Domain: slashdot.org
Stories and comments across the archive that link to slashdot.org.
Stories · 37,380
-
The Logical Leap: Induction In Physics
FrederickSeiler writes "When David Harriman, this book's author, was studying physics at Berkeley, he noticed an interesting contrast: 'In my physics lab course, I learned how to determine the atomic structure of crystals by means of x-ray diffraction and how to identify subatomic particles by analyzing bubble-chamber photographs. In my philosophy of science course, on the other hand, I was taught by a world-renowned professor (Paul Feyerabend) that there is no such thing as scientific method and that physicists have no better claim to knowledge than voodoo priests. I knew little about epistemology [the philosophy of knowledge] at the time, but I could not help noticing that it was the physicists, not the voodoo priests, who had made possible the life-promoting technology we enjoy today.' Harriman noticed the enormous gulf between science as it is successfully practiced and science as is it described by post-Kantian philosophers such as Feyerabend, who are totally unable to explain the spectacular achievements of modern science." Read on for the rest of Frederick's review. The Logical Leap: Induction In Physics author David Harriman pages 272 publisher NAL Trade rating 9/10 reviewer Frederick Seiler ISBN 0451230051 summary Explains how scientists discover the laws of nature Logical Leap: Induction in Physics attempts to bridge this gap between philosophy and science by providing a philosophical explanation of how scientists actually discover things. A physicist and physics teacher by trade, he worked with philosopher Leonard Peikoff to understand the process of induction in physics, and this book is a result of their collaboration.
Induction is one of the two types of logical argument; the other type is deduction. First described by Aristotle, deduction covers arguments like the following: (1) All men are mortal. (2) Socrates is a man. (3) Therefore, Socrates is mortal. Deductive arguments start with generalizations ("All men are mortal.") and apply them to specific instances ("Socrates"). Deductive logic is well understood, but it relies on the truth of the generalizations in order to yield true conclusions.
So how do we make the correct generalizations? This is the subject of the other branch of logic induction and it is obviously much more difficult than deduction. How can we ever be justified in reasoning from a limited number of observations to a sweeping statement that refers to an unlimited number of objects? In answering this question Harriman presents an original theory of induction, and he shows how it is supported by key developments in the history of physics.
The first chapter presents the philosophical foundations of the theory, which builds directly on the theory of concepts developed by Ayn Rand. Unfortunately for the general reader, Harriman assumes familiarity with Rand's theory of knowledge, including her views of concepts as open-ended, knowledge as hierarchical, certainty as contextual, perceptions as self-evident, and arbitrary ideas as invalid. Those unfamiliar with these ideas may find this section to be confusing. But the good news is that those readers can then proceed to the following chapters, which flesh out the theory and show how it applies to key developments in the history of physics (and the related fields of astronomy and chemistry). These chapters do a wonderful job at bringing together the physics and the philosophy, clarifying both in the process.
Harriman argues that as concepts form a hierarchy, generalizations form a hierarchy as well; more abstract generalizations rest on simpler, more direct ones, relying ultimately on a rock-solid base of "first-level" generalizations which are directly, perceptually obvious, such as the toddler's grasp of the fact that "pushed balls roll." First-level generalizations are formed from our direct experiences, in which the open-ended nature of concepts leads to generalizations. Higher-level generalizations are formed based on lower-level ones, using Mill's Methods of Agreement and Difference to identify causal connections, while taking into account the entirety of one's context of knowledge.
Ayn Rand held that because of the hierarchical nature of our knowledge, it is possible to take any valid idea (no matter how advanced), and identify its hierarchical roots, i.e. the more primitive, lower-level ideas on which it rests, tracing these ideas all the way back to directly observable phenomena. Rand used the word "reduction" to refer to this process. In a particularly interesting discussion, Harriman shows how the process of reduction can be applied to the idea that "light travels in straight lines," identifying such earlier ideas as the concept "shadow" and finally the first-level generalization "walls resist hammering hands."
Harriman's discussion of the experimental method starts with a description of Galileo's experiments with pendulums. Galileo initially noticed that the period of a pendulum's swing seems to be the same for different swing amplitudes, so he decided to accurately measure this time period to see if it is really true. Concluding that the period is indeed constant, he then did further experiments. He selectively varied the weight and material of the pendulum's bob, and the length of the pendulum. This led him to the discovery that a pendulum's length is proportional to the square of its period. Harriman notes the experiments that Galileo did not perform: 'He saw no need to vary every known property of the pendulum and look for a possible effect on the period. For example, he did not systematically vary the color, temperature, or smell of the pendulum bob; he did not investigate whether it made a difference if the pendulum arm is made of cotton twine or silk thread. Based on everyday observation, he had a vast pre-scientific context of knowledge that was sufficient to eliminate such factors as irrelevant. To call such knowledge "pre-scientific" is not to cast doubt on its objectivity; such lower-level generalizations are acquired by the implicit use of the same methods that the scientist uses deliberately and systematically, and they are equally valid.' One powerful tool for avoiding nonproductive speculations in science is Ayn Rand's concept of the arbitrary, and Harriman brilliantly clarifies this idea in the section on Newton's optical experiments. An arbitrary idea is one for which there is no evidence; it is an idea put forth based solely on whim or faith. Rand held that an arbitrary idea cannot be valid even as a possibility; in order to say "it is possible," one needs to have evidence (which can consist of either direct observations or reasoning based on observations).
Newton began his research on colors with a wide range of observations, which led him to his famous and brilliant experiments with prisms. Harriman presents the chain of reasoning and experimentation which led Newton to conclude that white light consists of a mixture of all of the colors, which are separated by refraction.
Isaac Newton said that he "framed no hypotheses," and here he was referring to his rejection of the arbitrary. When Descartes claimed without any evidence that light consists of rotating particles with the speed of rotation determining the color; and when Robert Hooke claimed without any evidence that white light consists of a symmetrical wave pulse, which results in colors when the wave becomes distorted; these ideas were totally arbitrary, and they deserved to be thrown out without further consideration: "Newton understood that to accept an arbitrary idea even as a mere possibility that merits consideration undercuts all of one's knowledge. It is impossible to establish any truth if one regards as valid the procedure of manufacturing contrary 'possibilities' out of thin air." This rejection of the arbitrary may be expressed in a positive form: Scientists should be focused on reality, and only on reality.
After discussing the rise of experimentation in physics, Harriman turns to the Copernican revolution, the astronomical discoveries of Galileo and Kepler, and the grand synthesis of Newton's laws of motion and of universal gravitation. But this reviewer found the most historically interesting chapter to be the one about the atomic theory of matter; this chapter is a cautionary tale about the lack of objective standards for evaluating theories. This story then leads to Harriman proposing a set of specific criteria of proof for scientific theories.
The final, concluding chapter addresses several broader issues, including why mathematics is fundamental to the science of physics, how the science of philosophy is different than physics, and finally, how modern physics has gone down the wrong path due to the lack of a proper theory of induction.
So, with the publication of Logical Leap, has the age-old "problem of induction" now been solved? On this issue, the reader must judge for himself. What is clear to this reviewer is that Harriman has presented an insightful, thought-provoking and powerful new theory about how scientists discover the laws of nature.
You can purchase The Logical Leap: Induction In Physics from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page. -
Mars Journal Issue Inspires Hundreds of One-Way Trip Volunteers
Velcroman1 writes "An interplanetary trip to Mars could take as little as 10 months, but returning would be virtually impossible — making the voyage a form of self-imposed exile from Earth unlike anything else in human history. What would inspire someone to volunteer? A special edition of the Journal of Cosmology detailed exactly how a privately-funded, one-way mission to Mars could depart as soon as 20 years from now — and it prompted more than 400 readers to volunteer as colonists. 'I've had a deep desire to explore the universe ever since I was a child and understood what a rocket was,' said Peter Greaves, the father of three, and a jack-of-all-trades who started his own motorcycle dispatch company and fixes computers and engines on the side. 'I envision life on Mars to be stunning, frightening, lonely, quite cramped and busy,' he said. Given the difficulties of the mission, Lana Tao, the editor of the Journal, said she was surprised by the response. 'At first we thought the e-mails were a joke... then we realized they were completely serious.'" Of course, they'd have to compete with the thousands of you who said you'd go. -
FreeBSD Running On PS3
An anonymous reader writes "One week after Sony's PlayStation 3 private cryptography key was obtained, FreeBSD is up and running on the PS3. Nathan Whitehorn writes: 'Yesterday, I imported support for the Sony Playstation 3 into our 64-bit PowerPC port, expanding our game console support into the current generation. There are still a few rough edges due to missing hardware support, but the machine boots and runs FreeBSD stably. These rough edges should be smoothed out in time for the 9.0 release.'" Update: 01/10 15:04 GMT by KD : As several commenters have pointed out, the submission was misleading in that BSD runs in OtherOS, making no use of the cracked keys. -
FreeBSD Running On PS3
An anonymous reader writes "One week after Sony's PlayStation 3 private cryptography key was obtained, FreeBSD is up and running on the PS3. Nathan Whitehorn writes: 'Yesterday, I imported support for the Sony Playstation 3 into our 64-bit PowerPC port, expanding our game console support into the current generation. There are still a few rough edges due to missing hardware support, but the machine boots and runs FreeBSD stably. These rough edges should be smoothed out in time for the 9.0 release.'" Update: 01/10 15:04 GMT by KD : As several commenters have pointed out, the submission was misleading in that BSD runs in OtherOS, making no use of the cracked keys. -
Hosting Company Appears To Be Violating the GPL [Resolved]
palegray.net writes "A web hosting provider called Appnor has recently moved the network diagnostics utility WinMTR off of SourceForge, and is now claiming the program to be a closed source, commercial application (it was previously made available under the GPL). I emailed the current maintainer of the original mtr utility about this, and have been informed that this event most likely constitutes an overt GPL violation, as it is presumed that WinMTR contains mtr code. Appnor claims that they have the right to do this, as there have been no external contributions to WinMTR in over ten years. I'm not a lawyer, but I don't think copyright law works that way." Update: 01/10 18:24 GMT by KD : The CEO of Appnor, Dragos Manac, has posted a response, claiming that no GPL violation occurred, and promising to revert the code to GPLv2 by the end of the week.
Update: 01/11 14:01 GMT by KD : That was fast. WinMTR announced that the code is now available under the GPLv2. -
Hosting Company Appears To Be Violating the GPL [Resolved]
palegray.net writes "A web hosting provider called Appnor has recently moved the network diagnostics utility WinMTR off of SourceForge, and is now claiming the program to be a closed source, commercial application (it was previously made available under the GPL). I emailed the current maintainer of the original mtr utility about this, and have been informed that this event most likely constitutes an overt GPL violation, as it is presumed that WinMTR contains mtr code. Appnor claims that they have the right to do this, as there have been no external contributions to WinMTR in over ten years. I'm not a lawyer, but I don't think copyright law works that way." Update: 01/10 18:24 GMT by KD : The CEO of Appnor, Dragos Manac, has posted a response, claiming that no GPL violation occurred, and promising to revert the code to GPLv2 by the end of the week.
