewer Ben Rothke ISBN 978-0132492676 summary Superb reference on social and other issues in computing The books gets it title from the mythical tale of Prometheus, who stole heavenly fire and gave it to the human race, which then used it to empower civilization. Someone commented to the author that perhaps Pandora's Boxmay be a better metaphor to use, as Pandora's Box held all of the ills of mankind.

While Baase wrote the book to be used in her computer science course, the book is not an indigestible academic tome; rather a very topical reference. Its 9 densely packed chapters covering nearly 450 pages provide a comprehensive locus.

While legal themes are pervasive throughout the book, Baase writes that she is a computer scientist and not a lawyer and that appropriate legal counsel should be obtained before drawing any legal conclusions.

Chapter 1 opens with an overview of how change and unexpected developments effect IT projects and information technology. And that is the overall theme of the book, of how new things often have unexpected problems and results. Anyone familiar with the Risks Digestedited by Peter Neumann will be at home with these topics.

The chapter details the notion of a kill switchand details some of the potential uses and risks involved, and how that more often than not, theses kill switches are improperly designed and deployed.

The chapter concludes with the important thought that there are no simple answers (contrary to popular media belief) and that we can't solve ethical problems by simply applying a formula, algorithm or deploying a piece of software. This is due to the complexity of human nature and that ethical theories don't always provide clear and incontrovertible positions on all issues.

The chapter closes, like all of the chapters in the book with a series of review exercises, general exercises, assignments (remember this is a textbook), a list of books and articles for further reading, and an extremely detailed set of endnotes. Each chapter has a long set of endnotes due to Baase's attention to details and excellent research. This assignments and exercises for the class the book is used for can be downloaded here. Baase also has a web site with other supplementary information and resources.

Chapter 2 details various issues around data and personal privacy. An interesting fact detailed is that Maricopa Country in Arizona was one of the first municipalities to put complete public records on the web. Little did county official know that such an action would eventually lead the county to have the highest rate of identity theft in the USA.

The chapter also compares US privacy regulations with that of the European Union (EU). Baase notes that the perception is that US privacy policy is far behind that of the EU. But what many people don't realize is that the US and EU have very different cultures and traditions, which manifest itself in how each regulates privacy.

Baase writes that the EU tends to put more emphasis on regulation and centralization; whereas the US puts more emphasis on contracts, consumer pressure, flexibility and freedom of the market. The US also has higher penalties for abuse of personal information via deceptive and unfair business practices.

Chapter 7 deals with how to evaluate and control technology and is the most insightful chapter in the book. Baase writes of the inherent conflict between a democracy and open Internet, while dealing with the plethora of incorrect, foolish and biased information. She makes note of some totalitarian regimes that prohibit anti-government use of social media. She illustrates cases where these countries (China and Syria are just two of them) that create bogus dissident sites, find out which people are sympathetic to the cause, and then arrests these people.

Baase details and defends against many neo-Luddite views of computers, technology and quality of life. Baase provides numerous anecdotes of environmental and other anti-technology groups that rail against technology, but use computers and the web. She writes of the editor who considers himself a neo-Luddite, a person who sees technology as inherently evil; yet disseminates his views via email, computers and laser printers. Compare this with members of various anti-vaccination movements, who are obvious to the millions of lives saved by vaccinations.

The chapter also details some of the duplicitous views of Kirkpatrick Sale, another neo-Luddite who rages against the computer machine, while simultaneously benefiting significantly from it, and using it.

Baase defends technology in writing that those who are critical of modern technology point out their weaknesses, but often ignore the weakness of the alternatives. An example she gives is the millions of acres once needs to grow feed for horses and the hundreds of tons of horse manure dropped on the streets of cities, as recent as a century ago. Candles, gas lamps and kerosene filled homes with fumes and soot; doesn't that make electricity a valuable commodity?

Baase gives many other examples of the problems and controversial issues surrounding technology. But more importantly, notes, and celebrates the enormous benefits that computer technology and the Internet has brought us.

The only significant negative of the book is its price tag. While it is officially a textbook, it is manifest in its suggested retail price of $102.00. Note though the book is available on Amazon for much cheaper, in addition to used copies which are even less.

Social media, computers and other aspect of technology have brought massive changes to society. Many of these changes are highly beneficial, others not. There are myriad questions that need to be asked, and ideas that need to be understood, and the books covers and answers those in details.

For those looking for an across-the-board superb reference on social and other issues in computing, A Gift of Fire: Social, Legal, and Ethical Issues for Computing Technology is a terrific resource and an invaluable reference guide.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase A Gift of Fire: Social, Legal, and Ethical Issues for Computing Technology (4th Edition) from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Timothy ran into these NSD people at CES. If we were giving out a "best huckster" award, NSD booth dude Doug Lo would surely be a finalist for it. He's one heck of a talker. The exercise balls he's pushing? A number of companies have been making and selling similar products for many years. They seem to have some medical benefit as physical therapy aids for people with wrist or carpal tunnel problems, and may also be useful exercise devices for people who want to strengthen their hands and fingers. Have you used a gyroscope exercise ball? If so, did it help cure a wrist problem or help strengthen your hands and fingers? And which of these brands (if any) did you try?

MassDosage writes "I first heard about the Scratch programming language a few years ago and the idea of a simple language designed to teach kids to program in a fun, new way has always appealed to me. For those of you who don't know, Scratch was developed by the wonderfully named "Lifelong Kindergarten Group" at the MIT Media Lab. It's a programming language that allows programs to be built by dragging, dropping, configuring and combining various blocks that represent common coding concepts such as if/else statements and while loops. Scratch also provides tools for doing simple animation, playing audio and controlling sprites. The idea behind it is to make programming simple, fun and accessible to first time programmers so they can understand the key concepts without first needing to learn complex syntax which can come later when they move on from Scratch to other languages. It has been very successful and there are literally millions of Scratch programs freely available from the Scratch website and many others." Read below for the rest of Mass Dosage's review. Super Scratch Programming Adventure!: Learn to Program By Making Cool Games author The LEAD Project pages 160 publisher The LEAD Project rating 7/10 reviewer Mass Dosage ISBN 978-1-59327-409-2 summary Learn to Program By Making Cool Games The Super Scratch Programming Adventure book has recently been translated from the Chinese original and is in keeping with the Scratch ethos of bringing programming to a new generation of programmers. It is hard to tell what the age group for this book is as children have such varied technical skills but I would say it's best for relatively computer savvy youngsters who know the basics of computing and are comfortable with a mouse and keyboard and know how to drag, drop, open, save, cut, paste etc. It should be suitable for ages from 8 up to young teenagers but even those a bit older looking to learn programming could find it useful while younger children might also be able to get something out of it if guided by someone older.

The book starts of with a bit of background and points the reader to where they can freely download and install the Scratch application which is used to create Scratch programs. This is available for Windows, Mac and Linux and was a breeze to install on Ubuntu Linux. All programming is done via a GUI to avoid having to deal with typos and syntax errors. The Scratch environment is fairly simple and intuitive and easy to get started with. A downloadable zip file accompanies the book and contains skeleton programs with sound and images that are used for creating applications as well as fully complete programs which can be used for reference if you get stuck creating your own versions. The zip file also contains a "Getting started with Scratch" guide that is a very useful prelude to the book if you've never used Scratch before and covers the main concepts and tools that are used in the book itself. It is important to note that this book is not a manual for Scratch and doesn't provide exhaustive coverage of what Scratch can do or how to use all of its features. Super Scratch Programming Adventure takes a "learn by doing" approach by guiding you through the creation of a few programs and leaves you to figure the rest out yourself. Given the target audience this makes a lot of sense — most youngsters would much rather build some cool applications right away than wade through lots of dry documentation first.

Super Scratch Programming Adventure is divided into various "stages" (computer game speak for "chapters") that are linked by a colorful cartoon adventure story. Each stage guides the reader through creating a computer game from... err... scratch and teaches them some fundamental concepts along the way. Later stages build on lessons learnt earlier so they should be read in order and the book steers one towards this with the cartoon linking what you do in the various stages together as you build games which in turn become part of the story. The early stages start off showing how to use sprites and move them around and how to use the palette to build up programs and attach behaviors to things. Later stages cover user input, broadcasting and reacting to events, flow control, collision detection, variables, animation and audio with each stage harder than the previous one right up until the final stage which involves creating a fighting game with numerous sprites and interactions between them and the user. I found all the games fun to build and use and could definitely see the distinct lessons each one was designed to teach.

The learning curve is a bit higher than I expected and there is little hand holding, at some points you just have to look at the included code blocks and figure out yourself how to build them up. It's not always easy and readers will need to be fairly computer literate and able and willing to figure a fair amount out on their own but ultimately this is probably a good thing as explaining everything in minute detail would take a lot longer, be quite boring and would lead some to just blindly copying things instead of being forced to understand what they are doing. I could imagine that some young readers might find this a bit challenging so it's probably a good idea to have a computer literate adult around to help out if they get stuck. The included complete source for each game also helps although looking at this does feel a bit like cheating. Each stage ends with suggestions for further programming on ones own and I felt that these are really the key for this book to succeed as a learning tool as these make one think about and apply what was just read. Again I think this would be a good point for a parent or someone older to step in and encourage a younger reader to build on what they've learnt and suggest creating something new for themselves. The book contains plenty of pointers to online resources where readers can learn more, ask questions and share their creations with others.

I would definitely recommend Super Scratch Programming Adventure for those eager to learn programming but be aware that to really get the most out of it it's probably best if someone who already knows how to program is around to read along, help out and encourage further creation outside of what the book shows. There is a wealth of Scratch related information on the internet but this book provides a good way to get started by demonstrating how to build fun applications and hopefully this in turn will encourage readers to move on to creating more on their own.

Full disclosure: I was given a copy of this book free of charge by the publisher for review purposes. They placed no restrictions on what I could say and left me to be as critical as I wanted so the above review is my own honest opinion.

You can purchase Super Scratch Programming Adventure!: Learn to Program By Making Cool Games from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

eldavojohn writes "I kickstarted a project undertaken by Daniel Shiffman to write a book on what (at the time) seemed to be a very large knowledge space. What resulted is a good book (amazing by CC-BY-NC standards) available in both PDF and HTML versions. In addition to the book he maintains the source code for creating the book and of course the book examples. The Nature of Code starts off swimmingly but remains front heavy with a mere thirty five pages devoted to the final chapter on neural networks. This is an excellent book for Java and Processing developers that want to break into simulation and modeling of well, anything. It probably isn't a must-have title for very seasoned developers (unless you've never done simulation and modeling) but at zero cost why not?" Read below for the rest of eldavojohn's review. The Nature of Code: Simulating Natural Systems with Processing author Daniel Shiffman pages 520 publisher The Nature of Code rating 9/10 reviewer eldavojohn ISBN 978-0985930806 summary A book concentrating on the simulation of natural elements through both basic and advanced programming concepts in Processing. First off, I feel like defining the audience of this book is very important to avoid disappointment. This book is not for someone who's already developed games or modeled highway traffic or knows how to build their own physics engine. No, this book is geared at the people who are familiar with one language (preferably Java or Processing) and want to get a taste of all of the above. This book is possibly suitable for a someone new to the world of programming who is willing to put in the extra effort of coming up to speed on Processing in tandem with the text. After all, Processing is a comparatively forgiving language with a dead simple API to interact with the mouse and draw/animate objects.

I'd also like to address the "exercises" that are found throughout chapters and at the end of chapters in this book. They are excellent. I picked a couple and invested actual time in fleshing them out and I feel like Shiffman succeeded in inserting a wide range of difficulty. Leading along through each chapter, it is easy to successively complete each new exercise while the end of the chapters present stretch exercises. In addition to that, applicable chapters urge and provoke the reader to utilize newly learned concepts into what Shiffman calls "The Ecosystem Project." Where the user is basically defining an ecosystem and continually adding new animals, new movement patterns, new behaviors like predation and finally artificial intelligence.

Lastly this book can be found in many formats and I read the first half as HTML with animated diagrams. While the animated diagrams were awesome and added greatly to the text, I still found myself enjoying the dead tree book much more. I know I will soon be a dinosaur with shelves of needless weight that people will mock but I cannot make the jump to reading on a screen. The book's binding and paper quality is average as it appears to be from Amazon's CreateSpace. Diagrams that would animate are shown in the book as having progressively darkening shadows of the paths of objects and is fairly easy to envision movement. I did love the HTML version's moving examples though!

The introduction of this book brings up a few fundamental concepts on randomness like random walks and Perlin noise as well as a bit of statistics. For being labeled "Introduction" this chapter is fundamentally important and the aforementioned concepts are referred back to throughout the rest of the book. The book immediately dives into code snippets of a very simple nature that are easy to run and understand. Great detail and careful explanation are found throughout these opening chapters. The user is given informational boxes going further in depth to certain concepts. This was done really well in the first five or so chapters and was rare if even present in the final chapters.

The first chapter is devoted to vectors. It does an excellent job of explaining why they are so important as well as define and code mathematical concepts that affect vectors. A great aspect of this chapter is that the author fleshes out PVector functionality before your eyes to better understand Processing and object oriented programming. New (to beginners) ways of representing and implementing velocity and acceleration using vectors are explored at their most basic levels.

The second chapter moves naturally enough to forces on objects and begins to delve in basic physics formulas. Newton's Laws are modeled as well as friction, aerodynamics, fluid dynamics and gravity. Shiffman does a great job of keeping these unruly topics in easy to understand language while at the same time offering the scary looking formulas. He even goes so far as to insert an informational box imploring the reader to not be afraid of scary looking formulas by breaking down friction. I feel like one of the strengths of this book is showing how a complex looking formula can be deconstructed to easy English and then further implemented roughly in a model in Processing. While this modeling is by no means completely accurate or state of the art, it is a good introduction and would likely suffice for simple games and web design.

The third chapter brings angles into the mix by concentrating on oscillations. While it does a great job of talking about the important aspects of trigonometry, the text does really follow through with recalling these concepts. For instance, the mnemonic device SOHCAHTOA from geometry class is briefly explained and subsequently dropped. We use it in later chapters but it is used implicitly and may be difficult for people who are not intimately familiar with it to see the trigonometric reductions employed for simplified coding of the visualizations. Shiffman does an excellent job at starting with something that looks like a complex system, breaking it down to its component vectors and showing incremental changes to the code that iteratively improve on the visualization at hand. In doing so he gives an example of how a modeling programmer should think and work through known physical behavior to derive something that works visually in Processing.

Next up is particle systems. The reader is introduced to simpler ways of maintaining a set of particles as we start to focus on multiple particles with complex interactions. Shiffman opts to keep it simple and shies away from coding aspects like ArrayList versus LinkedList versus HashMap. Instead minimal space is spent on side ventures and the particle systems are surprisingly easy to get off the ground. The user is introduced to polymorphism, inheritance and more advanced class constructs so that the user can reduce the amount of code required to activate, handle and delete heterogenous groups of particles. For a beginning developer this chapter is great at walking them through these more advanced concepts and helping them see a direct benefit to the code.

So far, Introduction through Chapter Four of the book, everything has been great. Shiffman points out that there are a plethora of physics libraries out there in any imaginable language of any imaginable quality. And, consequently, it's unlikely you're going to forge forward with the aforementioned concepts and find yourself making the next engine for latest blockbuster space shooter game. As a result, Chapter Five is an overview of how to interact with physics libraries and use your Processing sketch as a facade that just queries said library for position. Box2D is the first library he tackles and with good cause — it's the same engine used by Angry Birds. And that's great because it is certainly empowering to know that if you can skin a simple game that adds a few game rules to physics, you can make a billion dollars. I learned a lot from this. I have never interacted with a physics library like this before and it was easy to produce fluid and impressive results. But it felt like glue code and it also felt like this text could be deprecated with a large update to Box2D (or it's Java and Processing equivalents). This really is a necessary and helpful chapter for this book but I felt sad that we had so quickly given up on rolling our own physics library. After Box2D, Shiffman presents VerletPhysics and provides a helpful resource for when you should use one over the other. Also, the terms for interacting with the libraries are slightly different but represent the same concept (side note: I wasn't a big fan of the convoluted names these two libraries used to designate objects and object types).

Chapter Six shows the reader how to emulate an autonomous agent by introducing "desired" vectors to each object. In this case it is a race car trying to reach a target. As the object moves, the desired vector is a updated. Examples of code are provided that show the object overshooting its target and Shiffman progresses on his path of slightly improving it by algorithmically adjusting the desired vector by introducing a slowing magnitude upon approach of the target. The actions of the object become more complicated as a flow field is suggested instead for behavior. The author explores path following and how to introduce a bit of wandering around straight line like an ant following a pheromone trail or a person walking along a wall. Simple examples of group behavior like even spacing in a crowded group or flocking in a sparse population within a large space. Lastly this chapter covers a very important aspect of code: performance. By now the reader has seen many examples where code can run slowly and this chapter's continual pairwise updating of all objects on the screen brings up Big O Notation. I wish Shiffman would spend more time on this or at least provide a separate box with more technical information on it like he did with other concepts.

The seventh chapter takes an interesting turn into cellular automata. While an interesting chapter and an interesting concept, it feels a bit disjoint from the rest of the text. While there is a way to tie it back into the long running ecosystem project. The most important aspect of cellular automata is that they are fun visualizations where as other concepts in programming that revolve around mutating state might not be as readily visible (like finite state machines or Markov models). This is the first chapter that feels a little rushed and more like a brief foray into a potentially deep field. The Game of Life is covered but only in its simplest aspects and I feel like this chapter could be better.

Chapter Eight dives into fractals. Again, like the last chapter, it is a bit short but I enjoyed this chapter. They are a great visual way to introduce newcomers to recursion and get them excited about it. On top of that, Shiffman shows how fractals appear in nature. Koch curves and Sierpinski triangles as fractal visualizations. Shiffman has a great informational box discussing the "monster" curve and tantalizes the reader with the paradox that an infinite recursion of the Koch curve results in an infinitely long line in a finite area of paper. This sort of stuff is what makes reading a book like this enjoyable and drives people to delve deeper into this concepts. I only wish the book had more of this. Also crucial to recursion in this chapter is a processing feature new to me: pushMatrix() and popMatrix(). As these are built out into trees, the author moves on to L-systems as devised by Aristid Lindenmayer. It's amazing how this simple grammar could result in a simulation of an algal growth.

The ninth chapter helps the user through a high level overview of genetic algorithms. I think one thing this book lacks is caution or warning about jumping into concepts or using concepts just because they sound cool. While genetic algorithms sound cool and futuristic, I have rarely found them to be at all useful on a professional level. Shiffman does a great job of explaining precisely how selection is determined by defining the constraints of the environment as well as the evaluation function. Unfortunately I find that these things are often hard to define and it's warnings like these that the text lacks. Nevertheless, there are a few good examples picked out for coding — unsurprisingly they use the laws of physics we just discussed and a number of computable variables for valuation. The best example is the rocket ship which is introduced after the standard monkeys trying to type the works of Shakespeare at a typewriter. Shiffman does a great job of explaining genetic algorithms and it's certainly a neat topic that's fun to think about but I'm not sure it's a good practical fundamental aspect of coding. It definitely works for the simulation side of coding so it should stay in the book but again it feels rushed with a lot of the simulation application left to the reader in the ecosystem project. I think that a much longer chapter that models predation — like wolves and rabbits — might work a lot better. You could even tie in a little bit of math and show situations where not enough mutations cause the hunter or prey to settle in on local maximums.

The tenth and final chapter briefly covers neural networks. Again, this chapter felt rushed and was missing a lot of the great explanations that were present in the first half of the book. The scant thirty five pages covers peceptrons, neural networks, training vehicles with them and even backpropagation of multilayered neural networks to hand more complex classification demands. In an effort to give this chapter some fun visualizations, the last thing Shiffman covers is the animation of the operation of a neural network. I'm intimately familiar with all these topics but the pace at which this chapter moves might be too much for a starting developer. I feel like there's a huge opportunity in this chapter to more thoroughly explain neural networks and to get readers more excited about classification systems in code.

All in all, the book was thoroughly enjoyable and I really enjoy that it is a creative commons work with both a github for the source code and the raw book. Although the latter chapters could use a lot of additional work this book is a great beginning tool for people who wish to start modeling nature in visualizations quickly and easily.

You can purchase a physical copy of The Nature of Code from amazon.com or you can name your price on a PDF directly. Slashdot welcomes readers' book reviews — to see your own review here, read the book review guidelines, then visit the submission page."

rtfa-troll writes "Amazon's latest table of the top selling laptops will be a surprise for many on Slashdot whose first reaction when we discussed this before was 'so what,' with pundits describing it as 'an enterprise contender.' Given the recent launch and huge advertising campaign, you might expect that the top selling consumer laptop would be based on Win8. If you read recent discussions about Microsoft's troubled new system you might expect a Mac to be leading, but Google's Chromebook topping the sales chart on a consumer site without any major advertising campaign is a major surprise. We've discussed before that apart from its web based ChromeOS, Chromebooks are also very fast running Ubuntu Linux and have several other distributions already ported."

theodp writes "With all of the content that can be delivered electronically — e-books, music, apps, movies, e-gift cards, tickets — the percentage of Christmas gift giving that's digital is growing each year. However, the e-gift unwrapping user experience on Christmas morning leaves much to be desired. In addition to providing old-school mail delivery of gift cards, Amazon offers a variety of other options, including e-mailing a gift card on a specific day with or without a suggested gift, posting it on someone's Facebook Wall, or allowing you to print one for personal delivery. Another suggestion — using USB drives — harkens back to the days of burning CDs with custom playlists for last-minute gifts, but you'll be thwarted by DRM issues for lots of content. So, until Facebook introduces The Tree to save our e-gifts under until they're 'unwrapped' on Christmas morning with the other physical gifts, how do you plan on handling e-gift giving and getting?"

benrothke writes "When the IBM PC first came out 31 years ago, it supported a maximum of 256KB RAM. You can buy an equivalent computer today with substantially more CPU power at a fraction of the price. But in those 31 years, the information security functionality in which the PC operates has not progressed accordingly. In Burdens of Proof: Cryptographic Culture and Evidence Law in the Age of Electronic Documents, author Jean-François Blanchette observes that the move to a paperless society means that paper-based evidence needs to be recreated in the digital world. It also requires an underlying security functionality to flow seamlessly across organizations, government agencies and the like. While the computing power is there, the ability to create a seamless cryptographic culture is much slower in coming." Keep reading for the rest of Ben's review. Burdens of Proof: Cryptographic Culture and Evidence Law in the Age of Electronic Documents author Jean-Fran&amp;amp;amp;amp;amp;#231;ois Blanchette pages 288 publisher MIT Press rating 9/10 reviewer Ben Rothke ISBN 978-0262017510 summary Excellent overview and history of using cryptography to build a trust framework The so called Year of the PKI has been waiting for over a decade, and after reading Burdens of Proof, it is evident why a large-scale PKI will be a long time in coming. More than that, getting the infrastructure in place in a complex environment that exists in the USA with myriad jurisdictions and technologies may prove ultimately to be impossibility.

