Slashdot Mirror

Matthew Morgan writes "Mozilla's strengths as an application platform often go unrecognized for lack of good documentation. Nigel McFarlane sets out to change that in Rapid Application Development with Mozilla. McFarlane describes his book as "a conceptual overview, reference, and tutorial" for building applications on the Mozilla platform. But does he have room for all three in one book?" Read on for Morgan's answer to that question. Rapid Application Development with Mozilla author Nigel McFarlane pages 770 publisher Prentice Hall PTR rating 7 reviewer Matthew Morgan ISBN 0131423436 summary A good overview and tutorial for building applications atop Mozilla, though not a comprehensive reference.

The Basics Rapid Application Development with Mozilla (hereafter RADM) centers on XUL, Mozilla's XML dialect for describing GUIs. Other Mozilla components, like XBL and RDF, are described mainly in terms of how they plug into XUL. Each chapter presents and explains a component, then shows it in action by using it in an example application (a web-page annotator) developed throughout the book. Chapter conclusions take the form of debugging hints; as McFarlane ruefully notes, most errors cause Mozilla to silently do nothing, making debugging a chore.

The first half of RADM covers basic XUL use -- the usual complement of widgets with CSS to style them and JavaScript to manipulate them. McFarlane does assume previous exposure to basic HTML, JavaScript, and CSS, but extensive experience isn't required. At each step McFarlane does a good job explaining what's similar to HTML (e.g. most DOM stuff) and what isn't (e.g. the layout model). A few components have no real analog in the HTML model, like Mozilla's command dispatch system, so they're presented from the ground up.

The Back End

The second half of the book leans more toward the back end: using RDF for registries and template data; piping data into XUL with overlays, templates, and XBL; using and implementing XPCOM components; and deploying applications built on Mozilla.

McFarlane's RDF tutorial is one of the best I've seen. He starts off on the right foot by introducing things in terms of a directed graph, with lots of examples and diagrams. Only after eighteen pages of that does he introduce the RDF/XML syntax. His explanation of RDF/XML is unusually lucid, quite a feat considering how hairy RDF/XML gets. (Disclaimer: I've had past experience with RDF, so I wasn't reading this as a beginner -- in other words, YMMV.)

In the succeeding chapters, RDF is applied within the various Mozilla arenas, like XUL overlays and package installation, where it's used to store config information. The centerpiece of RDF in Mozilla, though, is in its use to create data-driven XUL files through XUL templates.

The chapter on templates runs to sixty-plus pages, and it's worth it. McFarlane covers things I haven't seen covered anywhere else. For instance, he describes the algorithm the RDF query engine uses to evaluate queries, so that you can better understand what kind of queries you can construct. This is crucial information because the query syntax allows a lot of queries that are logically reasonable, but won't actually work.

This points to a strength of RADM: McFarlane doesn't hesitate to criticize Mozilla where necessary. Throughout the book, he flags incomplete features, buggy implementations, and other gotchas, such as security restrictions surrounding RDF that make it all but useless for remote scenarios.

(Incidentally, McFarlane explicitly disclaims coverage of Phoenix/Firebird/Firefox, sticking to Mozilla 1.4, but in practice everything I've tried has worked fine in Firefox 0.8.)

Two Out Of Three Ain't Bad

So, does RADM manage to accomplish its goals of being a conceptual overview, tutorial, and reference? I'd give it two out of three.

As a conceptual overview, RADM shines. McFarlane is at his best when comparing and contrasting closely related components, like overlays, templates, and XBL, all of which extend XUL but do it in different ways. I was left with a good picture of what can and can't be done in Mozilla.

As a tutorial, RADM is solidly useful. The example-application sections cover a surprisingly large amount of ground -- more than enough to get a developer new to Mozilla up and running. McFarlane chose a good subset to present as examples; still, all of his clear writing can't paper over the fact that Mozilla is really complicated, not just internally, but in the interface it presents to developers using it as a platform.

As a reference, RADM stumbles. The index is slim -- a mere eighteen pages after 752 pages of content -- which makes small chunks of information hard to find. This is mitigated by a detailed and well-organized table of contents. After a few weeks of use, I find myself turning to the contents first, and only trying the index if I have to.

Fundamentally, though, RADM isn't really a reference book, and definitely not a "quick reference." You'd be better off using a good site like XULPlanet for quick what-arguments-does-that-method-take checks, and reserving RADM for in-depth explanations.

