Slashdot Mirror

netbuzz writes "Guy Adams, a Los Angeles-based correspondent for The Independent of London, had his Twitter account suspended today, allegedly for having violated a Twitter privacy policy when he tweeted the workplace email address of an NBC Sports executive. The Internet is abuzz with accusations – no make that assumptions – that Twitter muzzled Adams because Adams was tweeting up a storm of protest over NBC's coverage of the Games. However, Twitter says it was because it prohibits the tweeting of 'non-public, personal email addresses.' Whether Adams did that or not appears debatable." Update: 07/31 17:48 GMT by S : Adams's Twitter account has been reinstated.

leob writes "As promised at the end of the 20th IOCCC earlier this year, the 21st International Obfuscated C Code Contest will accept entries from 2012-Aug-15 03:14:15 UTC to 2012-Sep-14 09:26:53 UTC. The earliest announcement about the next contest was on Twitter on July 13, giving the interested parties more than 2 months to polish their entries."

benrothke writes "Anyone who has worked in information technology knows of Gartner. They are one of the leading information technology research and advisory firms. Most of their clients are CIOs and senior IT leaders in corporations and government agencies, high-tech and telecom enterprises. Gartner is huge with over 5,000 associates, over 1, 200 research analysts and consultants and clients in 85 countries. Their revenue in 2011 was nearly $1.5 billion. While Gartner is the world's largest, there are over 650 independent analyst firms worldwide. Barbara French's Directory of Analysts provides a comprehensive list. With all that, very few people understand how Gartner works and what makes them tick. In UP and to the RIGHT: Strategy and Tactics of Analyst Influence: A complete guide to analyst influence, ex-Gartner analyst Richard Stiennon takes the mystery out of Gartner. In particular, a good part of the book deals with Gartner's vaunted Magic Quadrant." Read below for the rest of Ben's review. UP and to the RIGHT: Strategy and Tactics of Analyst Influence: A complete guide to analyst influence author Richard Stiennon pages 186 publisher IT-Harvest Press rating 9/10 reviewer Ben Rothke ISBN 0985460709 summary Definitive guide on Gartner and their Magic Quadrant The Magic Quadrant (MQ) is Gartner's proprietary research tool that according to them provide a qualitative analysis into a market and its direction, maturity and participants, thus possibly enabling a company to be a stronger competitor for that market. Every, and I mean every tech vendor strives to be recognized by Gartner be on a prominent post on the MQ.

Today there are hundreds of different MQ's for sectors from firewalls, cloud services to web hosting and everything in between.

For those not Gartner clients, buying a specific MQ can be expensive. But vendors often use the MQ to tout their product and pay to make them publicly available. Some examples of the freely-available are the MQ for:Secure Web Gateways, Security Information and Event Management and Web Fraud Detection. A Google search of the term with the PDF format will also reveal numerous free versions.

The book derives its name based on the best place for a company to be on the MQ. Up and to the right is where Gartner places market leaders which is nirvana for a tech firm. The other locations on the quadrant are: niche player, visionary and challenger. But for a tech firm, there is only one location, and that is up and to the right.

The MQ itself has two markers; completeness of vision, which defines features and innovative enhancements. The other is ability to execute, which is determined by revenue, number and quality of resellers and distributors, number of employees and their distribution between engineering, sales, and support and other business issues.

If up and to the right is the desired location, how does one get there? For many tech firms, they often are clueless. In the book, Stiennon provides clear direction on how to get there. For those looking to make the expedition to the land of Gartner; this book is a veritable Berlitz Guide on how to safely make the journey.

A Gartner myth that will never go away and that Stiennon deals with on page 2 is the notion that getting on the MQ is simply a matter of paying for the privilege. He calls the notion of MQ pay to play completely false.

Chapter 2 is The Magic of Magic Quadrants and Stiennon details what it is and why vendors aspire for placement. Irrespective of its value, he notes that every time a new MQ comes out, the vendor has an opportunity to issue a self-congratulatory press release about it.

In chapter 6, Stiennon makes the somewhat depressing observation that the senior analysts at Gartner have not had hands-on experience with products for many years. Yet these same analysts often have huge influence on the very products they often don't understand in minutia.

In some ways, the book is akin to How to Win Friends and Influence People by Dale Carnegie. The only difference is that one is attempting to influence a Gartner analyst in the vendor's favor. In chapter 7, the book details how to find the influencers. Stiennon is a big fan of social media and gives a number of valuable methods to find the Gartner analysts in your sector.

One approach I think Stiennon is mistaken is with the use of Klout. He writes that Klout is a great tool for measuring relative influence, at least on social media of an analyst. That may be somewhat true, but for a large part is irrelevant. As I wrote in Some Observations on Klout Scores, Klout can and should be applauded for trying to measure this monstrosity called social influence; but their results of influence should in truth, carry very little influence.