The irony is that an effective mechanism for digital authentication would seem to be an indispensable part of the digital age. The lack of such an authentication infrastructure may be the very reason that fraud, malware, identity theft and much more, are so pervasive on the Internet.

The premise of this fascinating book is that the slow decline from the use of paper from a legal and evidentiary perspective has significant consequences. For the last few hundred years, paper has been ubiquitous in modern life; from legal and health records, school, employment and everything in between.

The book details the many challenges that businesses and governments face in moving from a paper-based record society and the underlying trust mechanisms that go along with it, to a new digital-based record system, and how a new framework is needed for such a method. The book details part of that new framework.

The book opens with an observation on the authenticity of President Obama's birth certificate. While Blanchette is not a birther, he does note that if the moral authority of paper records has diminished, then the electronic documents replacing them, which are what the Obama administration provided, appear to be even more malleable. And that is precisely the issue that he addresses.

Blanchette details a compelling story and writes it as an insider. He was a member of a task force appointed in 1999 by the French Ministry of Justice to provide guidance on the reform of the rules governing the admissibility of written evidence in French courts, into a digital format.

The first few chapters provide an excellent overview of the history of cryptography. Chapter 3 – On the Brink of a Revolution– gives an excellent summary of cryptography from 1976 on, starting with seminal research that was done by Diffie and Hellman, and Rivest, Shamir and Adleman (RSA).

In chapter 5, Blanchette details his narrative about how France embraced and moved to a more digital governmental framework. He notes that the challenge was that France was the country that gave bureaucracy its name, and is a place where citizens must carry at all times their papers d'identite and is a society enmeshed in paper. Blanchette writes of the many French bureaucracies that had to let go of their protectionist stances as they moved down the path to letting electronic documents have legal validity.

Blanchette writes that in France, one of the biggest impediments to moving to a digital framework were the French civil-law notaries or notaire. French notaries are much more powerful than a notary public in the US, and are closer to being what a paralegal does in the US.

The French notaire are a wealthy and powerful monopoly when it comes to issues of purchases, sales, exchanges, co-ownerships, land plots, leases, mortgages and the like. A notaire can form a corporation prepare commercial business leases and much more. The entire French notary profession had been dependent on its monopoly to grant authenticity, and no definition of electronic authenticity could emerge and succeed if it did not meet its criteria.

While paper trust may be intuitive now, Blanchette writes that it wasn't always the case. When documents were first created (whenever that may have been), they did not immediately inspire trust. As with other innovations, there was a long and complex period of evolution needed to gain accepted levels of trust.

In chapter 6, the books notes that many people assumed cryptography would be the mechanism that would inspire trust in the digital world. Blanchette writes that the mistake cryptographers made and sometimes continue to make; is that they often assumed that the properties of cryptographic objects will translate transparently into the complex social and institutional setting in which they are deployed in.

This was incisively noted in Why Johnny Can't Encrypt, which was a usability evaluation of PGP by Whitten and Tygar. The author's observed that user errors cause or contribute to most computer security failures, yet user interfaces for security still tend to be clumsy, confusing, or near-nonexistent. While the paper was written in 1999, most of its findings are still relevant.

Chapter 6 provides 3 fascinating case studies that show have different approach to security technology and cryptographic deployments are imperative in ensuring that they work.

In just under 200 pages, the books 7 chapters provide both a fascinating overview of the history of cryptography, in addition to showing how cryptography can be effectively used to authenticate digital documents. The book also has a high-level framework (a comprehensive framework would require at least 5 times as many pages) for an effective cryptographic framework for digital trust.

As Blanchette notes many times in the book, the challenge with getting digital signatures to work is not with the technology; rather it is with the underlying societal infrastructure in which to make it work. France was brought kicking and screaming into the age of electronic authentication, and is one of the few countries that have had such widespread success.

The book is a fascinating read that details how frustrating difficult it has been to create a comprehensive mechanism for digital authentication. The book raises many beguiling questions, and Blanchette is smart enough to notes that there are no simply answers to these multifaceted problems.

Burdens of Proof: Cryptographic Culture and Evidence Law in the Age of Electronic Documents is both a fascinating overview of the history of paper and electronic authentication, in addition to providing a synopsis of what it will take to make create a cryptographic culture, where digital evidence will be as accepted in the courtroom, as its antique paper cousin.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Burdens of Proof: Cryptographic Culture and Evidence Law in the Age of Electronic Documents from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

benrothke writes "When the IBM PC first came out 31 years ago, it supported a maximum of 256KB RAM. You can buy an equivalent computer today with substantially more CPU power at a fraction of the price. But in those 31 years, the information security functionality in which the PC operates has not progressed accordingly. In Burdens of Proof: Cryptographic Culture and Evidence Law in the Age of Electronic Documents, author Jean-François Blanchette observes that the move to a paperless society means that paper-based evidence needs to be recreated in the digital world. It also requires an underlying security functionality to flow seamlessly across organizations, government agencies and the like. While the computing power is there, the ability to create a seamless cryptographic culture is much slower in coming." Keep reading for the rest of Ben's review. Burdens of Proof: Cryptographic Culture and Evidence Law in the Age of Electronic Documents author Jean-Fran&amp;amp;amp;amp;amp;#231;ois Blanchette pages 288 publisher MIT Press rating 9/10 reviewer Ben Rothke ISBN 978-0262017510 summary Excellent overview and history of using cryptography to build a trust framework The so called Year of the PKI has been waiting for over a decade, and after reading Burdens of Proof, it is evident why a large-scale PKI will be a long time in coming. More than that, getting the infrastructure in place in a complex environment that exists in the USA with myriad jurisdictions and technologies may prove ultimately to be impossibility.

The irony is that an effective mechanism for digital authentication would seem to be an indispensable part of the digital age. The lack of such an authentication infrastructure may be the very reason that fraud, malware, identity theft and much more, are so pervasive on the Internet.

The premise of this fascinating book is that the slow decline from the use of paper from a legal and evidentiary perspective has significant consequences. For the last few hundred years, paper has been ubiquitous in modern life; from legal and health records, school, employment and everything in between.

The book details the many challenges that businesses and governments face in moving from a paper-based record society and the underlying trust mechanisms that go along with it, to a new digital-based record system, and how a new framework is needed for such a method. The book details part of that new framework.

The book opens with an observation on the authenticity of President Obama's birth certificate. While Blanchette is not a birther, he does note that if the moral authority of paper records has diminished, then the electronic documents replacing them, which are what the Obama administration provided, appear to be even more malleable. And that is precisely the issue that he addresses.

Blanchette details a compelling story and writes it as an insider. He was a member of a task force appointed in 1999 by the French Ministry of Justice to provide guidance on the reform of the rules governing the admissibility of written evidence in French courts, into a digital format.

The first few chapters provide an excellent overview of the history of cryptography. Chapter 3 – On the Brink of a Revolution– gives an excellent summary of cryptography from 1976 on, starting with seminal research that was done by Diffie and Hellman, and Rivest, Shamir and Adleman (RSA).

In chapter 5, Blanchette details his narrative about how France embraced and moved to a more digital governmental framework. He notes that the challenge was that France was the country that gave bureaucracy its name, and is a place where citizens must carry at all times their papers d'identite and is a society enmeshed in paper. Blanchette writes of the many French bureaucracies that had to let go of their protectionist stances as they moved down the path to letting electronic documents have legal validity.

Blanchette writes that in France, one of the biggest impediments to moving to a digital framework were the French civil-law notaries or notaire. French notaries are much more powerful than a notary public in the US, and are closer to being what a paralegal does in the US.

The French notaire are a wealthy and powerful monopoly when it comes to issues of purchases, sales, exchanges, co-ownerships, land plots, leases, mortgages and the like. A notaire can form a corporation prepare commercial business leases and much more. The entire French notary profession had been dependent on its monopoly to grant authenticity, and no definition of electronic authenticity could emerge and succeed if it did not meet its criteria.

While paper trust may be intuitive now, Blanchette writes that it wasn't always the case. When documents were first created (whenever that may have been), they did not immediately inspire trust. As with other innovations, there was a long and complex period of evolution needed to gain accepted levels of trust.

In chapter 6, the books notes that many people assumed cryptography would be the mechanism that would inspire trust in the digital world. Blanchette writes that the mistake cryptographers made and sometimes continue to make; is that they often assumed that the properties of cryptographic objects will translate transparently into the complex social and institutional setting in which they are deployed in.

This was incisively noted in Why Johnny Can't Encrypt, which was a usability evaluation of PGP by Whitten and Tygar. The author's observed that user errors cause or contribute to most computer security failures, yet user interfaces for security still tend to be clumsy, confusing, or near-nonexistent. While the paper was written in 1999, most of its findings are still relevant.

Chapter 6 provides 3 fascinating case studies that show have different approach to security technology and cryptographic deployments are imperative in ensuring that they work.

In just under 200 pages, the books 7 chapters provide both a fascinating overview of the history of cryptography, in addition to showing how cryptography can be effectively used to authenticate digital documents. The book also has a high-level framework (a comprehensive framework would require at least 5 times as many pages) for an effective cryptographic framework for digital trust.

As Blanchette notes many times in the book, the challenge with getting digital signatures to work is not with the technology; rather it is with the underlying societal infrastructure in which to make it work. France was brought kicking and screaming into the age of electronic authentication, and is one of the few countries that have had such widespread success.

The book is a fascinating read that details how frustrating difficult it has been to create a comprehensive mechanism for digital authentication. The book raises many beguiling questions, and Blanchette is smart enough to notes that there are no simply answers to these multifaceted problems.

Burdens of Proof: Cryptographic Culture and Evidence Law in the Age of Electronic Documents is both a fascinating overview of the history of paper and electronic authentication, in addition to providing a synopsis of what it will take to make create a cryptographic culture, where digital evidence will be as accepted in the courtroom, as its antique paper cousin.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Burdens of Proof: Cryptographic Culture and Evidence Law in the Age of Electronic Documents from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

theodp writes "Silly rabbit, parallel processing is not just for Big Data! Building on techniques outlined by Andy Baio back in 2008, Wired writer and 20% Doctrine evangelist Ryan Tate has released Ruby-based software called Typingpool to make audio transcriptions easier and cheaper. 'Typingpool chops your audio into small bits and routes them to the labor marketplace Mechanical Turk,' Tate explains to his reporter pals, 'where workers transcribe the bits in parallel. This produces transcripts much faster than any lone transcriber for as little one-eighth what you pay a transcription service. Better still, workers keep 91 percent of the money you spend.' Remember to Use the Force for Good, Tate adds."

tgeller writes "It's hard to believe that today's nerdier children will one day bore their grandkids with stories of primitive mobile access, household robotics, and 3-D printers. Some will become rich and famous by latching onto tomorrow's winners; others will find themselves irrelevant as the objects of their obsessions fail in the marketplace. But all with the energy to remember will come away with stories from the dawn of creation. One such witness is Kevin Savetz, a 41-year-old technology journalist and entrepreneur whose new book Terrible Nerd recounts 'true tales of growing up geek' during the '80s computer revolution. It's a rich chronicle that deftly mixes details of his beloved technologies with the zeitgeist a particular time and space. As such, it's an entertaining read for technologists and non-techies alike." Keep reading for the rest of tgeller's review. Terrible Nerd author Kevin Savetz pages 256 pages publisher Savetz Publishing rating 7/10 reviewer Tom Geller ISBN 978-1939169006 summary Kevin Savetz' biography of personal computing, gaming, and online adventures as a child in the '80s Savetz' background was a perfect storm of nerd-incubation factors. Suburban, Californian, white, middle class, and with a statistically improbable number of engineers in the family, he suffered through "special" gym classes and illnesses that drove him further into indoor pursuits. The family's first "computer" appeared around late 1976 in the form of a Fairchild Channel F video game — the first to use ROM cartridges. It was followed by an Intellivision in 1981 before Savetz gained access to his first "real" computer a few months later: an Atari 800 at his father's house, available to him only on bi-weekly visits.

As the Atari opens Savetz' world, Terrible Nerd traces his progress into a computer-geek community that existed even then. Between epic sessions playing text adventures (like Zork) and 8-bit classics (like M.U.L.E.), he discovered programming, software trading and, ultimately, modem-connected bulletin-board systems (BBSes). This, I think, is where the book is at its most interesting: it charts not only the nascent technology, but also a young man's blossoming into an engaged, social animal.

Not that the book is short on personal insights elsewhere. Overall, Savetz does a good job interweaving technology, personal development, and his feelings at the time. It's certainly a personal book, and the author isn't afraid to come off as the bad guy once in a while. He admits to sundry misdeeds, including piracy (ubiquitous then), hacking, forgery, and even rigging a church raffle. But he also shines light on the turbulence of adolescence, from a rocky relationship with his stepfather, to a deceitful boss, to an attempted molestation by a family friend who'd given him a valuable package of software.

In this way, it's far more readable than purely technical histories, such as Peter Salus' otherwise fascinating Casting the Net: From ARPANET to INTERNET and beyond . I would have liked greater cohesion among the stories, though — a story arc, a sense that they were all driving toward something bigger. Without a crystal ball, one doesn't have that sense of purpose at the time; but as this was written in retrospect, he could have done more to tie it all together.

On the other hand, one can't fault the author's dedication to recording details of this time — a venture he nobly continues through sites such as atariarchives.org and Classic Computer Magazine Archives. Given his archivist's heart, it's surprising that the book didn't include a much-needed index.

For me, Terrible Nerd started to slow a bit when Savetz related his college experience in the late '80s. Admittedly, this sense of detachment is partly for personal reasons: my own involvement in computers died down for a few years then, so tales of the IBM PC XT and such awoke no memories. Perhaps those years were just not as technologically interesting, as "hobbyist" computers disappeared, and the focus moved from the family den to the office. Or perhaps adulthood is intrinsically less dramatic than adolescence. In any case, this period of the book is not without its great stories, such as the author's accidental denial-of-service flood that shut down Europe's internet connection, or his involvement with the famous multi-user LambdaMOO. (I regretted that he didn't comment on the attention that that MOO got, first from a notable 1994 Wired article, then from the 1999 book My Tiny Life.)

Around then, his longstanding interest in writing and journalism started to pay off. Advice from established computer journalist John C. Dvorak and a lead from war reporter (and fellow MOO-er) Jacques Leslie led him to his first gig with MicroTimes. That led to many other jobs, including a lucrative position as America Online's "AnswerMan" (for a cut of the service's substantial hourly fees). Writing a FAQ on internet faxing got him into entrepreneurship with FaxZero.com and several other endeavors, and he took part in founding an early community internet service provider (ISP). He continues to write, and to oversee several online businesses, to this day.

Like most personal narratives, Terrible Nerd has its slow moments — some phases of one's life just aren't as interesting as others. And unlike the best of them, it lacks an overriding theme beyond "It was cool to be a computer kid in the '80s!". But that was enough to keep me hooked. For those of us who shared that time and space, it's well-presented nostalgia; for those coming up now, it's a roadmap for enjoying emerging technologies in today's time and space.

You can purchase Terrible Nerd from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael Ross writes "Since its introduction in 1994, JavaScript has largely been utilized within web browsers, which limited JavaScript programmers to client-side development. Yet with the recent introduction of Node.js, those programmers can leverage their skills and experience for server-side efforts. Node.js is an event-based framework for creating network applications — particularly those for the Web. Anyone interested in learning this relatively new technology can begin with one of numerous resources, including Sams Teach Yourself Node.js in 24 Hours." Keep reading for the rest of Michael's review. Sams Teach Yourself Node.js in 24 Hours author George Ornbo pages 464 pages publisher Sams Publishing rating 7/10 reviewer Michael J. Ross ISBN 978-0672335952 summary An introduction to the Node.js framework. This book, authored by George Ornbo, was released by Sams Publishing on 15 September 2012, under the ISBN 978-0672335952. The recent publication date is promising, because Node.js is evolving rapidly, thus gradually obsoleting books written not that long ago. On the publisher's page, visitors will find a brief description of Ornbo's book, a few customer reviews, the table of contents, a sample chapter (the 14th, "A Streaming Twitter Client"), and links to purchase the print and electronic versions of the book. There is also a link to the companion site, which offers some of the same content as Pearson's page, but also has a link to download an archive file containing all the example code, nicely organized.

The book's material spans 464 pages, and is organized (shoehorned) into 24 "hours" (chapters), grouped into six parts. The first two chapters in "Getting Started" explain how the reader can download Node.js, create a "hello world" web server program, install new modules using npm (Node Packaged Modules), search for modules, locate documentation on them, and indicate module dependencies for an application. Unfortunately, the blocks of source code presented in the first examples (Listing 1.1 and Figure 2.2) are not explained in the narrative (until the fifth chapter) or even commented. Readers would likely appreciate some clues as to the nature of http.createServer, req, res, the "underscore" module, etc. — especially at the beginning of their journey. If readers are not expected to understand these details at this point, then they should be told so, to avoid any concerns that such an understanding is assumed in the subsequent chapters. The author does not explain where Node.js is installed or what changes it makes to the terminal's default path variable. On page 18, the term "project folder" is unclear: should the "underscore" module end up in hour02/example01/node_modules, or nodejs/node_modules, or nodejs/node_modules/npm/node_modules? Only later is this (partially) answered.

Chapter 3 demonstrates the complexity that arises from concurrent input/output in networked applications. This material should arguably have been presented at the beginning of the book, to better establish the purpose of Node.js, and the value to the reader of studying it. The next chapter summarizes jQuery and JavaScript callbacks, and then provides a helpful discussion of how Node.js uses the latter. The author contends that the asynchronous paradigm of Node.js is unsuitable for long-running processes, but does not explain why this is true, which would have provided some substantiation for the claim.

The second part of the book, "Basic Websites With Node.js," encompasses four more chapters. The first one discusses how to: create a simple server (using the core HTTP module), examine the response headers (generated for web pages, in different browsers and on the Linux command line), execute 301 redirects, respond to different types of requests (using the URL module), and create a simple client. Oddly, the author does not explain or even mention the sizable JSON output — the first line of which is "{ domain: null," — displayed in the reader's server terminal when the web page pointing to that server is refreshed or when the "curl -I" command is run. The next two chapters cover how to build websites using the Express framework, and are likely the first point where the reader will see some of the real-world complexity of Node.js. The eighth chapter explains how to persist data between calls to the application, including files, environment variables, and MongoDB.

Debugging, testing, and deploying are all critical topics for any application development, and are covered in the third part of the book. The author illustrates three methods of debugging: STDIO, a core module, is a lightweight method for debugging Node.js code; it allows one to output messages to the console, check the value of any variable or literal, and track function calls and responses from third-party services. Node.js provides access to the more powerful debugger of V8 (the Google Chrome JavaScript engine), which supports breakpoints and code stepping. Node Inspector, compatible with WebKit-based browsers, provides all of the above functionality, and more. The next two chapters present several modules that ease the important process of creating full-coverage tests, and demonstrate how to deploy applications to any one of three Node.js-capable cloud hosting providers (Heroku, Cloud Foundry, and Nodester).

Having covered the basics of Node.js, the author begins the fourth part of his book with two chapters that show how to use Socket.IO, WebSockets, and Express to build real-time web applications. These techniques are illustrated in the development of a chat server as well as a nickname management and messaging system. The aforementioned sample chapter extends these techniques further in working with the Twitter API to consume its real-time data, push it to the browser, and show results in a dynamic graph. This section is wrapped up with coverage primarily of JSON — specifically, how to create, consume, and send JSON-structured data.

APIs were addressed briefly in the previous section, but are explored much more deeply in the subsequent five chapters. Readers may initially conclude that the discussion of processes is elementary, but the author then shows how one could utilize that knowledge to interact with Node.js scripts, including detecting script exits and errors, sending signals and arguments to a script, generating child processes if needed, and sending messages among them. In the 18th chapter, the author goes into greater detail about Node.js's Events module, best practices, and how to generate event listeners dynamically. The buffer API may be low-level, but it is essential for storing raw binary data, as opposed to the Unicode-encoded strings that JavaScript uses within a browser. The Buffer and Stream modules are presented with plenty of helpful examples.

The last part of the book addresses miscellaneous topics, starting with CoffeeScript (a JavaScript precompiler). While CoffeeScript affords numerous benefits, it is not clear why it would deserve an entire chapter in a book dedicated to Node.js. In the next chapter, readers learn how to verify their Node.js code, add command-line executables, and then package it all up into portable modules that can be contributed to the npm registry or GitHub. The last two chapters explain how to create and configure middleware using the Connect module, and how to use Backbone.js (a front-end JavaScript framework) in conjunction with Node.js to build browser-based web applications.

Each chapter concludes with a summary (invariably a waste of space), a Q&A section, a workshop comprising quiz questions (with the answers presented immediately below it, for almost instant spoiling), and several exercises for the reader.The index at the end is missing several of the important topics discussed in the text.

The book contains many errata: "EBay" (page 1; should read "eBay"), "OSX" (page 9; presumably Mac OS X), "yaml" (page 15; should read "YAML"), "irc" (19), "led to [a] great deal" (27), "to solve Concurrency" (37), "process" (54; should read "processes"), "try and" (55; should read "try to"), "This goal" (56; should read "The goal"), "how [a] class" (56), "You will [see] the" (62), "status of [a] web server" (70), "javascripts" (77), and "then [the] name" (87). At this point, less than 20 percent into the book, it was clear that the copyeditors had done a sloppy job, so I stopped recording these flaws that should have been caught. Those first four errata suggest that "textese" is even pervading the world of technical publishing. (Strangely, there does not appear to be a place on the publisher's website for reporting errata.)

The production team should have been looking for places to cut down on the heft of the print edition. The "Try It Yourself " sections sometimes duplicate what is found in the regular text nearby — especially in the third and fourth chapters. For instance, three sets of HTML markup are repeated, as well as the surrounding discussion (pages 42 through 47).

In general, the text does not appear to have been carefully scrutinized by technical reviewers and copyeditors. Occasionally the reader is given critical information later than would be optimal, e.g., the "Watch Out" warning on page 18, provided after the reader installs a module. The writing style is noticeably awkward in countless places in the book, including several run-on sentences. (Technical authors should not be bashful in using commas when doing so would help readability.) Also, the text is littered with too many exclamation marks — as if that is going to make any narrative more exciting.

In terms of the production quality of the book, a lay-flat binding would have made it much easier to read when using both hands on the keyboard. Also, in my review copy (kindly provided by the publisher), a disappointingly large number of the pages had small black splotches of ink; fortunately, none made the text unreadable.

On the other hand, Node.js is certainly not a simple subject area, and this book is able to convey a lot of information about it. This book's forte is the extensive use of example code to illustrate the concepts being presented. Incidentally, kudos to the author for inviting the reader to contribute to the Node.js community, such as adding new modules to GitHub or updating the documentation of existing modules. Overall, readers new to Node.js would certainly benefit from working their way through this volume.