Conclusion

RADM is published in Bruce Perens' Open Source Series at Prentice Hall under the Open Publication License. After a few months of letting the book sell on its own, they'll post the PDF of the entire book online. Is it worth buying in print? Given that it's more of a sit-down-and-read book than a quick-reference guide, I'd say so.

If you're considering Mozilla as a platform, I'd recommend RADM for its reasonable balance that shows Mozilla's strengths and weaknesses. If you're already sold on Mozilla and just want to wrap your head around it and start building an app on it, RADM is the book for you.

You can purchase Rapid Application Development with Mozilla from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page

Eric Stats writes "Working as a Network Engineer for web-hosting company that prides itself on uptime and network availability, and moonlighting as a part-time Linux administrator, my managers and clients are starting to expect a level of information security knowledge from me. I decided that if I wanted to take my career to the next level, I needed to develop some security-specific skills. I heard a lot about the open source Intrusion Detection System (IDS), Snort from friends and co-workers (mostly that it was a pain to get running, and an even bigger pain to understand what it was doing)." To get past those frustrations, Eric looked at two more books on Snort (and compares them to the already-reviewed Intrusion Detection with Snort ); read on below for his take on what each offers. Intrusion Detection with SNORT: Advanced IDS Techniques Using SNORT, Apache, MySQL, PHP, and ACID; Intrusion Detection with Snort; Snort 2.0 Intrusion Detection author (See each) pages (See each) publisher (See each) rating (See each) reviewer Eric Stats ISBN (See each) summary (See each)

I ran Snort at home for a while, using the online docs, but I could never get a handle on which output plugin to use (When to log? When to alert?), how to email alerts to myself (I later found out Snort doesn't natively do this), and how to create signatures from packet captures (no online docs at all for this). When I did get The Pig running, it filled up my log directory with thousands of small alert files, which ended up being in tcpdump format. This frustrated the hell out of me, so I decided I needed to find a good book on Snort, as the online docs simply did not describe how to use Snort from start to finish.

In the past few months, an assortment of books have come out on Snort. Because it has begun to eclipse closed-source, multimillion dollar IDSes in terms of raw performance and features, much attention is currently focused on Snort. Naturally, when an open source project achieves this level of notoriety, publishers, venture capitalists, and corporations want to get in on the game. The flood of Snort books is a testament to this, but it doesn't mean they were all created equally. This book review covers the three books on Snort currently available (we will see another two Snort books later this winter). It covers what is good about them, what is bad, and who the target audience is for each. If you are looking to learn intrusion detection the open source way, or simply do not have a million-dollar IT security budget, these books are a good starting point.

Each of these three books serves a different purpose and consequently is appropriate for a different reader. In summary, Rafeeq Rehman's Intrusion Detection with Snort: Advanced IDS Techniques Using SNORT, Apache, MySQL, PHP, and ACID presents a concise, quick-start guidebook to getting Snort up and running fast. He doesn't delve into the details of Snort, and this book makes a perfect choice for a reader who wants to get The Pig up and running quickly and move on to something else.

The whole gaggle of authors that put together Snort 2.0 Intrusion Detection created a much-needed user manual for Snort. This book makes for good desktop reference, but assumes you understand the core concepts of intrusion detection, or have significant field experience with Snort. It is also somewhat convoluted to read; I suppose it's inevitable when you have 12 authors working on a single book, it is going to come out somewhat disjointed and jumbled. If I hadn't read the other two books first, I doubt I would have been able to piece together what this book is talking about in places. (Such as referring to Barnyard logs in one chapter and "unified binary format" in another; how is the reader going to know they are the same?)

Lastly, Jack Koziol's Intrusion Detection with Snort is a guidebook for using Snort in the real world, either on small networks or in large corporate settings. Like any security tool, Snort is only as effective as its operator. Snort can do an enormous number of things, but if you don't understand the "how and why" you aren't going to be able to apply your knowledge in unexpected, different, or new situations. Koziol's book bridges the gap and teaches you the nitty-gritty Snort details not found in online docs, as well as how to apply your newfound IDS knowledge in practice. This book does lack in terms of screenshots and diagrams, which can be frustrating at points. Instead of a paragraph of text, a simple diagram would have sufficed.

