Domain: slashdot.org
Stories and comments across the archive that link to slashdot.org.
Stories · 37,380
-
Book Review: Liars and Outliers
First time accepted submitter benrothke writes "It is said that the song Wipe Out launched a generation of drummers. In the world of information security, the classic Applied Cryptography: Protocols, Algorithms, and Source Code in C by Bruce Schneier may have been the book that launched a generation of new cryptographers. Schneier's latest work of art is Liars and Outliers: Enabling the Trust that Society Needs to Thrive. For those that are looking for a follow-up to Applied Cryptography, this it is not. In fact, it is hard to classify this as an information security title and in fact the book is marked for the current affairs/sociology section. Whatever section this book ultimately falls in, the reader will find that Schneier is one of the most original thinkers around." Keep reading for the rest of Ben's review. Liars and Outliers: Enabling the Trust that Society Needs to Thrive author Bruce Schneier pages 384 publisher Wiley rating 10/10 reviewer Ben Rothke ISBN 978-1118143308 summary Brilliant book on trust and society, and it complex interrelation In Applied Cryptography Schneier dealt with the pristine world of mathematical cryptography where aspects of pure mathematics could be demonstrably proven. For example, non-repudiation is absolutely provable.
In Liars and Outliers, Schneier moves from the pristine world of mathematics into the muddy world of human trust. Non-repudiation is no longer an absolute in a world where a Windows kernel can be compromised and end-users can be victims of social engineering.
The book addresses the fundamental question of how does society function when you cant trust everyone. Schneier notes that nothing in society works without trust. Its the foundation of communities, commerce, democracy, in truth — everything. And Schneier deals extensively with social and moral pressures that effect trust.
Liars and Outliers is very similar to books by Umberto Eco, that have a Renaissance feel to them; bringing myriad and diverse topics together. Schneier does this here and intertwines topics such as game theory, evolution, surveillance, existentialism and much more. Schneier's brilliance is that he is able to connect seemingly disparate dots around information security and society, and show how they are in truth tightly coupled.
In the book, Schneier makes note of those that don't follow the rules. He calls these people defectors, and these are the liars and outliers of the book. The book notes that everything is a trade-off, and these defectors are the ones that try to break the rules.
An overall theme of the book, in which Schneier touches and references sociology, psychology, economics, criminology, anthropology, game theory and much more, is that society can't function without trust. He writes that in our complex interconnect and global society, that we need a lot of trust.
Schneier makes frequent reference to Dunbar's number, which he first references in chapter 2. Dunbars number was first proposed by British anthropologist Robin Dunbar and is a theoretical cognitive limit to the number of people with whom one can maintain stable social relationships. It is generally in the area of 150. So when someone sees a person with 3,000 Facebook friends, something is clearly amiss.
In chapter 9 on institutional pressures, Schneier takes a very broad look at threats facing society today. One of the biggest perceived threats we have today is terrorism, and the book astutely notes that we can never ensure perfect security against terrorism.
If Schneier had his way, the TSA budget would be measured in the millions, not billions of dollars. He incisively observes that all the talk of terrorism as an existential threat to society is utter nonsense. As long as terrorism is rare enough (which it is), and most people survive (which they do), society will survive. He writes that while that observation is true, it is not politically viable for our leaders to come out and say that.
While the book is heavy on the people focus, Schneier also acknowledges that sometimes and for some people, the incentives to commit crimes are worth the risk. To deal with those, that is where security technologies come into play.
An interesting observation made in chapter 10 around technology is that sometimes the technological changes have absolutely nothing to do with the societal dilemma being secured. For example, he notes that between the ubiquity of keyboards and the tendency for teachers to focus on standardized tests, cursive is no longer being taught that much in schools. The result is that signatures are more likely to be either printed text is an illegible scrawl; making them easier to forge; which in turns creates new security risks.
In the book Schneier makes scores of astute observations on how society functions around security. He notes in chapter 16 that we are currently in a period of history where technology is changing faster than it ever has. The worry is that if technology changes too fast, the attackers will be able to innovate so much faster than society can that the imbalance become even greater; with failures that negatively affect society.
In many of the examples in the book, Schneier paints a dark picture given the advantage that the attackers and defectors have. But he also notes that we are in a period of history where the ability for large-scale cooperation is greater than it has ever been before. On that topic, he refers to the book The Penguin and the Leviathan: How Cooperation Triumphs over Self-Interest by Yochai Benkler where he writes that the Internet can and has enabled cooperation on a scale never before seen. And that politics, backed by science, is ready to embrace this new cooperation.
On the lighter side, in chapter 17, Schneier notes that Mussolini didn't make the trains run on time; he just made it illegal to complain about them.
Schneier notes at the end of the book that its lesson isn't that defectors will inevitably ruin everything for everyone. Rather that we as a society need to manage societal pressure to ensure that they don't.
Liars and Outliers is an absolutely fascinating and groundbreaking book. In this election year where the candidates attempt to make sweeping simplistic promises to fix complex problems, Schneier simply answers that in our complex society, there are no simple answers.
In Applied Cryptography Bruce Schneier demonstrated he was quite the smart guy. In Liars and Outliers, he shows he is even smarter than most of us first thought.
Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.
You can purchase Liars and Outliers: Enabling the Trust that Society Needs to Thrive from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page. -
Book Review: Liars and Outliers
First time accepted submitter benrothke writes "It is said that the song Wipe Out launched a generation of drummers. In the world of information security, the classic Applied Cryptography: Protocols, Algorithms, and Source Code in C by Bruce Schneier may have been the book that launched a generation of new cryptographers. Schneier's latest work of art is Liars and Outliers: Enabling the Trust that Society Needs to Thrive. For those that are looking for a follow-up to Applied Cryptography, this it is not. In fact, it is hard to classify this as an information security title and in fact the book is marked for the current affairs/sociology section. Whatever section this book ultimately falls in, the reader will find that Schneier is one of the most original thinkers around." Keep reading for the rest of Ben's review. Liars and Outliers: Enabling the Trust that Society Needs to Thrive author Bruce Schneier pages 384 publisher Wiley rating 10/10 reviewer Ben Rothke ISBN 978-1118143308 summary Brilliant book on trust and society, and it complex interrelation In Applied Cryptography Schneier dealt with the pristine world of mathematical cryptography where aspects of pure mathematics could be demonstrably proven. For example, non-repudiation is absolutely provable.