Michael J. Ross is a freelance web developer and writer.

You can purchase Sams Teach Yourself Node.js in 24 Hours from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Frequent contributor Bennett Haselton writes this week with his favorite novelty science gift items for 2012. Levitation engines, puzzles, optical illusions brought to life, and all of the tips and tricks he's found for getting the products to work correctly. Decorative, whimsical, and not too expensive — except for the items that have earned it by being pretty amazing. Read on for the details, and be sure to mention other good possibilities (Just 14 shopping days left until Christmas) in the comments below.

You already know how to find all the latest iPad or iPhone accessories, or how to find all the licensed merchandise if your BFF is a fan of some specific franchise. The items in this list are things that most people wouldn't even think to look for, but that I thought seemed interesting once I found out that they existed.

I'm more of a science geek than a gadget geek, so this list is built around optical illusions, whimsy, conversation pieces that demonstrate some scientific principle, and a reasonable budget. (The "Swinging Sticks Kinetic Energy Sculpture" from ThinkGeek is a work of art, but at $225, the price is apparently set to extract as much as possible from all the people who have to have one after seeing it in Iron Man 2.)

Also, unless otherwise noted, I've actually tried everything listed here and verified that it actually works; there were some items that I really wanted to make work, but couldn't. The Double Sand Sculpture, for example, looks great (especially in colors other than that ugly orange), but in all three models that American Science & Surplus sent me — the original plus the two free replacements — air bubbles formed in the hourglasses after a few days, which blocked the sand grains from flowing through the apertures. I could also never get Educational Innovations' Color Changing Nail Polish to change color, even under a UV light. And I loved the look of the Tornado Fountain from Fascinations.com, but no matter how I calibrated it, the drain at the bottom made a squirting and scraping sound like the last dregs of water draining from a bathtub, which pretty much killed its potential as a "tranquil" conversation piece. (As far as I can tell, any tabletop water fountain that costs less than $100 is either too noisy or doesn't work, but I haven't given up looking.) Of course, if you can get any of those things to work, more power to you.

For most of these items I've included the tips and tricks that I've accumulated for getting the full effect out of the product, tips that in some cases would have saved me a lot of hassle if I'd known them when the product first arrived. So you get the full benefit of my impulsive early-September Christmas shopping.

Neither I nor Slashdot make any profit from these links (except some items are from ThinkGeek, which is a corporate cousin of Slashdot for a few more weeks — but I didn't know that when I was making this list, and besides, it's not like you can put together a geek gift guide without including some stuff from ThinkGeek anyway).

Here are some of the things I've found that look as cool in person as they do in their catalog photos, and actually work:

- - - - - - - - - - - - - - - - - - - -

Levitron Revolution
Made by Fascinations.com, $100 from Innovatoys.com.

I bought my first "Levitron"-branded product out of a Sky Mall catalog 15 years ago, assuming the picture of the levitating spinning top had to be a doctored photo, and half-set on proving that the product was a sham. I had spent enough time trying to levitate repelling magnets as a kid to conclude that it "couldn't be done," but I held out the faintest glimmer of hope that this might be the holy grail that I'd given up chasing about 10 years earlier. When the box arrived, I spent all evening and a sleepness night trying to get it working (the original product had to be calibrated and balanced very carefully, and you could waste a lot of time trying to make it work if the weights or alignments were slightly off), until just as the sun was coming up, I got the spinning top to levitate above the magnetic base for about four seconds before falling, and felt as if it had all been worth it. And the Levitron product line has come a long way since then, so you probably won't have to journey to the edge of your sanity to get this latest one working.

The Levitron Revolution is a levitation device which uses a base containing four computer-controlled magnets, and a magnetic disc that levitates about 1/2-inch above the base and can support a weight of up to 1 pound placed on top of it while continuing to levitate. It still takes a bit of practice to learn how to position the disc above the base to start the levitation, but the payoff is worth the effort. You can even rotate the base sideways and upside down, and the levitating disc will stay in the same position relative to the base while you turn it.

I used mine to levitate a crystal specimen that I got from a specialty gem store, which set me back about another $30, but I liked the way it glittered in the lights from the magnetic base. The rock was labeled "quartz / pyrite / sphalerite" at the store, and if you're looking for a similar rock to go with the Levitron Revolution, it looks like you can find one on Google Shopping for less than I paid for mine.

You can also use the Levitron Revolution for homemade illusions like levitating a cupcake in mid-air. (A Hostess dessert cup has a circular cavity on top to hold strawberries and whipped cream; turn it upside down and it fits perfectly over the Levitron disc. The book underneath the cupcake in the video was hollowed out to contain the magnetic base.)

Innovatoys sells several other Levitron products made by Fascinations, which all fall into two categories: those based on the classic Levitron design (which include any product showing the yellow-necked Levitron spinning top), and those based on the newer Levitron Revolution technology (everything else). I also have a Levitron CherryWood which is part of the "classic" lineup. The pros and cons of the two series are:

• The classic Levitron levitates the spinning top a full two inches above the base, which is much more visually impressive than the 1/2-inch that the magnetic disc floats above the base of the Levitron Revolution.
• The classic Levitron has to be hand-spun, however, and takes even more practice to operate than the Levitron Revolution.
• The classic Levitron has to be perfectly level for the top to float (the base comes with three adjustable legs to help you level it perfectly); the Levitron Revolution can be tilted and rotated, and the magnetic disc will continue to float in position relative to the base.
• The classic Levitron levitates in a very delicate equilibrium, with just the slightest touch being enough to push the floating top out out of balance and make it fall, so it can't be used to support other objects (and the top is spinning so fast that you wouldn't be able to see anything attached to it anyway). The Levitron Revolution floating disc can be touched and objects can be placed on top of it without pushing it out of equilibrium.
• The classic Levitron requires no power to operate, but because the top has to keep spinning at a high rate for the gyroscopic force to keep it from flipping over, after about two minutes the air friction will slow down the top enough that it falls. The Levitron Revolution will levitate forever as long as the DC power supply is connected.

The Levitron invention itself has something of a contentious history (recounted here and here). Evidently, the physicist Ray Harrigan had patented a similar device a few years earlier and showed it to Bill Hones, who later got his own patent for a similar device and called it the "Levitron," but Hones was advised by his own lawyer that his own invention was sufficiently different from Harrigan's that he could market it without infringing Harrigan's patent or giving him credit or royalties. Apparently Harrigan was so disgusted and distrustful of his own lawyer that he never took the issue to court, so we'll never know what a judge would have thought. (The only issue which was ever litigated in court was over a former re-seller's use of the trademark "Levitron" — but that seems more straightforward, since the company that made up the word and trademarked it, owns it, completely separate from the merits of the invention that bears the name.) Some physicists have mixed feelings about the Levitron because of this, but it was apparently Harrigan's choice not to pursue the issue. (Besides, the new Levitron Revolution design uses nothing of Harrigan's idea, so some might feel that it's less "tainted".)

For cheaper levitation that takes no skill to operate, you can get the Diamagnetic Levitation Kit from Educational Innovations or search for pyrolitic graphite levitation on eBay — much less visually impressive though, with the graphite sheet levitating only 1 millimeter above the magnets.

Or for a more expensive conversation piece, the Levitron Lamp ($450 from InnovaToys or $400 from WorldToHome) levitates an entire lampshade above the base. I haven't tried that one out though.

- - - - - - - - - - - - - - - - - - - -

Levitating Picture Frames
Heart-shaped frame $25 from ZOpid; rectangular frame $70 from Hammacher Schlemmer.

Computer-controlled levitation operating on a similar principle to the Levitron Revolution products. The $25 ZOpid picture frame is currently hanging out in Amazon limbo with a solitary 1-star review from a customer whose model broke after 4 months. But I think they look fine, and I'm giving two of them as gifts and crossing my fingers that I'm not that unlucky. With both the ZOpid and the Hammacher Schlemmer frames, unfortunately, there's apparently no way to switch off the LED lights (short of turning off the whole model).

Protip: You can prepare these as gifts by using photos downloaded from a friend's Facebook profile, but Facebook reduces the quality of uploaded photos, so that if you print them out, the pixellation will be noticeable up close. If you want the photos to look the best, you need to print them from high-res originals.

- - - - - - - - - - - - - - - - - - - -

Hanayama Japanese Pocket Puzzles
$13 from ThinkGeek and other vendors; some puzzles available for slightly less on eBay.

Some disassembly puzzles are complete fails, either because there are so many separately moving pieces that you can't manipulate the puzzles in your hands at all (e.g. Yin and Yang"), or the moving parts are hidden from view so you can only "solve" them by pure guesswork (e.g. the "Bolted Closed" puzzle). The Hanayama pocket puzzles actually get it right — you can see all the pieces and move them comfortably in your hands, so solving them is just a matter of figuring out the right sequence of moves.

These are basically grown-up versions of the twisted nail puzzles you might have grown up with (and which you could also get, of course, as much cheaper stocking stuffers). But the Hanayama ones look good as shelf knick-knacks as well.

Hanayama pocket puzzles come with no solution included, but you can download a solution by going to this page and submitting your email address to request a download link.

- - - - - - - - - - - - - - - - - - - -

LED Jellyfish Mood Lamp
$35 from ThinkGeek and other vendors; no cheaper alternatives on eBay

Works more or less as shown in the video, with one caveat: In both the first model that I tried, and the free replacement ThinkGeek sent me when I reported the problem, the transitions between the different colors were much more abrupt and jarring than the smooth "color fade" shown in the video. (For some reason, some color LEDs would switch from completely on to completely off at the same time that other LEDs would switch on.) Unfortunately this small problem completely breaks the "reverie" effect of staring at the jellyfish floating around in the water, so I just set mine to a single color without using the transition effect.

Protip: You have to use real distilled water like the instructions tell you. I tried to make it work with regular tap water, and bubbles kept forming around the jellyfish and causing them to float to the surface. Fill it with distilled water and the jellyfish should sink beneath the surface without too much trouble.

Note, Fascinations has come out with a similar product, again sold on Innovatoys.com; I haven't tried that one, so it might be better (might actually get the color transition right), or it might not. Discovery Kids also makes a similar product which I haven't seen and which has been pulling pretty bad reviews on Amazon.

- - - - - - - - - - - - - - - - - - - -

Vino Vault and Cryptex Puzzle Pod
$30 and $22 from 4Thought Products LLC

The Puzzle Pod is a gift container that can only be opened by arranging the 5 rings to spell out a 5-letter password. It arrives pre-configured with the keyword "GRAPE"; once opened, you can re-configure the Pod with a new 5-letter secret word, seal a gift inside, and gift it to a recipient who has to find the secret word to open the puzzle and retrieve the gift. (It's re-usable, and you can set a different 5-letter "password" every time.) The Vino Vault is a larger version of the Puzzle Pod that can hold a bottle of wine.

I've only sampled the Puzzle Pod, so I can just vouch for the fact that it works exactly as described and doesn't get stuck or break easily. When you line up the letters of the secret word correctly, it actually slides smoothly open like it's supposed to.

- - - - - - - - - - - - - - - - - - - -

Ambiguous Vase
$33 from Grand Illusions Ltd (ships from the UK)

This is a real-life version of the Rubin vase optical illusion. For years, Grand Illusions sold only a ceramic version for about $400 (plus another $200 to ship to the U.S.), but in November 2012 they released the $33 plastic version. It can also be used as a real vase (as long as you don't mind the barrier running down the center that divides the two halves).

- - - - - - - - - - - - - - - - - - - -

Steam Powered Top
$14 from Grand Illusions (ships from the UK)

The world's simplest steam engine, made from a tube of copper pushed through a piece of cork, as shown in the demo video. Wikipedia explains the principle here — when the water in the copper tube is heated by the candle flame and boils, it expands and pushes out the ends of the tubes (driving the spinning motion). When the water contracts again, in sucks in water through the ends of the tubes — but the sucking motion pulls in water from all directions (while the expulsion of water pushes in only one direction), so the suction doesn't counteract the propulsion, and the top continues spinning.

Now, the original version is from Germany (and comes with detailed German instructions); the version that I got came with a sheet of English instructions that weren't as detailed. The instructions say to push the copper tube through the cork platform and "bend the tube at a 90-degree angle"; however if you just try bending the tube, it will probably crimp and create a hole, making it useless. To bend the tube so that it curves gradually, place your thumb on the cork next to where the tube protrudes, and use the fingers of your other hand to gently push the tube so that curves around your thumb. (This is spelled out in the original German instructions.)

Also, the instructions say to fill the copper tube by holding it under running tap water. This didn't work at all for me, since the tube is only about 2mm wide and the surface tension of water makes it hard to "push" it into a tube that small. Fortunately, a straw from a grocery-store juicebox fits perfectly over the other end of the copper tube, so if you submerge the other end in water, you can suck on the straw to fill the tube that way. (It's just copper after all, not lead.)

Finally, if you leave the cork floating in water too long, it eventually gets waterlogged and sinks, and as far as I can tell it's very hard to dry it out and bring it back to its original buoyancy. The workarounds for this are: (1) to increase the buoyancy, first put another tea light directly into your bowl of water so that it floats, and then lower the top into the water on top of that tea light, which will then help keep the top afloat; and (2) don't leave the top floating in water when not in use.

- - - - - - - - - - - - - - - - - - - -

"Flying F*CK" Remote-Control Helicopter
$20 from ThinkGeek

Again with the ThinkGeek swag; I swear I didn't know.

This is pretty self-explanatory, except I've tried two of them and the product doesn't seem to work too well as an actual remote-control helicopter; one of them couldn't hover in place (its two modes were "shooting up at the ceiling" or "falling"), and with the other, the R/C didn't seem to work through furniture. But that's probably OK since the whole point of this gift is in the giving and not the having.

In my case, I hid it behind a friend's chair at his birthday party, then at the appropriate time gave a speech ending with, "And so I thought, what do I give my friend to mark this occasion? What do I give? After much thought, I decided, this is what I give:..." There followed a dramatic pause where I pressed the "up" control on the remote, and nothing happened, whereupon I muttered, appropriately enough, "Fuck", then wandered over behind my friend's chair, repeated the setup line, pressed the remote button, at which point the copter shot up, banged into a chair and fell to the ground, whereupon for my third attempt I just picked it up and held it on the palm of my hand, pressed the remote, and the copter took flight and finally delivered the punch line, and all was good. If I'm there when he re-gifts it (since we both agreed that was the point of a gift like this), I hope it works better for him.

- - - - - - - - - - - - - - - - - - - -

Falling Sand Sculptures
$13 for the smaller 'Sandscape'; $80 for the larger 'Deep Sea Round'; both available from Educational Innovations

These both make good decorations and shelf widgets. The sand in the Sandscape always falls in more or less the same pattern, since it's pre-determined by the gaps in the shelves holding the sand; the Deep Sea Round is more interesting since the pattern is determined by the placement of air bubbles and varies every time.

Pro tip: water evaporates from both of these, so eventually the water level will drop and the volume of air will increase, getting in the way of the sand flow. The 'Deep Sea Round' comes with a syringe that you can use to draw out air and inject more water into the aperture on the side. The cheaper 'Sandscape' doesn't come with a syringe, but it has a hole in the side where you can use a syringe to inject more water, if you buy the syringe separately.

- - - - - - - - - - - - - - - - - - - -

Galileo Thermometer
$17 for a wood-mounted model from Office Playground; cheaper ones available without wood mounting

Just your basic elegant conversation piece demonstrating the principle that the density of a liquid changes with temperature. Pro tip: If you get the wood mounted one, before emailing the seller to complain that it's not working because all the spheres are bunched together at the wrong end, make sure it's not upside-down. (I realized, before I hit Send, that the felt-covered end goes on the bottom.)

- - - - - - - - - - - - - - - - - - - -

All of the remaining items on this list do exactly what they say they do, with no need for any special instructions not included by the manufacturer, so I'm just going to list them:

Glass Water Faucet — $50 from Uncommon Goods — a nice double optical illusion (faucet suspended in space, and glass-as-water).

Slicked Grandfather Clock — $30-$60 depending on who's selling it.

Tin Can Robot Kit — about $15 from various vendors — my stepdad and I assembled one using one of his beloved Hansen's soda cans.

Mini metal DIY sculptures — the Metal Works sculptures from Innovatoys ($7-$12) take some time to assemble but they come out looking pretty much like the pictures and make good shelf decorations. These Mikro sculptures ($10 and up, also available from Grand Illusions if you're filling your shopping cart there) are a bit easier to assemble since you just have to bend some shapes out from the metal sheet that they're carved from.

Ulexite "Television Stones" — $10 from Educational Innovations — a naturally occuring rock containing thousands of parallel fiber optic strands. Give it as a gift together with a square of patterned fabric so you can see the eerie effect when you place the rock against the fabric and the pattern "magically" appears on the opposite side of the rock.

And finally, if you need a last-minute gag gift for someone, browse through the gum and hand sanitizers from BlueQ.com — they're not geek-themed, but at $5.49 for the hand sanitizers and $1.39 for the gum, you can afford to stock up so you'll have a reserve of gag gifts suited for a variety of different people's tastes (except, of course, good taste).

And those are my favorites for gift-giving season 2012. You can send me suggestions for any items in this category that I've missed; I'll be back for Valentine's Day.

- - - - - - - - - - - - - - - -
Remember, if you have a feature idea, we'd love to hear it.

Frequent contributor Bennett Haselton writes this week with his favorite novelty science gift items for 2012. Levitation engines, puzzles, optical illusions brought to life, and all of the tips and tricks he's found for getting the products to work correctly. Decorative, whimsical, and not too expensive — except for the items that have earned it by being pretty amazing. Read on for the details, and be sure to mention other good possibilities (Just 14 shopping days left until Christmas) in the comments below.

You already know how to find all the latest iPad or iPhone accessories, or how to find all the licensed merchandise if your BFF is a fan of some specific franchise. The items in this list are things that most people wouldn't even think to look for, but that I thought seemed interesting once I found out that they existed.

I'm more of a science geek than a gadget geek, so this list is built around optical illusions, whimsy, conversation pieces that demonstrate some scientific principle, and a reasonable budget. (The "Swinging Sticks Kinetic Energy Sculpture" from ThinkGeek is a work of art, but at $225, the price is apparently set to extract as much as possible from all the people who have to have one after seeing it in Iron Man 2.)

Also, unless otherwise noted, I've actually tried everything listed here and verified that it actually works; there were some items that I really wanted to make work, but couldn't. The Double Sand Sculpture, for example, looks great (especially in colors other than that ugly orange), but in all three models that American Science & Surplus sent me — the original plus the two free replacements — air bubbles formed in the hourglasses after a few days, which blocked the sand grains from flowing through the apertures. I could also never get Educational Innovations' Color Changing Nail Polish to change color, even under a UV light. And I loved the look of the Tornado Fountain from Fascinations.com, but no matter how I calibrated it, the drain at the bottom made a squirting and scraping sound like the last dregs of water draining from a bathtub, which pretty much killed its potential as a "tranquil" conversation piece. (As far as I can tell, any tabletop water fountain that costs less than $100 is either too noisy or doesn't work, but I haven't given up looking.) Of course, if you can get any of those things to work, more power to you.

For most of these items I've included the tips and tricks that I've accumulated for getting the full effect out of the product, tips that in some cases would have saved me a lot of hassle if I'd known them when the product first arrived. So you get the full benefit of my impulsive early-September Christmas shopping.

Neither I nor Slashdot make any profit from these links (except some items are from ThinkGeek, which is a corporate cousin of Slashdot for a few more weeks — but I didn't know that when I was making this list, and besides, it's not like you can put together a geek gift guide without including some stuff from ThinkGeek anyway).

Here are some of the things I've found that look as cool in person as they do in their catalog photos, and actually work:

- - - - - - - - - - - - - - - - - - - -

Levitron Revolution
Made by Fascinations.com, $100 from Innovatoys.com.

I bought my first "Levitron"-branded product out of a Sky Mall catalog 15 years ago, assuming the picture of the levitating spinning top had to be a doctored photo, and half-set on proving that the product was a sham. I had spent enough time trying to levitate repelling magnets as a kid to conclude that it "couldn't be done," but I held out the faintest glimmer of hope that this might be the holy grail that I'd given up chasing about 10 years earlier. When the box arrived, I spent all evening and a sleepness night trying to get it working (the original product had to be calibrated and balanced very carefully, and you could waste a lot of time trying to make it work if the weights or alignments were slightly off), until just as the sun was coming up, I got the spinning top to levitate above the magnetic base for about four seconds before falling, and felt as if it had all been worth it. And the Levitron product line has come a long way since then, so you probably won't have to journey to the edge of your sanity to get this latest one working.

The Levitron Revolution is a levitation device which uses a base containing four computer-controlled magnets, and a magnetic disc that levitates about 1/2-inch above the base and can support a weight of up to 1 pound placed on top of it while continuing to levitate. It still takes a bit of practice to learn how to position the disc above the base to start the levitation, but the payoff is worth the effort. You can even rotate the base sideways and upside down, and the levitating disc will stay in the same position relative to the base while you turn it.

I used mine to levitate a crystal specimen that I got from a specialty gem store, which set me back about another $30, but I liked the way it glittered in the lights from the magnetic base. The rock was labeled "quartz / pyrite / sphalerite" at the store, and if you're looking for a similar rock to go with the Levitron Revolution, it looks like you can find one on Google Shopping for less than I paid for mine.

You can also use the Levitron Revolution for homemade illusions like levitating a cupcake in mid-air. (A Hostess dessert cup has a circular cavity on top to hold strawberries and whipped cream; turn it upside down and it fits perfectly over the Levitron disc. The book underneath the cupcake in the video was hollowed out to contain the magnetic base.)

Innovatoys sells several other Levitron products made by Fascinations, which all fall into two categories: those based on the classic Levitron design (which include any product showing the yellow-necked Levitron spinning top), and those based on the newer Levitron Revolution technology (everything else). I also have a Levitron CherryWood which is part of the "classic" lineup. The pros and cons of the two series are:

• The classic Levitron levitates the spinning top a full two inches above the base, which is much more visually impressive than the 1/2-inch that the magnetic disc floats above the base of the Levitron Revolution.
• The classic Levitron has to be hand-spun, however, and takes even more practice to operate than the Levitron Revolution.
• The classic Levitron has to be perfectly level for the top to float (the base comes with three adjustable legs to help you level it perfectly); the Levitron Revolution can be tilted and rotated, and the magnetic disc will continue to float in position relative to the base.
• The classic Levitron levitates in a very delicate equilibrium, with just the slightest touch being enough to push the floating top out out of balance and make it fall, so it can't be used to support other objects (and the top is spinning so fast that you wouldn't be able to see anything attached to it anyway). The Levitron Revolution floating disc can be touched and objects can be placed on top of it without pushing it out of equilibrium.
• The classic Levitron requires no power to operate, but because the top has to keep spinning at a high rate for the gyroscopic force to keep it from flipping over, after about two minutes the air friction will slow down the top enough that it falls. The Levitron Revolution will levitate forever as long as the DC power supply is connected.