Intrusion Detection with SNORT: Advanced IDS Techniques Using SNORT, Apache, MySQL, PHP, and ACID author Rafeeq Rehman pages 288 publisher Prentice Hall rating 7/10 ISBN 0131407333

I first picked up Rehman's Intrusion Detection with Snort: Advanced IDS Techniques Using SNORT, Apache, MySQL, PHP, and ACID. Rehman's book is also a member of the Bruce Perens Open Source Series. All of the books in his series are published under the OPL. Overall, Rehman's book served as a good intro to Snort. I followed the examples, used some of the custom startup and log-rotation scripts, and got Snort working for the first time. I also learned of ACID, which is a PHP-based GUI for Snort, put out by Carnegie Mellon's CERT/CC. It makes managing alerts from Snort much less time-intensive. It was an exciting experience, but the book left me in the dark on a number of concepts that I knew I needed to learn. I still didn't understand what I was getting out of Snort; I had so many alerts I couldn't "tune out the noise." I didn't know when to use log or alert plugins, so I just turned on both for safety's sake. I also found that Snort was dropping packets (meaning it wasn't able to keep up with the traffic load going to my webservers hosted at home), but didn't find any way to fix this problem. This setup was fine for experimenting at home, but I didn't feel I would be able to use Snort in a mission-critical corporate setting yet.

Intrusion Detection with Snort author Jack Koziol pages 400 publisher SAMS Publishing rating 9/10 ISBN 157870281X

I thumbed through Jack Koziol's Intrusion Detection with Snort at the bookstore, and it seemed to have some more detailed descriptions of using Snort. It also had a lot of the planning, deployment, and maintenance activities you never think of until you are faced with one at 2 a.m. (such as how to upgrade Snort in an organized manner after a vicious integer overflow exploit is released for a core Snort component). It is also the most popular Snort book, so I figured I would buy it. When I took it home, I learned where to place Snort on a network, and what advantages and disadvantages there are to different IDS sensor placement strategies, something I had never considered.

Koziol's book also had the technical detail I was in desperate need of. I learned how to use Barnyard to spool alerts, which keeps Snort from dropping packets. I got to write my own attack signatures from scratch by using Ethereal packet captures in an controlled lab environment. I created a targeted ruleset; it enables specific attack signatures based on what I actually have running on my network, simply using nmap and some complicated perl scripts. The targeted ruleset went a long way to reducing false alerts, and is now a selling product from the Snort commercial vendor, Sourcefire. I finally got email alerts working using syslog-ng with Snort. The book ends with some more advanced content, namely using Snort as an Intrusion Prevention device. You can setup Snort to block packets that match a signature, using Inline Snort, or you can have Snort reconfigure routers and firewalls to block offending IP addresses, using SnortSam. I've experimented with Inline Snort as part of a honeypot, but, as the author points out, this is not yet production-safe, as it can easily be used by attackers to disrupt network availability.

Snort 2.0 Intrusion Detection authors Jay Beale, Anne Carasik, Aidan Carty, Scott Dentler, Adam M. Doxtater, Wally Eaton, Jeremy Faircloth, James C. Foster, Vitaly Osipov, Jeffrey Posluns, Ryan Russell, Brian Caswell pages 485 publisher Syngress rating 4/10 ISBN 1931836744

The final Snort book in this review is Snort 2.0 Intrusion Detection. This book has a lot of the screenshots and figures that the Koziol and Rehman books leaves out. It also contains a lot of useful diagrams, about one for every other page, and a CD-ROM with all of the Snort source and a pdf version of the book. This book, and the Koziol book, cover Snort version 2.0, which isn't all that much different from version 1.9 covered in the Rehman book. Still, it is nice to have the most up-to-date documentation, but it doesn't make the Rehman book any less effective. This book has the most reference material in it, over 500 pages' worth, and it has very organized user manual-like descriptions of important Snort components (preprocessors, output plugins, and rules). Keep in mind that this book was created more as a user manual rather than an implementer's guide. You aren't going to see planning, deployment, and maintenance activities as well as technical deployment examples, as in the Koziol book. And, you aren't going to find a concise quick-start guide such as the Rehman book.

In summary, you aren't going to find anything in this book that isn't in the other two. What you will find is lengthy descriptions, and a lot more screenshots. As stated before, Snort 2.0 Intrusion Detection was written by 12 different people (one of them a Sourcefire employee and Snort.org website maintainer, Brian Caswell). This is obviously done by the publisher to get the book out as fast as possible, which is important for technology book publishers as books are outdated quickly, but has the end result of a disjointed book that contradicts itself in many areas. An example: one author stresses how deadly important it is for us to only use the latest Snort version, while another tells us to use the CDROM that comes with the book, which contains an outdated version of Snort.