In Liars and Outliers, Schneier moves from the pristine world of mathematics into the muddy world of human trust. Non-repudiation is no longer an absolute in a world where a Windows kernel can be compromised and end-users can be victims of social engineering.
The book addresses the fundamental question of how does society function when you cant trust everyone. Schneier notes that nothing in society works without trust. Its the foundation of communities, commerce, democracy, in truth — everything. And Schneier deals extensively with social and moral pressures that effect trust.
Liars and Outliers is very similar to books by Umberto Eco, that have a Renaissance feel to them; bringing myriad and diverse topics together. Schneier does this here and intertwines topics such as game theory, evolution, surveillance, existentialism and much more. Schneier's brilliance is that he is able to connect seemingly disparate dots around information security and society, and show how they are in truth tightly coupled.
In the book, Schneier makes note of those that don't follow the rules. He calls these people defectors, and these are the liars and outliers of the book. The book notes that everything is a trade-off, and these defectors are the ones that try to break the rules.
An overall theme of the book, in which Schneier touches and references sociology, psychology, economics, criminology, anthropology, game theory and much more, is that society can't function without trust. He writes that in our complex interconnect and global society, that we need a lot of trust.
Schneier makes frequent reference to Dunbar's number, which he first references in chapter 2. Dunbars number was first proposed by British anthropologist Robin Dunbar and is a theoretical cognitive limit to the number of people with whom one can maintain stable social relationships. It is generally in the area of 150. So when someone sees a person with 3,000 Facebook friends, something is clearly amiss.
In chapter 9 on institutional pressures, Schneier takes a very broad look at threats facing society today. One of the biggest perceived threats we have today is terrorism, and the book astutely notes that we can never ensure perfect security against terrorism.
If Schneier had his way, the TSA budget would be measured in the millions, not billions of dollars. He incisively observes that all the talk of terrorism as an existential threat to society is utter nonsense. As long as terrorism is rare enough (which it is), and most people survive (which they do), society will survive. He writes that while that observation is true, it is not politically viable for our leaders to come out and say that.
While the book is heavy on the people focus, Schneier also acknowledges that sometimes and for some people, the incentives to commit crimes are worth the risk. To deal with those, that is where security technologies come into play.
An interesting observation made in chapter 10 around technology is that sometimes the technological changes have absolutely nothing to do with the societal dilemma being secured. For example, he notes that between the ubiquity of keyboards and the tendency for teachers to focus on standardized tests, cursive is no longer being taught that much in schools. The result is that signatures are more likely to be either printed text is an illegible scrawl; making them easier to forge; which in turns creates new security risks.
In the book Schneier makes scores of astute observations on how society functions around security. He notes in chapter 16 that we are currently in a period of history where technology is changing faster than it ever has. The worry is that if technology changes too fast, the attackers will be able to innovate so much faster than society can that the imbalance become even greater; with failures that negatively affect society.
In many of the examples in the book, Schneier paints a dark picture given the advantage that the attackers and defectors have. But he also notes that we are in a period of history where the ability for large-scale cooperation is greater than it has ever been before. On that topic, he refers to the book The Penguin and the Leviathan: How Cooperation Triumphs over Self-Interest by Yochai Benkler where he writes that the Internet can and has enabled cooperation on a scale never before seen. And that politics, backed by science, is ready to embrace this new cooperation.
On the lighter side, in chapter 17, Schneier notes that Mussolini didn't make the trains run on time; he just made it illegal to complain about them.
Schneier notes at the end of the book that its lesson isn't that defectors will inevitably ruin everything for everyone. Rather that we as a society need to manage societal pressure to ensure that they don't.
Liars and Outliers is an absolutely fascinating and groundbreaking book. In this election year where the candidates attempt to make sweeping simplistic promises to fix complex problems, Schneier simply answers that in our complex society, there are no simple answers.
In Applied Cryptography Bruce Schneier demonstrated he was quite the smart guy. In Liars and Outliers, he shows he is even smarter than most of us first thought.
Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.
You can purchase Liars and Outliers: Enabling the Trust that Society Needs to Thrive from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page. -
Disconnection of Millions of DNSChanger-Infected PCs Delayed
tsu doh nimh writes "Millions of computers infected with the stealthy and tenacious DNSChanger Trojan may be spared a planned disconnection from the Internet early next month if a New York court approves a new request by the U.S. government. Meanwhile, six men accused of managing and profiting from the huge collection of hacked PCs are expected to soon be extradited from their native Estonia to face charges in the United States." -
Last Day To Tell Google To Forget You
itwbennett writes "Google's new privacy policy will consolidate all your data at google.com — unless you erase it first. And today is your last day to do it. The change goes into effect tomorrow. Which is why the helpful folks at EFF have posted some simple instructions showing how to delete your web history at Google." -
PSVita Released In the USA and Europe
YokimaSun writes "Sony has today released the PSVita in the U.S. and Europe. The console comes with features such as dual touch pads at the front and rear, dual cameras at the front and rear, dual analog sticks, a 5-inch OLED screen, GPS, six-axis motion sensors and a three-axis electronic compass. The PSVita is Sony's attempt at stealing the thunder away from the 3DS but also bringing back the gamers lost to the likes of Android and iOS Devices. The PSVita in Japan sold massively on its first release week but since has struggled and sold less than the PSP. With this in mind sites like Amazon have been offering many different deals to entice people to buy the console. Can Sony stop homebrewers from taking over this console?" -
Is It Time For NoSQL 2.0?