Update: 01/11 14:01 GMT by KD : That was fast. WinMTR announced that the code is now available under the GPLv2. -
Twitter Fights US Court For WikiLeaks Details
An anonymous reader writes "Micro-blogging site Twitter is opposing an order from a US court to reveal the account details of supporters of WikiLeaks. Twitter has called on Facebook and Google to reveal whether they also received similar court orders. As part of the US government's investigation into WikiLeaks, a court ordered Twitter, in mid-December, to give details of accounts owned by supporters of the whistle-blower site. Twitter has protested against the subpoena and informed the individuals whose account information has been requested, while raising the possibility that other social networking players have received similar orders." -
Is Mark Zuckerberg the Next Steve Case?
theodp writes "With all signs for Facebook pointing up, author Douglas Rushkoff goes contra, arguing that Facebook hype will fade. 'Appearances can be deceiving,' says Rushkoff. 'In fact, as I read the situation, we are witnessing the beginning of the end of Facebook. These aren't the symptoms of a company that is winning, but one that is cashing out.' Rushkoff, who made a similar argument about AOL eleven years ago in a quashed NY Times op-ed, reminds us that AOL was also once considered ubiquitous and invincible, and former AOL CEO Steve Case was deemed no less a genius than Mark Zuckerberg. 'So it's not that MySpace lost and Facebook won,' concludes Rushkoff. 'It's that MySpace won first, and Facebook won next. They'll go down in the same order.'" -
Android Passes iPhone In US Market Share
Adrian writes "61.5 million people in the US owned smartphones during the three months ending in November 2010, up 10 percent from the preceding three-month period. For the first time, more Americans are using phones running Google's Android operating system than Apple's iPhone, but RIM's BlackBerry is still in first place, according to comScore. RIM fell from 37.6 percent to 33.5 percent market share of smartphones, Google captured second place among smartphone platforms by moving from 19.6 percent to 26.0 percent of US smartphone subscribers, and Apple slipped to third despite its growth from 24.2 percent to 25.0 percent of the market. Microsoft, in fourth place, fell into single digits from 10.8 percent to 9.0 percent while Palm was still last and further slipped from 4.6 percent to 3.9 percent." This is not unexpected, since Android sales have been outpacing iPhone sales for some time, but it happened significantly earlier than Gartner's prediction: Q4 2012. -
Android Passes iPhone In US Market Share
Adrian writes "61.5 million people in the US owned smartphones during the three months ending in November 2010, up 10 percent from the preceding three-month period. For the first time, more Americans are using phones running Google's Android operating system than Apple's iPhone, but RIM's BlackBerry is still in first place, according to comScore. RIM fell from 37.6 percent to 33.5 percent market share of smartphones, Google captured second place among smartphone platforms by moving from 19.6 percent to 26.0 percent of US smartphone subscribers, and Apple slipped to third despite its growth from 24.2 percent to 25.0 percent of the market. Microsoft, in fourth place, fell into single digits from 10.8 percent to 9.0 percent while Palm was still last and further slipped from 4.6 percent to 3.9 percent." This is not unexpected, since Android sales have been outpacing iPhone sales for some time, but it happened significantly earlier than Gartner's prediction: Q4 2012. -
Internet Downloading Costs To Rise In Canada
An anonymous reader writes "According to CBC News, 'Surfing and downloading from the internet is about to get more expensive for many Canadians as internet companies Shaw and Primus have announced plans to impose new fees and caps on internet usage. Over the past year, the CRTC, Canada's communication regulator, let Bell and Rogers start charging extra for customers who download a lot of data. ... Primus and Shaw have said they will begin passing on higher fees to their customers beginning Feb. 1. Primus, for example, rents bandwidth on Bell's networks and said Bell is inflating the costs for everyone, including them. 'It's an economic disincentive for internet use,' said Matt Stein, vice-president of network services for Primus. 'It's not meant to recover costs. In fact these charges that Bell has levied are many, many, many times what it costs to actually deliver it.'" -
When Should I Buy an Android Tablet?
jpyeck writes "I've deliberately avoided the smartphone craze, due to the fact I've never utilized any phone (landline or otherwise) enough to justify the monthly fees. But the geek in me craves the 'smart' part of the equation, especially since I got a bonus this year-end that is burning a hole in my pocket. The iPad is out of the question because I need a bit more hack-ability in my gadgets. I am drooling over the Android Honeycomb demo from the CES. I've had my eye on the Galaxy Tab, though it sounds like it won't support Honeycomb. The Xoom looks great, but who knows when it will come out? The consensus seems to be 'wait a few months for Honeycomb.' If you were me, with limited patience, would you buy an Android tablet now? If so, which?" -
Sandy Bridge Motherboards Dissected, Compared
crookedvulture writes "As we've learned, Intel's Sandy Bridge CPUs are pretty impressive. If you're going to build yourself a system with one, you'll need a new motherboard with an 1155-pin socket. The Tech Report has an in-depth look at four such boards based on Intel's P67 Express chipset. Although the boards offer identical application performance, there are notable differences between their power consumption and the speed of onboard peripherals like USB 3.0 and Serial ATA ports. Some implement the new UEFI BIOS framework while others do not, and the quality of those implementations varies quite a bit. Recommended reading for anyone thinking about rolling their own desktop with one of Intel's latest CPUs." -
Apple Pulls VLC Media Player From AppStore
An anonymous reader writes "Apple has removed VLC media player from the App Store, putting an end to the controversy on the license (in)compatibilities. Indeed, the iTunes page for VLC media player stopped working. VLC developer Rémi Denis-Courmont notes that he is 'not going to pity the owners of iDevices, and not even the MobileVLC developers who doubtless wasted a lot of their time. This end should not have come to a surprise to anyone.'" -
LotR Online's Free-To-Play Switch Tripled Revenue
Last June, Turbine made the decision to switch Lord of the Rings Online from a subscription-based business model to a free-to-play model supported by microtransactions. In a podcast interview with Ten Ton Hammer, Turbine executives revealed that the switch has gone well for the company, with game revenues roughly tripling. The active player base has also grown significantly in that time. Executive Producer Kate Paiz said, "This really echoes a lot of what we've seen throughout the entertainment industry in general. It's really about letting players make their choices about how they play." -
Facebook's Revenues Leaked
eldavojohn writes "Think that Goldman Sachs spent too much on Facebook with the $450 million investment? Well, a very wealthy customer of theirs decided to leak Facebook's financials yesterday after receiving it over lunch: '... during the first nine months of 2010, Facebook generated $1.2 billion in revenue. Net income at the firm was $355 million. The financial statements were not audited and offered little detail about how Facebook generates its revenue, said the source, who did not want to be identified because he had signed a non-disclosure agreement.' Expanding this nine-month period to a year yields $1.6 billion in revenue and under half a billion in income. Given that, should Facebook be valuated at $50 billion?" Reader frontwave adds news that other social tech companies are hurriedly considering IPOs of their own. -
Magnetic Pole Shift Affects Tampa Airport
RFSSystems writes "I thought this was an amazing and rather rare phenomenon and wanted to share. 'The airport has closed its primary runway until Jan. 13 to repaint the numeric designators at each end and change taxiway signage to account for the shift in location of the Earth's magnetic north pole.' It appears that the shifting poles have begun to affect air travel in a somewhat modest way. Could this also be the explanation for the falling/dead birds this week?" I hope the gradualists are right, but scenarios for rapid magnetic pole shift are fun to think about. -
Kneber Botnet Strikes, Targets Gov't Agencies
Batblue writes "A botnet fingered for stealing a treasure trove of information last year has struck again, harvesting sensitive documents from dozens of government agencies and contractors, according to a pair of security experts. The botnet, dubbed 'Kneber' by Alex Cox, principal research analyst at NetWitness, was behind a campaign of fake Christmas e-mails waged two weeks ago against government workers. NetWitness deals in advanced threat detection technologies, and conducts post mortem network forensics for firms that have been hit with attacks or data breaches." -
Smartphones For Text SSH Use Re-Revisited
Kainaw writes "This was asked in 2005 and 2008. I think it should be revisited yet again... With iPhone, Android, and Windows smartphones running around, which (if any) of them are well-suited to Unix/Linux server administration on the run? SSH is a must. A good screen resolution. A physical keyboard won't block the screen with a virtual keyboard. Many physical keyboards omit the numeric keys now, making the typing of numbers rather difficult. Nearly every smartphone has WiFi capability now. Some will do an X display through SSH tunnelling. So, pushing through all the bells and whistles that have nothing to do with effective server administration, what is left?" -
Smartphones For Text SSH Use Re-Revisited
Kainaw writes "This was asked in 2005 and 2008. I think it should be revisited yet again... With iPhone, Android, and Windows smartphones running around, which (if any) of them are well-suited to Unix/Linux server administration on the run? SSH is a must. A good screen resolution. A physical keyboard won't block the screen with a virtual keyboard. Many physical keyboards omit the numeric keys now, making the typing of numbers rather difficult. Nearly every smartphone has WiFi capability now. Some will do an X display through SSH tunnelling. So, pushing through all the bells and whistles that have nothing to do with effective server administration, what is left?" -
IBM's Jeopardy Strategy
jfruhlinger writes "Developing a computer that could play chess once seemed like a worthy AI goal — but it turned out to be something of a dead end, as chess is very abstract and simple when compared to the real world. Will creating a game-show-playing computer lead to more interesting results? IBM hopes so, and its Watson machine will tackle problems in parallel processing, data searching, and natural language comprehension in an attempt to beat Jeopardy legends Ken Jennings and Brad Rutter. " IBM announced the man vs. machine competition last month. -
Securing the Smart Grid
brothke writes "Securing the Smart Grid: Next Generation Power Grid Security, authors Tony Flick and Justin Morehouse provide a comprehensive and first-rate overview of smart grid technology and what is needed to ensure that it is developed and deployed in a secure and safe manner. An issue is that smart grid has significant amount of hype around it, including the promise that it will make energy more affordable, effective and green. With that, promises around security and privacy are often hard to obtain." Read on for the rest of Ben's review. Securing the Smart Grid: Next Generation Power Grid Security author Tony Flick and Justin Morehouse pages 320 publisher Syngress rating 9/10 reviewer Ben Rothke ISBN 1597495700 summary Excellent overview on smart grid technology and its related security, privacy and regulatory issues While the books notes early on that there is no singular definition of what defines smart grid, a generally accepted definition is that it is a "network of technologies providing real-time two-way communication that delivering electricity from utilities to consumers".
Most importantly, it is crucial to understand that the smart grid is an evolving environment, not a single entity or technology.
As important as the smart grid and security is, roughly 80% of Americans claim to know little or nothing about the smart grid, while 76% lack knowledge or understanding of smart meters, according to results of the latest Market Strategies International E2 Study.
From a security perspective, securing the smart grid is a complex endeavor. When you combined this with a public that is oblivious to the security and privacy issues, it gets worrisome quite fast.
The books 14 chapters provide a good overview of the various aspects of smart grid, energy and utility transmission, security, privacy attack vectors and more. The book offers a good balance of the topics, in a very readable format.
In chapter 1, the authors note that a smart grid is not a single device, application, system network, or even idea. And that there is no single authoritative definition for what a smart grid is. With that, the initial chapter sets and defines the various aspects to smart grid.
Chapter 2 provides an overview of the threats and impacts of smart metering at the consumer level. A large part of smart grid technologies is advanced metering infrastructure (AMI), which is a set of systems that measure, collect and analyze energy usage, and interact with advanced devices such as electricity meters, gas meters, heat meters, and water meters, through various communication media. Once smart grid is ubiquitous, AMI will be a hacker's platform of choice.