I based this on the fact that Klout scores Funny One Liners and the legendary Tim O'Reilly as being equal; which is utterly absurd. You can do your own Klout analysis for similar irrelevant and meaningless Klout scores.

The MQ is not the only service Gartner offers. In chapter 8, Stiennon writes of SAS Day. SAS is the Gartner Strategic Advisory Service, where a vendor buys the services of an analyst for a day. He notes that the pay to play myth may arise from SAS; but observes that you are not buying the analyst's opinion, rather their time. Vendors can get a lot out of a SAS day, as it is a day-long bottoms-up analysis of their products, markets, sales strategies and more with an analyst who has a deep awareness of that sector.

Stiennon also provides a lot of pragmatic direction on SAS on how to prepare for the SAS day. Given the expense of the analyst and the need to have all of the key staffers there, he notes that getting an agenda planned, good conference rooms, nutritious meals and much more are key to getting the most out of the day.

Back to the MQ; Stiennon writes that every organization of size needs a dedicated analyst relations (AR) staff member. The AR person will be the conduit between the vendor and the analyst firm. While the AR person is critical, he writes that a firm should never pin the responsibility for missing a target of MQ placement on the AR person. Executing on the MQ strategy is the responsibility of the entire organization.

The book provides more pragmatic advice in chapter 12 where it details the use of Gartner conferences. Stiennon writes that firms invest huge sums to attend and sponsor Gartner conferences in the hope to get in front of and sell to leading CIO's. In many cases a single sale to a CIO that arises from a Gartner event will justify the huge expenses.

But even with that, many firms make the mistake of manning their booths at the conference with junior staffers and marketing people that can't speak to the CIO, while the CEO of the vendor firm is in the back of the booth on their cell phone. That is just one of a few major faux pas the chapter details and how then can be obviated.

The chapter also details a common sales mistake in staffing the booths with booth babes. He notes that the concept is gross and misogynistic.

Towards the end, the book closes with what not to do when dealing with Gartner. He gives two examples of firms that were on their negative side. After Oracle Under Fire was written, Oracle CEO Larry Ellison went on a tirade against Gartner.

In another case, ZL Technologies, an email archiving firm sued Gartner for over $1 billion in damages (even though it was worth a fraction of that) when an analyst said their products was not up to par.

The book closes with the observation that buyers need industry analysts, as the analysts see that changes that are coming in the industry and are able to forewarn their clients.

The book is an easy read, yet highly informative and insightful. Every chapter has Stiennon's real-world experience at Gartner and post-Gartner.

While Stiennon is ex-Gartner, never in the book does his disparage his former employer or denigrate their MQ methodology. Rather he shows ways in which the vendor can maximize the potential Gartner relationship and exposure.

Any technology executive, investor and everyone in their PR and marketing departments who are looking to be on the MQ, deal with Gartner or any advisory service, should make certain that UP and to the RIGHT: Strategy and Tactics of Analyst Influence: A complete guide to analyst influence is on their absolutely required reading list. The book provides myriad superb advice on everything you need to know about dealing with and being successful with Gartner.

Given the extraordinary costs involved with analysts and the preparation for analyst meetings, the books $22 price tag is an absolutely bargain combined with its indispensable content. Whether you are a niche player or leader, it is a book well worth reading.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase UP and to the RIGHT: Strategy and Tactics of Analyst Influence: A complete guide to analyst influence from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

benrothke writes "Anyone who has worked in information technology knows of Gartner. They are one of the leading information technology research and advisory firms. Most of their clients are CIOs and senior IT leaders in corporations and government agencies, high-tech and telecom enterprises. Gartner is huge with over 5,000 associates, over 1, 200 research analysts and consultants and clients in 85 countries. Their revenue in 2011 was nearly $1.5 billion. While Gartner is the world's largest, there are over 650 independent analyst firms worldwide. Barbara French's Directory of Analysts provides a comprehensive list. With all that, very few people understand how Gartner works and what makes them tick. In UP and to the RIGHT: Strategy and Tactics of Analyst Influence: A complete guide to analyst influence, ex-Gartner analyst Richard Stiennon takes the mystery out of Gartner. In particular, a good part of the book deals with Gartner's vaunted Magic Quadrant." Read below for the rest of Ben's review. UP and to the RIGHT: Strategy and Tactics of Analyst Influence: A complete guide to analyst influence author Richard Stiennon pages 186 publisher IT-Harvest Press rating 9/10 reviewer Ben Rothke ISBN 0985460709 summary Definitive guide on Gartner and their Magic Quadrant The Magic Quadrant (MQ) is Gartner's proprietary research tool that according to them provide a qualitative analysis into a market and its direction, maturity and participants, thus possibly enabling a company to be a stronger competitor for that market. Every, and I mean every tech vendor strives to be recognized by Gartner be on a prominent post on the MQ.