New submitter rescrv writes "Key-value stores (like Cassandra, Redis and DynamoDB) have been replacing traditional databases in many demanding web applications (e.g. Twitter, Google, Facebook, LinkedIn, and others). But for the most part, the differences between existing NoSQL systems come down to the choice of well-studied implementation techniques; in particular, they all provide a similar API that achieves high performance and scalability by limiting applications to simple operations like GET and PUT. HyperDex, a new key-value store developed at Cornell, stands out in the NoSQL spectrum with its unique design. HyperDex employs a unique multi-dimensional hash function to enable efficient search operations — that is, objects may be retrieved without using the key (PDF) under which they are stored. Other systems employ indexing techniques to enable search, or enumerate all objects in the system. In contrast, HyperDex's design enables applications to retrieve search results directly from servers in the system. The results are impressive. Preliminary benchmark results on the project website show that HyperDex provides significant performance improvements over Cassandra and MongoDB. With its unique design, and impressive performance, it seems fittng to ask: Is HyperDex the start of NoSQL 2.0?" -
Microsoft Files EU Antitrust Complaint Against Motorola Mobility
judgecorp writes "Microsoft has filed a complaint with the European Commission complaining that Motorola Mobility is charging too much for use of its patented technology in phones and tablets. The complaint follows a similar one by Apple last week, and will need to be resolved by Google as it takes charge of Motorola Mobility." -
Solid Buckeyballs Detected In Space
astroengine writes with an excerpt from an article at Discovery: "For the first time, 'buckyballs' have been discovered in the cosmos in a solid form. Until now, the only evidence in space for the bizarre little hollow balls of carbon atoms have been in interstellar gases, but with the help of NASA's Spitzer Space Telescope, astronomers have discovered buckyballs accumulating and stacking atop one another to form solid particles. 'These buckyballs are stacked together to form a solid, like oranges in a crate,' said Nye Evans of Keele University in England, lead author of a paper appearing in the Monthly Notices of the Royal Astronomical Society. 'The particles we detected are minuscule, far smaller than the width of a hair, but each one would contain stacks of millions of buckyballs.'" -
ACTA Referred To Europe's Top Court For Analysis
superglaze writes "The Anti-Counterfeiting Trade Agreement is to get an extra level of scrutiny in the EU after the European Commission said it would refer ACTA to the European Court of Justice, to check that it really does comply with fundamental freedoms in the union. This obviously follows mass protests over ACTA, and it seems justice commissioner Viviane Reding was the one who pushed for ECJ scrutiny. It's not currently clear if this will delay the European Parliament ratification process, but it is hard to imagine the parliament voting on ACTA (scheduled for June at the moment) before the ECJ has had its say — and no-one can say right now how long that will take to happen." -
Unconstitutional Video Game Law Costs California $2 Million
An anonymous reader writes "In hopes of protecting the children of California from the ravages of violent video games, then governor Arnold Schwarzenegger attempted to push through a law that would fine retailers $1000 for each infraction of selling a violent game to an underage child. However, in the wake of appeals to the U.S. Supreme Court, which struck down the law, California is now forced to pay the legal fees of all parties to the tune of two million dollars." -
DHS Budget Includes No New Airport Body Scanners
OverTheGeicoE writes "The Electronic Privacy Information Center has been examining the White House's proposed budget for Department of Homeland Security for 2013, and they point out that it doesn't include any money for additional airport body scanners for TSA. Did the recent scandal involving TSA workers targeting women for scans make the White House realize that TSA is a national embarrassment? Does the executive branch finally understand the questionable safety and effectiveness of these devices? Or does DHS just think it has enough scanners once TSA installs the 250 new scanners in this year's budget?" -
DHS Budget Includes No New Airport Body Scanners
OverTheGeicoE writes "The Electronic Privacy Information Center has been examining the White House's proposed budget for Department of Homeland Security for 2013, and they point out that it doesn't include any money for additional airport body scanners for TSA. Did the recent scandal involving TSA workers targeting women for scans make the White House realize that TSA is a national embarrassment? Does the executive branch finally understand the questionable safety and effectiveness of these devices? Or does DHS just think it has enough scanners once TSA installs the 250 new scanners in this year's budget?" -
DHS Budget Includes No New Airport Body Scanners
OverTheGeicoE writes "The Electronic Privacy Information Center has been examining the White House's proposed budget for Department of Homeland Security for 2013, and they point out that it doesn't include any money for additional airport body scanners for TSA. Did the recent scandal involving TSA workers targeting women for scans make the White House realize that TSA is a national embarrassment? Does the executive branch finally understand the questionable safety and effectiveness of these devices? Or does DHS just think it has enough scanners once TSA installs the 250 new scanners in this year's budget?" -
New Opa S4 Release Puts Forward New 'ORM' For MongoDB
phy_si_kal writes "The new, open source, Opa web programming language just hit version 0.9.0 'S4,' six months after its last major release. Apart from a new syntax more similar to JavaScript, the new release focuses on mongoDB integration. Opa now features something similar to object-relational mapping (ORM) except that mongoDB is a non-relational, document-oriented database and Opa a functional, non-object-oriented language. The new functionality makes the NoSQL database even easier to use, as all language-database calls are automated. The mapping of functional datastructures to documents could even be much better than current ORM approaches and solve the object-relational impedance mismatch." -
Damaged US Passport Chip Strands Travelers
caseih writes "Damaging the embedded chip in your passport is now grounds for denying you the ability to travel in at least one airport in the U.S. Though the airport can slide the passport through the little number reader as easily as they can wave it in front of an RFID reader, they chose to deny a young child access to the flight, in essence denying the whole family. The child had accidentally sat on his passport, creasing the cover, and the passport appeared worn. The claim has been made that breaking the chip in the passport shows that you disrespect the privilege of owning a passport, and that the airport was justified in denying this child from using the passport." -