With all those benefits of AMI come security and privacy issues, and those open the metering infrastructure to smart thieves, stalkers, and a broad range of other threats and attacks. AMI also opens up a new set of privacy issues in that the AMI devices will be collecting significant amounts of personal energy data, which may or may not be transmitted over a secure channel.
Unfortunately, leaving security to vendors of home-based products has traditionally not been met with much success. Let's hope the smart grid vendors learn from the security debacles of the past and build effective and strong security into their products.
Chapter 4 notes that smart grid security is a matter of national security and that the US government is playing a large role in directing the effort. Numerous groups have efforts in place to secure smart grids, including DOE, FERC, DoC, DHS and more.
An important group working on this is the NIST Cyber Security Working Group (CSWG). The primary goal of the CSWG is to develop an overall cyber security strategy for the smart grid that includes a risk mitigation strategy to ensure interoperability of solutions across different domains/components of the infrastructure. This strategy addresses prevention, detection, response, and recovery.
The CSWG recently created NISTIR 7628 — Guidelines for Smart Grid Cyber Security, which complement everything detailed in this book. It also has the added benefit of being free. At 577 pages, it is also much more comprehensive.
Chapter 11 is especially fascinating, which deals with the topic of social networks and smart grid. While smart grid can leverage the power of social networking, it is inevitable that people will start tweeting about their energy usage. While that energy data may seem like an innocuous tweet, that information can be used to determine if the people are at home, on vacation, using specific appliances, etc.
For example, the Lyceum is the oldest building on the University of Mississippi campus. The Lyceum also has a twitter feed about its energy usage. While this is more informational, when individuals start sharing their energy usage, without effective social media controls, the security outcome is quite predictable. With that level of information disclosure, it is quite easy to determine if a family is home, not home, sleeping, entertaining guests, etc.
As to users who in the future will integrate tweets and other energy data into their social networking, the chapter illustrates how much of a security risk this can pose by detailing vampire energy cost estimates for over 75 different types of electronic products. Attackers can use the energy data and extrapolate what products are in use, when, and more.
The chapter concludes with a smart grid social networking security checklist. The smart grid social networking security checklist contains five categories for implementing basic security controls, name around: identity, authentication, information sharing, networking and usage.
The book also includes a number of sidebar Epic Fail stories, which detail major failures and catastrophes in various energy topics.
Overall, Securing the Smart Grid: Next Generation Power Grid Security provides an excellent overview on the state of smart grid technology and its related security, privacy and regulatory issues. The book provides an excellent introduction for anyone looking to understand what smart grid is all about, and its security and privacy issues.
You can purchase Securing the Smart Grid: Next Generation Power Grid Security from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page. -
Securing the Smart Grid
brothke writes "Securing the Smart Grid: Next Generation Power Grid Security, authors Tony Flick and Justin Morehouse provide a comprehensive and first-rate overview of smart grid technology and what is needed to ensure that it is developed and deployed in a secure and safe manner. An issue is that smart grid has significant amount of hype around it, including the promise that it will make energy more affordable, effective and green. With that, promises around security and privacy are often hard to obtain." Read on for the rest of Ben's review. Securing the Smart Grid: Next Generation Power Grid Security author Tony Flick and Justin Morehouse pages 320 publisher Syngress rating 9/10 reviewer Ben Rothke ISBN 1597495700 summary Excellent overview on smart grid technology and its related security, privacy and regulatory issues While the books notes early on that there is no singular definition of what defines smart grid, a generally accepted definition is that it is a "network of technologies providing real-time two-way communication that delivering electricity from utilities to consumers".
Most importantly, it is crucial to understand that the smart grid is an evolving environment, not a single entity or technology.
As important as the smart grid and security is, roughly 80% of Americans claim to know little or nothing about the smart grid, while 76% lack knowledge or understanding of smart meters, according to results of the latest Market Strategies International E2 Study.
From a security perspective, securing the smart grid is a complex endeavor. When you combined this with a public that is oblivious to the security and privacy issues, it gets worrisome quite fast.
The books 14 chapters provide a good overview of the various aspects of smart grid, energy and utility transmission, security, privacy attack vectors and more. The book offers a good balance of the topics, in a very readable format.
In chapter 1, the authors note that a smart grid is not a single device, application, system network, or even idea. And that there is no single authoritative definition for what a smart grid is. With that, the initial chapter sets and defines the various aspects to smart grid.
Chapter 2 provides an overview of the threats and impacts of smart metering at the consumer level. A large part of smart grid technologies is advanced metering infrastructure (AMI), which is a set of systems that measure, collect and analyze energy usage, and interact with advanced devices such as electricity meters, gas meters, heat meters, and water meters, through various communication media. Once smart grid is ubiquitous, AMI will be a hacker's platform of choice.
With all those benefits of AMI come security and privacy issues, and those open the metering infrastructure to smart thieves, stalkers, and a broad range of other threats and attacks. AMI also opens up a new set of privacy issues in that the AMI devices will be collecting significant amounts of personal energy data, which may or may not be transmitted over a secure channel.
Unfortunately, leaving security to vendors of home-based products has traditionally not been met with much success. Let's hope the smart grid vendors learn from the security debacles of the past and build effective and strong security into their products.
Chapter 4 notes that smart grid security is a matter of national security and that the US government is playing a large role in directing the effort. Numerous groups have efforts in place to secure smart grids, including DOE, FERC, DoC, DHS and more.
An important group working on this is the NIST Cyber Security Working Group (CSWG). The primary goal of the CSWG is to develop an overall cyber security strategy for the smart grid that includes a risk mitigation strategy to ensure interoperability of solutions across different domains/components of the infrastructure. This strategy addresses prevention, detection, response, and recovery.
The CSWG recently created NISTIR 7628 — Guidelines for Smart Grid Cyber Security, which complement everything detailed in this book. It also has the added benefit of being free. At 577 pages, it is also much more comprehensive.
Chapter 11 is especially fascinating, which deals with the topic of social networks and smart grid. While smart grid can leverage the power of social networking, it is inevitable that people will start tweeting about their energy usage. While that energy data may seem like an innocuous tweet, that information can be used to determine if the people are at home, on vacation, using specific appliances, etc.
For example, the Lyceum is the oldest building on the University of Mississippi campus. The Lyceum also has a twitter feed about its energy usage. While this is more informational, when individuals start sharing their energy usage, without effective social media controls, the security outcome is quite predictable. With that level of information disclosure, it is quite easy to determine if a family is home, not home, sleeping, entertaining guests, etc.
As to users who in the future will integrate tweets and other energy data into their social networking, the chapter illustrates how much of a security risk this can pose by detailing vampire energy cost estimates for over 75 different types of electronic products. Attackers can use the energy data and extrapolate what products are in use, when, and more.
The chapter concludes with a smart grid social networking security checklist. The smart grid social networking security checklist contains five categories for implementing basic security controls, name around: identity, authentication, information sharing, networking and usage.
The book also includes a number of sidebar Epic Fail stories, which detail major failures and catastrophes in various energy topics.
Overall, Securing the Smart Grid: Next Generation Power Grid Security provides an excellent overview on the state of smart grid technology and its related security, privacy and regulatory issues. The book provides an excellent introduction for anyone looking to understand what smart grid is all about, and its security and privacy issues.
You can purchase Securing the Smart Grid: Next Generation Power Grid Security from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page. -
Apple Passes $300B Market Cap, 2nd In the World
An anonymous reader writes "In May, Apple surpassed Microsoft in market capitalization to become the second largest company (by that measure) in the world. Today, with its shares riding high, Apple passed $300 billion in market cap, entering a club of two along with the still-gigantic ExxonMobile. And investors' targets could bring Apple beyond where Exxon is now (though Exxon continues to soar as well). Perhaps Wall Street is catching on that, despite the discontinuation of their underused Xserve, Apple is in fact becoming one of the key tech providers to enterprise, a position that even a year ago seemed laughable. If you consider the iPad to be a PC (which enterprise increasingly is), then suddenly you realize that Apple is expected to climb to 12% market share in 2011. Plus, of course, they have those little things called iPods, and iTunes..." -
Groklaw — Don't Go Home, Go Big
jfruhlinger writes "You may have caught PJ's Christmas Day post on Groklaw, expressing her anger and frustration that, after she helped save Novell's Unix patents from SCO's clutches, Novell turned around and sold many of those patents to an open source-unfriendly coalition. She's feeling at a crossroads and wondering what Groklaw should become. Brian Proffitt has a suggestion: a bigger, more community-oriented site." -
Researchers Claim 1,000 Core Chip Created
eldavojohn writes "Remember a few months ago when the feasibility was discussed of a thousand core processor? By using FPGAs, Glasgow University researchers have claimed a proof of concept 1,000 core chip that they demonstrated running an MPEG algorithm at a speed of 5Gbps. From one of the researchers: 'This is very early proof-of-concept work where we're trying to demonstrate a convenient way to program FPGAs so that their potential to provide very fast processing power could be used much more widely in future computing and electronics. While many existing technologies currently make use of FPGAs, including plasma and LCD televisions and computer network routers, their use in standard desktop computers is limited. However, we are already seeing some microchips which combine traditional CPUs with FPGA chips being announced by developers, including Intel and ARM. I believe these kinds of processors will only become more common and help to speed up computers even further over the next few years.'" -
Ubisoft's Draconian DRM Patched?