Today there are hundreds of different MQ's for sectors from firewalls, cloud services to web hosting and everything in between.

For those not Gartner clients, buying a specific MQ can be expensive. But vendors often use the MQ to tout their product and pay to make them publicly available. Some examples of the freely-available are the MQ for:Secure Web Gateways, Security Information and Event Management and Web Fraud Detection. A Google search of the term with the PDF format will also reveal numerous free versions.

The book derives its name based on the best place for a company to be on the MQ. Up and to the right is where Gartner places market leaders which is nirvana for a tech firm. The other locations on the quadrant are: niche player, visionary and challenger. But for a tech firm, there is only one location, and that is up and to the right.

The MQ itself has two markers; completeness of vision, which defines features and innovative enhancements. The other is ability to execute, which is determined by revenue, number and quality of resellers and distributors, number of employees and their distribution between engineering, sales, and support and other business issues.

If up and to the right is the desired location, how does one get there? For many tech firms, they often are clueless. In the book, Stiennon provides clear direction on how to get there. For those looking to make the expedition to the land of Gartner; this book is a veritable Berlitz Guide on how to safely make the journey.

A Gartner myth that will never go away and that Stiennon deals with on page 2 is the notion that getting on the MQ is simply a matter of paying for the privilege. He calls the notion of MQ pay to play completely false.

Chapter 2 is The Magic of Magic Quadrants and Stiennon details what it is and why vendors aspire for placement. Irrespective of its value, he notes that every time a new MQ comes out, the vendor has an opportunity to issue a self-congratulatory press release about it.

In chapter 6, Stiennon makes the somewhat depressing observation that the senior analysts at Gartner have not had hands-on experience with products for many years. Yet these same analysts often have huge influence on the very products they often don't understand in minutia.

In some ways, the book is akin to How to Win Friends and Influence People by Dale Carnegie. The only difference is that one is attempting to influence a Gartner analyst in the vendor's favor. In chapter 7, the book details how to find the influencers. Stiennon is a big fan of social media and gives a number of valuable methods to find the Gartner analysts in your sector.

One approach I think Stiennon is mistaken is with the use of Klout. He writes that Klout is a great tool for measuring relative influence, at least on social media of an analyst. That may be somewhat true, but for a large part is irrelevant. As I wrote in Some Observations on Klout Scores, Klout can and should be applauded for trying to measure this monstrosity called social influence; but their results of influence should in truth, carry very little influence.

I based this on the fact that Klout scores Funny One Liners and the legendary Tim O'Reilly as being equal; which is utterly absurd. You can do your own Klout analysis for similar irrelevant and meaningless Klout scores.

The MQ is not the only service Gartner offers. In chapter 8, Stiennon writes of SAS Day. SAS is the Gartner Strategic Advisory Service, where a vendor buys the services of an analyst for a day. He notes that the pay to play myth may arise from SAS; but observes that you are not buying the analyst's opinion, rather their time. Vendors can get a lot out of a SAS day, as it is a day-long bottoms-up analysis of their products, markets, sales strategies and more with an analyst who has a deep awareness of that sector.

Stiennon also provides a lot of pragmatic direction on SAS on how to prepare for the SAS day. Given the expense of the analyst and the need to have all of the key staffers there, he notes that getting an agenda planned, good conference rooms, nutritious meals and much more are key to getting the most out of the day.

Back to the MQ; Stiennon writes that every organization of size needs a dedicated analyst relations (AR) staff member. The AR person will be the conduit between the vendor and the analyst firm. While the AR person is critical, he writes that a firm should never pin the responsibility for missing a target of MQ placement on the AR person. Executing on the MQ strategy is the responsibility of the entire organization.

The book provides more pragmatic advice in chapter 12 where it details the use of Gartner conferences. Stiennon writes that firms invest huge sums to attend and sponsor Gartner conferences in the hope to get in front of and sell to leading CIO's. In many cases a single sale to a CIO that arises from a Gartner event will justify the huge expenses.

But even with that, many firms make the mistake of manning their booths at the conference with junior staffers and marketing people that can't speak to the CIO, while the CEO of the vendor firm is in the back of the booth on their cell phone. That is just one of a few major faux pas the chapter details and how then can be obviated.

The chapter also details a common sales mistake in staffing the booths with booth babes. He notes that the concept is gross and misogynistic.

Towards the end, the book closes with what not to do when dealing with Gartner. He gives two examples of firms that were on their negative side. After Oracle Under Fire was written, Oracle CEO Larry Ellison went on a tirade against Gartner.

In another case, ZL Technologies, an email archiving firm sued Gartner for over $1 billion in damages (even though it was worth a fraction of that) when an analyst said their products was not up to par.