You can clearly tell a different authors worked on different chapters, as the style and format change frequently. You can also tell that the authors didn't talk to each other much, as you will find one author referring to something in one chapter (unified binary format) that he expected to have been explained in a previous chapter. In print, the concept was not explained until later, which can be really frustrating if you are not a Snort pro. Additionally, there are enough grammatical errors in the book to be distracting, and, much like a vendor-provided user manual, the chapters don't logically flow from one to the next. If you do purchase this book, this slashdotter would recommend it as a supplement to either the Rehman or Koziol book.

You can purchase Intrusion Detection with SNORT: Advanced IDS Techniques Using SNORT, Apache, MySQL, PHP, and ACID , Intrusion Detection with Snort , and Snort 2.0 Intrusion Detection from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

meta4 writes "After five years of pioneering the application of open source principles to stuff other than software, OpenContent is closing down. Project Lead David Wiley provides a rationale for the closing on the website, as well as a brief overview of the projects' successes. Wiley has joined Creative Commons as Project Lead for Educational Licensing."

bcrowell asks: "Here's a moral conundrum for you. The much-hated DMCA can be a tool to enforce copyleft licenses, and in my case, it may be the only effective tool. I'm the author of some free physics textbooks (all free as in beer, some free as in speech) that are available under the GFDL and OPL copyleft licenses. I've learned that there's a guy on eBay who is selling my books on CD and violating the license. (Selling is allowed, since they're free-as-in-speech, but he's violating the license in various ways, such as not informing his buyers about the license, and selling them under a different title and using the tables of contents in his ads without showing the license or listing me as the author.) It's not just me. He's doing the same thing with other copylefted books, such as this one." The submitter is worried about the ethics behind using the recent misuses we've seen so far. Those interested in this question might also be interested in Prof. Felten's answers from his recent Slashdot interview.

"eBay has several different mechanisms for complaining about this, and I used one of them. Other people have complained too, but so far the result just seems to be that eBay deletes the listings of the items (which have already been sold). Meanwhile the guy is still violating copyleft licenses (as well as selling other copyright-violating stuff, such as screensavers containing commercial porn images).

Apparently the most effective way to deal with this on eBay is to participate in their vero program, which basically means sending the DMCA Police after the guy. For instance, if I wanted to sue the guy (which I don't), I'd need to know his name and address. The DMCA says that eBay has to provide that info to someone who complains about a copyright violation.

It seems like it would be a similar deal in the software world. The conventional wisdom about how to prevent infringement is to GPL your code, and transfer the copyright to the FSF, which will contact license violators and (theoretically) sue them if it comes to that. So how long will it be until the FSF is asked by an open-source developer to invoke the DMCA in order to deal with a license violation? In my own case, should I go ahead and join eBay's vero program? It would make me feel like I was in bed with the enemy, but it does seem like it would give me some very effective options for dealing with the situation. For instance, members of the program can have eBay run automated boolean searches for copyright-violating items, and get the results e-mailed to them periodically.

One possible reply to my question is 'Why do you care?" The problem here is that this guy is doing exactly what RMS originally designed copyleft to prevent: he's taking free information and making it not-free. His customers don't know that the books are copylefted, and have effectively had their own freedom taken away: they don't know they can modify the books, copy them, or sell them."

eclectric asks: "This subject has been mentioned in passing in a few slashdot comments in recent weeks, but I for one would like to find more information on the subject of copylefting text. I've seen some licenses, including the GNU Free Documentation License and the Open Content License, but both of them seem limited to software documentation and academic papers, respectively. Is one of these the path to take, or does the creative world need a new 'copyleft' to combat the forces of evil, namely the DMCA. What kind of steps have other authors taken, including just putting their works in the public domain, to insure that their works remain free of the limitations of US and International copyright law."

Arthropoid writes "Looks like Apple's legal department has been busy of late. After forcing Ad Critic to take down all its Apple commercials, they have struck again, forcing Mac rumors site Mac OS Rumors to take down two stories. Both stories reported on details of Apple's next generation computer and case, supposedly a cube like box (still translucent) with a third party PCI chassis attachable through a connection on the motherboard." I traded email with Ryan Meader at MOSR about this.

(Full disclosure: I own some Apple stock and have been a fan of the company since my Apple][+; also, MOSR's parent company did ads for Slashdot several years ago.)

Apple apparently claimed to MOSR that - among other things - they had "proprietary and statutory rights" that were violated by the stories that ran on the site. Sounds fishy to me. Unless they can prove an NDA was violated (and Meader says none was), I can't see how they have a case. You can't copyright a fact.

But I'm not a lawyer. If any lawyers would like to comment on this, feel free.