An anonymous reader writes "It appears that Ubisoft's controversial DRM scheme launched last year that required players to have a permanent connection to the Internet has been patched to no longer stop the game when connectivity drops, though an Internet connection is still required when starting the game." -
Four IT Consultants Charged With $80M NYC Rip-Off
theodp writes "It's I-told-you-so time for Slashdot commenter frnic, who smelled a crime last March after reading that New York City had dropped $722 million on its still-under-development CityTime Attendance System. Nine months later, US Attorney Preet Bharara charged 'four consultants to the New York City Office of Payroll Administration ... for operating a fraudulent scheme that led to the misappropriation of more than $80 million in New York City funds allocated for an information technology project known as "CityTime."' Three of the four consultants were also charged — along with a consultant's wife and mother — with using a network of friends-and-family shell corporations to launder the proceeds of the fraud. Dept. of Investigations Commissioner Rose Gill Hearn called it a shame that 'supposed experts hired and paid well to protect the city's interests were exposed as the fox guarding the hen house.'" -
Four IT Consultants Charged With $80M NYC Rip-Off
theodp writes "It's I-told-you-so time for Slashdot commenter frnic, who smelled a crime last March after reading that New York City had dropped $722 million on its still-under-development CityTime Attendance System. Nine months later, US Attorney Preet Bharara charged 'four consultants to the New York City Office of Payroll Administration ... for operating a fraudulent scheme that led to the misappropriation of more than $80 million in New York City funds allocated for an information technology project known as "CityTime."' Three of the four consultants were also charged — along with a consultant's wife and mother — with using a network of friends-and-family shell corporations to launder the proceeds of the fraud. Dept. of Investigations Commissioner Rose Gill Hearn called it a shame that 'supposed experts hired and paid well to protect the city's interests were exposed as the fox guarding the hen house.'" -
YouTube Legally Considered a TV Station In Italy
orzetto writes "Italian newspaper La Repubblica reports that YouTube and similar websites based on user-generated content will be considered TV stations (Google translation of Italian original) in Italian law, and will be subject to the same obligations. Among these, a small tax (500 €), the obligation to publish corrections within 48 hours upon request of people who consider themselves slandered by published content, and the obligation not to broadcast content inappropriate for children in certain time slots. The main change, though, is that YouTube and similar sites will be legally responsible for all published content as long as they have any form (even if automated) of editorial control. The main reason for this is probably that it will force YouTube to assume editorial responsibility for all published content, which facilitates the ongoing € 500M lawsuit of Italian prime minister Silvio Berlusconi against YouTube because of content copyrighted by Berlusconi's TV networks that some users uploaded on YouTube. Berlusconi's Spanish TV station, TeleCinco, was previously defeated in court on the grounds that YouTube is not a content provider." -
Tech History Behind New York's New Year's Eve Ball
Toe, The writes "A perennial icon of New Year's Eve is the geodesic ball which first dropped in Times Square in 1907. Over the past century, there have been seven iterations of this ball. The first one, made out of iron and wood, weighed 400 pounds and sported one hundred 25-watt bulbs. The current ball weighs almost six tons and uses 32,256 Philips Luxeon Rebel LEDs. The designers expect there to be more tech improvements to the ball soon. What do you think of the ball and the bizarre status it holds in our culture? How would you change it for years to come?" -
'Zombie' Satellite Returns To Life
realperseus writes "The American telecommunications satellite Galaxy 15 has been brought under control after spending most of the year traversing the sky and wreaking havoc upon its neighbors. The satellite is currently at 98.5 degrees west longitude (from 133 west). An emergency patch was successfully uploaded, ensuring that the conditions which caused it to 'go rogue' will not occur again. Once diagnosis and testing have been completed, Intelsat plans to move the satellite back to 133 west." -
Amazon Censorship Expands
Nom du Keyboard writes "Recently word leaked out about Amazon removing titles containing fictional incest. Surprisingly that ban didn't extend to the 10 titles of Science Fiction Grand Master Robert A. Heinlein that incorporate various themes of incest and pedophilia. Now, it seems that the censorship is expanding to m/m gay fiction if it contains the magic word 'rape' in the title. Just how far is this going to be allowed to proceed in relative silence, and who is pushing these sudden decisions on Amazon's part?" -
Drupal 7 Module Development
Michael J. Ross writes "While it is possible to create a simple website using a base installation of Drupal, the real power of this content management system is achieved through the use of modules, which can be thought of as add-ons that extend the capabilities of Drupal in specific ways — oftentimes in conjunction with other modules. These modules are developed and contributed by PHP programmers who understand how to use one or more of the Drupal application programming interfaces (APIs) to access information stored in a Drupal database, such as content, user profiles, and theme settings. These APIs have changed with Drupal version 7, and thus Drupal coders could benefit from a book that explains how to create Drupal 7 contrib modules." Read on for the rest of Michael's review. Drupal 7 Module Development author Matt Butcher, Greg Dunlap, Matt Farina, Larry Garfield, Ken Rickard, John Albin Wilkins pages 420 pages publisher Packt Publishing rating 8/10 reviewer Michael J. Ross ISBN 978-1849511162 summary A thorough guide to module building for intermediate to advanced Drupal coders. One such resource, titled Drupal 7 Module Development, was made available by Packt Publishing on 3 December 2010, under the ISBN 978-1849511162. It has half a dozen authors, all of whom are highly experienced Drupal programmers and contributors to this burgeoning open source project: Matt Butcher, Greg Dunlap, Matt Farina, Larry Garfield, Ken Rickard, and John Albin Wilkins. This team effort spans 420 pages, organized into a dozen chapters, and two appendices. Angie Byron, the Release Manager for Drupal 7, starts it off with an interesting and upbeat foreword that concisely summarizes the primary goals of this latest release of Drupal. Following it is a preface whose chapter summaries are poorly written — almost as though the writer knew nothing about Drupal. Speaking of technical knowledge, readers are expected to be familiar with Drupal, PHP, HTML, and CSS — the more so, the better. For the jQuery material, an understanding of that library and JavaScript itself would be valuable. Packt Publishing hosts a book Web page that offers a detailed description of the book, links for purchasing the print and electronic copies of the book (or the two combined, for a large discount), and the example source code for nine of the chapters (also available from the book's GitHub repositories). As with all of its other titles, the chapters end with summaries, which provide no value and simply waste space.
This book's first chapter, "Developing for Drupal 7," provides an overview of the purpose of custom modules, the practical approach that the authors will take in explaining how to create such modules, the Web technologies underpinning Drupal, the Drupal architecture, its major subsystems, and various tools commonly used for Drupal programming. Oddly, the authors hope "that the code mentioned in this chapter can serve as a foundation for your bigger and better applications," and yet no code per se is mentioned. Nonetheless, the chapter does serve as a decent introduction for PHP programmers new to "the Drupal way." The second chapter, "Creating Your First Module," shows the reader how to do exactly that, using a very simple module to illustrate the basics, such as the files that typically compose a Drupal module, as well as some Drupal coding standards. Unfortunately, regarding the code on page 38 that checks whether the $path variable is "admin/help#first," no explanation is provided as to why the "#" is not a "/," given that the URL path in the reader's browser will be "/admin/help/first," and the "#first" does not refer to a page anchor. After a worthwhile detour into Drupal internationalization and the t() function, the authors introduce both the Block API and the Testing module, through example. Incidentally, readers trying out the sample code will want to add "static" to "public function getInfo()" in first.test — as is done in all of the other Drupal 7 core test files — to avoid a PHP "strict" warning of a static call to getInfo() in simpletest_result_form().
The next two chapters focus on theming — specifically, Drupal's theme layer and techniques for theming a custom module. The material in both chapters is arguably comprehensive, and thus ideal for a reader already well-versed in Drupal 6 module development. But, for anyone else, it will likely be overwhelming in its dense detail and in the fast pace at which it is presented — and thus will discourage most newcomers. The former chapter presents numerous high-level concepts, while the latter is intended to illustrate those ideas by focusing on module theming. Yet even if the reader carefully examines and implements the sample code — usually the best way to learn any sort of programming — these chapters will probably prove quite difficult for readers to comprehend thoroughly, unless they have prior experience along these lines. Oddly, the Chapter 4 summary tells the reader that she should have "learned a little bit about contributing your experiences [sic] and knowledge back to the Drupal community," but the material does not explain how to do so. (More on that topic later.)
Chapter 5, "Building an Admin Interface," provides a detailed survey of the Drupal menu system, the Form API (including how form data is saved, which is inadequately covered by some other books), Drupal's built-in e-mail system, and the use of tokens therein. The coverage is again detailed, and would be even better had the remaining commonly-used HTML form elements — such as list boxes and radio buttons — been shown in the example code. For those readers whose heads are still spinning from the previous two chapters, this material may be a welcome change, in that the explanations are slower paced, with seemingly greater attention given to whether the Drupal newbie will be able to learn what is being taught, step by step. However, any reader who is using this chapter as a reference when creating a custom implementation of hook_menu(), will doubtlessly become frustrated by the inadequate advice on determining the valid possibilities to be used in the access arguments array: "[check] the hook_perm() implementation of the module in question." But what module? The reader is presumably creating a new one from scratch, with no permissions already set; so the authors must be referring to an existing module — but which one? If the reader were to search through all of the core and example modules, he would find no hook_perm() functions. Do the authors mean hook_permission()? This illustrates how critical it is for authors and technical editors of books purportedly for beginners, to strive to put themselves in the shoes of the poor reader, who does not possess their knowledge and experience.
As with any CMS, "content is king" for sites built using Drupal. Thus it is critical for Drupal module developers to know how to dynamically create and manage all of the elements required by a module working with content: node, entities, fields, etc. In earlier versions of Drupal, the familiar "node" concept did not encompass all of the non-node data types, such as users and comments — forcing developers to create workarounds in their modules and in their sites as a whole. Version 7 introduces "entities" and "bundles" (which can be thought of as sub-entities), to allow greater flexibility for programmers. Chapters 6 and 7 delve into these concepts, with plenty of example code and explanations thereof. Readers learn how to create database tables indirectly using the Schema API, define new entities, give users the capability to manage them, encapsulate multiple database operations into transactions, and define new field types, widgets, and formatters.
Chapter 8, which focuses on how to set and use permissions within modules, is straightforward, and includes sections on the secure use of regular form processing, as well as AJAX callbacks (for interactive form behavior that avoids the necessity of reloading the current page). Incidentally, there appears to be an error in the code on page 221: "function example_menu() example_menu() {." Chapter 9 continues in the same realm of security, specifically, use of the Node Access system within Drupal. The coverage is quite thorough, and the only problem is that some of the "tips" blocks repeat information found in the regular text. The chapter concludes with some valuable advice on how to test and debug node access modules, which can be especially difficult.
The last three chapters of the book cover some interesting and worthwhile topics: JavaScript, file management, and installation profiles. Readers learn how to add JavaScript and CSS to a site, how to use the Drupal Library API, and related matters. Sadly, readers may be perplexed by the numerous poorly-constructed sentences — especially near the beginning Chapter 10 — such as "JavaScript within a group and within the sub-group of being or not being included in every page are ordered by weight" (page 291), which sounds like a joint effort by Hamlet and the IRS publications department. The next chapter demonstrates how to use the new files and images API that was introduced in Drupal 7, and which allows developers to reduce the number of contrib modules required for building even the most basic website. Confusingly, the reader is told that, when installing Drupal (presumably version 7), he will probably see three error messages resulting from missing sites/default/files directories; but I certainly did not see this when installing any of the beta or release candidate versions, nor heard this from anyone else. The authors also explain stream wrappers, the Image API, and image styles (and the effects they can utilize). The last chapter shows how to set up custom Drupal profiles, their tasks, and the distributions that can make use of them. The reader is told that "input formats" are now referred to as "text filters," but Drupal 7 appears to have standardized on the term "text formats." The book's two appendices discuss Drupal 7's improved database layer, and security techniques applicable to all versions.
Packt's website states that there are no known errata, so one can only assume that the publisher's editors failed to spot many obvious flaws: "a[n] introduction" (page 1), "eXtensible" (page 10), "However, Not" (page 16), "it's own data" (page 17), "though means" (page 18), "architecture advanced" (page 25; it presumably should read "advanced architecture"), "( a," (page 28), "an[d] equal sign" (29), "the the" (41 and 146), "exercising [of] every" (49), "test[,] absolutely" (53), "a child element[s]" (78), "its" (84; should read "their"), "short-coming" (85), "then" (90 and 98; should read "than"), "you will be passed to" (108), "lets" (120 and 129; should read "let's"), "FormsAPI" (235), "to post spam [to] the site" (254), "ever[y] page" (291), "html" (311; twice), "is to" (318; should read "to"), "how to we" (326), "let's make create" (326), "is [a] result" (365), and "many [of] types" (376). The reviewers section lacks page numbers, but does not lack errors: ", (," "and [a] bug," and "including[,] reviewing."
The writing quality varies from chapter to chapter, and some passages are awkwardly phrased and confusing, such as "each of these two lines were split on to one line" (page 57). Scattered throughout the book, one will find cases of semicolons used where dashes are called for, commas where semicolons are called for, title case used when inappropriate or missing when appropriate (the book's preface is a veritable minefield), compound adjectives missing hyphens, adjectives incorrectly tied to nouns using hyphens, needed commas missing (Appendix A has some egregious examples), and the term "was" used where the subjunctive "were" is called for — in other words, the usual grammatical flaws found in books written by techies. Fortunately, the material is livened up with a few welcome bits of humor, and not the overreaching kind found in many programming books. Even more admirable is the attention to internationalization, unit testing, and other good practices.