The book closes with the observation that buyers need industry analysts, as the analysts see that changes that are coming in the industry and are able to forewarn their clients.

The book is an easy read, yet highly informative and insightful. Every chapter has Stiennon's real-world experience at Gartner and post-Gartner.

While Stiennon is ex-Gartner, never in the book does his disparage his former employer or denigrate their MQ methodology. Rather he shows ways in which the vendor can maximize the potential Gartner relationship and exposure.

Any technology executive, investor and everyone in their PR and marketing departments who are looking to be on the MQ, deal with Gartner or any advisory service, should make certain that UP and to the RIGHT: Strategy and Tactics of Analyst Influence: A complete guide to analyst influence is on their absolutely required reading list. The book provides myriad superb advice on everything you need to know about dealing with and being successful with Gartner.

Given the extraordinary costs involved with analysts and the preparation for analyst meetings, the books $22 price tag is an absolutely bargain combined with its indispensable content. Whether you are a niche player or leader, it is a book well worth reading.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase UP and to the RIGHT: Strategy and Tactics of Analyst Influence: A complete guide to analyst influence from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

benrothke writes "Anyone who has worked in information technology knows of Gartner. They are one of the leading information technology research and advisory firms. Most of their clients are CIOs and senior IT leaders in corporations and government agencies, high-tech and telecom enterprises. Gartner is huge with over 5,000 associates, over 1, 200 research analysts and consultants and clients in 85 countries. Their revenue in 2011 was nearly $1.5 billion. While Gartner is the world's largest, there are over 650 independent analyst firms worldwide. Barbara French's Directory of Analysts provides a comprehensive list. With all that, very few people understand how Gartner works and what makes them tick. In UP and to the RIGHT: Strategy and Tactics of Analyst Influence: A complete guide to analyst influence, ex-Gartner analyst Richard Stiennon takes the mystery out of Gartner. In particular, a good part of the book deals with Gartner's vaunted Magic Quadrant." Read below for the rest of Ben's review. UP and to the RIGHT: Strategy and Tactics of Analyst Influence: A complete guide to analyst influence author Richard Stiennon pages 186 publisher IT-Harvest Press rating 9/10 reviewer Ben Rothke ISBN 0985460709 summary Definitive guide on Gartner and their Magic Quadrant The Magic Quadrant (MQ) is Gartner's proprietary research tool that according to them provide a qualitative analysis into a market and its direction, maturity and participants, thus possibly enabling a company to be a stronger competitor for that market. Every, and I mean every tech vendor strives to be recognized by Gartner be on a prominent post on the MQ.

Today there are hundreds of different MQ's for sectors from firewalls, cloud services to web hosting and everything in between.

For those not Gartner clients, buying a specific MQ can be expensive. But vendors often use the MQ to tout their product and pay to make them publicly available. Some examples of the freely-available are the MQ for:Secure Web Gateways, Security Information and Event Management and Web Fraud Detection. A Google search of the term with the PDF format will also reveal numerous free versions.

The book derives its name based on the best place for a company to be on the MQ. Up and to the right is where Gartner places market leaders which is nirvana for a tech firm. The other locations on the quadrant are: niche player, visionary and challenger. But for a tech firm, there is only one location, and that is up and to the right.

The MQ itself has two markers; completeness of vision, which defines features and innovative enhancements. The other is ability to execute, which is determined by revenue, number and quality of resellers and distributors, number of employees and their distribution between engineering, sales, and support and other business issues.

If up and to the right is the desired location, how does one get there? For many tech firms, they often are clueless. In the book, Stiennon provides clear direction on how to get there. For those looking to make the expedition to the land of Gartner; this book is a veritable Berlitz Guide on how to safely make the journey.

A Gartner myth that will never go away and that Stiennon deals with on page 2 is the notion that getting on the MQ is simply a matter of paying for the privilege. He calls the notion of MQ pay to play completely false.

Chapter 2 is The Magic of Magic Quadrants and Stiennon details what it is and why vendors aspire for placement. Irrespective of its value, he notes that every time a new MQ comes out, the vendor has an opportunity to issue a self-congratulatory press release about it.

In chapter 6, Stiennon makes the somewhat depressing observation that the senior analysts at Gartner have not had hands-on experience with products for many years. Yet these same analysts often have huge influence on the very products they often don't understand in minutia.

In some ways, the book is akin to How to Win Friends and Influence People by Dale Carnegie. The only difference is that one is attempting to influence a Gartner analyst in the vendor's favor. In chapter 7, the book details how to find the influencers. Stiennon is a big fan of social media and gives a number of valuable methods to find the Gartner analysts in your sector.

One approach I think Stiennon is mistaken is with the use of Klout. He writes that Klout is a great tool for measuring relative influence, at least on social media of an analyst. That may be somewhat true, but for a large part is irrelevant. As I wrote in Some Observations on Klout Scores, Klout can and should be applauded for trying to measure this monstrosity called social influence; but their results of influence should in truth, carry very little influence.