Heartland Institute Document Leaker Comes Forward, Maintains Documents Are Real
The Bad Astronomer writes "Last week, an anonymous source leaked several internal documents from the Heartland Institute, a non-profit think tank known for anti-global-warming rhetoric. The leaker has come forward: Peter Gleick, scientist and journalist. In his admission, he cites his own breach of ethics, but also maintains that all the documents are real. This includes the potentially embarrassing '2012 Climate Strategy' document stating that Heartland wants to 'dissuade teachers from teaching science.' Heartland still claims this document is a forgery, but there is no solid evidence either way." -
Oracle's Java Claims Now Down To $230 Million
jfruh writes "Hey, remember when Oracle decided to sue Google over claims that Android violated Oracle's Java patents and copyrights? How's that working out? Not so well, it seems! Oracle has been forced to take many of its patents out of the lawsuit due to lack of evidence, and the damages in play now are down to a little less than 4 percent of Oracle's original $6.1 billion claims." -
Google: IE Privacy Policy Is Impractical
itwbennett writes "In response to Microsoft's claim that Google circumvented Internet Explorer privacy protections (following the discovery that Google also worked around Safari's privacy settings), Google on Monday said that IE's privacy protection, called P3P, is impractical to comply with." -
Google: IE Privacy Policy Is Impractical
itwbennett writes "In response to Microsoft's claim that Google circumvented Internet Explorer privacy protections (following the discovery that Google also worked around Safari's privacy settings), Google on Monday said that IE's privacy protection, called P3P, is impractical to comply with." -
Hackers In Space: Designing A Ground Station
An anonymous reader writes with some new information on the happenings of the Hacker Space Program. From the article: "At the Chaos Communication Camp 2011 Jens Ohlig, Lars Weiler, and Nick Farr proposed a daunting task: to land a hacker on the Moon by 2034. The plan calls for three separate phases: Establishing an open, free, and globally accessible satellite communication network, put a human into orbit, and land on the Moon. Interestingly enough, there is already considerable work being done on the second phase of this plan by the Copenhagen Suborbitals, and Google's own Lunar X Prize is trying to spur development of robotic missions to the Moon. But what about the first phase? Answering the call is the 'Shackspace,' a hackerspace from Stuttgart, Germany, who've begun work on an ambitious project they're calling the 'Hackerspace Global Grid.'" -
Hackers In Space: Designing A Ground Station
An anonymous reader writes with some new information on the happenings of the Hacker Space Program. From the article: "At the Chaos Communication Camp 2011 Jens Ohlig, Lars Weiler, and Nick Farr proposed a daunting task: to land a hacker on the Moon by 2034. The plan calls for three separate phases: Establishing an open, free, and globally accessible satellite communication network, put a human into orbit, and land on the Moon. Interestingly enough, there is already considerable work being done on the second phase of this plan by the Copenhagen Suborbitals, and Google's own Lunar X Prize is trying to spur development of robotic missions to the Moon. But what about the first phase? Answering the call is the 'Shackspace,' a hackerspace from Stuttgart, Germany, who've begun work on an ambitious project they're calling the 'Hackerspace Global Grid.'" -
Microsoft Accuses Google of Violating Internet Explorer's Privacy Settings
New submitter Dupple writes with a followup to Friday's news that Google was bypassing Safari's privacy settings. Now, Microsoft's Internet Explorer blog has a post accusing Google of doing the same thing (in a different way) to Internet Explorer. Quoting: "By default, IE blocks third-party cookies unless the site presents a P3P Compact Policy Statement indicating how the site will use the cookie and that the site’s use does not include tracking the user. Google’s P3P policy causes Internet Explorer to accept Google’s cookies even though the policy does not state Google’s intent. P3P, an official recommendation of the W3C Web standards body, is a Web technology that all browsers and sites can support. Sites use P3P to describe how they intend to use cookies and user information. By supporting P3P, browsers can block or allow cookies to honor user privacy preferences with respect to the site’s stated intentions. ... Technically, Google utilizes a nuance in the P3P specification that has the effect of bypassing user preferences about cookies. The P3P specification (in an attempt to leave room for future advances in privacy policies) states that browsers should ignore any undefined policies they encounter. Google sends a P3P policy that fails to inform the browser about Google’s use of cookies and user information. Google’s P3P policy is actually a statement that it is not a P3P policy." -
Test-Tube Burgers Coming Soon
ananyo writes "A burger made entirely from lab-grown meat is expected to be unveiled by October this year. But costing in excess of $250,000, it's not going to be flying off supermarket shelves quite yet. The lab meat is produced using adult stem cells, which are then grown on scaffolds in cell-culture media. Because such lab-assembled muscle is weak, it has to be 'bulked up' by exposing to electric shocks. The researchers, based in the Netherlands, had already grown goldfish fillets in 2002, then fried them in breadcrumbs before giving them to an 'odor and sight' panel to assess whether they seemed edible." While I'm not overly enthusiastic about this Dutch attempt at growing burgers, it is a huge step-up from the Japanese effort. -
Google Seeks To Plant Antenna Farm In Iowa
1sockchuck writes "Google is seeking permission to place satellite antennas on land near its data center in Council Bluffs, Iowa. The 4.5 meter antennas could be used to receive content feeds from broadcast networks that could be bundled with a high-speed fiber service. The FCC filings were made by Google Fiber, which is currently laying fiber for a high-speed network in Kansas City that will provide Internet connectivity 'at speeds more than 100 times faster than what most Americans have today.'" -
LightSquared Hires Lawyers To Prep For GPS Battle
itwbennett writes "Following Tuesday's FCC ruling saying that the company's LTE network interferes with GPS, LightSquared's primary investor Philip Falcone is looking to sue the FCC and the GPS industry. Alternately, Falcone is considering ways to appeal the FCC's decision or even swap spectrum with the Department of Defense." -
Canada's Online Surveillance Bill: Section 34 "Opens Door To Big Brother"
Saint Aardvark writes "Canada's proposed online surveillance bill looked bad enough when it was introduced, but it gets worse: Section 34 allows access to any telco place or equipment, and to any information contained there — with no restrictions, no warrants, and no review. From the article: 'Note that such all-encompassing searches require no warrant, and don't even have to be in the context of a criminal investigation. Ostensibly, the purpose is to ensure that the ISP is complying with the requirements of the act — but nothing in the section restricts the inspector to examining or seizing only information bearing upon that issue. It's still "any" information whatsoever.'" -