The example code within the text may be intimidating to those new to Drupal, but it really helps demonstrate the concepts discussed in the text. The downloadable source code is helpful for avoiding retyping that code from the text, but needs to be cleaned up. For instance, the code for Chapter 4 is in a directory named "1162_04_All code," which suggests that it contains all three versions, but it does not. The code for Chapter 5 is split between a subdirectory named "old," which contains the newest code, and in another directory, "1162_05," which contains older code. The directory "1162_07_Code" contains no fewer than six different (and possibly differing) copies of its example module. How can the reader know which is the correct copy to use for following the book's discussion? Moreover, for some of the chapters, such as 5, the source code listed and discussed in the book does not fully match that provided in the downloadable archive file.
Overall, this book is a substantial contribution to the Drupal literature, but it is weakened by two obvious problems: Firstly, it lacks a chapter or appendix to explain how the reader could contribute a newly-created module to the Drupal community — specifically, Drupal.org's Modules section. This is a glaring omission, particularly in light of the (laudable) encouragement to the reader to participate in the community, as well as the authors' many contributions to the same. Secondly, because this book is supposedly suitable for Drupal beginners, and given the complexity of Drupal's APIs and their code requirements, the authors should have presented the concepts in more digestible chunks, at a slower pace, so as to be easily comprehended by someone new to Drupal programming using APIs. This is especially true of the second and third chapters.
The aforementioned problems could be corrected in a subsequent edition, which would be well worth the effort: Drupal 7 Module Development is an information-packed and wide-ranging resource for experienced Drupal programmers who want to enhance their existing module-building skills, and transfer them to version 7.
Michael J. Ross is a freelance Web developer and writer.
You can purchase Drupal 7 Module Development from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page. -
Drupal 7 Module Development
Michael J. Ross writes "While it is possible to create a simple website using a base installation of Drupal, the real power of this content management system is achieved through the use of modules, which can be thought of as add-ons that extend the capabilities of Drupal in specific ways — oftentimes in conjunction with other modules. These modules are developed and contributed by PHP programmers who understand how to use one or more of the Drupal application programming interfaces (APIs) to access information stored in a Drupal database, such as content, user profiles, and theme settings. These APIs have changed with Drupal version 7, and thus Drupal coders could benefit from a book that explains how to create Drupal 7 contrib modules." Read on for the rest of Michael's review. Drupal 7 Module Development author Matt Butcher, Greg Dunlap, Matt Farina, Larry Garfield, Ken Rickard, John Albin Wilkins pages 420 pages publisher Packt Publishing rating 8/10 reviewer Michael J. Ross ISBN 978-1849511162 summary A thorough guide to module building for intermediate to advanced Drupal coders. One such resource, titled Drupal 7 Module Development, was made available by Packt Publishing on 3 December 2010, under the ISBN 978-1849511162. It has half a dozen authors, all of whom are highly experienced Drupal programmers and contributors to this burgeoning open source project: Matt Butcher, Greg Dunlap, Matt Farina, Larry Garfield, Ken Rickard, and John Albin Wilkins. This team effort spans 420 pages, organized into a dozen chapters, and two appendices. Angie Byron, the Release Manager for Drupal 7, starts it off with an interesting and upbeat foreword that concisely summarizes the primary goals of this latest release of Drupal. Following it is a preface whose chapter summaries are poorly written — almost as though the writer knew nothing about Drupal. Speaking of technical knowledge, readers are expected to be familiar with Drupal, PHP, HTML, and CSS — the more so, the better. For the jQuery material, an understanding of that library and JavaScript itself would be valuable. Packt Publishing hosts a book Web page that offers a detailed description of the book, links for purchasing the print and electronic copies of the book (or the two combined, for a large discount), and the example source code for nine of the chapters (also available from the book's GitHub repositories). As with all of its other titles, the chapters end with summaries, which provide no value and simply waste space.
This book's first chapter, "Developing for Drupal 7," provides an overview of the purpose of custom modules, the practical approach that the authors will take in explaining how to create such modules, the Web technologies underpinning Drupal, the Drupal architecture, its major subsystems, and various tools commonly used for Drupal programming. Oddly, the authors hope "that the code mentioned in this chapter can serve as a foundation for your bigger and better applications," and yet no code per se is mentioned. Nonetheless, the chapter does serve as a decent introduction for PHP programmers new to "the Drupal way." The second chapter, "Creating Your First Module," shows the reader how to do exactly that, using a very simple module to illustrate the basics, such as the files that typically compose a Drupal module, as well as some Drupal coding standards. Unfortunately, regarding the code on page 38 that checks whether the $path variable is "admin/help#first," no explanation is provided as to why the "#" is not a "/," given that the URL path in the reader's browser will be "/admin/help/first," and the "#first" does not refer to a page anchor. After a worthwhile detour into Drupal internationalization and the t() function, the authors introduce both the Block API and the Testing module, through example. Incidentally, readers trying out the sample code will want to add "static" to "public function getInfo()" in first.test — as is done in all of the other Drupal 7 core test files — to avoid a PHP "strict" warning of a static call to getInfo() in simpletest_result_form().
The next two chapters focus on theming — specifically, Drupal's theme layer and techniques for theming a custom module. The material in both chapters is arguably comprehensive, and thus ideal for a reader already well-versed in Drupal 6 module development. But, for anyone else, it will likely be overwhelming in its dense detail and in the fast pace at which it is presented — and thus will discourage most newcomers. The former chapter presents numerous high-level concepts, while the latter is intended to illustrate those ideas by focusing on module theming. Yet even if the reader carefully examines and implements the sample code — usually the best way to learn any sort of programming — these chapters will probably prove quite difficult for readers to comprehend thoroughly, unless they have prior experience along these lines. Oddly, the Chapter 4 summary tells the reader that she should have "learned a little bit about contributing your experiences [sic] and knowledge back to the Drupal community," but the material does not explain how to do so. (More on that topic later.)
Chapter 5, "Building an Admin Interface," provides a detailed survey of the Drupal menu system, the Form API (including how form data is saved, which is inadequately covered by some other books), Drupal's built-in e-mail system, and the use of tokens therein. The coverage is again detailed, and would be even better had the remaining commonly-used HTML form elements — such as list boxes and radio buttons — been shown in the example code. For those readers whose heads are still spinning from the previous two chapters, this material may be a welcome change, in that the explanations are slower paced, with seemingly greater attention given to whether the Drupal newbie will be able to learn what is being taught, step by step. However, any reader who is using this chapter as a reference when creating a custom implementation of hook_menu(), will doubtlessly become frustrated by the inadequate advice on determining the valid possibilities to be used in the access arguments array: "[check] the hook_perm() implementation of the module in question." But what module? The reader is presumably creating a new one from scratch, with no permissions already set; so the authors must be referring to an existing module — but which one? If the reader were to search through all of the core and example modules, he would find no hook_perm() functions. Do the authors mean hook_permission()? This illustrates how critical it is for authors and technical editors of books purportedly for beginners, to strive to put themselves in the shoes of the poor reader, who does not possess their knowledge and experience.
As with any CMS, "content is king" for sites built using Drupal. Thus it is critical for Drupal module developers to know how to dynamically create and manage all of the elements required by a module working with content: node, entities, fields, etc. In earlier versions of Drupal, the familiar "node" concept did not encompass all of the non-node data types, such as users and comments — forcing developers to create workarounds in their modules and in their sites as a whole. Version 7 introduces "entities" and "bundles" (which can be thought of as sub-entities), to allow greater flexibility for programmers. Chapters 6 and 7 delve into these concepts, with plenty of example code and explanations thereof. Readers learn how to create database tables indirectly using the Schema API, define new entities, give users the capability to manage them, encapsulate multiple database operations into transactions, and define new field types, widgets, and formatters.
Chapter 8, which focuses on how to set and use permissions within modules, is straightforward, and includes sections on the secure use of regular form processing, as well as AJAX callbacks (for interactive form behavior that avoids the necessity of reloading the current page). Incidentally, there appears to be an error in the code on page 221: "function example_menu() example_menu() {." Chapter 9 continues in the same realm of security, specifically, use of the Node Access system within Drupal. The coverage is quite thorough, and the only problem is that some of the "tips" blocks repeat information found in the regular text. The chapter concludes with some valuable advice on how to test and debug node access modules, which can be especially difficult.
The last three chapters of the book cover some interesting and worthwhile topics: JavaScript, file management, and installation profiles. Readers learn how to add JavaScript and CSS to a site, how to use the Drupal Library API, and related matters. Sadly, readers may be perplexed by the numerous poorly-constructed sentences — especially near the beginning Chapter 10 — such as "JavaScript within a group and within the sub-group of being or not being included in every page are ordered by weight" (page 291), which sounds like a joint effort by Hamlet and the IRS publications department. The next chapter demonstrates how to use the new files and images API that was introduced in Drupal 7, and which allows developers to reduce the number of contrib modules required for building even the most basic website. Confusingly, the reader is told that, when installing Drupal (presumably version 7), he will probably see three error messages resulting from missing sites/default/files directories; but I certainly did not see this when installing any of the beta or release candidate versions, nor heard this from anyone else. The authors also explain stream wrappers, the Image API, and image styles (and the effects they can utilize). The last chapter shows how to set up custom Drupal profiles, their tasks, and the distributions that can make use of them. The reader is told that "input formats" are now referred to as "text filters," but Drupal 7 appears to have standardized on the term "text formats." The book's two appendices discuss Drupal 7's improved database layer, and security techniques applicable to all versions.
Packt's website states that there are no known errata, so one can only assume that the publisher's editors failed to spot many obvious flaws: "a[n] introduction" (page 1), "eXtensible" (page 10), "However, Not" (page 16), "it's own data" (page 17), "though means" (page 18), "architecture advanced" (page 25; it presumably should read "advanced architecture"), "( a," (page 28), "an[d] equal sign" (29), "the the" (41 and 146), "exercising [of] every" (49), "test[,] absolutely" (53), "a child element[s]" (78), "its" (84; should read "their"), "short-coming" (85), "then" (90 and 98; should read "than"), "you will be passed to" (108), "lets" (120 and 129; should read "let's"), "FormsAPI" (235), "to post spam [to] the site" (254), "ever[y] page" (291), "html" (311; twice), "is to" (318; should read "to"), "how to we" (326), "let's make create" (326), "is [a] result" (365), and "many [of] types" (376). The reviewers section lacks page numbers, but does not lack errors: ", (," "and [a] bug," and "including[,] reviewing."
The writing quality varies from chapter to chapter, and some passages are awkwardly phrased and confusing, such as "each of these two lines were split on to one line" (page 57). Scattered throughout the book, one will find cases of semicolons used where dashes are called for, commas where semicolons are called for, title case used when inappropriate or missing when appropriate (the book's preface is a veritable minefield), compound adjectives missing hyphens, adjectives incorrectly tied to nouns using hyphens, needed commas missing (Appendix A has some egregious examples), and the term "was" used where the subjunctive "were" is called for — in other words, the usual grammatical flaws found in books written by techies. Fortunately, the material is livened up with a few welcome bits of humor, and not the overreaching kind found in many programming books. Even more admirable is the attention to internationalization, unit testing, and other good practices.