I based this on the fact that Klout scores Funny One Liners and the legendary Tim O'Reilly as being equal; which is utterly absurd. You can do your own Klout analysis for similar irrelevant and meaningless Klout scores.

The MQ is not the only service Gartner offers. In chapter 8, Stiennon writes of SAS Day. SAS is the Gartner Strategic Advisory Service, where a vendor buys the services of an analyst for a day. He notes that the pay to play myth may arise from SAS; but observes that you are not buying the analyst's opinion, rather their time. Vendors can get a lot out of a SAS day, as it is a day-long bottoms-up analysis of their products, markets, sales strategies and more with an analyst who has a deep awareness of that sector.

Stiennon also provides a lot of pragmatic direction on SAS on how to prepare for the SAS day. Given the expense of the analyst and the need to have all of the key staffers there, he notes that getting an agenda planned, good conference rooms, nutritious meals and much more are key to getting the most out of the day.

Back to the MQ; Stiennon writes that every organization of size needs a dedicated analyst relations (AR) staff member. The AR person will be the conduit between the vendor and the analyst firm. While the AR person is critical, he writes that a firm should never pin the responsibility for missing a target of MQ placement on the AR person. Executing on the MQ strategy is the responsibility of the entire organization.

The book provides more pragmatic advice in chapter 12 where it details the use of Gartner conferences. Stiennon writes that firms invest huge sums to attend and sponsor Gartner conferences in the hope to get in front of and sell to leading CIO's. In many cases a single sale to a CIO that arises from a Gartner event will justify the huge expenses.

But even with that, many firms make the mistake of manning their booths at the conference with junior staffers and marketing people that can't speak to the CIO, while the CEO of the vendor firm is in the back of the booth on their cell phone. That is just one of a few major faux pas the chapter details and how then can be obviated.

The chapter also details a common sales mistake in staffing the booths with booth babes. He notes that the concept is gross and misogynistic.

Towards the end, the book closes with what not to do when dealing with Gartner. He gives two examples of firms that were on their negative side. After Oracle Under Fire was written, Oracle CEO Larry Ellison went on a tirade against Gartner.

In another case, ZL Technologies, an email archiving firm sued Gartner for over $1 billion in damages (even though it was worth a fraction of that) when an analyst said their products was not up to par.

The book closes with the observation that buyers need industry analysts, as the analysts see that changes that are coming in the industry and are able to forewarn their clients.

The book is an easy read, yet highly informative and insightful. Every chapter has Stiennon's real-world experience at Gartner and post-Gartner.

While Stiennon is ex-Gartner, never in the book does his disparage his former employer or denigrate their MQ methodology. Rather he shows ways in which the vendor can maximize the potential Gartner relationship and exposure.

Any technology executive, investor and everyone in their PR and marketing departments who are looking to be on the MQ, deal with Gartner or any advisory service, should make certain that UP and to the RIGHT: Strategy and Tactics of Analyst Influence: A complete guide to analyst influence is on their absolutely required reading list. The book provides myriad superb advice on everything you need to know about dealing with and being successful with Gartner.

Given the extraordinary costs involved with analysts and the preparation for analyst meetings, the books $22 price tag is an absolutely bargain combined with its indispensable content. Whether you are a niche player or leader, it is a book well worth reading.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase UP and to the RIGHT: Strategy and Tactics of Analyst Influence: A complete guide to analyst influence from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

benrothke writes "Anyone who has worked in information technology knows of Gartner. They are one of the leading information technology research and advisory firms. Most of their clients are CIOs and senior IT leaders in corporations and government agencies, high-tech and telecom enterprises. Gartner is huge with over 5,000 associates, over 1, 200 research analysts and consultants and clients in 85 countries. Their revenue in 2011 was nearly $1.5 billion. While Gartner is the world's largest, there are over 650 independent analyst firms worldwide. Barbara French's Directory of Analysts provides a comprehensive list. With all that, very few people understand how Gartner works and what makes them tick. In UP and to the RIGHT: Strategy and Tactics of Analyst Influence: A complete guide to analyst influence, ex-Gartner analyst Richard Stiennon takes the mystery out of Gartner. In particular, a good part of the book deals with Gartner's vaunted Magic Quadrant." Read below for the rest of Ben's review. UP and to the RIGHT: Strategy and Tactics of Analyst Influence: A complete guide to analyst influence author Richard Stiennon pages 186 publisher IT-Harvest Press rating 9/10 reviewer Ben Rothke ISBN 0985460709 summary Definitive guide on Gartner and their Magic Quadrant The Magic Quadrant (MQ) is Gartner's proprietary research tool that according to them provide a qualitative analysis into a market and its direction, maturity and participants, thus possibly enabling a company to be a stronger competitor for that market. Every, and I mean every tech vendor strives to be recognized by Gartner be on a prominent post on the MQ.