Effectively what this means is that large legal fees would have to be paid unless the rumor site removed the rumors. Win or lose, nobody likes to be on the receiving end of a lawsuit. It just costs too much to defend so the rumors get pulled. Just a fact of life on today's web.

To be sure, another large factor in MOSR's decision is that they are supporters of Apple and of the Macintosh community. Meader says their website "was originally created to help Apple through the rough times of '95-'97 ... because the Mac community is so protective of its center, we don't feel that it's wise nor beneficial to fight Apple on this."

But, as Meader goes on to say, "The real matter at issue here is that Apple wants to be able to do what they want without taking responsibility for failures, schedule slides, or unpopular plans, until they're already carried through. ...Apple figures that rumor sites are inevitable, so individually they have no value. They can be tossed away when they become an inconvenience, and others will spring up to continue giving them free, no-strings hype."

The end result is that rumor sites are allowed to exist ... as long as they don't get too uppity and cause too much trouble for the bottom line.

But here's an interesting angle. MOSR publishes its stories under the OpenContent License (which goes by the odd acronym "OPL"). If anyone happened to snag a copy of the offending rumors before they were removed, then according to the terms of this license,

"You may copy and distribute exact replicas of the OpenContent (OC) as you receive it, in any medium,"

as long as you reproduce the copyright and warranty-disclaimer, and a few other usual things. Oh, and as long as you're willing to get sued by Apple, whose lawyers presumably will welcome the chance to make themselves, once again, useful.

phlako66 asks: "I am one of the creators of a large tutorial created for a university to teach undergraduates 'information literacy' skills. Recently we have received a lot of interest from other institutions about licensing our tutorial for use on their campuses. From its inception the creators have been determined to keep the content free to students from any institution. Current interest in the tutorial though has forced us to investigate further issues of copyright and intellectual property. We are considering making the content of the tutorial available under the Open Content Licence. I think that the Open Content License is perfect for an academic setting and can actually aid the further growth and proliferation of intellectual content. However, I'm not sure what the university is going to say about this, and was wondering if anyone had any similar experience with academic institutions and such licenses, or could foresee any potential problems with this type of licensing for large Web sites?"

Carey Bunks wrote to tell us that last week, "a new GIMP site, Gimp-Savvy.com, has come online and is making available the complete text of the recently released book Grokking the GIMP . This new GIMP resource, written by me and published by New Riders, has been released under an Open Publication License. The goals of Gimp-Savvy.com are to provide high-level educational and practical resources for the GIMP, and to promote its skillful and knowledgeable use."

It's good to see high-quality books on open source software, and this one is well-organized, thorough and profusely illustrated. It happens to make a great online GIMP tutorial as well.

Note: as you might expect, many of the Web pages that make up the book are image-heavy (as you might expect), so if you're on a slow connection, browse the detailed, outline-format table of contents carefully.

And if you do have the bandwidth, you can slurp down the entire book to browse later. When's the last time you read a book that came as an HTML tarball?

meta4 writes "OpenContent unveiled a new database via which users can search for OpenContent or register their own for others to find. Back entry of past contributors to the cause (including the likes of Alan Cox and sites like MacOS Rumors) is still underway, but there's some good stuff here already. Bop on over and have a look, and don't forget to contribute to the cause. "

meta4 writes "OpenContent unveiled a new database via which users can search for OpenContent or register their own for others to find. Back entry of past contributors to the cause (including the likes of Alan Cox and sites like MacOS Rumors) is still underway, but there's some good stuff here already. Bop on over and have a look, and don't forget to contribute to the cause. "

Trixter writes "Just a quick note that the educational content version of OpenSource called OpenContent has finally been recognized by mainstream media in a fairly well-written article that serves as a primer to OpenContent. "

David Wiley writes " OpenContent.org is now online. OpenContent is an attempt to take Content where GNU/FSF has taken Software. A preliminary version of the OpenContent Principles / License (OP/L) is available for comment and immediate use. Contributors to the cause include none other than rms and Eric S. Raymond. If Slashdot readers have "educational" content they'd like to make freely available for others to use in its entirety (like HOW-TO docs, etc.) while still maintaining ownership and some assurance of proper recognition, they should check it out. "

David Wiley writes " OpenContent.org is now online. OpenContent is an attempt to take Content where GNU/FSF has taken Software. A preliminary version of the OpenContent Principles / License (OP/L) is available for comment and immediate use. Contributors to the cause include none other than rms and Eric S. Raymond. If Slashdot readers have "educational" content they'd like to make freely available for others to use in its entirety (like HOW-TO docs, etc.) while still maintaining ownership and some assurance of proper recognition, they should check it out. "