The example code within the text may be intimidating to those new to Drupal, but it really helps demonstrate the concepts discussed in the text. The downloadable source code is helpful for avoiding retyping that code from the text, but needs to be cleaned up. For instance, the code for Chapter 4 is in a directory named "1162_04_All code," which suggests that it contains all three versions, but it does not. The code for Chapter 5 is split between a subdirectory named "old," which contains the newest code, and in another directory, "1162_05," which contains older code. The directory "1162_07_Code" contains no fewer than six different (and possibly differing) copies of its example module. How can the reader know which is the correct copy to use for following the book's discussion? Moreover, for some of the chapters, such as 5, the source code listed and discussed in the book does not fully match that provided in the downloadable archive file.
Overall, this book is a substantial contribution to the Drupal literature, but it is weakened by two obvious problems: Firstly, it lacks a chapter or appendix to explain how the reader could contribute a newly-created module to the Drupal community — specifically, Drupal.org's Modules section. This is a glaring omission, particularly in light of the (laudable) encouragement to the reader to participate in the community, as well as the authors' many contributions to the same. Secondly, because this book is supposedly suitable for Drupal beginners, and given the complexity of Drupal's APIs and their code requirements, the authors should have presented the concepts in more digestible chunks, at a slower pace, so as to be easily comprehended by someone new to Drupal programming using APIs. This is especially true of the second and third chapters.
The aforementioned problems could be corrected in a subsequent edition, which would be well worth the effort: Drupal 7 Module Development is an information-packed and wide-ranging resource for experienced Drupal programmers who want to enhance their existing module-building skills, and transfer them to version 7.
Michael J. Ross is a freelance Web developer and writer.
You can purchase Drupal 7 Module Development from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page. -
Amazon Cloud Not Big Enough For Feds and WikiLeaks
theodp writes "Dave Winer was already upset that Amazon Web Services (AWS) pulled the plug on WikiLeaks for posting classified US government documents. So, he wasn't exactly thrilled to receive email three weeks later from an AWS PR flack boasting that 'the US federal government continues to be one of our fastest growing customer segments.' Writes Winer: 'It makes perfect sense that the US government is a big customer of Amazon's web services. It also makes perfect sense that Amazon wouldn't want to do anything to jeopardize that business. There might not have even been a phone call, it might not have been necessary.' Amazon, which wowed the White House with its ability to scale video slideshow site Animoto, was able to get its foot in the Federal door as a Recovery.gov redesign subcontractor." -
Why WikiLeaks Is Unlike the Pentagon Papers
daveschroeder writes "The recent release of classified State Department cables has often been compared to the Pentagon Papers. Daniel Ellsberg, the US military analyst who leaked the Pentagon Papers, has said he supports WikiLeaks, and sees the issues as similar. Floyd Abrams is the prominent First Amendment attorney and Constitutional law expert who represented the New York Times in the landmark New York Times Co. v. United States (403 U.S. 713 (1971)) Supreme Court case, which allowed the media to publish the Pentagon Papers without fear of government censure. Today, Abrams explains why WikiLeaks is unlike the Pentagon Papers, and how WikiLeaks is negatively impacting journalism protections: 'Mr. Ellsberg himself has recently denounced the "myth" of the "good" Pentagon Papers as opposed to the "bad" WikiLeaks. But the real myth is that the two disclosures are the same.'" -
Wired Responds In Manning Chat Log Controversy
Hugh Pickens writes "Earlier this week Glenn Greenwald wrote in Salon about the arrest of US Army PFC Bradley Manning for allegedly acting as WikiLeaks' source and criticized Wired's failure to disclose the full chat logs between Manning and FBI informant Adrian Lamo. Now Wired's editor-in-chief Evan Hansen and senior editor Kevin Poulsen have responded to criticisms of the site's Wikileaks coverage stating that not one single fact has been brought to light suggesting Wired.com did anything wrong in pursuit of the story. 'Our position has been and remains that the logs include sensitive personal information with no bearing on Wikileaks, and it would serve no purpose to publish them at this time,' writes Hansen." -
Apple's $1 Billion Data Center Mystery
1sockchuck writes "One of year's most tantalizing technology secrets involves Apple's $1 billion investment in a new data center in North Carolina. Is it the Death Star in Apple's plan for galactic domination? Some Apple watchers predict it will be the hub for a 21st century broadcasting network. Other enthusiasts are doing flyovers to film videos of the 500,000 square foot facility. There's also an unofficial FAQ about the new data center. What is Apple up to with this huge facility?" -
The Right's War On Net Neutrality
jamie writes "To understand the debate being waged in the United States over Net Neutrality, it's important to understand just how drastically one side has been misled. The leaders of the American Right are spreading the lie that Net Neutrality is a government takeover of the internet, with the intention of silencing conservative voices. (Limbaugh: "All you really have to know about Net Neutrality is that its biggest promoters are George Soros and Google.") This may be hard to believe to those of us who actually know what it's about — reinstating pre-2005 law that ensured internet providers could discriminate on the basis of volume but not content. Since the opposing side is so badly misinformed, those of us who want the internet to remain open to innovation and freedom of expression have to help educate them before the debate can really be held." -
Hello, Android Third Edition
eldavojohn writes "The third edition of Hello, Android brings the book up to date on Android versions from 1.5 to 2.2 (FroYo). The book is predominantly tied to the Eclipse editing environment with several pages devoted to screen shots of the IDE. As the title suggests, this book aims to give the user the equivalent of a "Hello, world!" application in Android and succeeds in doing that but doesn't take the reader much further. From creating a sudoku application with increasing support to dabbling in OpenGL ES, the book's prime audience are people who know a little Java (with no aversion to Eclipse) and XML but absolutely no Android. You can find the source for all the examples." Keep reading for the rest of eldavojohn's review. Hello, Android: Introducing Google's Mobile Development Platform author Ed Burnette pages 300 publisher The Pragmatic Programmers rating 8/10 reviewer eldavojohn ISBN 978-1934356562 summary An introduction to creating several kinds of basic Android Mobile Applications; a "Hello World" primer for Android. The first aspect of this book that jumps out at me is that it assumes the user is using Eclipse — even late in the book like on page 231, an entire page is a screenshot of the project creation wizard in Eclipse. While this might be helpful for initiates to Eclipse, it seemed like a bit of overkill at times when actions in Ecipse are revisited throughout the brief book. For example that same screenshot with different options checked can be found engulfing page 10. "If you don't want to use Eclipse (there's one in every crowd)" says the author on page 4 before referring the reader to Android's command line reference. It gets to the point that when Burnette is going to sign his app at the end, he uses an Eclipse wizard.
The second aspect of this book that jumped out at me is that Android apps are written by extending Java classes and utilizing a very verbose XML. So between the overridden class methods and the layout meta data in the XML, there is a lot of code consuming vertical space in the book. Ellipses are provided to avoid redundancy in some instances but in others it seems there is no avoiding the space consumption. A strength of the book is that, when possible, it shows how to do something simple in both XML and Java and gives reasoning for picking a certain way the rest of the book.
The chapters are laid out with brief introductions and "Fast-Forwards" at the end of each chapter that try to push the user past this Hello, Android introduction to complex concepts. The book is well divided with part one (chapters 1 and 2) providing instructions for setting up your emulator and the basics of Android like a state transition diagram showing how all Android applications transition through Java methods in a life cycle. Part two (chapters 3 through 6) builds the sudoku application with increasing support. Part three (chapters 7 through 10) focus on more complex aspects of Android like device sensors, SQLite and OpenGL. The fourth and final section delves into the future of multi-touch on Android, writing for all resolutions and devices as well as publishing to the Android Market. Throughout the book the author takes care to to mention when you will need to put in a permissions requirement in the manifest file when utilizing something on the device.
In creating the sudoku application, Burnette does a good job at introducing the reader to some basic concepts like procedural designing versus declarative designing and Dips versus Sps. The author introduces the automatically managed R.java file and the first extension of android.app.Activity with a good explanation of how we're going to add menus from XML strings. This chapter nicely sets up the sudoku game to have an opening screen, a settings menu, a theme and exiting the game. It is lengthy but introduces the reader to click listeners as well as explicit information about how to debug. Android 2.2 adds a cute debug level of Log.wtf() which stands for "What a Terrible Failure."
Following that chapter, the author delves into some basic two dimensional graphical capabilities involving extending View in order to manipulate the canvas object inside onDraw. The chapter sums up drawables and gives a short example of text in a circle before returning to the graphics in our sudoku application. Burnette shows explicitly how to draw the game board and give it a nice embossed effect, how to add and center numbers in each of their cells, how to override key events to bring up an input screen with only valid numbers and how to continuously update the game screen. The chapter even goes as far as showing you how to shade the squares in order to give hints to the user. One thing I did not care for in this chapter (and something that persists through the rest of the book) is that the author has no qualms with calling a method in code (like calculateUsedTiles on page 68) and not defining what it does or how it works until the end of the chapter twenty pages later. Given that its signature is descriptive and it's not key to understanding Android, it's probably the best way to teach but left me doing a lot of page flipping since I like understanding apps from the bottom up. Something else to note about this chapter is that the author mentions on page 70 that he experienced "many false starts" of trying different approaches like multiple ImageView classes in XML before finding the fastest and easiest way of having only one view. There's just a couple paragraphs on this in a side box but I really wish the author had expanded on this as it sounds like a vital part of the learning Android process.
What good is a phone app without some sound? Chapter five covers Android's MediaPlayer which Burnette calls "a fickle beast" although it improves with each release of Android. The chapter also touches on playing video in Android which takes just a few lines of code. The author helps the reader by continually explaining what happens in Android when the device is rotated (in these examples the video restarts since the app is recreated). He explains how to avoid this several different ways. He also discusses why using a background service for music isn't a great idea if you intend the music to end when your program ends. By the end of the chapter, you've got some music for your sudoku app.
The next chapter very briefly covers local data storage. This is not the SQLite chapter but rather the PreferenceActivity API as well as the instance state stored via the Bundle in Android's application stack. The author doesn't spend a lot of time on these and wraps the chapter up with a brief description of accessing the internal file system as well as an external SD card.
The seventh chapter covers the need for a browser capability inside your Android application. At first I thought this would be very rarely used (you've already got a web browser) but the author points out that when you need some ability past basic text views, you might opt instead to provide that file through a lean web browser in Android as opposed to a basic test viewer. The author argues this isn't as crazy as it seems because you don't want to waste your time enhancing a text view with more and more functionality when the web browser can do that already. So you get a wrapper around WebKit that allows you to add another view to your application resulting in a browser. Should this connect to the internet, the author explains how to ask for permission to do so and how to access those pages inside your application. The next part of the chapter is probably going to put a lot of security minded folks on edge and the author makes sure to explain very carefully that allowing JavaScript to call Java can be dangerous. So internal to the WebView class, the author demonstrates JavaScript in the web browser invoking your method in Android (and vice versa). Finally the chapter covers the intricacies of interfacing with web services. What the author did really well in this section was discuss his methods of how he came about adding millisecond delays to accommodate the user. The other great thing that makes this chapter so lengthy is that the author introduces threads both through ExecutorService and Handler.