The Levitron invention itself has something of a contentious history (recounted here and here). Evidently, the physicist Ray Harrigan had patented a similar device a few years earlier and showed it to Bill Hones, who later got his own patent for a similar device and called it the "Levitron," but Hones was advised by his own lawyer that his own invention was sufficiently different from Harrigan's that he could market it without infringing Harrigan's patent or giving him credit or royalties. Apparently Harrigan was so disgusted and distrustful of his own lawyer that he never took the issue to court, so we'll never know what a judge would have thought. (The only issue which was ever litigated in court was over a former re-seller's use of the trademark "Levitron" — but that seems more straightforward, since the company that made up the word and trademarked it, owns it, completely separate from the merits of the invention that bears the name.) Some physicists have mixed feelings about the Levitron because of this, but it was apparently Harrigan's choice not to pursue the issue. (Besides, the new Levitron Revolution design uses nothing of Harrigan's idea, so some might feel that it's less "tainted".)

For cheaper levitation that takes no skill to operate, you can get the Diamagnetic Levitation Kit from Educational Innovations or search for pyrolitic graphite levitation on eBay — much less visually impressive though, with the graphite sheet levitating only 1 millimeter above the magnets.

Or for a more expensive conversation piece, the Levitron Lamp ($450 from InnovaToys or $400 from WorldToHome) levitates an entire lampshade above the base. I haven't tried that one out though.

- - - - - - - - - - - - - - - - - - - -

Levitating Picture Frames
Heart-shaped frame $25 from ZOpid; rectangular frame $70 from Hammacher Schlemmer.

Computer-controlled levitation operating on a similar principle to the Levitron Revolution products. The $25 ZOpid picture frame is currently hanging out in Amazon limbo with a solitary 1-star review from a customer whose model broke after 4 months. But I think they look fine, and I'm giving two of them as gifts and crossing my fingers that I'm not that unlucky. With both the ZOpid and the Hammacher Schlemmer frames, unfortunately, there's apparently no way to switch off the LED lights (short of turning off the whole model).

Protip: You can prepare these as gifts by using photos downloaded from a friend's Facebook profile, but Facebook reduces the quality of uploaded photos, so that if you print them out, the pixellation will be noticeable up close. If you want the photos to look the best, you need to print them from high-res originals.

- - - - - - - - - - - - - - - - - - - -

Hanayama Japanese Pocket Puzzles
$13 from ThinkGeek and other vendors; some puzzles available for slightly less on eBay.

Some disassembly puzzles are complete fails, either because there are so many separately moving pieces that you can't manipulate the puzzles in your hands at all (e.g. Yin and Yang"), or the moving parts are hidden from view so you can only "solve" them by pure guesswork (e.g. the "Bolted Closed" puzzle). The Hanayama pocket puzzles actually get it right — you can see all the pieces and move them comfortably in your hands, so solving them is just a matter of figuring out the right sequence of moves.

These are basically grown-up versions of the twisted nail puzzles you might have grown up with (and which you could also get, of course, as much cheaper stocking stuffers). But the Hanayama ones look good as shelf knick-knacks as well.

Hanayama pocket puzzles come with no solution included, but you can download a solution by going to this page and submitting your email address to request a download link.

- - - - - - - - - - - - - - - - - - - -

LED Jellyfish Mood Lamp
$35 from ThinkGeek and other vendors; no cheaper alternatives on eBay

Works more or less as shown in the video, with one caveat: In both the first model that I tried, and the free replacement ThinkGeek sent me when I reported the problem, the transitions between the different colors were much more abrupt and jarring than the smooth "color fade" shown in the video. (For some reason, some color LEDs would switch from completely on to completely off at the same time that other LEDs would switch on.) Unfortunately this small problem completely breaks the "reverie" effect of staring at the jellyfish floating around in the water, so I just set mine to a single color without using the transition effect.

Protip: You have to use real distilled water like the instructions tell you. I tried to make it work with regular tap water, and bubbles kept forming around the jellyfish and causing them to float to the surface. Fill it with distilled water and the jellyfish should sink beneath the surface without too much trouble.

Note, Fascinations has come out with a similar product, again sold on Innovatoys.com; I haven't tried that one, so it might be better (might actually get the color transition right), or it might not. Discovery Kids also makes a similar product which I haven't seen and which has been pulling pretty bad reviews on Amazon.

- - - - - - - - - - - - - - - - - - - -

Vino Vault and Cryptex Puzzle Pod
$30 and $22 from 4Thought Products LLC

The Puzzle Pod is a gift container that can only be opened by arranging the 5 rings to spell out a 5-letter password. It arrives pre-configured with the keyword "GRAPE"; once opened, you can re-configure the Pod with a new 5-letter secret word, seal a gift inside, and gift it to a recipient who has to find the secret word to open the puzzle and retrieve the gift. (It's re-usable, and you can set a different 5-letter "password" every time.) The Vino Vault is a larger version of the Puzzle Pod that can hold a bottle of wine.

I've only sampled the Puzzle Pod, so I can just vouch for the fact that it works exactly as described and doesn't get stuck or break easily. When you line up the letters of the secret word correctly, it actually slides smoothly open like it's supposed to.

- - - - - - - - - - - - - - - - - - - -

Ambiguous Vase
$33 from Grand Illusions Ltd (ships from the UK)

This is a real-life version of the Rubin vase optical illusion. For years, Grand Illusions sold only a ceramic version for about $400 (plus another $200 to ship to the U.S.), but in November 2012 they released the $33 plastic version. It can also be used as a real vase (as long as you don't mind the barrier running down the center that divides the two halves).

- - - - - - - - - - - - - - - - - - - -

Steam Powered Top
$14 from Grand Illusions (ships from the UK)

The world's simplest steam engine, made from a tube of copper pushed through a piece of cork, as shown in the demo video. Wikipedia explains the principle here — when the water in the copper tube is heated by the candle flame and boils, it expands and pushes out the ends of the tubes (driving the spinning motion). When the water contracts again, in sucks in water through the ends of the tubes — but the sucking motion pulls in water from all directions (while the expulsion of water pushes in only one direction), so the suction doesn't counteract the propulsion, and the top continues spinning.

Now, the original version is from Germany (and comes with detailed German instructions); the version that I got came with a sheet of English instructions that weren't as detailed. The instructions say to push the copper tube through the cork platform and "bend the tube at a 90-degree angle"; however if you just try bending the tube, it will probably crimp and create a hole, making it useless. To bend the tube so that it curves gradually, place your thumb on the cork next to where the tube protrudes, and use the fingers of your other hand to gently push the tube so that curves around your thumb. (This is spelled out in the original German instructions.)

Also, the instructions say to fill the copper tube by holding it under running tap water. This didn't work at all for me, since the tube is only about 2mm wide and the surface tension of water makes it hard to "push" it into a tube that small. Fortunately, a straw from a grocery-store juicebox fits perfectly over the other end of the copper tube, so if you submerge the other end in water, you can suck on the straw to fill the tube that way. (It's just copper after all, not lead.)

Finally, if you leave the cork floating in water too long, it eventually gets waterlogged and sinks, and as far as I can tell it's very hard to dry it out and bring it back to its original buoyancy. The workarounds for this are: (1) to increase the buoyancy, first put another tea light directly into your bowl of water so that it floats, and then lower the top into the water on top of that tea light, which will then help keep the top afloat; and (2) don't leave the top floating in water when not in use.

- - - - - - - - - - - - - - - - - - - -

"Flying F*CK" Remote-Control Helicopter
$20 from ThinkGeek

Again with the ThinkGeek swag; I swear I didn't know.

This is pretty self-explanatory, except I've tried two of them and the product doesn't seem to work too well as an actual remote-control helicopter; one of them couldn't hover in place (its two modes were "shooting up at the ceiling" or "falling"), and with the other, the R/C didn't seem to work through furniture. But that's probably OK since the whole point of this gift is in the giving and not the having.

In my case, I hid it behind a friend's chair at his birthday party, then at the appropriate time gave a speech ending with, "And so I thought, what do I give my friend to mark this occasion? What do I give? After much thought, I decided, this is what I give:..." There followed a dramatic pause where I pressed the "up" control on the remote, and nothing happened, whereupon I muttered, appropriately enough, "Fuck", then wandered over behind my friend's chair, repeated the setup line, pressed the remote button, at which point the copter shot up, banged into a chair and fell to the ground, whereupon for my third attempt I just picked it up and held it on the palm of my hand, pressed the remote, and the copter took flight and finally delivered the punch line, and all was good. If I'm there when he re-gifts it (since we both agreed that was the point of a gift like this), I hope it works better for him.

- - - - - - - - - - - - - - - - - - - -

Falling Sand Sculptures
$13 for the smaller 'Sandscape'; $80 for the larger 'Deep Sea Round'; both available from Educational Innovations

These both make good decorations and shelf widgets. The sand in the Sandscape always falls in more or less the same pattern, since it's pre-determined by the gaps in the shelves holding the sand; the Deep Sea Round is more interesting since the pattern is determined by the placement of air bubbles and varies every time.

Pro tip: water evaporates from both of these, so eventually the water level will drop and the volume of air will increase, getting in the way of the sand flow. The 'Deep Sea Round' comes with a syringe that you can use to draw out air and inject more water into the aperture on the side. The cheaper 'Sandscape' doesn't come with a syringe, but it has a hole in the side where you can use a syringe to inject more water, if you buy the syringe separately.

- - - - - - - - - - - - - - - - - - - -

Galileo Thermometer
$17 for a wood-mounted model from Office Playground; cheaper ones available without wood mounting

Just your basic elegant conversation piece demonstrating the principle that the density of a liquid changes with temperature. Pro tip: If you get the wood mounted one, before emailing the seller to complain that it's not working because all the spheres are bunched together at the wrong end, make sure it's not upside-down. (I realized, before I hit Send, that the felt-covered end goes on the bottom.)

- - - - - - - - - - - - - - - - - - - -

All of the remaining items on this list do exactly what they say they do, with no need for any special instructions not included by the manufacturer, so I'm just going to list them:

Glass Water Faucet — $50 from Uncommon Goods — a nice double optical illusion (faucet suspended in space, and glass-as-water).

Slicked Grandfather Clock — $30-$60 depending on who's selling it.

Tin Can Robot Kit — about $15 from various vendors — my stepdad and I assembled one using one of his beloved Hansen's soda cans.

Mini metal DIY sculptures — the Metal Works sculptures from Innovatoys ($7-$12) take some time to assemble but they come out looking pretty much like the pictures and make good shelf decorations. These Mikro sculptures ($10 and up, also available from Grand Illusions if you're filling your shopping cart there) are a bit easier to assemble since you just have to bend some shapes out from the metal sheet that they're carved from.

Ulexite "Television Stones" — $10 from Educational Innovations — a naturally occuring rock containing thousands of parallel fiber optic strands. Give it as a gift together with a square of patterned fabric so you can see the eerie effect when you place the rock against the fabric and the pattern "magically" appears on the opposite side of the rock.

And finally, if you need a last-minute gag gift for someone, browse through the gum and hand sanitizers from BlueQ.com — they're not geek-themed, but at $5.49 for the hand sanitizers and $1.39 for the gum, you can afford to stock up so you'll have a reserve of gag gifts suited for a variety of different people's tastes (except, of course, good taste).

And those are my favorites for gift-giving season 2012. You can send me suggestions for any items in this category that I've missed; I'll be back for Valentine's Day.

- - - - - - - - - - - - - - - -
Remember, if you have a feature idea, we'd love to hear it.

Frequent contributor Bennett Haselton writes this week with his favorite novelty science gift items for 2012. Levitation engines, puzzles, optical illusions brought to life, and all of the tips and tricks he's found for getting the products to work correctly. Decorative, whimsical, and not too expensive — except for the items that have earned it by being pretty amazing. Read on for the details, and be sure to mention other good possibilities (Just 14 shopping days left until Christmas) in the comments below.

You already know how to find all the latest iPad or iPhone accessories, or how to find all the licensed merchandise if your BFF is a fan of some specific franchise. The items in this list are things that most people wouldn't even think to look for, but that I thought seemed interesting once I found out that they existed.

I'm more of a science geek than a gadget geek, so this list is built around optical illusions, whimsy, conversation pieces that demonstrate some scientific principle, and a reasonable budget. (The "Swinging Sticks Kinetic Energy Sculpture" from ThinkGeek is a work of art, but at $225, the price is apparently set to extract as much as possible from all the people who have to have one after seeing it in Iron Man 2.)

Also, unless otherwise noted, I've actually tried everything listed here and verified that it actually works; there were some items that I really wanted to make work, but couldn't. The Double Sand Sculpture, for example, looks great (especially in colors other than that ugly orange), but in all three models that American Science & Surplus sent me — the original plus the two free replacements — air bubbles formed in the hourglasses after a few days, which blocked the sand grains from flowing through the apertures. I could also never get Educational Innovations' Color Changing Nail Polish to change color, even under a UV light. And I loved the look of the Tornado Fountain from Fascinations.com, but no matter how I calibrated it, the drain at the bottom made a squirting and scraping sound like the last dregs of water draining from a bathtub, which pretty much killed its potential as a "tranquil" conversation piece. (As far as I can tell, any tabletop water fountain that costs less than $100 is either too noisy or doesn't work, but I haven't given up looking.) Of course, if you can get any of those things to work, more power to you.

For most of these items I've included the tips and tricks that I've accumulated for getting the full effect out of the product, tips that in some cases would have saved me a lot of hassle if I'd known them when the product first arrived. So you get the full benefit of my impulsive early-September Christmas shopping.

Neither I nor Slashdot make any profit from these links (except some items are from ThinkGeek, which is a corporate cousin of Slashdot for a few more weeks — but I didn't know that when I was making this list, and besides, it's not like you can put together a geek gift guide without including some stuff from ThinkGeek anyway).

Here are some of the things I've found that look as cool in person as they do in their catalog photos, and actually work:

- - - - - - - - - - - - - - - - - - - -

Levitron Revolution
Made by Fascinations.com, $100 from Innovatoys.com.

I bought my first "Levitron"-branded product out of a Sky Mall catalog 15 years ago, assuming the picture of the levitating spinning top had to be a doctored photo, and half-set on proving that the product was a sham. I had spent enough time trying to levitate repelling magnets as a kid to conclude that it "couldn't be done," but I held out the faintest glimmer of hope that this might be the holy grail that I'd given up chasing about 10 years earlier. When the box arrived, I spent all evening and a sleepness night trying to get it working (the original product had to be calibrated and balanced very carefully, and you could waste a lot of time trying to make it work if the weights or alignments were slightly off), until just as the sun was coming up, I got the spinning top to levitate above the magnetic base for about four seconds before falling, and felt as if it had all been worth it. And the Levitron product line has come a long way since then, so you probably won't have to journey to the edge of your sanity to get this latest one working.

The Levitron Revolution is a levitation device which uses a base containing four computer-controlled magnets, and a magnetic disc that levitates about 1/2-inch above the base and can support a weight of up to 1 pound placed on top of it while continuing to levitate. It still takes a bit of practice to learn how to position the disc above the base to start the levitation, but the payoff is worth the effort. You can even rotate the base sideways and upside down, and the levitating disc will stay in the same position relative to the base while you turn it.

I used mine to levitate a crystal specimen that I got from a specialty gem store, which set me back about another $30, but I liked the way it glittered in the lights from the magnetic base. The rock was labeled "quartz / pyrite / sphalerite" at the store, and if you're looking for a similar rock to go with the Levitron Revolution, it looks like you can find one on Google Shopping for less than I paid for mine.

You can also use the Levitron Revolution for homemade illusions like levitating a cupcake in mid-air. (A Hostess dessert cup has a circular cavity on top to hold strawberries and whipped cream; turn it upside down and it fits perfectly over the Levitron disc. The book underneath the cupcake in the video was hollowed out to contain the magnetic base.)

Innovatoys sells several other Levitron products made by Fascinations, which all fall into two categories: those based on the classic Levitron design (which include any product showing the yellow-necked Levitron spinning top), and those based on the newer Levitron Revolution technology (everything else). I also have a Levitron CherryWood which is part of the "classic" lineup. The pros and cons of the two series are:

• The classic Levitron levitates the spinning top a full two inches above the base, which is much more visually impressive than the 1/2-inch that the magnetic disc floats above the base of the Levitron Revolution.
• The classic Levitron has to be hand-spun, however, and takes even more practice to operate than the Levitron Revolution.
• The classic Levitron has to be perfectly level for the top to float (the base comes with three adjustable legs to help you level it perfectly); the Levitron Revolution can be tilted and rotated, and the magnetic disc will continue to float in position relative to the base.
• The classic Levitron levitates in a very delicate equilibrium, with just the slightest touch being enough to push the floating top out out of balance and make it fall, so it can't be used to support other objects (and the top is spinning so fast that you wouldn't be able to see anything attached to it anyway). The Levitron Revolution floating disc can be touched and objects can be placed on top of it without pushing it out of equilibrium.
• The classic Levitron requires no power to operate, but because the top has to keep spinning at a high rate for the gyroscopic force to keep it from flipping over, after about two minutes the air friction will slow down the top enough that it falls. The Levitron Revolution will levitate forever as long as the DC power supply is connected.

The Levitron invention itself has something of a contentious history (recounted here and here). Evidently, the physicist Ray Harrigan had patented a similar device a few years earlier and showed it to Bill Hones, who later got his own patent for a similar device and called it the "Levitron," but Hones was advised by his own lawyer that his own invention was sufficiently different from Harrigan's that he could market it without infringing Harrigan's patent or giving him credit or royalties. Apparently Harrigan was so disgusted and distrustful of his own lawyer that he never took the issue to court, so we'll never know what a judge would have thought. (The only issue which was ever litigated in court was over a former re-seller's use of the trademark "Levitron" — but that seems more straightforward, since the company that made up the word and trademarked it, owns it, completely separate from the merits of the invention that bears the name.) Some physicists have mixed feelings about the Levitron because of this, but it was apparently Harrigan's choice not to pursue the issue. (Besides, the new Levitron Revolution design uses nothing of Harrigan's idea, so some might feel that it's less "tainted".)

For cheaper levitation that takes no skill to operate, you can get the Diamagnetic Levitation Kit from Educational Innovations or search for pyrolitic graphite levitation on eBay — much less visually impressive though, with the graphite sheet levitating only 1 millimeter above the magnets.

Or for a more expensive conversation piece, the Levitron Lamp ($450 from InnovaToys or $400 from WorldToHome) levitates an entire lampshade above the base. I haven't tried that one out though.

- - - - - - - - - - - - - - - - - - - -

Levitating Picture Frames
Heart-shaped frame $25 from ZOpid; rectangular frame $70 from Hammacher Schlemmer.

Computer-controlled levitation operating on a similar principle to the Levitron Revolution products. The $25 ZOpid picture frame is currently hanging out in Amazon limbo with a solitary 1-star review from a customer whose model broke after 4 months. But I think they look fine, and I'm giving two of them as gifts and crossing my fingers that I'm not that unlucky. With both the ZOpid and the Hammacher Schlemmer frames, unfortunately, there's apparently no way to switch off the LED lights (short of turning off the whole model).

Protip: You can prepare these as gifts by using photos downloaded from a friend's Facebook profile, but Facebook reduces the quality of uploaded photos, so that if you print them out, the pixellation will be noticeable up close. If you want the photos to look the best, you need to print them from high-res originals.

- - - - - - - - - - - - - - - - - - - -

Hanayama Japanese Pocket Puzzles
$13 from ThinkGeek and other vendors; some puzzles available for slightly less on eBay.

Some disassembly puzzles are complete fails, either because there are so many separately moving pieces that you can't manipulate the puzzles in your hands at all (e.g. Yin and Yang"), or the moving parts are hidden from view so you can only "solve" them by pure guesswork (e.g. the "Bolted Closed" puzzle). The Hanayama pocket puzzles actually get it right — you can see all the pieces and move them comfortably in your hands, so solving them is just a matter of figuring out the right sequence of moves.

These are basically grown-up versions of the twisted nail puzzles you might have grown up with (and which you could also get, of course, as much cheaper stocking stuffers). But the Hanayama ones look good as shelf knick-knacks as well.

Hanayama pocket puzzles come with no solution included, but you can download a solution by going to this page and submitting your email address to request a download link.

- - - - - - - - - - - - - - - - - - - -

LED Jellyfish Mood Lamp
$35 from ThinkGeek and other vendors; no cheaper alternatives on eBay

Works more or less as shown in the video, with one caveat: In both the first model that I tried, and the free replacement ThinkGeek sent me when I reported the problem, the transitions between the different colors were much more abrupt and jarring than the smooth "color fade" shown in the video. (For some reason, some color LEDs would switch from completely on to completely off at the same time that other LEDs would switch on.) Unfortunately this small problem completely breaks the "reverie" effect of staring at the jellyfish floating around in the water, so I just set mine to a single color without using the transition effect.

Protip: You have to use real distilled water like the instructions tell you. I tried to make it work with regular tap water, and bubbles kept forming around the jellyfish and causing them to float to the surface. Fill it with distilled water and the jellyfish should sink beneath the surface without too much trouble.

Note, Fascinations has come out with a similar product, again sold on Innovatoys.com; I haven't tried that one, so it might be better (might actually get the color transition right), or it might not. Discovery Kids also makes a similar product which I haven't seen and which has been pulling pretty bad reviews on Amazon.

- - - - - - - - - - - - - - - - - - - -

Vino Vault and Cryptex Puzzle Pod
$30 and $22 from 4Thought Products LLC

The Puzzle Pod is a gift container that can only be opened by arranging the 5 rings to spell out a 5-letter password. It arrives pre-configured with the keyword "GRAPE"; once opened, you can re-configure the Pod with a new 5-letter secret word, seal a gift inside, and gift it to a recipient who has to find the secret word to open the puzzle and retrieve the gift. (It's re-usable, and you can set a different 5-letter "password" every time.) The Vino Vault is a larger version of the Puzzle Pod that can hold a bottle of wine.

I've only sampled the Puzzle Pod, so I can just vouch for the fact that it works exactly as described and doesn't get stuck or break easily. When you line up the letters of the secret word correctly, it actually slides smoothly open like it's supposed to.

- - - - - - - - - - - - - - - - - - - -

Ambiguous Vase
$33 from Grand Illusions Ltd (ships from the UK)

This is a real-life version of the Rubin vase optical illusion. For years, Grand Illusions sold only a ceramic version for about $400 (plus another $200 to ship to the U.S.), but in November 2012 they released the $33 plastic version. It can also be used as a real vase (as long as you don't mind the barrier running down the center that divides the two halves).