Heartland Institute Threatens To Sue Anyone Who Comments On Leaked Documents
Layzej writes "Bloggers around the world have been commenting on recently leaked Heartland Institute documents that reveal their internal strategies to discredit climate science. These posters are now under threat of legal action. According to the Heartland Institute 'the individuals who have commented so far on these documents did not wait for Heartland to confirm or deny the authenticity of the documents. We believe their actions constitute civil and possibly criminal offenses for which we plan to pursue charges and collect payment for damages'" -
Human Rights Groups Push To Save Condemned Programmer In Iran
First time accepted submitter debiangruven writes "Human rights Groups are making one final plea to save the life of Canadian programmer, Saeed Malekpour, who was sentenced to death for writing a program to upload photos to the Internet. From the article: 'Malekpour's supporters have created Facebook pages and websites in his support dating to at least 2009. Amnesty International has requested on its website that concerned individuals write Iranian authorities inside and outside the country to demand that Malekpour not be executed." -
Apple Settles Antennagate Class-Action Lawsuit
An anonymous reader writes "A preliminary settlement has been reached in the class-action lawsuit brought against Apple in June 2010 over the 'Antennagate' fiasco. Ira Rothken, co-lead counsel for the case, says there are 21 million people entitled to either $15 or a free bumper. 'The settlement comes from 18 separate lawsuits that were consolidated into one. All share the claim that Apple was "misrepresenting and concealing material information in the marketing, advertising, sale, and servicing of its iPhone 4 — particularly as it relates to the quality of the mobile phone antenna and reception and related software." The settlement has its own Web site, www.iPhone4Settlement.com, which will be up in the coming weeks (the site doesn't go anywhere right now). There, customers will be able to get information about the settlement and how to make a claim. As part of the arrangement, e-mails will also be sent alerting original buyers to the settlement before April 30, 2012. The claims period is then open for 120 days.'" -
Is the Government Scaring Web Businesses Out of the US?
suraj.sun sends this quote from an article at Techdirt: "The federal government has been paying lip service to the idea that it wants to encourage new businesses and startups in the U.S. And this is truly important to the economy, as studies have shown that almost all of the net job growth in this country is coming from internet startups. ... With the JotForm situation unfolding, where the U.S. government shut down an entire website with no notice or explanation, people are beginning to recognize that the U.S is not safe for internet startups. Lots of folks have been passing around [a] rather reasonable list of activities for U.S.-based websites." -
Deadly H5N1 Flu Studies To Stay Secret... For Now
Edsj writes "A spokesman for the World Health Organization announced that an agreement had been reached, after a debate, to keep details secret of the controversial work about the highly pathogenic H5N1 avian flu virus until deeper risk analyses have been carried out. The scientists who made the study, led by Ron Fouchier, still want to release the full paper at some future date for public viewing, but for the time being, the NSABB got what it wanted." The moratorium will be extended "probably for several months." -
Deadly H5N1 Flu Studies To Stay Secret... For Now
Edsj writes "A spokesman for the World Health Organization announced that an agreement had been reached, after a debate, to keep details secret of the controversial work about the highly pathogenic H5N1 avian flu virus until deeper risk analyses have been carried out. The scientists who made the study, led by Ron Fouchier, still want to release the full paper at some future date for public viewing, but for the time being, the NSABB got what it wanted." The moratorium will be extended "probably for several months." -
Book Review: Java Performance
jkauzlar writes "The standard Oracle JVM has about sixty 'developer' (-XX) options which are directly related to performance monitoring or tuning. With names such as 'UseMPSS' or 'AllocatePrefetchStyle', it's clear that Joe Schmo Code Monkey was not meant to be touching them, at least until he/she learned how the forbidding inner recesses of the JVM work, particularly the garbage collectors and 'just-in-time' compiler. This dense, 600-page book will not only explain these developer options and the underlying JVM technology, but discusses performance, profiling, benchmarking and related tools in surprising breadth and detail. Not all developers will gain from this knowledge and a few will surrender to the book's side-effect of being an insomnia treatment, but for those responsible for maintaining production software, this will be essential reading and a useful long-term reference." Keep reading for the rest of jkauzlar's review. Java Performance author Charlie Hunt and Binu John pages 693 publisher Addison Wesley rating 9/10 reviewer Joe ISBN 0-13-290525-6 summary Java performance monitoring and tuning In my experience, performance tuning is not something that is given much consideration until a production program blows up and everyone is running around in circles with sirens blaring and red lights flashing. You shouldn't need a crisis however before worrying about slow responsiveness or long pauses while the JVM collects garbage at inconvenient times. If there's an opportunity to make something better, if only by five percent, you should take it, and the first step is to be aware of what those opportunities might be.
First off, here's a summary of the different themes covered:
The JVM technology: Chapter 3 in particular is dedicated to explaining, in gory detail, the internal design of the JVM, including the Just-In-Time Compiler and garbage collectors. Being requisite knowledge for anyone hoping to make any use of the rest of the book, especially the JVM tuning options, a reader would hope for this to be explained well, and it is.
JVM Tuning: Now that you know something about compilation and garbage collection, it's time to learn what control you actually have over these internals. As mentioned earlier, there are sixty developer options, as well as several standard options, at your disposal. The authors describe these throughout sections of the book, but summarize each in the first appendix.
Tools: The authors discuss tools useful for monitoring the JVM process at the OS level, tools for monitoring the internals of the JVM, profiling, and heap-dump analysis. When discussing OS tools, they're good about being vendor-neutral and cover Linux as well as Solaris and Windows. When discussing Java-specific tools, they tend to have bias toward Oracle products, opting, for example, to describe NetBean's profiler without mentioning Eclipse's. This is a minor complaint.