Chapter eight covers GPS and other sensors your device might have that are supported through the latest Android API. The author takes care to understand how you need to setup your emulator if you are testing this on your computer and discusses listening for updates from sensors as well as interpreting that data. Unsurprisingly, the Android API has a MapActivity class to extend for applications that wish to impose data onto a map. I feel the author could have spent more time on the more novel sensor types that are becoming prevalent in cell phones but the GPS and maps might be adequate for an introductory book.
The ninth chapter is an introduction to SQLite in Android. Android supports other data storage solutions like db4o but the author sticks to SQLite and covers all SQL relational database aspects up to a simple cursor. It's done very well and anyone with a little knowledge of SQL should be able to create, modify and update tables inside Android applications with this chapter. A very interesting thing about this chapter is that it covers how to implement inter-process communication by way of a content provider. Android utilizes URIs that programmers can define to provide a framework for storage. The book is mediocre at describing both SQLite and ContentProviders in this chapter although I felt like the ContentProvider has enough material to deserve its own chapter — even in an introductory book. I personally feel it would be interesting to consider a chapter devoted to defining a content provider with reuse by a community intended. We get an EVENTS and EVENTS_ID example but I feel this falls short of the real beauty of ContentProviders.
The next chapter is a venture into three dimensional graphics in OpenGL ES (embedded systems). Twenty pages isn't a lot of space to work with when you're discussing OpenGL but this is a good basic introduction that leaves the reader with the means to do very basic OpenGL. The chapter starts off with some good fundamentals but also carefully explains that your devices might not have 3D hardware. The API is still there but the lag might be intolerable. The author thanks John Carmack for "single-handedly" saving us from Direct3D and starts off on the very verbose code of OpenGL. In it, there are great explanations on some basic options like ambient, diffuse and specular lighting as well as discussions of fixed versus floating point. Several pages later we have a transparent rotating cube with an Android image for a surface.
Chapter eleven is devoted to the buggiest part of Android: multi-touch. A side note titled "Warning: Multi-bugs Ahead" warns the reader about how problematic the following code is going to be and how it might perform differently on different quality of hardware. As Burnette builds out the image viewing application it's a lot of similar code to view an image with the new stuff revolving around debugging logs to give the reader key insight into how the author's phone interpreted his multi-touch interactions. Dragging and pinching are covered to zoom and move the image in the viewer and seems simple enough with the exception of bugs.
Twelve will show you how to build widgets and implement live wallpapers. To a lot of developers this chapter might be a turn off but to a lot of people looking to make money with Android, this seemed like the fastest route. The example just displays a semi-transparent "Hello World!" string but it is then demonstrated how an overriding the update allows you to put date or whatever else you might need to display. The live wallpaper seemed to me like the perfect way to drain the battery on a phone. Although more complicated than the widget, the chapter covers extending the Engine class to provide a drawing engine that will redraw the background — even with our OpenGL code from a previous chapter that the author then implements. The author really goes the distance on the live wallpaper, even explaining how to extend the surface of your wallpaper so that when you transition to another part of your space it slides the rotating cube. For better or for worse, you too can have a continuous rendering of OpenGL code for your home screen!
Chapter thirteen addresses the "fragmentation" issue that so many people have been criticizing Android for. It discusses declaring and demanding an API version as well as building different emulators out on your computer in order to run your application (although earlier in the book, the author heavily criticized the emulator as being terribly slow compared to the real hardware and I experienced the same thing with my Motorolla DROID). The author does a great job of discussing the unfortunately lengthy and complicated process of preparing your software for all hardware. From subclassing to reflection to delegation/factory, he analyzes each one and explains the strengths and weaknesses. If you're having problems with your application across hardware, this chapter is a great starting point. In the next piece of this chapter, the author calls out the Android API on a bug in the ImageView class that prevents the setImageMatrix from working in some cases (this is from 1.5 and has since been fixed). For those of you who are seriously dependent on Android, the author describes in detail his five steps in discovering and addressing this bug with the final step being a peak at the commit comments to the source tree. It's good to see an author doing legwork like this and telling the story but it's also a little unnerving to see the bug. Nevertheless, I applaud the author on this frank discussion. The final parts of this chapter are spent addressing screen size (an increasing issue with tablets) and installation by way of the SD card (something that can be auto or preferred).
The final chapter addresses publishing to the Android market and provides some actually really good insight into how one should approach this and how to interact with your user community. I'd like to note a couple things that the author lists as lessons learned. The first I found interesting was "you can make a paid app free, but you can't make a free app paid." What that means is if you publish something as free and then you update the app to move a piece of what was one free functionality to requiring payment, the backlash might destroy your app's user base. The other thing is something I flat out don't agree with: "If possible, I suggest you perform frequent updates, every two weeks or so." He claims it makes users happy and gives them a feeling of support as well as bumping it up to the top of the recently updated apps in the Market. I personally find it annoying and if I have an app that I use infrequently that frequently requests updates, I uninstall it. Case in point for me is TuneWiki Social Media Player. It seemed every other week that app was requiring an update and since I used it seldom, it was promptly uninstalled. I don't know if I'm alone in this sentiment but I found this chapter to be very insightful with the exception to that suggestion.
The appendices of this book were actually fairly interesting. I didn't know what the subset of the current Android app was for the Java Standard Edition 5.0 library. You can find a list of packages that will be unavailable to you like much of javax. The author also gives great pointers like try to avoid the expensive reflection no matter how elegant it might be for you.
This book is well written with only a few minor editing mistakes. It has a lot of illustrations which are often Eclipse screen shots. While some aspects of this book might alienate a few users, it is a great learning tool for its intended audience. I found it to be "okay" for my needs but perhaps was geared a bit more towards a more novice programmer.
You can purchase Hello, Android: Introducing Google's Mobile Development Platform from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page. -
Hello, Android Third Edition
eldavojohn writes "The third edition of Hello, Android brings the book up to date on Android versions from 1.5 to 2.2 (FroYo). The book is predominantly tied to the Eclipse editing environment with several pages devoted to screen shots of the IDE. As the title suggests, this book aims to give the user the equivalent of a "Hello, world!" application in Android and succeeds in doing that but doesn't take the reader much further. From creating a sudoku application with increasing support to dabbling in OpenGL ES, the book's prime audience are people who know a little Java (with no aversion to Eclipse) and XML but absolutely no Android. You can find the source for all the examples." Keep reading for the rest of eldavojohn's review. Hello, Android: Introducing Google's Mobile Development Platform author Ed Burnette pages 300 publisher The Pragmatic Programmers rating 8/10 reviewer eldavojohn ISBN 978-1934356562 summary An introduction to creating several kinds of basic Android Mobile Applications; a "Hello World" primer for Android. The first aspect of this book that jumps out at me is that it assumes the user is using Eclipse — even late in the book like on page 231, an entire page is a screenshot of the project creation wizard in Eclipse. While this might be helpful for initiates to Eclipse, it seemed like a bit of overkill at times when actions in Ecipse are revisited throughout the brief book. For example that same screenshot with different options checked can be found engulfing page 10. "If you don't want to use Eclipse (there's one in every crowd)" says the author on page 4 before referring the reader to Android's command line reference. It gets to the point that when Burnette is going to sign his app at the end, he uses an Eclipse wizard.
The second aspect of this book that jumped out at me is that Android apps are written by extending Java classes and utilizing a very verbose XML. So between the overridden class methods and the layout meta data in the XML, there is a lot of code consuming vertical space in the book. Ellipses are provided to avoid redundancy in some instances but in others it seems there is no avoiding the space consumption. A strength of the book is that, when possible, it shows how to do something simple in both XML and Java and gives reasoning for picking a certain way the rest of the book.
The chapters are laid out with brief introductions and "Fast-Forwards" at the end of each chapter that try to push the user past this Hello, Android introduction to complex concepts. The book is well divided with part one (chapters 1 and 2) providing instructions for setting up your emulator and the basics of Android like a state transition diagram showing how all Android applications transition through Java methods in a life cycle. Part two (chapters 3 through 6) builds the sudoku application with increasing support. Part three (chapters 7 through 10) focus on more complex aspects of Android like device sensors, SQLite and OpenGL. The fourth and final section delves into the future of multi-touch on Android, writing for all resolutions and devices as well as publishing to the Android Market. Throughout the book the author takes care to to mention when you will need to put in a permissions requirement in the manifest file when utilizing something on the device.
In creating the sudoku application, Burnette does a good job at introducing the reader to some basic concepts like procedural designing versus declarative designing and Dips versus Sps. The author introduces the automatically managed R.java file and the first extension of android.app.Activity with a good explanation of how we're going to add menus from XML strings. This chapter nicely sets up the sudoku game to have an opening screen, a settings menu, a theme and exiting the game. It is lengthy but introduces the reader to click listeners as well as explicit information about how to debug. Android 2.2 adds a cute debug level of Log.wtf() which stands for "What a Terrible Failure."
Following that chapter, the author delves into some basic two dimensional graphical capabilities involving extending View in order to manipulate the canvas object inside onDraw. The chapter sums up drawables and gives a short example of text in a circle before returning to the graphics in our sudoku application. Burnette shows explicitly how to draw the game board and give it a nice embossed effect, how to add and center numbers in each of their cells, how to override key events to bring up an input screen with only valid numbers and how to continuously update the game screen. The chapter even goes as far as showing you how to shade the squares in order to give hints to the user. One thing I did not care for in this chapter (and something that persists through the rest of the book) is that the author has no qualms with calling a method in code (like calculateUsedTiles on page 68) and not defining what it does or how it works until the end of the chapter twenty pages later. Given that its signature is descriptive and it's not key to understanding Android, it's probably the best way to teach but left me doing a lot of page flipping since I like understanding apps from the bottom up. Something else to note about this chapter is that the author mentions on page 70 that he experienced "many false starts" of trying different approaches like multiple ImageView classes in XML before finding the fastest and easiest way of having only one view. There's just a couple paragraphs on this in a side box but I really wish the author had expanded on this as it sounds like a vital part of the learning Android process.
What good is a phone app without some sound? Chapter five covers Android's MediaPlayer which Burnette calls "a fickle beast" although it improves with each release of Android. The chapter also touches on playing video in Android which takes just a few lines of code. The author helps the reader by continually explaining what happens in Android when the device is rotated (in these examples the video restarts since the app is recreated). He explains how to avoid this several different ways. He also discusses why using a background service for music isn't a great idea if you intend the music to end when your program ends. By the end of the chapter, you've got some music for your sudoku app.
The next chapter very briefly covers local data storage. This is not the SQLite chapter but rather the PreferenceActivity API as well as the instance state stored via the Bundle in Android's application stack. The author doesn't spend a lot of time on these and wraps the chapter up with a brief description of accessing the internal file system as well as an external SD card.
The seventh chapter covers the need for a browser capability inside your Android application. At first I thought this would be very rarely used (you've already got a web browser) but the author points out that when you need some ability past basic text views, you might opt instead to provide that file through a lean web browser in Android as opposed to a basic test viewer. The author argues this isn't as crazy as it seems because you don't want to waste your time enhancing a text view with more and more functionality when the web browser can do that already. So you get a wrapper around WebKit that allows you to add another view to your application resulting in a browser. Should this connect to the internet, the author explains how to ask for permission to do so and how to access those pages inside your application. The next part of the chapter is probably going to put a lot of security minded folks on edge and the author makes sure to explain very carefully that allowing JavaScript to call Java can be dangerous. So internal to the WebView class, the author demonstrates JavaScript in the web browser invoking your method in Android (and vice versa). Finally the chapter covers the intricacies of interfacing with web services. What the author did really well in this section was discuss his methods of how he came about adding millisecond delays to accommodate the user. The other great thing that makes this chapter so lengthy is that the author introduces threads both through ExecutorService and Handler.