- - - - - - - - - - - - - - - - - - - -

Steam Powered Top
$14 from Grand Illusions (ships from the UK)

The world's simplest steam engine, made from a tube of copper pushed through a piece of cork, as shown in the demo video. Wikipedia explains the principle here — when the water in the copper tube is heated by the candle flame and boils, it expands and pushes out the ends of the tubes (driving the spinning motion). When the water contracts again, in sucks in water through the ends of the tubes — but the sucking motion pulls in water from all directions (while the expulsion of water pushes in only one direction), so the suction doesn't counteract the propulsion, and the top continues spinning.

Now, the original version is from Germany (and comes with detailed German instructions); the version that I got came with a sheet of English instructions that weren't as detailed. The instructions say to push the copper tube through the cork platform and "bend the tube at a 90-degree angle"; however if you just try bending the tube, it will probably crimp and create a hole, making it useless. To bend the tube so that it curves gradually, place your thumb on the cork next to where the tube protrudes, and use the fingers of your other hand to gently push the tube so that curves around your thumb. (This is spelled out in the original German instructions.)

Also, the instructions say to fill the copper tube by holding it under running tap water. This didn't work at all for me, since the tube is only about 2mm wide and the surface tension of water makes it hard to "push" it into a tube that small. Fortunately, a straw from a grocery-store juicebox fits perfectly over the other end of the copper tube, so if you submerge the other end in water, you can suck on the straw to fill the tube that way. (It's just copper after all, not lead.)

Finally, if you leave the cork floating in water too long, it eventually gets waterlogged and sinks, and as far as I can tell it's very hard to dry it out and bring it back to its original buoyancy. The workarounds for this are: (1) to increase the buoyancy, first put another tea light directly into your bowl of water so that it floats, and then lower the top into the water on top of that tea light, which will then help keep the top afloat; and (2) don't leave the top floating in water when not in use.

- - - - - - - - - - - - - - - - - - - -

"Flying F*CK" Remote-Control Helicopter
$20 from ThinkGeek

Again with the ThinkGeek swag; I swear I didn't know.

This is pretty self-explanatory, except I've tried two of them and the product doesn't seem to work too well as an actual remote-control helicopter; one of them couldn't hover in place (its two modes were "shooting up at the ceiling" or "falling"), and with the other, the R/C didn't seem to work through furniture. But that's probably OK since the whole point of this gift is in the giving and not the having.

In my case, I hid it behind a friend's chair at his birthday party, then at the appropriate time gave a speech ending with, "And so I thought, what do I give my friend to mark this occasion? What do I give? After much thought, I decided, this is what I give:..." There followed a dramatic pause where I pressed the "up" control on the remote, and nothing happened, whereupon I muttered, appropriately enough, "Fuck", then wandered over behind my friend's chair, repeated the setup line, pressed the remote button, at which point the copter shot up, banged into a chair and fell to the ground, whereupon for my third attempt I just picked it up and held it on the palm of my hand, pressed the remote, and the copter took flight and finally delivered the punch line, and all was good. If I'm there when he re-gifts it (since we both agreed that was the point of a gift like this), I hope it works better for him.

- - - - - - - - - - - - - - - - - - - -

Falling Sand Sculptures
$13 for the smaller 'Sandscape'; $80 for the larger 'Deep Sea Round'; both available from Educational Innovations

These both make good decorations and shelf widgets. The sand in the Sandscape always falls in more or less the same pattern, since it's pre-determined by the gaps in the shelves holding the sand; the Deep Sea Round is more interesting since the pattern is determined by the placement of air bubbles and varies every time.

Pro tip: water evaporates from both of these, so eventually the water level will drop and the volume of air will increase, getting in the way of the sand flow. The 'Deep Sea Round' comes with a syringe that you can use to draw out air and inject more water into the aperture on the side. The cheaper 'Sandscape' doesn't come with a syringe, but it has a hole in the side where you can use a syringe to inject more water, if you buy the syringe separately.

- - - - - - - - - - - - - - - - - - - -

Galileo Thermometer
$17 for a wood-mounted model from Office Playground; cheaper ones available without wood mounting

Just your basic elegant conversation piece demonstrating the principle that the density of a liquid changes with temperature. Pro tip: If you get the wood mounted one, before emailing the seller to complain that it's not working because all the spheres are bunched together at the wrong end, make sure it's not upside-down. (I realized, before I hit Send, that the felt-covered end goes on the bottom.)

- - - - - - - - - - - - - - - - - - - -

All of the remaining items on this list do exactly what they say they do, with no need for any special instructions not included by the manufacturer, so I'm just going to list them:

Glass Water Faucet — $50 from Uncommon Goods — a nice double optical illusion (faucet suspended in space, and glass-as-water).

Slicked Grandfather Clock — $30-$60 depending on who's selling it.

Tin Can Robot Kit — about $15 from various vendors — my stepdad and I assembled one using one of his beloved Hansen's soda cans.

Mini metal DIY sculptures — the Metal Works sculptures from Innovatoys ($7-$12) take some time to assemble but they come out looking pretty much like the pictures and make good shelf decorations. These Mikro sculptures ($10 and up, also available from Grand Illusions if you're filling your shopping cart there) are a bit easier to assemble since you just have to bend some shapes out from the metal sheet that they're carved from.

Ulexite "Television Stones" — $10 from Educational Innovations — a naturally occuring rock containing thousands of parallel fiber optic strands. Give it as a gift together with a square of patterned fabric so you can see the eerie effect when you place the rock against the fabric and the pattern "magically" appears on the opposite side of the rock.

And finally, if you need a last-minute gag gift for someone, browse through the gum and hand sanitizers from BlueQ.com — they're not geek-themed, but at $5.49 for the hand sanitizers and $1.39 for the gum, you can afford to stock up so you'll have a reserve of gag gifts suited for a variety of different people's tastes (except, of course, good taste).

And those are my favorites for gift-giving season 2012. You can send me suggestions for any items in this category that I've missed; I'll be back for Valentine's Day.

- - - - - - - - - - - - - - - -
Remember, if you have a feature idea, we'd love to hear it.

Frequent contributor Bennett Haselton writes this week with his favorite novelty science gift items for 2012. Levitation engines, puzzles, optical illusions brought to life, and all of the tips and tricks he's found for getting the products to work correctly. Decorative, whimsical, and not too expensive — except for the items that have earned it by being pretty amazing. Read on for the details, and be sure to mention other good possibilities (Just 14 shopping days left until Christmas) in the comments below.

You already know how to find all the latest iPad or iPhone accessories, or how to find all the licensed merchandise if your BFF is a fan of some specific franchise. The items in this list are things that most people wouldn't even think to look for, but that I thought seemed interesting once I found out that they existed.

I'm more of a science geek than a gadget geek, so this list is built around optical illusions, whimsy, conversation pieces that demonstrate some scientific principle, and a reasonable budget. (The "Swinging Sticks Kinetic Energy Sculpture" from ThinkGeek is a work of art, but at $225, the price is apparently set to extract as much as possible from all the people who have to have one after seeing it in Iron Man 2.)

Also, unless otherwise noted, I've actually tried everything listed here and verified that it actually works; there were some items that I really wanted to make work, but couldn't. The Double Sand Sculpture, for example, looks great (especially in colors other than that ugly orange), but in all three models that American Science & Surplus sent me — the original plus the two free replacements — air bubbles formed in the hourglasses after a few days, which blocked the sand grains from flowing through the apertures. I could also never get Educational Innovations' Color Changing Nail Polish to change color, even under a UV light. And I loved the look of the Tornado Fountain from Fascinations.com, but no matter how I calibrated it, the drain at the bottom made a squirting and scraping sound like the last dregs of water draining from a bathtub, which pretty much killed its potential as a "tranquil" conversation piece. (As far as I can tell, any tabletop water fountain that costs less than $100 is either too noisy or doesn't work, but I haven't given up looking.) Of course, if you can get any of those things to work, more power to you.

For most of these items I've included the tips and tricks that I've accumulated for getting the full effect out of the product, tips that in some cases would have saved me a lot of hassle if I'd known them when the product first arrived. So you get the full benefit of my impulsive early-September Christmas shopping.

Neither I nor Slashdot make any profit from these links (except some items are from ThinkGeek, which is a corporate cousin of Slashdot for a few more weeks — but I didn't know that when I was making this list, and besides, it's not like you can put together a geek gift guide without including some stuff from ThinkGeek anyway).

Here are some of the things I've found that look as cool in person as they do in their catalog photos, and actually work:

- - - - - - - - - - - - - - - - - - - -

Levitron Revolution
Made by Fascinations.com, $100 from Innovatoys.com.

I bought my first "Levitron"-branded product out of a Sky Mall catalog 15 years ago, assuming the picture of the levitating spinning top had to be a doctored photo, and half-set on proving that the product was a sham. I had spent enough time trying to levitate repelling magnets as a kid to conclude that it "couldn't be done," but I held out the faintest glimmer of hope that this might be the holy grail that I'd given up chasing about 10 years earlier. When the box arrived, I spent all evening and a sleepness night trying to get it working (the original product had to be calibrated and balanced very carefully, and you could waste a lot of time trying to make it work if the weights or alignments were slightly off), until just as the sun was coming up, I got the spinning top to levitate above the magnetic base for about four seconds before falling, and felt as if it had all been worth it. And the Levitron product line has come a long way since then, so you probably won't have to journey to the edge of your sanity to get this latest one working.

The Levitron Revolution is a levitation device which uses a base containing four computer-controlled magnets, and a magnetic disc that levitates about 1/2-inch above the base and can support a weight of up to 1 pound placed on top of it while continuing to levitate. It still takes a bit of practice to learn how to position the disc above the base to start the levitation, but the payoff is worth the effort. You can even rotate the base sideways and upside down, and the levitating disc will stay in the same position relative to the base while you turn it.

I used mine to levitate a crystal specimen that I got from a specialty gem store, which set me back about another $30, but I liked the way it glittered in the lights from the magnetic base. The rock was labeled "quartz / pyrite / sphalerite" at the store, and if you're looking for a similar rock to go with the Levitron Revolution, it looks like you can find one on Google Shopping for less than I paid for mine.

You can also use the Levitron Revolution for homemade illusions like levitating a cupcake in mid-air. (A Hostess dessert cup has a circular cavity on top to hold strawberries and whipped cream; turn it upside down and it fits perfectly over the Levitron disc. The book underneath the cupcake in the video was hollowed out to contain the magnetic base.)

Innovatoys sells several other Levitron products made by Fascinations, which all fall into two categories: those based on the classic Levitron design (which include any product showing the yellow-necked Levitron spinning top), and those based on the newer Levitron Revolution technology (everything else). I also have a Levitron CherryWood which is part of the "classic" lineup. The pros and cons of the two series are:

• The classic Levitron levitates the spinning top a full two inches above the base, which is much more visually impressive than the 1/2-inch that the magnetic disc floats above the base of the Levitron Revolution.
• The classic Levitron has to be hand-spun, however, and takes even more practice to operate than the Levitron Revolution.
• The classic Levitron has to be perfectly level for the top to float (the base comes with three adjustable legs to help you level it perfectly); the Levitron Revolution can be tilted and rotated, and the magnetic disc will continue to float in position relative to the base.
• The classic Levitron levitates in a very delicate equilibrium, with just the slightest touch being enough to push the floating top out out of balance and make it fall, so it can't be used to support other objects (and the top is spinning so fast that you wouldn't be able to see anything attached to it anyway). The Levitron Revolution floating disc can be touched and objects can be placed on top of it without pushing it out of equilibrium.
• The classic Levitron requires no power to operate, but because the top has to keep spinning at a high rate for the gyroscopic force to keep it from flipping over, after about two minutes the air friction will slow down the top enough that it falls. The Levitron Revolution will levitate forever as long as the DC power supply is connected.

The Levitron invention itself has something of a contentious history (recounted here and here). Evidently, the physicist Ray Harrigan had patented a similar device a few years earlier and showed it to Bill Hones, who later got his own patent for a similar device and called it the "Levitron," but Hones was advised by his own lawyer that his own invention was sufficiently different from Harrigan's that he could market it without infringing Harrigan's patent or giving him credit or royalties. Apparently Harrigan was so disgusted and distrustful of his own lawyer that he never took the issue to court, so we'll never know what a judge would have thought. (The only issue which was ever litigated in court was over a former re-seller's use of the trademark "Levitron" — but that seems more straightforward, since the company that made up the word and trademarked it, owns it, completely separate from the merits of the invention that bears the name.) Some physicists have mixed feelings about the Levitron because of this, but it was apparently Harrigan's choice not to pursue the issue. (Besides, the new Levitron Revolution design uses nothing of Harrigan's idea, so some might feel that it's less "tainted".)

For cheaper levitation that takes no skill to operate, you can get the Diamagnetic Levitation Kit from Educational Innovations or search for pyrolitic graphite levitation on eBay — much less visually impressive though, with the graphite sheet levitating only 1 millimeter above the magnets.

Or for a more expensive conversation piece, the Levitron Lamp ($450 from InnovaToys or $400 from WorldToHome) levitates an entire lampshade above the base. I haven't tried that one out though.

- - - - - - - - - - - - - - - - - - - -

Levitating Picture Frames
Heart-shaped frame $25 from ZOpid; rectangular frame $70 from Hammacher Schlemmer.

Computer-controlled levitation operating on a similar principle to the Levitron Revolution products. The $25 ZOpid picture frame is currently hanging out in Amazon limbo with a solitary 1-star review from a customer whose model broke after 4 months. But I think they look fine, and I'm giving two of them as gifts and crossing my fingers that I'm not that unlucky. With both the ZOpid and the Hammacher Schlemmer frames, unfortunately, there's apparently no way to switch off the LED lights (short of turning off the whole model).

Protip: You can prepare these as gifts by using photos downloaded from a friend's Facebook profile, but Facebook reduces the quality of uploaded photos, so that if you print them out, the pixellation will be noticeable up close. If you want the photos to look the best, you need to print them from high-res originals.

- - - - - - - - - - - - - - - - - - - -

Hanayama Japanese Pocket Puzzles
$13 from ThinkGeek and other vendors; some puzzles available for slightly less on eBay.

Some disassembly puzzles are complete fails, either because there are so many separately moving pieces that you can't manipulate the puzzles in your hands at all (e.g. Yin and Yang"), or the moving parts are hidden from view so you can only "solve" them by pure guesswork (e.g. the "Bolted Closed" puzzle). The Hanayama pocket puzzles actually get it right — you can see all the pieces and move them comfortably in your hands, so solving them is just a matter of figuring out the right sequence of moves.

These are basically grown-up versions of the twisted nail puzzles you might have grown up with (and which you could also get, of course, as much cheaper stocking stuffers). But the Hanayama ones look good as shelf knick-knacks as well.

Hanayama pocket puzzles come with no solution included, but you can download a solution by going to this page and submitting your email address to request a download link.

- - - - - - - - - - - - - - - - - - - -

LED Jellyfish Mood Lamp
$35 from ThinkGeek and other vendors; no cheaper alternatives on eBay

Works more or less as shown in the video, with one caveat: In both the first model that I tried, and the free replacement ThinkGeek sent me when I reported the problem, the transitions between the different colors were much more abrupt and jarring than the smooth "color fade" shown in the video. (For some reason, some color LEDs would switch from completely on to completely off at the same time that other LEDs would switch on.) Unfortunately this small problem completely breaks the "reverie" effect of staring at the jellyfish floating around in the water, so I just set mine to a single color without using the transition effect.

Protip: You have to use real distilled water like the instructions tell you. I tried to make it work with regular tap water, and bubbles kept forming around the jellyfish and causing them to float to the surface. Fill it with distilled water and the jellyfish should sink beneath the surface without too much trouble.

Note, Fascinations has come out with a similar product, again sold on Innovatoys.com; I haven't tried that one, so it might be better (might actually get the color transition right), or it might not. Discovery Kids also makes a similar product which I haven't seen and which has been pulling pretty bad reviews on Amazon.

- - - - - - - - - - - - - - - - - - - -

Vino Vault and Cryptex Puzzle Pod
$30 and $22 from 4Thought Products LLC

The Puzzle Pod is a gift container that can only be opened by arranging the 5 rings to spell out a 5-letter password. It arrives pre-configured with the keyword "GRAPE"; once opened, you can re-configure the Pod with a new 5-letter secret word, seal a gift inside, and gift it to a recipient who has to find the secret word to open the puzzle and retrieve the gift. (It's re-usable, and you can set a different 5-letter "password" every time.) The Vino Vault is a larger version of the Puzzle Pod that can hold a bottle of wine.

I've only sampled the Puzzle Pod, so I can just vouch for the fact that it works exactly as described and doesn't get stuck or break easily. When you line up the letters of the secret word correctly, it actually slides smoothly open like it's supposed to.

- - - - - - - - - - - - - - - - - - - -

Ambiguous Vase
$33 from Grand Illusions Ltd (ships from the UK)

This is a real-life version of the Rubin vase optical illusion. For years, Grand Illusions sold only a ceramic version for about $400 (plus another $200 to ship to the U.S.), but in November 2012 they released the $33 plastic version. It can also be used as a real vase (as long as you don't mind the barrier running down the center that divides the two halves).

- - - - - - - - - - - - - - - - - - - -

Steam Powered Top
$14 from Grand Illusions (ships from the UK)

The world's simplest steam engine, made from a tube of copper pushed through a piece of cork, as shown in the demo video. Wikipedia explains the principle here — when the water in the copper tube is heated by the candle flame and boils, it expands and pushes out the ends of the tubes (driving the spinning motion). When the water contracts again, in sucks in water through the ends of the tubes — but the sucking motion pulls in water from all directions (while the expulsion of water pushes in only one direction), so the suction doesn't counteract the propulsion, and the top continues spinning.

Now, the original version is from Germany (and comes with detailed German instructions); the version that I got came with a sheet of English instructions that weren't as detailed. The instructions say to push the copper tube through the cork platform and "bend the tube at a 90-degree angle"; however if you just try bending the tube, it will probably crimp and create a hole, making it useless. To bend the tube so that it curves gradually, place your thumb on the cork next to where the tube protrudes, and use the fingers of your other hand to gently push the tube so that curves around your thumb. (This is spelled out in the original German instructions.)

Also, the instructions say to fill the copper tube by holding it under running tap water. This didn't work at all for me, since the tube is only about 2mm wide and the surface tension of water makes it hard to "push" it into a tube that small. Fortunately, a straw from a grocery-store juicebox fits perfectly over the other end of the copper tube, so if you submerge the other end in water, you can suck on the straw to fill the tube that way. (It's just copper after all, not lead.)

Finally, if you leave the cork floating in water too long, it eventually gets waterlogged and sinks, and as far as I can tell it's very hard to dry it out and bring it back to its original buoyancy. The workarounds for this are: (1) to increase the buoyancy, first put another tea light directly into your bowl of water so that it floats, and then lower the top into the water on top of that tea light, which will then help keep the top afloat; and (2) don't leave the top floating in water when not in use.

- - - - - - - - - - - - - - - - - - - -

"Flying F*CK" Remote-Control Helicopter
$20 from ThinkGeek

Again with the ThinkGeek swag; I swear I didn't know.

This is pretty self-explanatory, except I've tried two of them and the product doesn't seem to work too well as an actual remote-control helicopter; one of them couldn't hover in place (its two modes were "shooting up at the ceiling" or "falling"), and with the other, the R/C didn't seem to work through furniture. But that's probably OK since the whole point of this gift is in the giving and not the having.

In my case, I hid it behind a friend's chair at his birthday party, then at the appropriate time gave a speech ending with, "And so I thought, what do I give my friend to mark this occasion? What do I give? After much thought, I decided, this is what I give:..." There followed a dramatic pause where I pressed the "up" control on the remote, and nothing happened, whereupon I muttered, appropriately enough, "Fuck", then wandered over behind my friend's chair, repeated the setup line, pressed the remote button, at which point the copter shot up, banged into a chair and fell to the ground, whereupon for my third attempt I just picked it up and held it on the palm of my hand, pressed the remote, and the copter took flight and finally delivered the punch line, and all was good. If I'm there when he re-gifts it (since we both agreed that was the point of a gift like this), I hope it works better for him.

- - - - - - - - - - - - - - - - - - - -

Falling Sand Sculptures
$13 for the smaller 'Sandscape'; $80 for the larger 'Deep Sea Round'; both available from Educational Innovations

These both make good decorations and shelf widgets. The sand in the Sandscape always falls in more or less the same pattern, since it's pre-determined by the gaps in the shelves holding the sand; the Deep Sea Round is more interesting since the pattern is determined by the placement of air bubbles and varies every time.

Pro tip: water evaporates from both of these, so eventually the water level will drop and the volume of air will increase, getting in the way of the sand flow. The 'Deep Sea Round' comes with a syringe that you can use to draw out air and inject more water into the aperture on the side. The cheaper 'Sandscape' doesn't come with a syringe, but it has a hole in the side where you can use a syringe to inject more water, if you buy the syringe separately.

- - - - - - - - - - - - - - - - - - - -

Galileo Thermometer
$17 for a wood-mounted model from Office Playground; cheaper ones available without wood mounting

Just your basic elegant conversation piece demonstrating the principle that the density of a liquid changes with temperature. Pro tip: If you get the wood mounted one, before emailing the seller to complain that it's not working because all the spheres are bunched together at the wrong end, make sure it's not upside-down. (I realized, before I hit Send, that the felt-covered end goes on the bottom.)

- - - - - - - - - - - - - - - - - - - -

All of the remaining items on this list do exactly what they say they do, with no need for any special instructions not included by the manufacturer, so I'm just going to list them:

Glass Water Faucet — $50 from Uncommon Goods — a nice double optical illusion (faucet suspended in space, and glass-as-water).

Slicked Grandfather Clock — $30-$60 depending on who's selling it.

Tin Can Robot Kit — about $15 from various vendors — my stepdad and I assembled one using one of his beloved Hansen's soda cans.

Mini metal DIY sculptures — the Metal Works sculptures from Innovatoys ($7-$12) take some time to assemble but they come out looking pretty much like the pictures and make good shelf decorations. These Mikro sculptures ($10 and up, also available from Grand Illusions if you're filling your shopping cart there) are a bit easier to assemble since you just have to bend some shapes out from the metal sheet that they're carved from.

Ulexite "Television Stones" — $10 from Educational Innovations — a naturally occuring rock containing thousands of parallel fiber optic strands. Give it as a gift together with a square of patterned fabric so you can see the eerie effect when you place the rock against the fabric and the pattern "magically" appears on the opposite side of the rock.

And finally, if you need a last-minute gag gift for someone, browse through the gum and hand sanitizers from BlueQ.com — they're not geek-themed, but at $5.49 for the hand sanitizers and $1.39 for the gum, you can afford to stock up so you'll have a reserve of gag gifts suited for a variety of different people's tastes (except, of course, good taste).

And those are my favorites for gift-giving season 2012. You can send me suggestions for any items in this category that I've missed; I'll be back for Valentine's Day.