Benchmarking: But what good would knowledge of tuning and tools be without being able to set appropriate performance expectations. A good chunk of the text is devoted to lessons on the art of writing benchmarks for the JVM and for an assortment of application types.
Written by two engineers for Oracle's Java performance team (one former and one current), this book is as close to being the de facto document on the topic as you can get and there's not likely to be any detail related to JVM performance that these two men don't already know about.
Unlike most computer books, there's a lot of actual discussion in Java Performance, as opposed to just documentation of features. In other words, there are pages upon pages of imposing text, indicating that you actually need to sit down and read it instead of casually flipping to the parts you need at the moment. The subject matter is dry, and the authors thankfully don't try to disguise this with bad humor or speak down to the reader. In fact, it can be a difficult read at times, but intermediate to advanced developers will pick up on it quickly.
What are the book's shortcomings?
Lack of real-world case studies: Contrived examples are provided here and there, but I'm really, seriously curious to know what the authors, with probably two decades between them consulting on Java performance issues, have accomplished with the outlined techniques. Benchmarking and performance testing can be expensive processes and the main question I'm left with is whether it's actually worth it. The alternatives to performance tuning, which I'm more comfortable with, are rewriting the code or making environmental changes (usually hardware).
3rd Party tool recommendations: The authors have evidently made the decision not to try to wade through the copious choices we have for performance monitoring, profiling, etc, with few exceptions. That's understandable, because 1) they need to keep the number of pages within reasonable limits, and 2) there's a good chance they'll leave out a worthwhile product and have to apologize, or that better products will come along. From my point of view, however, these are still choices I have to make as a developer and it'd be nice to have the information with the text as I'm reading.
As you can see, the problems I have with the book are what is missing from it and not with what's already in there. It's really a fantastic resource and I can't say much more than that the material is extremely important and that if you're looking to improve your understanding of the material, this is the book to get.
You can purchase Java Performance from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page. -
Book Review: Java Performance
jkauzlar writes "The standard Oracle JVM has about sixty 'developer' (-XX) options which are directly related to performance monitoring or tuning. With names such as 'UseMPSS' or 'AllocatePrefetchStyle', it's clear that Joe Schmo Code Monkey was not meant to be touching them, at least until he/she learned how the forbidding inner recesses of the JVM work, particularly the garbage collectors and 'just-in-time' compiler. This dense, 600-page book will not only explain these developer options and the underlying JVM technology, but discusses performance, profiling, benchmarking and related tools in surprising breadth and detail. Not all developers will gain from this knowledge and a few will surrender to the book's side-effect of being an insomnia treatment, but for those responsible for maintaining production software, this will be essential reading and a useful long-term reference." Keep reading for the rest of jkauzlar's review. Java Performance author Charlie Hunt and Binu John pages 693 publisher Addison Wesley rating 9/10 reviewer Joe ISBN 0-13-290525-6 summary Java performance monitoring and tuning In my experience, performance tuning is not something that is given much consideration until a production program blows up and everyone is running around in circles with sirens blaring and red lights flashing. You shouldn't need a crisis however before worrying about slow responsiveness or long pauses while the JVM collects garbage at inconvenient times. If there's an opportunity to make something better, if only by five percent, you should take it, and the first step is to be aware of what those opportunities might be.
First off, here's a summary of the different themes covered:
The JVM technology: Chapter 3 in particular is dedicated to explaining, in gory detail, the internal design of the JVM, including the Just-In-Time Compiler and garbage collectors. Being requisite knowledge for anyone hoping to make any use of the rest of the book, especially the JVM tuning options, a reader would hope for this to be explained well, and it is.
JVM Tuning: Now that you know something about compilation and garbage collection, it's time to learn what control you actually have over these internals. As mentioned earlier, there are sixty developer options, as well as several standard options, at your disposal. The authors describe these throughout sections of the book, but summarize each in the first appendix.
Tools: The authors discuss tools useful for monitoring the JVM process at the OS level, tools for monitoring the internals of the JVM, profiling, and heap-dump analysis. When discussing OS tools, they're good about being vendor-neutral and cover Linux as well as Solaris and Windows. When discussing Java-specific tools, they tend to have bias toward Oracle products, opting, for example, to describe NetBean's profiler without mentioning Eclipse's. This is a minor complaint.
Benchmarking: But what good would knowledge of tuning and tools be without being able to set appropriate performance expectations. A good chunk of the text is devoted to lessons on the art of writing benchmarks for the JVM and for an assortment of application types.
Written by two engineers for Oracle's Java performance team (one former and one current), this book is as close to being the de facto document on the topic as you can get and there's not likely to be any detail related to JVM performance that these two men don't already know about.
Unlike most computer books, there's a lot of actual discussion in Java Performance, as opposed to just documentation of features. In other words, there are pages upon pages of imposing text, indicating that you actually need to sit down and read it instead of casually flipping to the parts you need at the moment. The subject matter is dry, and the authors thankfully don't try to disguise this with bad humor or speak down to the reader. In fact, it can be a difficult read at times, but intermediate to advanced developers will pick up on it quickly.
What are the book's shortcomings?
Lack of real-world case studies: Contrived examples are provided here and there, but I'm really, seriously curious to know what the authors, with probably two decades between them consulting on Java performance issues, have accomplished with the outlined techniques. Benchmarking and performance testing can be expensive processes and the main question I'm left with is whether it's actually worth it. The alternatives to performance tuning, which I'm more comfortable with, are rewriting the code or making environmental changes (usually hardware).
3rd Party tool recommendations: The authors have evidently made the decision not to try to wade through the copious choices we have for performance monitoring, profiling, etc, with few exceptions. That's understandable, because 1) they need to keep the number of pages within reasonable limits, and 2) there's a good chance they'll leave out a worthwhile product and have to apologize, or that better products will come along. From my point of view, however, these are still choices I have to make as a developer and it'd be nice to have the information with the text as I'm reading.