Today there are hundreds of different MQ's for sectors from firewalls, cloud services to web hosting and everything in between.

For those not Gartner clients, buying a specific MQ can be expensive. But vendors often use the MQ to tout their product and pay to make them publicly available. Some examples of the freely-available are the MQ for:Secure Web Gateways, Security Information and Event Management and Web Fraud Detection. A Google search of the term with the PDF format will also reveal numerous free versions.

The book derives its name based on the best place for a company to be on the MQ. Up and to the right is where Gartner places market leaders which is nirvana for a tech firm. The other locations on the quadrant are: niche player, visionary and challenger. But for a tech firm, there is only one location, and that is up and to the right.

The MQ itself has two markers; completeness of vision, which defines features and innovative enhancements. The other is ability to execute, which is determined by revenue, number and quality of resellers and distributors, number of employees and their distribution between engineering, sales, and support and other business issues.

If up and to the right is the desired location, how does one get there? For many tech firms, they often are clueless. In the book, Stiennon provides clear direction on how to get there. For those looking to make the expedition to the land of Gartner; this book is a veritable Berlitz Guide on how to safely make the journey.

A Gartner myth that will never go away and that Stiennon deals with on page 2 is the notion that getting on the MQ is simply a matter of paying for the privilege. He calls the notion of MQ pay to play completely false.

Chapter 2 is The Magic of Magic Quadrants and Stiennon details what it is and why vendors aspire for placement. Irrespective of its value, he notes that every time a new MQ comes out, the vendor has an opportunity to issue a self-congratulatory press release about it.

In chapter 6, Stiennon makes the somewhat depressing observation that the senior analysts at Gartner have not had hands-on experience with products for many years. Yet these same analysts often have huge influence on the very products they often don't understand in minutia.

In some ways, the book is akin to How to Win Friends and Influence People by Dale Carnegie. The only difference is that one is attempting to influence a Gartner analyst in the vendor's favor. In chapter 7, the book details how to find the influencers. Stiennon is a big fan of social media and gives a number of valuable methods to find the Gartner analysts in your sector.

One approach I think Stiennon is mistaken is with the use of Klout. He writes that Klout is a great tool for measuring relative influence, at least on social media of an analyst. That may be somewhat true, but for a large part is irrelevant. As I wrote in Some Observations on Klout Scores, Klout can and should be applauded for trying to measure this monstrosity called social influence; but their results of influence should in truth, carry very little influence.

I based this on the fact that Klout scores Funny One Liners and the legendary Tim O'Reilly as being equal; which is utterly absurd. You can do your own Klout analysis for similar irrelevant and meaningless Klout scores.

The MQ is not the only service Gartner offers. In chapter 8, Stiennon writes of SAS Day. SAS is the Gartner Strategic Advisory Service, where a vendor buys the services of an analyst for a day. He notes that the pay to play myth may arise from SAS; but observes that you are not buying the analyst's opinion, rather their time. Vendors can get a lot out of a SAS day, as it is a day-long bottoms-up analysis of their products, markets, sales strategies and more with an analyst who has a deep awareness of that sector.

Stiennon also provides a lot of pragmatic direction on SAS on how to prepare for the SAS day. Given the expense of the analyst and the need to have all of the key staffers there, he notes that getting an agenda planned, good conference rooms, nutritious meals and much more are key to getting the most out of the day.

Back to the MQ; Stiennon writes that every organization of size needs a dedicated analyst relations (AR) staff member. The AR person will be the conduit between the vendor and the analyst firm. While the AR person is critical, he writes that a firm should never pin the responsibility for missing a target of MQ placement on the AR person. Executing on the MQ strategy is the responsibility of the entire organization.

The book provides more pragmatic advice in chapter 12 where it details the use of Gartner conferences. Stiennon writes that firms invest huge sums to attend and sponsor Gartner conferences in the hope to get in front of and sell to leading CIO's. In many cases a single sale to a CIO that arises from a Gartner event will justify the huge expenses.

But even with that, many firms make the mistake of manning their booths at the conference with junior staffers and marketing people that can't speak to the CIO, while the CEO of the vendor firm is in the back of the booth on their cell phone. That is just one of a few major faux pas the chapter details and how then can be obviated.

The chapter also details a common sales mistake in staffing the booths with booth babes. He notes that the concept is gross and misogynistic.

Towards the end, the book closes with what not to do when dealing with Gartner. He gives two examples of firms that were on their negative side. After Oracle Under Fire was written, Oracle CEO Larry Ellison went on a tirade against Gartner.

In another case, ZL Technologies, an email archiving firm sued Gartner for over $1 billion in damages (even though it was worth a fraction of that) when an analyst said their products was not up to par.