- - - - - - - - - - - - - - - -
Remember, if you have a feature idea, we'd love to hear it.

benrothke writes "It is well known that the password, while the most widespread information security mechanism, is also one of the most insecure. It comes down to the fact that the average person can't create and maintain secure passwords. When it comes to physical locks, the average lock on your home and in your office is equally insecure. How insecure it in? In two fascinating books on the topic, Deviant Ollam writes in Practical Lock Picking, Second Edition: A Physical Penetration Testers Training Guide and Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks that it is really not that difficult. When it comes to information security penetration tests done on the client site, the testers will most often have permission to be inside the facility. On rare occasions, the testers need to find alternative means to gain entrance. Sometimes that means picking the locks." Keep reading to learn if you'll be picking locks soon. Practical Lock Picking, 2nd ed. / Keys to the Kingdom author Deviant Ollam pages 296 / 256 publisher Syngress rating 9/10 reviewer Ben Rothke ISBN 978-1597499897 / 978-1597499835 summary Two excellent books on the fundamentals of lockpicking All of the information in the books is long known to professional locksmiths. For those whose responsibilities include physical security, it is hoped that they are at least at the level of the locksmiths, and have designed their physical security plant accordingly.

Ollam is a member of The Open Organization Of Lockpickers (TOOOL), a group whose goal is to advance the general public knowledge about locks and lock picking. TOOL'S mantra is that the more that people know about lock technology, the better they are capable of understanding how and where certain weaknesses are present. This makes them well-equipped to participate in sport picking endeavors and also helps them simply be better consumers in the marketplace, making decisions based on sound fact and research. In these books, Ollam stays true to that mantra.

The two books have some overlap. Practical Lock Picking is meant as a beginners guide to lock picking, and is intended to be a hands-on guide with hundreds of pictures and diagrams.

Ollam writes in a clear-cut and systematic manner, describing all of the details needed. Nearly every page includes pictures and diagrams to illustrate the point. In 6 easily readable chapters, Ollam covers the core areas needed to gain a comprehensive understanding of the topic of lock picking. By the end of the book, you won't be a locksmith or even close. But for those that have locksmithing in their blood, or want to get greater insights, the book will be a great resource that will help them get there.

Chapter 1 starts the book on the fundamentals of pin tumbler and wafer locks; which are two of the most common types of locks in use. Ollam notes that while there are a multitude of lock designs on the market today produced by many different manufactures, the bulk of these locks are not in widespread use. With that, he notes that if the reader can understand the basics of just a few styles of locks, he is confident that the reader should be open top open with great east at least 75% of the locks they are likely to encounter, and even more as you become more skilled with them.

After the introduction, chapter 2 gets into the basics of lock picking and how to exploit weaknesses that most locks have. Many of these weaknesses are due to errors in the manufacturing process, which the book details. Information security guru has observed that "security is a tax on the honest majority". He writes that security often does not keep that bad guys out. Similarly, insecure physical locks will do little to keep the bad guys out, which Ollam so persuasively writes about.

In chapter 5, Ollam details what he terms quick-entry tricks, which is done via shimming, bumping and bypassing. Lock bumping has gotten a lot of media exposure in the last few years, but has been around for nearly 100 years. Specifically, it is a pin tumbler lock picking technique using a special bump key. Not that there is a universal bump key that can open all locks. Rather the bump key must correspond to the lock in question. Ollam shows that if one has such a key, many of these locks can quickly be compromised.

The book closes with an appendix that provides a list to the types of tools and toolkits necessary to pick locks.

After completing Practical Lock Picking, one should check out Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks, which is a great follow-on reference.

The main difference between the two is that the latter provides a lot of details on impressioning, which is a covert technique to create a usable key for a lock without picking the lock or taking it apart, in addition to some other types of more sophisticated attacks.

Chapter 2 of the book is on soft medium attacks and is particularly fascinating. Ollam writes of mold-and-cast attacks, which is a technique of opening a lock by covertly copying a legitimate key by making a cast of it in a soft material, then using it to imprint and fabricate a working key. Such a technique was used in real-life and detailed in the 1979 movie The First Great Train Robbery. Ollam writes how the movie was very true to the methods and technology available at that time, when the train robbery occurred in the 1850's.

The chapter walks the reader through the Quick-Key duplication kit method, in which most common key forms can be replicated with the kits molding and casting forms. The kit Ollam references is for the serious student of the craft, as it costs over $700- and can only be purchased from a firm in Germany.

Chapter 3 on master-keyed systems is particularly interesting as Ollam shows how a master key privilege escalation attack can often be easily done. Master-key systems make the logistics of granting access easier. But with that ease of use, comes the potential for abuse, as that single key will now have global access to the physical site.

Ollam writes that dedicated attackers who have the ability to spend a bit of time will often have the ability to compromise the code for the top master key (the one with the most access privileges) in nearly all master-keyed systems, even with only a small amount of preliminary information and a small number of blank keys.

In the same way that passwords often provide very little network security, Keys to the Kingdom shows that much of the security provided by physical locks is an illusion, given the ease at which these keys can be manipulated and copied.

Practical Lock Picking, Second Edition: A Physical Penetration Testers Training Guide is a great introduction to the topic of lock picking, while Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks takes that base knowledge and builds upon.

For those who perform physical penetration testing, these two books will prove to be invaluable. For those that simply want to understand what their locks are and aren't doing, they will find these to be a fascinating read.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Practical Lock Picking, Second Edition: A Physical Penetration Testers Training Guide and Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

benrothke writes "It is well known that the password, while the most widespread information security mechanism, is also one of the most insecure. It comes down to the fact that the average person can't create and maintain secure passwords. When it comes to physical locks, the average lock on your home and in your office is equally insecure. How insecure it in? In two fascinating books on the topic, Deviant Ollam writes in Practical Lock Picking, Second Edition: A Physical Penetration Testers Training Guide and Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks that it is really not that difficult. When it comes to information security penetration tests done on the client site, the testers will most often have permission to be inside the facility. On rare occasions, the testers need to find alternative means to gain entrance. Sometimes that means picking the locks." Keep reading to learn if you'll be picking locks soon. Practical Lock Picking, 2nd ed. / Keys to the Kingdom author Deviant Ollam pages 296 / 256 publisher Syngress rating 9/10 reviewer Ben Rothke ISBN 978-1597499897 / 978-1597499835 summary Two excellent books on the fundamentals of lockpicking All of the information in the books is long known to professional locksmiths. For those whose responsibilities include physical security, it is hoped that they are at least at the level of the locksmiths, and have designed their physical security plant accordingly.

Ollam is a member of The Open Organization Of Lockpickers (TOOOL), a group whose goal is to advance the general public knowledge about locks and lock picking. TOOL'S mantra is that the more that people know about lock technology, the better they are capable of understanding how and where certain weaknesses are present. This makes them well-equipped to participate in sport picking endeavors and also helps them simply be better consumers in the marketplace, making decisions based on sound fact and research. In these books, Ollam stays true to that mantra.

The two books have some overlap. Practical Lock Picking is meant as a beginners guide to lock picking, and is intended to be a hands-on guide with hundreds of pictures and diagrams.

Ollam writes in a clear-cut and systematic manner, describing all of the details needed. Nearly every page includes pictures and diagrams to illustrate the point. In 6 easily readable chapters, Ollam covers the core areas needed to gain a comprehensive understanding of the topic of lock picking. By the end of the book, you won't be a locksmith or even close. But for those that have locksmithing in their blood, or want to get greater insights, the book will be a great resource that will help them get there.

Chapter 1 starts the book on the fundamentals of pin tumbler and wafer locks; which are two of the most common types of locks in use. Ollam notes that while there are a multitude of lock designs on the market today produced by many different manufactures, the bulk of these locks are not in widespread use. With that, he notes that if the reader can understand the basics of just a few styles of locks, he is confident that the reader should be open top open with great east at least 75% of the locks they are likely to encounter, and even more as you become more skilled with them.

After the introduction, chapter 2 gets into the basics of lock picking and how to exploit weaknesses that most locks have. Many of these weaknesses are due to errors in the manufacturing process, which the book details. Information security guru has observed that "security is a tax on the honest majority". He writes that security often does not keep that bad guys out. Similarly, insecure physical locks will do little to keep the bad guys out, which Ollam so persuasively writes about.

In chapter 5, Ollam details what he terms quick-entry tricks, which is done via shimming, bumping and bypassing. Lock bumping has gotten a lot of media exposure in the last few years, but has been around for nearly 100 years. Specifically, it is a pin tumbler lock picking technique using a special bump key. Not that there is a universal bump key that can open all locks. Rather the bump key must correspond to the lock in question. Ollam shows that if one has such a key, many of these locks can quickly be compromised.

The book closes with an appendix that provides a list to the types of tools and toolkits necessary to pick locks.

After completing Practical Lock Picking, one should check out Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks, which is a great follow-on reference.

The main difference between the two is that the latter provides a lot of details on impressioning, which is a covert technique to create a usable key for a lock without picking the lock or taking it apart, in addition to some other types of more sophisticated attacks.

Chapter 2 of the book is on soft medium attacks and is particularly fascinating. Ollam writes of mold-and-cast attacks, which is a technique of opening a lock by covertly copying a legitimate key by making a cast of it in a soft material, then using it to imprint and fabricate a working key. Such a technique was used in real-life and detailed in the 1979 movie The First Great Train Robbery. Ollam writes how the movie was very true to the methods and technology available at that time, when the train robbery occurred in the 1850's.

The chapter walks the reader through the Quick-Key duplication kit method, in which most common key forms can be replicated with the kits molding and casting forms. The kit Ollam references is for the serious student of the craft, as it costs over $700- and can only be purchased from a firm in Germany.

Chapter 3 on master-keyed systems is particularly interesting as Ollam shows how a master key privilege escalation attack can often be easily done. Master-key systems make the logistics of granting access easier. But with that ease of use, comes the potential for abuse, as that single key will now have global access to the physical site.

Ollam writes that dedicated attackers who have the ability to spend a bit of time will often have the ability to compromise the code for the top master key (the one with the most access privileges) in nearly all master-keyed systems, even with only a small amount of preliminary information and a small number of blank keys.

In the same way that passwords often provide very little network security, Keys to the Kingdom shows that much of the security provided by physical locks is an illusion, given the ease at which these keys can be manipulated and copied.

Practical Lock Picking, Second Edition: A Physical Penetration Testers Training Guide is a great introduction to the topic of lock picking, while Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks takes that base knowledge and builds upon.

For those who perform physical penetration testing, these two books will prove to be invaluable. For those that simply want to understand what their locks are and aren't doing, they will find these to be a fascinating read.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Practical Lock Picking, Second Edition: A Physical Penetration Testers Training Guide and Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

benrothke writes "It is well known that the password, while the most widespread information security mechanism, is also one of the most insecure. It comes down to the fact that the average person can't create and maintain secure passwords. When it comes to physical locks, the average lock on your home and in your office is equally insecure. How insecure it in? In two fascinating books on the topic, Deviant Ollam writes in Practical Lock Picking, Second Edition: A Physical Penetration Testers Training Guide and Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks that it is really not that difficult. When it comes to information security penetration tests done on the client site, the testers will most often have permission to be inside the facility. On rare occasions, the testers need to find alternative means to gain entrance. Sometimes that means picking the locks." Keep reading to learn if you'll be picking locks soon. Practical Lock Picking, 2nd ed. / Keys to the Kingdom author Deviant Ollam pages 296 / 256 publisher Syngress rating 9/10 reviewer Ben Rothke ISBN 978-1597499897 / 978-1597499835 summary Two excellent books on the fundamentals of lockpicking All of the information in the books is long known to professional locksmiths. For those whose responsibilities include physical security, it is hoped that they are at least at the level of the locksmiths, and have designed their physical security plant accordingly.

Ollam is a member of The Open Organization Of Lockpickers (TOOOL), a group whose goal is to advance the general public knowledge about locks and lock picking. TOOL'S mantra is that the more that people know about lock technology, the better they are capable of understanding how and where certain weaknesses are present. This makes them well-equipped to participate in sport picking endeavors and also helps them simply be better consumers in the marketplace, making decisions based on sound fact and research. In these books, Ollam stays true to that mantra.

The two books have some overlap. Practical Lock Picking is meant as a beginners guide to lock picking, and is intended to be a hands-on guide with hundreds of pictures and diagrams.

Ollam writes in a clear-cut and systematic manner, describing all of the details needed. Nearly every page includes pictures and diagrams to illustrate the point. In 6 easily readable chapters, Ollam covers the core areas needed to gain a comprehensive understanding of the topic of lock picking. By the end of the book, you won't be a locksmith or even close. But for those that have locksmithing in their blood, or want to get greater insights, the book will be a great resource that will help them get there.

Chapter 1 starts the book on the fundamentals of pin tumbler and wafer locks; which are two of the most common types of locks in use. Ollam notes that while there are a multitude of lock designs on the market today produced by many different manufactures, the bulk of these locks are not in widespread use. With that, he notes that if the reader can understand the basics of just a few styles of locks, he is confident that the reader should be open top open with great east at least 75% of the locks they are likely to encounter, and even more as you become more skilled with them.

After the introduction, chapter 2 gets into the basics of lock picking and how to exploit weaknesses that most locks have. Many of these weaknesses are due to errors in the manufacturing process, which the book details. Information security guru has observed that "security is a tax on the honest majority". He writes that security often does not keep that bad guys out. Similarly, insecure physical locks will do little to keep the bad guys out, which Ollam so persuasively writes about.

In chapter 5, Ollam details what he terms quick-entry tricks, which is done via shimming, bumping and bypassing. Lock bumping has gotten a lot of media exposure in the last few years, but has been around for nearly 100 years. Specifically, it is a pin tumbler lock picking technique using a special bump key. Not that there is a universal bump key that can open all locks. Rather the bump key must correspond to the lock in question. Ollam shows that if one has such a key, many of these locks can quickly be compromised.

The book closes with an appendix that provides a list to the types of tools and toolkits necessary to pick locks.

After completing Practical Lock Picking, one should check out Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks, which is a great follow-on reference.

The main difference between the two is that the latter provides a lot of details on impressioning, which is a covert technique to create a usable key for a lock without picking the lock or taking it apart, in addition to some other types of more sophisticated attacks.

Chapter 2 of the book is on soft medium attacks and is particularly fascinating. Ollam writes of mold-and-cast attacks, which is a technique of opening a lock by covertly copying a legitimate key by making a cast of it in a soft material, then using it to imprint and fabricate a working key. Such a technique was used in real-life and detailed in the 1979 movie The First Great Train Robbery. Ollam writes how the movie was very true to the methods and technology available at that time, when the train robbery occurred in the 1850's.

The chapter walks the reader through the Quick-Key duplication kit method, in which most common key forms can be replicated with the kits molding and casting forms. The kit Ollam references is for the serious student of the craft, as it costs over $700- and can only be purchased from a firm in Germany.

Chapter 3 on master-keyed systems is particularly interesting as Ollam shows how a master key privilege escalation attack can often be easily done. Master-key systems make the logistics of granting access easier. But with that ease of use, comes the potential for abuse, as that single key will now have global access to the physical site.

Ollam writes that dedicated attackers who have the ability to spend a bit of time will often have the ability to compromise the code for the top master key (the one with the most access privileges) in nearly all master-keyed systems, even with only a small amount of preliminary information and a small number of blank keys.

In the same way that passwords often provide very little network security, Keys to the Kingdom shows that much of the security provided by physical locks is an illusion, given the ease at which these keys can be manipulated and copied.

Practical Lock Picking, Second Edition: A Physical Penetration Testers Training Guide is a great introduction to the topic of lock picking, while Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks takes that base knowledge and builds upon.

For those who perform physical penetration testing, these two books will prove to be invaluable. For those that simply want to understand what their locks are and aren't doing, they will find these to be a fascinating read.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Practical Lock Picking, Second Edition: A Physical Penetration Testers Training Guide and Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

kfogel writes "Two thumbs up, and maybe a tentacle too, on Version Control with Git, 2nd Edition by Jon Loeliger and Matthew McCullough. If you are a working programmer who wants to learn more about Git, particularly a programmer familiar with a Unix-based development environment, then this is the book for you, hands down (tentacles down too, please)." Read below for the rest of Karl's review. Version Control with Git, 2nd Edition author Jon Loeliger, Matthew McCullough pages 456 publisher O'Reilly Media rating Very good. reviewer Karl Fogel ISBN 978-1-4493-1638-9 summary Using the Git version control system for collaborative programming. There's a catch. You have to read the book straight through, from front to back. If you try to skip around, or just read the parts you feel you need, you'll probably be frustrated, because — exaggerating, but only slightly — every part of the book is linked to every other part. Perhaps if you're already expert in Git and merely want a quick reminder about something, it would work, but in that case you're more likely to do a web search anyway. For the rest of us, taking the medicine straight and for the full course is the only way. To some degree, this may have been forced on the authors by Git's inherent complexity and the interdependency of its basic concepts, but it does make this book unusual among technical guides. A common first use case, cloning a repository from somewhere else, isn't even covered until Chapter 12, because understanding what cloning really means requires so much background.

Like most readers, I'm an everyday user of Git but not at all an expert. Even this everyday use is enough to make me appreciate the scale of the task faced by the authors. On more than one occasion, frustrated by some idiosyncrasy, I've cursed that Git is a terrific engine surrounded by a cloud of bad decisions. The authors might not put it quite so strongly, but they clearly recognize Git's inconsistencies (the footnote on p. 47 is one vicarious acknowledgment) and they gamely enter the ring anyway. As with wrestling a bear, the question is not "Did they win?" but "How long did they last?"

For the most part, they more than hold their own. You can sometimes sense their struggle over how to present the information, and one of the book's weaknesses is a tendency to fall too quickly into implementation-driven presentation after a basic concept has been introduced. The explanation of cloning on p. 197 is one example: the jump from the basics to Git-specific terminology and repository details is abrupt, and forces the reader to either mentally cache terms and references in hope of later resolution, or to go back and look up a technical detail that was introduced many pages ago and is suddenly relevant again[1]. On the other hand, it is one of the virtues of the book that these checks can almost always be cashed: the authors accumulate unusual amounts of presentational debt as they go (in some cases unnecessarily), but if you're willing to maintain the ledger in your head, it all gets repaid in the end. Your questions will generally be answered[2], just not in the order nor at the time you had them. This isn't a book you can read for relaxation; give it your whole mind and you shall receive enlightenment in due proportion.

The book begins with a few relatively light chapters on the history of Git and on basic installation and local usage, all of which are good, but in a sense its real start is Chapters 4-6, which cover basic concepts, the Git "index" (staging area), and commits. These chapters, especially Chapter 4, are essentially a design overview of Git, and they go deep enough that you could probably re-implement much of Git based just on them. It requires a leap of faith to believe that all this material will be needed throughout the rest of the book, but it will, and you shouldn't move on until you feel secure with everything there.

From that point on, the book is at its best, giving in-depth explanations of well-bounded areas of Git's functionality. The chapter on git diff tells you everything you need to know, starting with an excellent overview and then presenting the details in a well-thought-out order, including an especially good annotated running example starting on p. 112. Similarly, the branching and merging chapters ensure that you will come out understanding how branches are central to Git and how to handle them, and the explanations build well on earlier material about Git's internal structure, how commit objects are stored, etc. (Somewhere around p. 227 my eyes finally glazed over in the material about manipulating tracking branches: I thought "if I ever need this, I know where to find it". Everyone will probably have that reaction at various points in the book, and the authors seem to have segregated some material with that in mind.) The chapter-level discussions on how to use Git with Subversion repositories, on the git stash command, on using GitHub, and especially on different strategies for assembling multi-source projects using Git, are all well done and don't shirk on examples nor on technical detail. Given the huge topic space the authors had to choose from, their prioritizations are intelligently made and obviously reflective of long experience using Git.

Another strength is the well-placed tips throughout the book. These are sometimes indented and marked with the (oddly ominous, or is that just me?) O'Reilly paw print tip graphic, and sometimes given in-line. Somehow the tips always seem to land right where you're most likely to be thinking "I wish there were a way to do X"; again, this must be due to the author's experience using Git in the real world, and readers who use Git on a daily basis will appreciate it. The explanation of --assume-unchanged on p. 382 appeared almost telepathically just as I was about to ask how to do that, for example. Furthermore, everything they saved for the "Advanced Manipulations" and "Tips, Tricks, and Techniques" chapters is likely to be useful at some point. Even if you don't remember the details of every tip, you'll remember that it was there, and know to go looking for it later when you need it (so it might be good to get an electronic copy of the book).

If there's a serious complaint to be made, it's that with a bit more attention the mental burden on the reader could have been reduced in many places. To pick a random example, in the "Branches" chapter on p. 90, the term "topic branch" is defined for the first time, but it was already used in passing on p. 68 (with what seems to be an assumption that the reader already knew the term) and again on pp. 80-81 (this time compounding the confusion with an example branch named "topic"). There are many similar instances of avoidable presentational debt; usually they are only distractions rather than genuine impediments to understanding, but they make the book more work than it needs to be. There are also sometimes ambiguous or not-quite-precise-enough statements that will cause the alert reader — which is the only kind this book really serves — to pause and have to work out what the authors must have meant (a couple of examples: "Git does not track file or directory names" on p. 34, or the business about patch line counts at the top of p. 359). Again, these can usually be resolved quickly, or ignored, without damage to overall understanding, but things would go a little bit more smoothly had they been worded differently.

Starting around p. 244 is a philosophical section that I found less satisfying than the technical material. It makes sense to discuss the distinction between committing and publishing, the idea that there are multiple valid histories, and the idea that the "central" repository is purely a social construct. But at some point the discussion starts to veer into being a different book, one about patterns for using Git to manage multi-developer projects and about software development generally, before eventually veering back. Such material could be helpful, but then it might have been better to offer a shallower overview of more patterns, rather than a tentative dive into the "Maintainer/Developer" pattern, which is privileged here beyond its actual prominence in software development. (This is perhaps a consequence of the flagship Git project, the Linux kernel, happening to use that pattern — but Linux is unusual in many ways, not just that one.)

The discussion of forking and of the term "fork", first from p. 259 and reiterated from p. 392, is confusing in several ways. It first uses the term as though it has no historical baggage, then later takes that historical baggage for granted, then finally describes the baggage but misunderstands it by failing to distinguish clearly between a social fork (a group of developers trying to persuade users and other developers to abandon one version and join another), which is a major event, and a feature fork (that is, a branch that happens to be in another repository), which is a non-event and which is all that sites like GitHub mean by forking. The two concepts are very different; to conflate them just because the word "fork" is now used for both is thinking with words, and doesn't help the reader understand what's going on. I raise this example in particular because I was surprised that the authors who had written so eloquently about the significance of social conventions elsewhere would give such an unsatisfactory explanation of this one.

Somewhat surprisingly, the authors don't review or even mention the many sources of online help about Git, such as the #git IRC channel at Freenode, the user discussion groups, wikis, etc. While most users can probably find those things quickly with a web search, it would have been good to point out their existence and maybe make some recommendations. Also, the book only covers installation of Git on GNU/Linux and MS Windows systems, with no explicit instructions for Mac OS X, the *BSD family, etc (however, the authors acknowledge this and rightly point out that the differences among Unix variants are not likely to be a showstopper for anyone).