As you can see, the problems I have with the book are what is missing from it and not with what's already in there. It's really a fantastic resource and I can't say much more than that the material is extremely important and that if you're looking to improve your understanding of the material, this is the book to get.
You can purchase Java Performance from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page. -
Former Goldman Programmer's Conviction Overturned
i_want_you_to_throw_ writes "The legal woes will soon be over for Sergey Aleynikov, a former Goldman Sachs Group computer programmer who had been convicted of stealing part of the Wall Street bank's high-frequency trading code. A federal appeals court overturned his conviction and recommended acquittal. We previously discussed this story when he was sentenced to 97 months in prison. It will be interesting to see their reasoning (an opinion is to be released) as well as what this may mean for other programmers developing high frequency trading code." -
SCO vs. IBM Trial Back On Again
D___Breath writes "The lawsuit SCO started years ago against IBM (but really against Linux) is back on again. SCO first filed this clue-challenged lawsuit in March 2003. SCO claimed Linux was contaminated with code IBM stole from UNIX and that it was impossible to remove the infringement. Therefore, said SCO, all Linux users owe SCO a license fee of $1399 per cpu — but since SCO are such great guys, for a limited time, you can pay only $699 per CPU for your dirty, infringing copy of Linux. Of course, Novell claimed and later proved in court that SCO doesn't even own the copyrights on UNIX that it is suing over. IBM claims there is no infringing code in Linux. SCO never provided evidence of the massive infringement it claimed existed. The court ordered SCO three times to produce its evidence, twice extending the deadline, until it set a 'final' deadline of Dec 22, 2005 — which came and went — with SCO producing nothing but a lot of hand waving. In the meantime, SCO filed for bankruptcy protection in September 2007 because it was being beaten up in court so badly with the court going against SCO." -
SCO vs. IBM Trial Back On Again
D___Breath writes "The lawsuit SCO started years ago against IBM (but really against Linux) is back on again. SCO first filed this clue-challenged lawsuit in March 2003. SCO claimed Linux was contaminated with code IBM stole from UNIX and that it was impossible to remove the infringement. Therefore, said SCO, all Linux users owe SCO a license fee of $1399 per cpu — but since SCO are such great guys, for a limited time, you can pay only $699 per CPU for your dirty, infringing copy of Linux. Of course, Novell claimed and later proved in court that SCO doesn't even own the copyrights on UNIX that it is suing over. IBM claims there is no infringing code in Linux. SCO never provided evidence of the massive infringement it claimed existed. The court ordered SCO three times to produce its evidence, twice extending the deadline, until it set a 'final' deadline of Dec 22, 2005 — which came and went — with SCO producing nothing but a lot of hand waving. In the meantime, SCO filed for bankruptcy protection in September 2007 because it was being beaten up in court so badly with the court going against SCO." -
SCO vs. IBM Trial Back On Again
D___Breath writes "The lawsuit SCO started years ago against IBM (but really against Linux) is back on again. SCO first filed this clue-challenged lawsuit in March 2003. SCO claimed Linux was contaminated with code IBM stole from UNIX and that it was impossible to remove the infringement. Therefore, said SCO, all Linux users owe SCO a license fee of $1399 per cpu — but since SCO are such great guys, for a limited time, you can pay only $699 per CPU for your dirty, infringing copy of Linux. Of course, Novell claimed and later proved in court that SCO doesn't even own the copyrights on UNIX that it is suing over. IBM claims there is no infringing code in Linux. SCO never provided evidence of the massive infringement it claimed existed. The court ordered SCO three times to produce its evidence, twice extending the deadline, until it set a 'final' deadline of Dec 22, 2005 — which came and went — with SCO producing nothing but a lot of hand waving. In the meantime, SCO filed for bankruptcy protection in September 2007 because it was being beaten up in court so badly with the court going against SCO." -
Small, Modular Nuclear Reactors — the Future of Energy?
cylonlover writes "This year is a historic one for nuclear power, with the first reactors winning U.S. government approval for construction since 1978. Some have seen the green lighting of two Westinghouse AP1000 reactors to be built in Georgia as the start of a revival of nuclear power in the West, but this may be a false dawn because of the problems besetting conventional reactors. It may be that when a new boom in nuclear power comes, it won't be led by giant gigawatt installations, but by batteries of small modular reactors (SMRs) with very different principles from those of previous generations. However, while it's a technology of great diversity and potential, many obstacles stand in its path. This article takes an in-depth look at the many forms of SMRs, their advantages, and the challenges they must overcome." -
Are UK Police Hacking File-Sharers' Computers?