Chapter eight covers GPS and other sensors your device might have that are supported through the latest Android API. The author takes care to understand how you need to setup your emulator if you are testing this on your computer and discusses listening for updates from sensors as well as interpreting that data. Unsurprisingly, the Android API has a MapActivity class to extend for applications that wish to impose data onto a map. I feel the author could have spent more time on the more novel sensor types that are becoming prevalent in cell phones but the GPS and maps might be adequate for an introductory book.
The ninth chapter is an introduction to SQLite in Android. Android supports other data storage solutions like db4o but the author sticks to SQLite and covers all SQL relational database aspects up to a simple cursor. It's done very well and anyone with a little knowledge of SQL should be able to create, modify and update tables inside Android applications with this chapter. A very interesting thing about this chapter is that it covers how to implement inter-process communication by way of a content provider. Android utilizes URIs that programmers can define to provide a framework for storage. The book is mediocre at describing both SQLite and ContentProviders in this chapter although I felt like the ContentProvider has enough material to deserve its own chapter — even in an introductory book. I personally feel it would be interesting to consider a chapter devoted to defining a content provider with reuse by a community intended. We get an EVENTS and EVENTS_ID example but I feel this falls short of the real beauty of ContentProviders.
The next chapter is a venture into three dimensional graphics in OpenGL ES (embedded systems). Twenty pages isn't a lot of space to work with when you're discussing OpenGL but this is a good basic introduction that leaves the reader with the means to do very basic OpenGL. The chapter starts off with some good fundamentals but also carefully explains that your devices might not have 3D hardware. The API is still there but the lag might be intolerable. The author thanks John Carmack for "single-handedly" saving us from Direct3D and starts off on the very verbose code of OpenGL. In it, there are great explanations on some basic options like ambient, diffuse and specular lighting as well as discussions of fixed versus floating point. Several pages later we have a transparent rotating cube with an Android image for a surface.
Chapter eleven is devoted to the buggiest part of Android: multi-touch. A side note titled "Warning: Multi-bugs Ahead" warns the reader about how problematic the following code is going to be and how it might perform differently on different quality of hardware. As Burnette builds out the image viewing application it's a lot of similar code to view an image with the new stuff revolving around debugging logs to give the reader key insight into how the author's phone interpreted his multi-touch interactions. Dragging and pinching are covered to zoom and move the image in the viewer and seems simple enough with the exception of bugs.
Twelve will show you how to build widgets and implement live wallpapers. To a lot of developers this chapter might be a turn off but to a lot of people looking to make money with Android, this seemed like the fastest route. The example just displays a semi-transparent "Hello World!" string but it is then demonstrated how an overriding the update allows you to put date or whatever else you might need to display. The live wallpaper seemed to me like the perfect way to drain the battery on a phone. Although more complicated than the widget, the chapter covers extending the Engine class to provide a drawing engine that will redraw the background — even with our OpenGL code from a previous chapter that the author then implements. The author really goes the distance on the live wallpaper, even explaining how to extend the surface of your wallpaper so that when you transition to another part of your space it slides the rotating cube. For better or for worse, you too can have a continuous rendering of OpenGL code for your home screen!
Chapter thirteen addresses the "fragmentation" issue that so many people have been criticizing Android for. It discusses declaring and demanding an API version as well as building different emulators out on your computer in order to run your application (although earlier in the book, the author heavily criticized the emulator as being terribly slow compared to the real hardware and I experienced the same thing with my Motorolla DROID). The author does a great job of discussing the unfortunately lengthy and complicated process of preparing your software for all hardware. From subclassing to reflection to delegation/factory, he analyzes each one and explains the strengths and weaknesses. If you're having problems with your application across hardware, this chapter is a great starting point. In the next piece of this chapter, the author calls out the Android API on a bug in the ImageView class that prevents the setImageMatrix from working in some cases (this is from 1.5 and has since been fixed). For those of you who are seriously dependent on Android, the author describes in detail his five steps in discovering and addressing this bug with the final step being a peak at the commit comments to the source tree. It's good to see an author doing legwork like this and telling the story but it's also a little unnerving to see the bug. Nevertheless, I applaud the author on this frank discussion. The final parts of this chapter are spent addressing screen size (an increasing issue with tablets) and installation by way of the SD card (something that can be auto or preferred).
The final chapter addresses publishing to the Android market and provides some actually really good insight into how one should approach this and how to interact with your user community. I'd like to note a couple things that the author lists as lessons learned. The first I found interesting was "you can make a paid app free, but you can't make a free app paid." What that means is if you publish something as free and then you update the app to move a piece of what was one free functionality to requiring payment, the backlash might destroy your app's user base. The other thing is something I flat out don't agree with: "If possible, I suggest you perform frequent updates, every two weeks or so." He claims it makes users happy and gives them a feeling of support as well as bumping it up to the top of the recently updated apps in the Market. I personally find it annoying and if I have an app that I use infrequently that frequently requests updates, I uninstall it. Case in point for me is TuneWiki Social Media Player. It seemed every other week that app was requiring an update and since I used it seldom, it was promptly uninstalled. I don't know if I'm alone in this sentiment but I found this chapter to be very insightful with the exception to that suggestion.
The appendices of this book were actually fairly interesting. I didn't know what the subset of the current Android app was for the Java Standard Edition 5.0 library. You can find a list of packages that will be unavailable to you like much of javax. The author also gives great pointers like try to avoid the expensive reflection no matter how elegant it might be for you.
This book is well written with only a few minor editing mistakes. It has a lot of illustrations which are often Eclipse screen shots. While some aspects of this book might alienate a few users, it is a great learning tool for its intended audience. I found it to be "okay" for my needs but perhaps was geared a bit more towards a more novice programmer.
You can purchase Hello, Android: Introducing Google's Mobile Development Platform from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page. -
California Rare-Earth Mine Reopens
burnin1965 writes in to let us know that the looming crisis in rare-earth materials (which we have discussed recently) has prompted Molycorp, the erstwhile operator of a California mine closed in 2002, to announce plans to reopen it. "With increasing prices on rare earth ore, tariffs raised by the Chinese government, and the threat of embargoes that would damage United States high-tech manufacturing Molycorp now has the needed incentive to reopen the California Mountain Pass mine. They will spend the capital needed to implement badly needed updates to environmental controls that will mitigate the radioactive waste water releases that plagued the mine in the past. Chinese imports in the 90s nearly halved ore prices and the California mine experienced multiple failures in environmental controls that resulted in the release of huge volumes of radioactive waste water. Updating the mine to address the environmental issues was not financially viable due to the cheap Chinese imports so it was closed in 2002." Within two years the mine could be producing 20% of the amount of rare earths we import from China. -
California Rare-Earth Mine Reopens
burnin1965 writes in to let us know that the looming crisis in rare-earth materials (which we have discussed recently) has prompted Molycorp, the erstwhile operator of a California mine closed in 2002, to announce plans to reopen it. "With increasing prices on rare earth ore, tariffs raised by the Chinese government, and the threat of embargoes that would damage United States high-tech manufacturing Molycorp now has the needed incentive to reopen the California Mountain Pass mine. They will spend the capital needed to implement badly needed updates to environmental controls that will mitigate the radioactive waste water releases that plagued the mine in the past. Chinese imports in the 90s nearly halved ore prices and the California mine experienced multiple failures in environmental controls that resulted in the release of huge volumes of radioactive waste water. Updating the mine to address the environmental issues was not financially viable due to the cheap Chinese imports so it was closed in 2002." Within two years the mine could be producing 20% of the amount of rare earths we import from China. -
Once-Darling Ethanol Losing Friends In High Places
theodp writes "It's now conceivable, says BusinessWeek's Ed Wallace, that the myth of ethanol as the salvation for America's energy problem is coming to an end. Curiously, the alternative fuel may be done in by an unlikely collection of foes. Fervidly pro-ethanol in the last decade of his political career, former VP Al Gore reversed course in late November and apologized for supporting ethanol, which apparently was more about ingratiating himself to farmers. A week later, Energy Secretary Steven Chu piled on, saying: 'The future of transportation fuels shouldn't involve ethanol.' And in December, a group of small-engine manufacturers, automakers, and boat manufacturers filed suit in the US Court of Appeals to vacate the EPA's October ruling that using a 15% blend of ethanol in fuel supplies would not harm 2007 and newer vehicles. Despite all of this, the newly-elected Congress has extended the 45 cent-per-gallon ethanol blending tax credit that was due to expire, a move that is expected to reduce revenue by $6.25 billion in 2011. 'The ethanol insanity,' longtime-critic Wallace laments, 'will continue until so many cars and motors are damaged by this fuel additive that the public outcry can no longer be ignored.'" -
If the FCC Had Regulated the Internet From the Start
In the spirit of (but with a different approach than) last week's post "Is Net Neutrality Really Needed?", an anonymous reader writes with this "counterfactual history of the internet, but one that is all too plausible. Unfortunately, I can see this happening under the new 'Net Neutrality.'" -
Crookes, RIAA, MPAA, ICE — 'Linking Is Publishing'
newtley writes "What do Canada's Wayne Crookes, the Big 4's RIAA, Hollywood's MPAA and brand new ICE agent Andrew Reynolds have in common? They all claim linking is the same as publishing. Crookes is using it to demand Canada's Supreme Court effectively shut down the net in Canada. With the RIAA and MPAA providing the 'initiative,' the Obama government is using Andrews [read ICE — US Immigration and Customs Enforcement] to try to shut down innocent sites for, and on behalf of, Hollywood and Big Music. The sites are 'accused of contributing to online piracy, and it was essential for the domain names to be seized without a trial and without giving the sites a chance to respond. Why? Such sites are 'destroying the US economy.' Forget about legally appointed courts, proof or due process. Hollywood and Big Music rule." -
Court Upholds Blizzard's Anti-Bot DMCA Claim, Denies Copyright Infringement
An anonymous reader writes "The Ninth Circuit reversed a $6.5 million judgment for Blizzard against MDY Industries, saying that making bots is not copyright infringement. The bad news for MDY? The court found that they did violate DMCA Section 1201(a)(2) (PDF), which prohibits trafficking in products that circumvent technologies designed to control access to copyright-protected works." -
MegaUpload Dares RIAA To Sue Them
Dangerous_Minds writes "Yesterday, there were reports that the RIAA and MPAA were working with Mastercard to cut off payments to so-called 'rogue-websites' like MegaUpload. Today, a spokesperson from MegaUpload issued a response to the RIAA on ZeroPaid. Bonnie Lam of MegaUpload said, 'the vast majority of our revenue is coming from advertising.' She also said, 'Megaupload is a legitimate business operating within the boundaries of the law. In five years of operation we have not been sued by a single content owner. If the RIAA or MPAA would have legal grounds they would have taken us to court by now. We suggest that they attack us within the legal system and stop labeling us until they have something to show.'" -
Skype Slowly Restores Service To Users
CWmike writes "Skype continues to slowly recover after an outage caused by problems with its peer-to-peer interconnection system. The latest estimates say that 10 million users are now online, according to a blog post. Skype's outage began on Wednesday."