But this is all carping. The book's weaknesses are minor, its strengths major. Any book on so complicated a topic is bound to cause disagreements about presentation strategy and even about philosophical questions. The authors write well, they must have done cubic parsecs of command testing to make sure their examples were correct, they respect the reader enough to dive deeply into technical details when the details are called for, and they take care to describe the practical scenarios in which a given feature is most likely to be useful. Its occasional organizational issues notwithstanding, this book is exactly what is needed by the everyday Git user who wants to know more — and is willing to put in the effort required to get there. I will be using my copy for a long time.

Footnotes

[1] One of my favorite instances of this happened with the term "fast-forward". It was introduced on p. 140, discussed a little but with no mention of a "safety check", then not used again until page 202, which says: "If present, the plus sign indicates that the normal fast-forward safety check will not be performed during the transfer." If your memory is as bad as mine, you might at that point have felt like you were suddenly reading the owner's manual for an early digital wristwatch circa 1976.

[2] Though not absolutely always: one of the few completely dangling references in the book is to "smudge/clean filters" on p. 294. At first I thought it must be a general computer science term that I didn't know, but it appears to be Git-specific terminology. Happy Googling.

[3] (This is relegated to a floating footnote because it's probably not relevant to most readers.) The book discusses other version control systems a bit, for historical perspective, and is not as factually careful about them as it is about Git. I've been a developer on both CVS and Subversion, so the various incorrect assertions, especially about Subversion, jumped out at me (pp. 2-3, p. 120, pp. 319-320). Again, this shouldn't matter for the intended audience. Don't come to this book to learn about Subversion; definitely come to it to learn about Git.

[4] As long as we're having floating footnotes, here's a footnote about a footnote: on p. 337, why not just say "Voltaire"?

[5] Finally, I categorically deny accusations that I gave a positive review solely because at least one of the authors is a fellow Emacs fanatic (p. 359, footnote). But it didn't hurt.

You can purchase Version Control with Git: Powerful tools and techniques for collaborative software development from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

benrothke writes "Advanced persistent threat (APT) is one of the most common information security terms used today and it is an undeniably real and dangerous menace. Wikipedia notes that APT's usually refer to a group, such as a foreign government, with both the capability and the intent to persistently and effectively target a specific entity. The term is commonly used to refer to cyber threats, in particular that of Internet-enabled espionage using a variety of intelligence gathering techniques to access sensitive information, but applies equally to other threats such as that of traditional espionage or attack. Every organization of size and scope is a target, and many of the world's largest firms and governments have been victims. In Reverse Deception: Organized Cyber Threat Counter-Exploitation, Dr. Max Kilger and his co-authors provide an effective counterintelligence approach in which to deal with APT. The good news is that the authors provide an effective framework. The bad news is that creating an effective defense is not an easy undertaking." Keep reading below for the rest of Ben's review. Reverse Deception: Organized Cyber Threat Counter-Exploitation author Sean Bodmer, Dr. Max Kilger , Gregory Carpenter , Jade Jones pages 464 publisher McGraw-Hill Osborne Media rating 9/10 reviewer Ben Rothke ISBN 978-0071772495 summary Excellent reference in which to deal with advanced persistent threats When it comes to APT, the de facto perpetrator is China. The book shows how to pursue and hopefully prosecute the perpetrator. But that begs the questions, how many firms can realistically defend themselves against an adversary like China, RBN or nation state?

In the introduction, the authors note that deception is about behavior, both induced in the adversary and undertaken by the deceiver to exploit it. To deceive, the authors write, it is not sufficient to induce belief in the adversary; it is necessary also to prepare and execute the exploitation of resultant behavior. Once again, preparation and execution against a nation state is not a small endeavor.

Chapter 1 (available free here) sets the stage for the rest of the book and provides an overview of the topic and some examples of advanced and persistent threats, including Stuxnet, Operation Aurora, the RBN and more.

Being the biggest of all APT, China takes center stage in chapter 2 – What is Deception? That is nothing new as China has successful used deception for the last 2,000 years. China is referenced heavily in the book due to their extreme confidence and success in executing deception.

Chapter 3 – Cyber Counterintelligence(CI) details how to use CI to find the cyber-adversaries. The chapter provides both the basic investigative and operational techniques and tools, in addition to detailing how to use legal counsel to ensure that what you are doing is legal.

Chapter 5 gets into much more of the details around the legal issues, and what you can and can't do to your adversary. The chapter provides an excellent overview of how to quantify which persistent threats are the most dangerous. It provides nine areas to rank, in order to use as a metric to weight each and every threat.

By the time the reader gets to chapter 4 on profiling, they will likely be overwhelmed by the amount of work necessary to implement an effective cyber CI program, which is indeed the case. The amount of time to develop an APT program is for the most part unfeasible for most organizations. While the book does not get into the budgetary issues; CIO's, CISO's and other IT managers will likely have a difficult time getting any sort of budget to fund an APT program.

Part of the issue is that many firms don't have an effective IPS in place to they won't even know they are being attacked. In the majority of cases, the APT intrusion is not even discovered by the firm, rather an outside entity who notifies them. What is worse is the fact that in many cases, APT malware has been on the victim network often for years undetected.

In addition, in the same way in which people who are scammed once are often repeatedly scammed again; companies that are victims of an APT will often be repeat victims since the perpetrators may share that information with others.

A few of the authors have military and law enforcement background, which adds to their expertise and insights.

The book is meant to be used to pursue and prosecute the perpetrators of APT. With the exception of the military and a few Fortune 50 companies, the odds of effectively prosecuting APT perpetrators is quite small. Notwithstanding that difficulty, organizations misunderstand that they are under attack, and at least have some plan to assess their vulnerabilities.

This book is mainly an introduction to the topic, but does not provide a comprehensive strategy on how to implement an APT program. Such a reference would need to be at least a few times larger than this work.

There is a web site for the book, but it does not really do more than redirect you to Amazon and Barnes and Noble. Matthijs Koot has a detailed review of the book where he took the time to detail the hyperlinks to source the books web page should have had.

Reverse Deception: Organized Cyber Threat Counter-Exploitation may be overkill for most organization, but is nonetheless a necessary read to truly understand the danger.

For anyone looking to understand what APT's are and how to deal with them, the book provides a comprehensive and unparalleled overview of the topic by experts in the field.

If nothing else, the book provides the reader with an appreciation for how dedicated the perpetrators behind APT are. They are smart, sophisticated, have governments and military agencies on their side and they are numerous. One of the many challenges of dealing with the Chinese APT is that China can easily throw tens of thousands of highly-trained and sophisticated attackers at a target in the US, while the target may only be able to muster a few people to provide a cyber-defense.

One of the most important things to take from the book is the third word in the title – organized. Those carrying out APT are highly organized, prepared and meticulous. They often do things in a slow methodical manner to avoid detection. The book provides a detailed methodology to deal with such adversaries.

The downside is that the victim companies themselves lack that organization. Defending against APT requires much more than simply reading this invaluable text. It requires management support, budget, effective tools and a highly trained staff to correctly use those tools. The great advice in the book won't be of assistance if the team deployed does not know how to correctly use them.

While you will likely be outnumbered and outgunned when it comes to APT defense, Reverse Deception: Organized Cyber Threat Counter-Exploitation is a fascinating reference that ensures you won't go down without a fight.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Reverse Deception: Organized Cyber Threat Counter-Exploitation from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

benrothke writes "Advanced persistent threat (APT) is one of the most common information security terms used today and it is an undeniably real and dangerous menace. Wikipedia notes that APT's usually refer to a group, such as a foreign government, with both the capability and the intent to persistently and effectively target a specific entity. The term is commonly used to refer to cyber threats, in particular that of Internet-enabled espionage using a variety of intelligence gathering techniques to access sensitive information, but applies equally to other threats such as that of traditional espionage or attack. Every organization of size and scope is a target, and many of the world's largest firms and governments have been victims. In Reverse Deception: Organized Cyber Threat Counter-Exploitation, Dr. Max Kilger and his co-authors provide an effective counterintelligence approach in which to deal with APT. The good news is that the authors provide an effective framework. The bad news is that creating an effective defense is not an easy undertaking." Keep reading below for the rest of Ben's review. Reverse Deception: Organized Cyber Threat Counter-Exploitation author Sean Bodmer, Dr. Max Kilger , Gregory Carpenter , Jade Jones pages 464 publisher McGraw-Hill Osborne Media rating 9/10 reviewer Ben Rothke ISBN 978-0071772495 summary Excellent reference in which to deal with advanced persistent threats When it comes to APT, the de facto perpetrator is China. The book shows how to pursue and hopefully prosecute the perpetrator. But that begs the questions, how many firms can realistically defend themselves against an adversary like China, RBN or nation state?

In the introduction, the authors note that deception is about behavior, both induced in the adversary and undertaken by the deceiver to exploit it. To deceive, the authors write, it is not sufficient to induce belief in the adversary; it is necessary also to prepare and execute the exploitation of resultant behavior. Once again, preparation and execution against a nation state is not a small endeavor.

Chapter 1 (available free here) sets the stage for the rest of the book and provides an overview of the topic and some examples of advanced and persistent threats, including Stuxnet, Operation Aurora, the RBN and more.

Being the biggest of all APT, China takes center stage in chapter 2 – What is Deception? That is nothing new as China has successful used deception for the last 2,000 years. China is referenced heavily in the book due to their extreme confidence and success in executing deception.

Chapter 3 – Cyber Counterintelligence(CI) details how to use CI to find the cyber-adversaries. The chapter provides both the basic investigative and operational techniques and tools, in addition to detailing how to use legal counsel to ensure that what you are doing is legal.

Chapter 5 gets into much more of the details around the legal issues, and what you can and can't do to your adversary. The chapter provides an excellent overview of how to quantify which persistent threats are the most dangerous. It provides nine areas to rank, in order to use as a metric to weight each and every threat.

By the time the reader gets to chapter 4 on profiling, they will likely be overwhelmed by the amount of work necessary to implement an effective cyber CI program, which is indeed the case. The amount of time to develop an APT program is for the most part unfeasible for most organizations. While the book does not get into the budgetary issues; CIO's, CISO's and other IT managers will likely have a difficult time getting any sort of budget to fund an APT program.

Part of the issue is that many firms don't have an effective IPS in place to they won't even know they are being attacked. In the majority of cases, the APT intrusion is not even discovered by the firm, rather an outside entity who notifies them. What is worse is the fact that in many cases, APT malware has been on the victim network often for years undetected.

In addition, in the same way in which people who are scammed once are often repeatedly scammed again; companies that are victims of an APT will often be repeat victims since the perpetrators may share that information with others.

A few of the authors have military and law enforcement background, which adds to their expertise and insights.

The book is meant to be used to pursue and prosecute the perpetrators of APT. With the exception of the military and a few Fortune 50 companies, the odds of effectively prosecuting APT perpetrators is quite small. Notwithstanding that difficulty, organizations misunderstand that they are under attack, and at least have some plan to assess their vulnerabilities.

This book is mainly an introduction to the topic, but does not provide a comprehensive strategy on how to implement an APT program. Such a reference would need to be at least a few times larger than this work.

There is a web site for the book, but it does not really do more than redirect you to Amazon and Barnes and Noble. Matthijs Koot has a detailed review of the book where he took the time to detail the hyperlinks to source the books web page should have had.

Reverse Deception: Organized Cyber Threat Counter-Exploitation may be overkill for most organization, but is nonetheless a necessary read to truly understand the danger.

For anyone looking to understand what APT's are and how to deal with them, the book provides a comprehensive and unparalleled overview of the topic by experts in the field.

If nothing else, the book provides the reader with an appreciation for how dedicated the perpetrators behind APT are. They are smart, sophisticated, have governments and military agencies on their side and they are numerous. One of the many challenges of dealing with the Chinese APT is that China can easily throw tens of thousands of highly-trained and sophisticated attackers at a target in the US, while the target may only be able to muster a few people to provide a cyber-defense.

One of the most important things to take from the book is the third word in the title – organized. Those carrying out APT are highly organized, prepared and meticulous. They often do things in a slow methodical manner to avoid detection. The book provides a detailed methodology to deal with such adversaries.

The downside is that the victim companies themselves lack that organization. Defending against APT requires much more than simply reading this invaluable text. It requires management support, budget, effective tools and a highly trained staff to correctly use those tools. The great advice in the book won't be of assistance if the team deployed does not know how to correctly use them.

While you will likely be outnumbered and outgunned when it comes to APT defense, Reverse Deception: Organized Cyber Threat Counter-Exploitation is a fascinating reference that ensures you won't go down without a fight.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Reverse Deception: Organized Cyber Threat Counter-Exploitation from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

MassDosage writes "In a remarkable show of good timing Presentation Patterns turned up on my desk for review within days of me having been asked to give a presentation at a large tech conference. So I decided to read the book as I worked on my presentation and apply any lessons learned as I worked my way through it. The word "patterns" in the book's title will be known to most software developers as a reference to the seminal 'Gang of four' software design patterns book which codified common solutions to software problems. The concept of patterns originated in building architecture with the idea being that by categorizing and naming solutions to problems, a common vocabulary could be built up that allowed practitioners in a certain field to communicate more effectively. This was hugely successful and has spawned the idea of looking for patterns in many other areas which is where this book comes in." Read on for the rest of Mass Dosage's review. Presentation Patterns: Techniques for Crafting Better Presentations author Neal Ford, Matthew McCollough, Nathaniel Schutta pages 265 publisher Addison-Wesley rating 7.5/10 reviewer Mass Dosage ISBN 978-0-321-82080-8 summary Techniques for Crafting Better Presentations Presentation Patterns aims to apply patterns to the task of creating and delivering presentations and for the most part it succeeds. The format of the book is slightly biased towards those in the software industry as the authors all have software backgrounds. However after reading the introduction which explains the rationale behind patterns in general, as well as the specifics of how they are covered, this book should be useful to anyone interested in improving their presentation skills. The book is divided into chapters which follow the timeline of creating a presentation — starting with patterns on preparing a presentation (e.g. "Know your audience" and "Narrative Arc) through to actually building a presentation (e.g. "Defy defaults" and "Infodeck") and ending with patterns related to the final delivery of the presentation (e.g. "Seeding satisfaction" and "Breathing room"). This temporal categorization of patterns is logical and worked very well for me as I could read through a section and apply it to the part of the presentation I was working on at the time before moving on to the next section.

Each pattern is described using a standard format which includes: other names for the pattern; a definition of the pattern; a motivation for why it is relevant; a discussion of where it is applicable as well as the consequences of using it; and a list of related patterns. Because each individual pattern is described in the same way it's easy to compare them and see why and how they should be applied. While patterns give advice on things that one should do, just as important is advice on what not not to do. The authors include plenty of this in the form of "antipatterns" which are described in the same way as patterns, the only difference being that they are things to avoid in a presentation, some examples being "Ant fonts" and "Disowning your topic".

Scattered throughout the book are anecdotes from the authors that describe real world situations where certain patterns were useful and some additional back stories to how they were discovered or applied. These add some welcome variety to the text while also showing that this isn't pure theory but has been derived out of the actual experiences of the authors (all of whom are regulars on the presentations circuit). Presentation Patterns can be read from beginning to end but after an initial read it will probably be even more useful as a reference — particularly by those who present regularly as they can look up information on a specific pattern that is of interest at a particular time.

While a lot of the patterns and antipatterns covered are fairly general and not tied to any particular technology, the authors do assume that most presentations will be created and delivered in a digital format. They try to avoid discussing any specific presentation software but in a few cases they go into more depth and describe how a certain technique would be implemented using Microsoft's Power Point and Apple's Keynote software. I'm a Libre Office user but fortunately most of their descriptions were easy enough to translate to another tool . Having said that, these cases are not the norm and if you are looking for a tutorial or manual on how to build presentations using a certain piece of presentation software then this book is not for you. I got the feeling that the authors were aiming for their advice to be timeless and have tried to describe generalities rather than the specifics of a particular tool.

Presentation Patterns is well written and contains lots of good advice, backed up by concrete examples from the authors' past experiences. A wide variety of patterns are covered and the breadth and the depth of these mean that there should be something relevant for most possible usages. Not every pattern is applicable to every type of presentation so it is up to the reader to understand when and where to apply specific patterns. For example, if your presentation is primarily going to be delivered by e-mail and read by people as opposed to you presenting it in person then certain patterns make more sense than others. The patterns are cross-referenced against each other so you can see how using one might influence the use of another. This is slightly annoying at the beginning when you are not familiar with all of them but as you expand your pattern vocabulary it starts to make a lot more sense.

I finished reading this book at around the same time I completed and then delivered my presentation and I definitely learnt some lessons that, when applied, made my presentation better than it would have been without them. At the end of the day most of the content is common sense and probably won't be that surprising to anyone who has given or viewed presentations in the past but it is still useful to have it all written down in one place. I will definitely use the book again, probably not to read it from cover to cover but more as a checklist and refresher of what to aim for and what to avoid when I work on my next presentation. The patterns format might not be for everyone and will take a bit of getting used to by those for whom it is new but on the whole I think it works very well for this material and would recommend it to anyone hoping to improve how they prepare, create, build and deliver presentations.

Full disclosure: I was given a copy of this book free of charge by the publisher for review purposes. They placed no restrictions on what I could say and left me to be as critical as I wanted so the above review is my own honest opinion.

You can purchase Presentation Patterns: Techniques for Crafting Better Presentations from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Several readers have sent word of a significant Amazon EBS outage. Quoting: "Amazon Web Services has confirmed that its Elastic Block Storage (EBS) service is experiencing degraded service, leading sites across the Internet to experience downtime, including Reddit, Imgur and many others. AWS confirmed on its status page at 2:11 p.m. ET that it is experiencing 'degraded performance for a small number of EBS volumes.' It says the issue is restricted to a single Availability Zone within the US-East-1 Region, which is in Northern Virginia. AWS later reported that its Relational Database Service (Amazon RDS) and its Elastic Beanstalk application plaform also experienced failures on Monday afternoon."

caseyb89 writes "Open source projects Nginx, Railo CMS, and GlusterFS are powering Mars Curiosity's big data crunching. 'Taken together, the combination of cloud and open source enabled the Curiosity mission to provide beautiful images in real time, not months delayed; at high quality, not "good enough" quality. A traditional, proprietary approach would not have been this successful, given the short time to deployment and shifting requirements that necessitated the ultimate in agility and flexibility.'"

benrothke writes "When Bruce Schneier first published Applied Cryptography in 1994, it was a watershed event, given that is was one of the first comprehensive texts on the topic that existed outside of the military. In the nearly 20 years since the book came out, a lot has changed in the world of encryption and cryptography. A number of books have been written to fill that gap and Everyday Cryptography: Fundamental Principles and Applications is one of them. While the title may give the impression that this is an introductory text; that is not the case. Author Keith Martin is the director of the information security group at Royal Holloway, a division of the University of London, and the book is meant for information security professionals in addition to being used as a main reference for a principles of cryptography course. The book is also a great reference for those studying for the CISSP exam." Read below for the rest of Ben's review. Everyday Cryptography: Fundamental Principles and Applications author Keith M. Martin pages 592 publisher Oxford University Press rating 9/10 reviewer Ben Rothke ISBN 978-0199695591 summary Excellent fundamental text on essentials of cryptography While the book notes that almost no prior knowledge of mathematics is required since the book deliberately avoids the details of the mathematical techniques underpinning cryptographic mechanisms. That might be a bit of a misnomer as the book does get into the mathematics of cryptography. While the mathematics in the book is not overwhelming, they are certainly not underwhelming. For those that want a deeper look, the book includes an appendix for many of the mathematical concepts detailed in the book.

Two benefits of the book are that it stresses practical aspects of cryptography and real-world scenarios. The mathematics detailed avoids number throaty with a focus on practicability. It also shows how cryptography is used as the underlying technology behind information security, rather than simply focusing on the abstracts of the potential of cryptography.

With that, the books 13 (made up of 4 parts) chapters provide a comprehensive overview of the theory and practice around all as aspects of contemporary cryptography. Each of the chapters end with a summary, detailed lists of items for further reading, and sets of penetration questions that challenge the reader. Readers are advised to spend time on these questions as it is often easy for the reader to feel that they understand the material. The questions can quickly humble the reader and show them that it may not be the case.

Part 1 is titled Setting the Scene and provides a comprehensive introduction to the fundamental of cryptography. Chapter 1 (freely available here) details the basic principles about cryptography and provides a high-level introduction.

Chapter 2 provides a good overview of the history of cryptography. It details a number of obsolete, yet historically relevant ciphers, such as the Vigenère cipher from the 1500's, to the Playfair cipher from the mid-1800's and others. Martin provides a good overview of the cryptanalysis of the Vigenère cipher and lessons learned from it.

Chapters 4-9 comprise part 2, and provide a thorough overview of the various forms of encryption (symmetric and asymmetric) and digital signatures. This section gets into some of the deeper mathematics of cryptography. While the author states that almost no prior knowledge of mathematics is needed; those without a background will surely be confused by some of the material.

Chapter 7 closes with a good overview of the relationship between digital signatures and handwritten signatures. The author notes the importance of resisting any temptation to consider digital signatures as a direct electronic equivalent of handwritten signatures. He then provides a detailed outline of the environmental, security, practical and flexibility differences between them.

Key management is one of the most important aspects of cryptography and often the most difficult to execute on. Part of the difficulty around key management is at the user level, with key updates, passphrase management and more. Ultimately, effective key management is essential to the underlying security of the crypto system. The 2 chapters in part 3 provide a thorough synopsis of the fundamentals of key management.

Part 4 closes the book with two chapters on practical cryptographic applications. Chapter 12 details how cryptography can be used on the internet, secure payment cards, video broadcasting and more.

The book concludes with an appendix on the mathematics of cryptography, which takes a look at the basic mathematical concepts the underlie some of the material in the book.

This book is not for the fainthearted and is not an introductory text on the topic. It is meant for the advanced reader or someone taking a college level course. For such a reader serious about a significant overview of the essentials on the topic, Everyday Cryptography: Fundamental Principles and Applications is an excellent reference.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Everyday Cryptography: Fundamental Principles and Applications from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

benrothke writes "When Bruce Schneier first published Applied Cryptography in 1994, it was a watershed event, given that is was one of the first comprehensive texts on the topic that existed outside of the military. In the nearly 20 years since the book came out, a lot has changed in the world of encryption and cryptography. A number of books have been written to fill that gap and Everyday Cryptography: Fundamental Principles and Applications is one of them. While the title may give the impression that this is an introductory text; that is not the case. Author Keith Martin is the director of the information security group at Royal Holloway, a division of the University of London, and the book is meant for information security professionals in addition to being used as a main reference for a principles of cryptography course. The book is also a great reference for those studying for the CISSP exam." Read below for the rest of Ben's review. Everyday Cryptography: Fundamental Principles and Applications author Keith M. Martin pages 592 publisher Oxford University Press rating 9/10 reviewer Ben Rothke ISBN 978-0199695591 summary Excellent fundamental text on essentials of cryptography While the book notes that almost no prior knowledge of mathematics is required since the book deliberately avoids the details of the mathematical techniques underpinning cryptographic mechanisms. That might be a bit of a misnomer as the book does get into the mathematics of cryptography. While the mathematics in the book is not overwhelming, they are certainly not underwhelming. For those that want a deeper look, the book includes an appendix for many of the mathematical concepts detailed in the book.