The book closes with the observation that buyers need industry analysts, as the analysts see that changes that are coming in the industry and are able to forewarn their clients.

The book is an easy read, yet highly informative and insightful. Every chapter has Stiennon's real-world experience at Gartner and post-Gartner.

While Stiennon is ex-Gartner, never in the book does his disparage his former employer or denigrate their MQ methodology. Rather he shows ways in which the vendor can maximize the potential Gartner relationship and exposure.

Any technology executive, investor and everyone in their PR and marketing departments who are looking to be on the MQ, deal with Gartner or any advisory service, should make certain that UP and to the RIGHT: Strategy and Tactics of Analyst Influence: A complete guide to analyst influence is on their absolutely required reading list. The book provides myriad superb advice on everything you need to know about dealing with and being successful with Gartner.

Given the extraordinary costs involved with analysts and the preparation for analyst meetings, the books $22 price tag is an absolutely bargain combined with its indispensable content. Whether you are a niche player or leader, it is a book well worth reading.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase UP and to the RIGHT: Strategy and Tactics of Analyst Influence: A complete guide to analyst influence from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

snydeq writes "InfoWorld's Peter Wayner surveys the rich ecosystem of free maps, free data, and free libraries that give developers excellent alternatives to Google Maps. 'The options are expanding quickly as companies are building their own databases for holding geographical data, their own rendering tools for building maps, and their own software for embedding the maps in websites. ... Working with these tools can be a bit more complex than working with a big provider like Google. Some of these companies make JavaScript tools for displaying the maps, and others just deliver the raw tiles that the browsers use to assemble the maps. Working with the code means making decisions about how you want to assemble the pieces — now within your control. You can stick with one simple library or combine someone else's library with tiles you produce yourself.'"

snydeq writes "Ever since the first beta editions of Windows 8 appeared, rumors have circulated over how Microsoft would revamp its other flagship consumer product, Office, to be all the more useful in the new OS. Would Office become touch-oriented and Metro-centric, to the exclusion of plain old Windows users? A first look at Office 2013 provides the short answer: No. 'Office 2013 has clearly been revised to work that much better in Windows 8 and on touch-centric devices, but the vast majority of its functionality remains in place. The changes made are mostly cosmetic — a way to bring the Metro look to Office for users of versions of Windows other than 8. Further, Office 2013 has been designed to integrate more closely with online storage and services (mainly Microsoft's), although those are thankfully optional and not mandatory.'"

Stirling Newberry writes "Icelandic MP Birgitta Jónsdóttir details more of the evidence for what she calls a 'judicial vendetta' against WikiLeaks and its volunteers, including attempts to gain access to her Twitter account. Her efforts to block the National Defense Authorization Act were discussed here previously. The story was taken up last year by Glenn Greenwald and Wired. As a result, the International Parliamentarian Union adopted a resolution on her case. What's new? She asserts that there is a grand jury investigation into WikiLeaks and related organizations, and is calling on Sweden to provide assurances that WikiLeaks founder Julian Assange not be re-extradited to the U.S. She says, 'There is no doubt that the U.S. wants to get even with WikiLeaks.'"

Sparrowvsrevolution writes "On Monday, Twitter published its first-ever Transparency Report, detailing how many times governments around the world demanded its users' information and asked it to remove content. The results show that the U.S. government asked for more Twitterers' private data than all other governments combined: 679 requests in the first half of 2012, of which 75% were at least partially granted. That's more than all of last year, with half of 2012 still to go. Within hours, the issue of governments helping themselves to Twitter users' private data was illustrated in the case of Malcolm Harris, an Occupy Wall Street protester who had his Twitter data subpoenaed in a criminal case for 'disorderly conduct.' Twitter had fought the request, which will help prosecutors identify Harris as the tweets' source. But a Manhattan judge ruled that users have no expectation of privacy for their Twitter data."

snydeq writes "The Compute Engine announcement at Google I/O made it clear that Google intends to take Amazon EC2 head on. Michael Crandell, who has been testing out Compute Engine for some time now, divulges deeper insights into the nascent IaaS, which, although enticing, will have a long road ahead of it in eclipsing Amazon EC2. 'Even in this early stage, three major factors about Google Cloud stood out for Crandell. First was the way Google leveraged the use of its own private network to make its cloud resources uniformly accessible across the globe. ... Another key difference was boot times, which are both fast and consistent in Google's cloud. ... Third is encryption. Google offers at-rest encryption for all storage, whether it's local or attached over a network. 'Everything's automatically encrypted,' says Crandell, 'and it's encrypted outside the processing of the VM so there's no degradation of performance to get that feature.'"