superglaze writes "Following its takedown earlier this week of the music blog RnBXclusive, the UK's Serious Organised Crime Agency (SOCA) has claimed that "a number of site users have deleted their download histories" in response. Given that the site didn't host copyright-infringing files itself, how do they know? We've asked, but SOCA refuses to discuss its methods. A security expert has pointed out that, if they were hacking using Trojans, the police would themselves have been breaking the law. Added fun fact: SOCA readily admits that the scare message it showed visitors to the taken-down site was written 'with input from industry.'" -
Study Says Fracking is Safe In Theory But Often Not In Practice
First time accepted submitter chadenright writes "A university study asserts that the problems caused by the gas extraction process known as hydraulic fracturing, or 'fracking,' arise because drilling operations aren't doing it right. The process itself isn't to blame, according to the study, released today by the Energy Institute at the University of Texas at Austin." -
Double Fine Adventure Will Be Available DRM Free For IOS, Android
New submitter Garth Smith writes "Tim Schafer has a video update for his crowdsourced project, Double Fine Adventure. Because of the nearly $2 million in funding, the budget is now large enough for language translations, voice acting, music, and more platforms. The XBox and PS3 are absent. I wonder what would the chances of a DRM-free release have been if funding had come from a traditional publisher?" -
Oracle Claims Dramatic MySQL Performance Improvements
New submitter simula67 writes "Oracle wins back some karma from the open source community by releasing MySQL cluster 7.2 with ambitious claims of 70x performance gains. The new release is GPL and claims to have processed over 1 billion queries per minute. Readers may remember the story about Oracle adding commercial extensions to MySQL." -
Booktype: An Open Source, Cross-Platform Approach To E-Book Publishing
Despite Apple's protestation that the iBooks Author EULA was misinterpreted, the idea of a book publishing system that could be used to grab copyright of the prepared text is annoying — like the sort of EULAs that seem to give photo-sharing sites unlimited re-use rights of hosted personal photos. New submitter rohangarg points out a publishing system which shouldn't have such problems, and is nicely cross-platform besides: "A new open-source digital writing and publishing platform has been launched by non-profit group Sourcefabric. Booktype allows for collaborative editing and writing of books that can be easily outputted to on-demand print services and eReaders such as the Amazon Kindle, Nook, iPad, and more with a few simple clicks. Booktype source can be found here." The online demo also leads to some downloadable examples (as PDFs). -
Booktype: An Open Source, Cross-Platform Approach To E-Book Publishing
Despite Apple's protestation that the iBooks Author EULA was misinterpreted, the idea of a book publishing system that could be used to grab copyright of the prepared text is annoying — like the sort of EULAs that seem to give photo-sharing sites unlimited re-use rights of hosted personal photos. New submitter rohangarg points out a publishing system which shouldn't have such problems, and is nicely cross-platform besides: "A new open-source digital writing and publishing platform has been launched by non-profit group Sourcefabric. Booktype allows for collaborative editing and writing of books that can be easily outputted to on-demand print services and eReaders such as the Amazon Kindle, Nook, iPad, and more with a few simple clicks. Booktype source can be found here." The online demo also leads to some downloadable examples (as PDFs). -
Scientists Study How Little Exercise You Need
Hugh Pickens writes "Millions of Americans don't engage in much exercise, if they complete any at all and asked why, a majority of respondents, in survey after survey, say, 'I don't have time.' Now Gretchen Reynolds reports that instead of wondering just how much exercise people really need in order to gain health and fitness, a group of scientists in Canada are turning that issue on its head and asking, how little exercise do we need to maintain fitness and the answer appears to be, a lot less than most of us think — provided we're willing to work a bit. Most people have heard of intervals, or repeated, short, sharp bursts of strenuous activity, interspersed with rest periods. Almost all competitive athletes strategically employ a session or two of interval training every week to improve their speed and endurance. Researchers have developed a version of high-intensity interval training (HIIT) that involves one minute of strenuous effort, at about 90 percent of a person's maximum heart rate (which most of us can estimate, very roughly, by subtracting our age from 220), followed by one minute of easy recovery. The effort and recovery are repeated 10 times, for a total of 20 minutes and the interval training is performed twice a week. Despite the small time commitment of this modified HIIT program, after several weeks of practicing it, both the unfit volunteers and the cardiac patients showed significant improvements in their health and fitness. 'A growing body of evidence demonstrates that high-intensity interval training can serve as an effective alternate to traditional endurance-based training, inducing similar or even superior physiological adaptations in healthy individuals and diseased populations, at least when compared on a matched-work basis.'" -
Buy an Elite HP PC, Get Your Own Support Staffer
jfruh writes "HP reversed its decision to spin off its PC business, but it's still left with the question of how to make money in a commodity business selling standard-issue machines manufactured overseas. One idea they're contemplating: improved customer service. If you buy an HP 'Elite' PC and have problems, you won't have to phone into a tech support call center where an entry-level drone reads off a script and tells you to reboot the machine; you'll have access to a specific support tech who will work with you as long as you own the computer." -
Factorable Keys: Twice As Many, But Half As Bad
J. Alex Halderman and Nadia Heninger write in with an update to yesterday's story on RSA key security: "Yesterday Slashdot posted that RSA keys are 99.8% secure in the real world. We've been working on this concurrently, and as it turns out, the story is a bit more complicated. Those factorable keys are generated by your router and VPN, not bankofamerica.com. The geeky details are pretty nifty: we downloaded every SSL and SSH keys on the internet in a few days, did some math on 100 million digit numbers, and ended up with 27,000 private keys. (That's 0.4% of SSL keys in current use.) We posted a long blog post summarizing our findings over at Freedom to Tinker." -
NASDAQ and BATS DDoSed
DMandPenfold writes with a quote from an article in Computer World: NASDAQ and BATS saw their sites disrupted during the day on Monday and Tuesday respectively. The sites host company news and share price data, as well as vital information on live service status on the exchanges. It is understood, however, that while the websites were affected, the stock exchanges continued to trade as normal with no change to trading. A spokesperson at BATS said the exchange's site had been hit with 'an external Distributed Denial Of Service incident.' Our trading systems were not affected and there were no exchange customer disruptions associated with the incident.' ... NASDAQ told the Wall Street Journal that on Tuesday it experienced 'intermittent service disruptions on our corporate websites.' It is not known who initiated the attacks. In 2010, NASDAQ's Directors Desk online scheduling application was compromised by hackers. An FBI investigation found that the stock exchange's aging software and out of date security patches played a key part in the problems." -
Legislation For 18+ Games Hits Australian Parliament
angry tapir writes "Legislation to pave the way for an R18+ (adults only) classification of video games has just been introduced into the Australian parliament by the minister for home affairs. The state and territories will still have to pass complementary legislation, however. Currently the highest rating for a game in Australia is MA15+, with games that didn't meet the criteria being refused classification, leading to content being gutted prior to release or games just not being released. The legislation marks a victory for a long campaign by gamers (notably lobby group Grow Up Australia). The current legislation, which will take effect on January 1 next year providing it makes it through the lower and upper houses, merely introduces an R18+ classification, falling short of the complete classification overhaul proposed by the Australian Law Reform Commission."