Two benefits of the book are that it stresses practical aspects of cryptography and real-world scenarios. The mathematics detailed avoids number throaty with a focus on practicability. It also shows how cryptography is used as the underlying technology behind information security, rather than simply focusing on the abstracts of the potential of cryptography.

With that, the books 13 (made up of 4 parts) chapters provide a comprehensive overview of the theory and practice around all as aspects of contemporary cryptography. Each of the chapters end with a summary, detailed lists of items for further reading, and sets of penetration questions that challenge the reader. Readers are advised to spend time on these questions as it is often easy for the reader to feel that they understand the material. The questions can quickly humble the reader and show them that it may not be the case.

Part 1 is titled Setting the Scene and provides a comprehensive introduction to the fundamental of cryptography. Chapter 1 (freely available here) details the basic principles about cryptography and provides a high-level introduction.

Chapter 2 provides a good overview of the history of cryptography. It details a number of obsolete, yet historically relevant ciphers, such as the Vigenère cipher from the 1500's, to the Playfair cipher from the mid-1800's and others. Martin provides a good overview of the cryptanalysis of the Vigenère cipher and lessons learned from it.

Chapters 4-9 comprise part 2, and provide a thorough overview of the various forms of encryption (symmetric and asymmetric) and digital signatures. This section gets into some of the deeper mathematics of cryptography. While the author states that almost no prior knowledge of mathematics is needed; those without a background will surely be confused by some of the material.

Chapter 7 closes with a good overview of the relationship between digital signatures and handwritten signatures. The author notes the importance of resisting any temptation to consider digital signatures as a direct electronic equivalent of handwritten signatures. He then provides a detailed outline of the environmental, security, practical and flexibility differences between them.

Key management is one of the most important aspects of cryptography and often the most difficult to execute on. Part of the difficulty around key management is at the user level, with key updates, passphrase management and more. Ultimately, effective key management is essential to the underlying security of the crypto system. The 2 chapters in part 3 provide a thorough synopsis of the fundamentals of key management.

Part 4 closes the book with two chapters on practical cryptographic applications. Chapter 12 details how cryptography can be used on the internet, secure payment cards, video broadcasting and more.

The book concludes with an appendix on the mathematics of cryptography, which takes a look at the basic mathematical concepts the underlie some of the material in the book.

This book is not for the fainthearted and is not an introductory text on the topic. It is meant for the advanced reader or someone taking a college level course. For such a reader serious about a significant overview of the essentials on the topic, Everyday Cryptography: Fundamental Principles and Applications is an excellent reference.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Everyday Cryptography: Fundamental Principles and Applications from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael Ross writes "With the advent of graphical user interfaces (GUIs) decades ago, most of the commercially-available software transitioned from command-line usage to point-and-click interfaces, with the majority of these applications completely phasing out all command-line capabilities, or never implementing them in the first place. But for programmers — most of whom are comfortable working on the command line — performing administrative actions within a GUI can become tedious and time-consuming, and there is a growing movement toward adding command-line support back to software development applications. An example of this is Drush, which is a command-line interface for the Drupal content management system. Drush, whose name is derived from "Drupal shell," was originally developed six years ago, and is seeing a resurgence within the Drupal community. However, what appears to be the primary information resource for Drush, the community documentation, currently has a status of "incomplete." Fortunately, there is now a book available that provides more extensive coverage, Drush User's Guide, authored by Requena Juan Pablo Novillo ("juampy"). The book was released by Packt Publishing on 10 April 2012, under the ISBN 978-1849517980. The publisher's page offers descriptions of the book, its table of contents, a brief author biography, the known errata, the example code used in the book, and a free sample chapter (the third one, "Customizing Drush"). This review is based upon a print copy kindly furnished by the publisher; an e-book version is also available." Read below for the rest of Michael's review. Drush User's Guide author Requena Juan Pablo Novillo pages 125 pages publisher Packt Publishing rating 8/10 reviewer Michael J. Ross ISBN 978-1849517980 summary A tutorial on Drupal's CLI. The book comprises 125 pages, mostly grouped into four chapters, which cover how to install, use, customize, and extend Drush. The preface briefly summarizes those chapters, the software needed to use Drush, the target audience of the book, the styling conventions used in the text, and various publisher information. The author states that "Apache 2.0 or higher" is required to use Drush (page 2), but the project's README.txt does not mention this, and Drupal 7 itself runs fine on Apache 1.3; so this requirement is unclear. He also states that "Drush 4 does not support Windows" (page 13); Windows users are instructed to use Drush 5. This seems questionable, since a quick test revealed that Drush 4.5 runs on a Windows XP machine. Admittedly, it always elicits a warning: "Drush 4.x has significant limitations on Windows; it is not advisable to use on that platform. Substantial progress has been made towards supporing [sic] Windows on the 5.x branch; please upgrade."

The first chapter of the Drush User's Guide naturally begins with instructions on how to install Drush on Linux, Mac, and Windows systems. The book's examples use Drush 4.5, even though 5.1 was available at the time of the book's publication, and 5.0 was available a month earlier. Version 4.5 was the last 4.x release, and was probably the latest stable release when the book was being finalized. Throughout the book, all Windows instructions are specific to Windows 7, so any XP straggler will need to modify them as needed. In the "Manual installation" section, the subheads are almost identical in font size to the higher-level subheads, forcing the reader to check the table of contents hierarchy just to see where the manual installation instructions end. But the main problem is that the reader is not given recommendations as to which optional features should or should not be chosen. For instance, if you already have PHP installed on your system, should you decline to have the Drush installer try to add the "Php [sic] Required Runtime," even though it is enabled by default?

The author then shows how to set up a Drush-specific PHP configuration file, in order to bypass potential problems, such as memory limitations in the default configuration file. In the rest of the chapter, he demonstrates how to perform Drush commands (in general), define arguments and options for those commands, create command aliases, and specify which Drupal website any Drush command is supposed to operate upon.

In the second chapter, "Executing Drush Commands," the author shows the reader how to perform a fresh installation of Drupal 7 — including creation of the database and its tables — with just two commands. He introduces the music festival website that will be used throughout the rest of the book for demonstration purposes. At this point, some readers may hit a stumbling block: The "--drupal-project-rename" option used in the text fails on Windows machines (this is a known issue). Presumably the author did not test his suggested commands in a Windows environment. The bulk of the chapter is devoted to introducing numerous Drush commands, including those used to get and set variables, install modules, administer users, back up the database, and many more.

The author notes that "Drush is highly configurable," and in the third chapter he shows the reader how to create custom commands, include their help information in the output of the command "drush help," extend existing commands, run custom PHP scripts, and define site aliases. Readers new to Drupal may find these topics fairly advanced, as they necessitate familiarity with command namespaces, as well as Drupal's hook system, callbacks, and database API. Defining remote site aliases involves SSH and public keys. However, given the flexibility and power of custom Drush functionality, it is arguably worthwhile to make the effort to learn how to do it properly. At the end of the chapter, the reader learns how to use and configure the Drush command-line interface.

The fourth and final chapter, "Extending Drush," discusses how to utilize some of the modules that are integrated with Drush — specifically, Backup and Migrate, Devel, Features, Views, and Module Builder. The chapter concludes with a section on Drush Make, which packages the module information of a Drupal website so it can be re-created using Drush easily.

As with all of the Packt Publishing titles that I have reviewed, this one has a high number of errata relative to the total page count, aside from the seven already reported online (as of this writing): "command line interface" (page 1; "command line" should be hyphenated when used as an adjective), "book title through the subject" (same page; should be "book title in the subject"), "Clear cache" (page 7; should be "Clear all caches"), "follow [the] instructions" (page 13), "close [it] and open [it] again" (page 18), "try and" (page 21; should be "try to"), "change version by something" ("by" should be "to"), "parenthesis" (page 23, twice; should be "parentheses"), "within [the] sites subdirectory" (page 25), "execute commands towards" (page 26; "towards" should be "on"), "MySql's" (page 28; should be "MySQL database's"), "provided with it" (should be "provided it with"), "that resolves" (page 29; should be "resolves"), "First, of all" (page 33), "anoying" (page 48), "Imagine, that" (page 52), "lists [the] latest messages" (page 55), and "altering existing" (page 57; should be "alter existing"). At this point, not yet halfway through the book, I stopped recording errata. The Packt Publishing copyeditors should have spotted and fixed these obvious errors.

Although the author's meaning is invariably clear enough, the writing style is awkward in many places. For instance, "replace by" (page 4) should instead be "replace with," "take the chance to review" (page 41) should be "take the opportunity to review," and "of the flow" (page 55) should be "in the flow." The term "at" is used to indicate "in" a file — e.g., "at the Drush README.txt" (page 9); the same is true for MySQL tables — e.g., "stored at the variable table" (page 30). In addition, countless passages in the text would have benefited from a comma. Conversely, there are some extraneous commas (e.g., on page 43).

Yet the main flaw of the book is the neglect for readers who are using the Windows operating system for building and administering Drupal websites. The aforesaid "--drupal-project-rename" bug likely would have been caught had the Drush pm-download command been tested on a Windows computer. Another example is on page 48, where it is assumed that the command "firefox" will work as a link to the browser's executable on the reader's computer. Also, the ".drush" folder is critical for creating site aliases and other configuration settings; but where will the Windows user find this folder? This Linux partiality could result in Windows readers encountering — and possibly being frustrated by — confusing technical problems.

Nonetheless, the author does a fine job of explaining how to utilize the many Drush commands presented, as well as many of their arguments and options — oftentimes pointing out differences in their usage for Drupal 6 versus Drupal 7. Any Drupal developer interested in learning how to harness the power of a command-line interface for building and administering websites, should find Drush User's Guide a worthwhile tutorial.

Michael J. Ross is a freelance web developer and writer.

You can purchase Drush User's Guide from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

benrothke writes "Today's handheld device is the mainframe of years past. An iPhone 5 with 64 GB of storage and the Apple A6 system-on-a-chip processor has more raw computing power entire data centers had some years ago. With billions of handheld devices in use worldwide, it is imperative that digital forensics investigators and others know how to ensure that the information contained in them, can be legally preserved if needed." Read on for the rest of Ben's review. Digital Forensics for Handheld Devices author Dr. Eamon P. Doherty pages 336 publisher CRC Press rating 8/10 reviewer Ben Rothke ISBN 978-1439898772 summary Valuable reference for digital forensics In Digital Forensics for Handheld Devices, author Eamon Doherty provides an invaluable resource on how one can obtain data, examine it and prepare it as evidence for court. One of the reasons many computer crime cases fail to be prosecuted is that the evidence was not properly handled and could therefore not be admitted into court.

Once of the first things a defense attorney will do in a computer crime case is to attack how the digital evidence was obtained and preserved. In far too many cases, it was done incorrectly and the evidence, no matter that it may be a smoking gun, can't be admitted into court. The case then is dismissed, to the chagrin of the victim.

The books 8 chapters of nearly 300 pages are densely packed text, where Doherty brings significant real-world experience to every chapter. As the cybercrime training lab director at Fairleigh Dickinson University, he brings both an academic formality in additional to real-world experience in this highly tactical guide.

Chapter 1 details cell phone forensics. After a brief introduction to the history of the cell phone, it details the entire inner workings of a cell phone. The chapter also details differences in cell phones worldwide. An important fact is that many Asian countries have cell phones available 12-18 months before they appear in the US. With that, American forensic investigators need to be cognizant of this when entering into an investigation.

The chapter includes an overview of the Susteen Secure View application which is an extremely powerful tool for the mobile phone forensic investigator. Besides that tool, in each chapter, Doherty lists many tools that provide specific assistance to the topic at hand. The book is worth it for those listings alone.

Chapter 2 is similar to the previous chapter except this is about digital camera forensics. The chapter provides a detailed overview of how digital cameras operate and how the underlying hardware works. The chapter includes an extremely comprehensive overview of seemingly every tool available to investigate images on a digital camera.

The chapter also includes a number of fascinating case studies on how to effectively perform a forensics analysis of a digital camera. It concludes with an observation that when considering a career in forensics, as fascinating as it is; it may not be for everyone.

Doherty notes that as a forensics investigator, the examiner is often exposed to disturbing material. He quotes a report that studied investigators from over 500 agencies who had been exposed to child pornography during investigation of crime involving child exportation. The report noted an alarming 35% of the participants had problems arising from work exposure to child pornography.

Chapter 5 provides an extremely detailed look at forensics investigation on a corporate network. Throughout the book, Doherty stresses the need for effective chain of custody and other issues to preserve digital evidence. It is imperative to preserve the integrity of the digital evidence obtained from the time it was seized until it is presented in court.

To facilitate this, the book states a best practice to use checklists to ensure nothing is forgotten. The importance of checklists has been detailed in The Checklist Manifesto: How to Get Things Right where author Atul Gawande makes a compelling case for the use of checklists.

As to evidence and checklists, Doherty writes that once the evidence is obtained, a chain of custody form should be filled out. Each time the evidence is copied, processed, or transported, it should be documented on the chain of custody form. If others receive a copy of the evidence for prosecution or defense purposes, they too should sign for it. This is an imperative if it expected that the evidence would end up in court or be used for human resources purposes. But at the corporate setting detailed in chapter 5, that same level of diligence is not necessarily required.

Chapter 5 also has overviews of nearly 50 different forensic tools for every imaginable purpose.

While the book has exploratory and technical overviews on many tools and numerous case studies, this is not an introductory text on the subject. It is meant for someone with a technical background that is looking for a technical reference to gain competence on the topic of digital forensics.

The only lacking of the book is that while the author is an expert on the topic and the tools, the writing style is one that screams out for an editor. The text suffers from run on sentences and repetition of defining the same acronym, in addition to other readability issues. The book is pervasive its use of passive voice that can be annoying to many readers. It is hoped that the second edition of this book will be updated with the current tools of the time and a good re-editing of the text to ensure its readability doesn't suffer.

Aside from the grammatical issues, for those looking for a very hands-on guide to gain proficiency on the topic, Digital Forensics for Handheld Devices is a valuable reference. Dr. Eamon Doherty has a unique perspective in that he has academic, law enforcement and very practical experience, which is manifest in every chapter.

The notion of digital forensics is seize it, examine it and then prepare it for evidence in court. In Digital Forensics for Handheld Devices, you found out how to do just that.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

benrothke writes "Today's handheld device is the mainframe of years past. An iPhone 5 with 64 GB of storage and the Apple A6 system-on-a-chip processor has more raw computing power entire data centers had some years ago. With billions of handheld devices in use worldwide, it is imperative that digital forensics investigators and others know how to ensure that the information contained in them, can be legally preserved if needed." Read on for the rest of Ben's review. Digital Forensics for Handheld Devices author Dr. Eamon P. Doherty pages 336 publisher CRC Press rating 8/10 reviewer Ben Rothke ISBN 978-1439898772 summary Valuable reference for digital forensics In Digital Forensics for Handheld Devices, author Eamon Doherty provides an invaluable resource on how one can obtain data, examine it and prepare it as evidence for court. One of the reasons many computer crime cases fail to be prosecuted is that the evidence was not properly handled and could therefore not be admitted into court.

Once of the first things a defense attorney will do in a computer crime case is to attack how the digital evidence was obtained and preserved. In far too many cases, it was done incorrectly and the evidence, no matter that it may be a smoking gun, can't be admitted into court. The case then is dismissed, to the chagrin of the victim.

The books 8 chapters of nearly 300 pages are densely packed text, where Doherty brings significant real-world experience to every chapter. As the cybercrime training lab director at Fairleigh Dickinson University, he brings both an academic formality in additional to real-world experience in this highly tactical guide.

Chapter 1 details cell phone forensics. After a brief introduction to the history of the cell phone, it details the entire inner workings of a cell phone. The chapter also details differences in cell phones worldwide. An important fact is that many Asian countries have cell phones available 12-18 months before they appear in the US. With that, American forensic investigators need to be cognizant of this when entering into an investigation.

The chapter includes an overview of the Susteen Secure View application which is an extremely powerful tool for the mobile phone forensic investigator. Besides that tool, in each chapter, Doherty lists many tools that provide specific assistance to the topic at hand. The book is worth it for those listings alone.

Chapter 2 is similar to the previous chapter except this is about digital camera forensics. The chapter provides a detailed overview of how digital cameras operate and how the underlying hardware works. The chapter includes an extremely comprehensive overview of seemingly every tool available to investigate images on a digital camera.

The chapter also includes a number of fascinating case studies on how to effectively perform a forensics analysis of a digital camera. It concludes with an observation that when considering a career in forensics, as fascinating as it is; it may not be for everyone.

Doherty notes that as a forensics investigator, the examiner is often exposed to disturbing material. He quotes a report that studied investigators from over 500 agencies who had been exposed to child pornography during investigation of crime involving child exportation. The report noted an alarming 35% of the participants had problems arising from work exposure to child pornography.

Chapter 5 provides an extremely detailed look at forensics investigation on a corporate network. Throughout the book, Doherty stresses the need for effective chain of custody and other issues to preserve digital evidence. It is imperative to preserve the integrity of the digital evidence obtained from the time it was seized until it is presented in court.

To facilitate this, the book states a best practice to use checklists to ensure nothing is forgotten. The importance of checklists has been detailed in The Checklist Manifesto: How to Get Things Right where author Atul Gawande makes a compelling case for the use of checklists.

As to evidence and checklists, Doherty writes that once the evidence is obtained, a chain of custody form should be filled out. Each time the evidence is copied, processed, or transported, it should be documented on the chain of custody form. If others receive a copy of the evidence for prosecution or defense purposes, they too should sign for it. This is an imperative if it expected that the evidence would end up in court or be used for human resources purposes. But at the corporate setting detailed in chapter 5, that same level of diligence is not necessarily required.

Chapter 5 also has overviews of nearly 50 different forensic tools for every imaginable purpose.

While the book has exploratory and technical overviews on many tools and numerous case studies, this is not an introductory text on the subject. It is meant for someone with a technical background that is looking for a technical reference to gain competence on the topic of digital forensics.

The only lacking of the book is that while the author is an expert on the topic and the tools, the writing style is one that screams out for an editor. The text suffers from run on sentences and repetition of defining the same acronym, in addition to other readability issues. The book is pervasive its use of passive voice that can be annoying to many readers. It is hoped that the second edition of this book will be updated with the current tools of the time and a good re-editing of the text to ensure its readability doesn't suffer.

Aside from the grammatical issues, for those looking for a very hands-on guide to gain proficiency on the topic, Digital Forensics for Handheld Devices is a valuable reference. Dr. Eamon Doherty has a unique perspective in that he has academic, law enforcement and very practical experience, which is manifest in every chapter.

The notion of digital forensics is seize it, examine it and then prepare it for evidence in court. In Digital Forensics for Handheld Devices, you found out how to do just that.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

MassDosage writes "I've always found Chemistry interesting, particularly in high school when I had the good fortune of having a Chemistry teacher who was not only really good looking, but a great teacher too. I studied it for a year at University and then moved on and haven't really given the periodic table and its elements much thought since. This changed when the Wonderful Life with the Elements was delivered to me two weeks ago. It's one of those books that aims to make science fun and, unlike many other attempts which turn out to be pretty lame, this actually succeeds in presenting the periodic table in a fresh, original and interesting manner." Read on for the rest of Mass Dosage's review. Wonderful Life with the Elements: The Periodic Table Personified author Bunpei Yorifuji pages 205 publisher No Starch Press rating 8/10 reviewer Mass Dosage ISBN 978-1-59327-423-8 summary The periodic table personified Wonderful Life with the Elements is the brainchild of a Japanese artist, Bunpei Yorifuji, who has published a few other books in Japan and created some adverts for the Tokyo metro (which you can find by doing an image search for his name and 'Do it at home'). His animation style for these adverts features simple, clean cartoon characters drawn in yellow, black and white. In a Wonderful Life with the Elements he has taken this technique and applied it to the periodic table by drawing each element as a cartoon character where every detail has some scientific significance. Elements that were discovered a long time ago have beards while more recent discoveries have dummies (pacifiers for those in America) in their mouths. Heavy elements are fat. Elements with lots of industrial uses wear suits while those that are man-made look like robots. He also adds amusing little touches to each element and it is obvious he took a lot of time and care in doing this and researching and then presenting the details about each of them. It really feels like the elements have individual personalities which is quite an achievement for what is often presented as rather boring and dry subject matter.

This book isn't merely a collection of cartoon drawings — information is also included covering when and how the elements were discovered, what they are (or were) used for and other interesting or amusing pieces of trivia. There are also the more traditional facts like atomic number, symbol, position in the periodic table, melting and boiling points and density. Some elements get more detail than others depending on how well known and/or useful they are. My only real criticism of the book is that the elements in period 7 only get small drawings and a cursory description each. I'm not sure why they were singled out for this treatment. Did the author get bored towards the end? Was there lack of budget? Did he run out of time? Does he have a personal grudge against period 7? Considering that this period includes rather famous elements such as Uranium and Plutonium and that they get the same low level of detail as relative unknowns like Ununseptium and Darmstadtium this feels like a rather odd omission.

The main stars of the Wonderful Life with the Elements are the elements themselves but the introductory and closing chapters are worth reading too. The book starts off with an overview of the elements and which ones are found most commonly on our planet and in our living rooms before moving on to the periodic table itself and an explanation of what the various details on the cartoon drawings of the elements mean. The closing sections describe which elements are an important part of a human diet and what the effects of eating too little or too much of each of them are before wrapping up with a warning about the possibility of us running out of certain elements and what the negative impact of this could be. This is all written in an informal, humorous style that makes all these facts appear really interesting and, dare I say it, fun to read.

Wonderful Life with the Elements is a very enjoyable book and the author has done a great job of injecting some colour and personality into what many people would view as a rather dull topic. If I had had a book like this in high-school I think I would have found Chemistry interesting, even without the attractive teacher. It is worth pointing out that is isn't a replacement for a Chemistry text book — it only touches the surface of the large body of theory that underpins the elements and the periodic table. However I would still wholeheartedly recommend this to anyone with even just a casual interest in the subject. The original presentation of this material and the amusing personal touches are fantastic and turn this book into a fun, easy read which isn't something one can say about most books that deal with Chemistry.

You can purchase Wonderful Life with the Elements: The Periodic Table Personified from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.