1sockchuck writes "An Amazon Web Services data center in northern Virginia lost power Friday night during an electrical storm, causing downtime for numerous customers — including Netflix, which uses an architecture designed to route around problems at a single availability zone. The same data center suffered a power outage two weeks ago and had connectivity problems earlier on Friday."

snydeq writes "With Adobe's divestment of Flex and mobile Flash and Microsoft's move from Silverlight to Metro, Oracle now seems all alone in believing that a fat client framework — in the form of JavaFX — is a worthwhile investment, writes Andrew Oliver. 'Fewer and fewer options exist for developing purely fat client desktop applications and fewer still for RAD applications with Web-based delivery (aka, "thick clients"). We are on the verge of a purely HTML/JavaScript client world. Or we would be, if it weren't for mobile pushing us back to client-side development.'"

Vulcan195 writes "Would you let your three-year-old play with a real saw? You would if you were a parent in Switzerland. Suzanne Lucas (a U.S. mom residing in Switzerland) writes about the contrasts between the U.S. and Swiss ways of instilling wisdom. She writes: 'Every Friday, whether rain, shine, snow, or heat, my three-year-old goes into the forest for four hours with 10 other school children. In addition to playing with saws and files, they roast their own hot dogs over an open fire. If a child drops a hot dog, the teacher picks it up, brushes the dirt off, and hands it back.' She suggests that such kids grow up and lead the ones who were coddled (e.g. U.S. kids) during their early years."

snydeq writes "Law professor Tim Wu sheds light on a growing legal concern: the extent to which computers have a constitutional right to free speech. 'This may sound like a fanciful question, a matter of philosophy or science fiction. But it's become a real issue with important consequences,' Wu writes. First it was Google defending — and winning — a civil suit on grounds that search results are constitutionally protected speech. Now it is doubling down on the argument amidst greater federal scrutiny. 'Consider that Google has attracted attention from both antitrust and consumer protection officials after accusations that it has used its dominance in search to hinder competitors and in some instances has not made clear the line between advertisement and results. Consider that the "decisions" made by Facebook's computers may involve widely sharing your private information. ... Ordinarily, such practices could violate laws meant to protect consumers. But if we call computerized decisions "speech," the judiciary must consider these laws as potential censorship, making the First Amendment, for these companies, a formidable anti-regulatory tool.'"

snydeq writes "Hacker group Rex Mundi has made good on its promise to publish thousands of loan-applicant records it swiped from AmeriCash Advance after the payday lender refused to fork over between $15,000 and $20,000 as an extortion fee — or, in Rex Mundi's terms, an 'idiot tax.' The group announced on June 15 that it was able to steal AmeriCash's customer data because the company had left a confidential page unsecured on one of its servers. 'This page allows its affiliates to see how many loan applicants they recruited and how much money they made,' according to the group's post on dpaste.com. 'Not only was this page unsecured, it was actually referenced in their robots.txt file.'"

snydeq writes "Microsoft's plan to build its own Windows 8 tablets puts longtime allies in peril — and it may be the right thing to do. 'In announcing the Surface tablets, due to be released this fall, Microsoft CEO Steve Ballmer cited Apple's advantage (without mentioning Apple) of integrated software and hardware. "Things work better when hardware and software are considered together," he said. "We control it all, we design it all, and we manufacture it all ourselves." ... Like Apple, Microsoft will hire a few PC makers to do the actual production work. But the need for 20 brands of me-too laptops, tablets, and convertibles is low. Manufacturing sophisticated electronics is a skill requiring manufacturing innovation. But all those branded-but-otherwise-undifferentiated PCs, laptops, tablets, and smartphones just aren't needed in the vision Ballmer sketched out yesterday.'"

benrothke writes "In Digital Vertigo: How Todays Online Social Revolution Is Dividing, Diminishing, and Disorienting Us, author Andrew Keen, who describes himself as the Anti-Christ of Silicon Valley (whatever that means), raises numerous profound questions about social media and its implications on society. In the new world of social media and Web 3.0, which is claiming to revolutionize communication and interactions, Keen writes that history is repeating itself and points to the beginning of the industrial revolution as an example. He writes of Jeremy Bentham who invented the Panopticon; a structure where the inhabitants were watched at all times. Bentham felt the Panopticon could make humanity more virtuous, more hard-working and happier; similar to the promise of Web 3.0. The Panopticon was a failure, and Keen sees the same for Web 3.0. The book is a critique of Web 3.0." Read below for the rest of Ben's review. Digital Vertigo: How Today's Online Social Revolution Is Dividing, Diminishing, and Disorienting Us author Andrew Keen pages 256 publisher St. Martin's Press rating 8/10 reviewer Ben Rothke ISBN 0312624980 summary Critique of Web 3.0 While definitions of Web 3.0 vary greatly; Keen focuses on the personalization aspect. His view is that the current Internet culture and the wave of Web 3.0 social software is debasing society.

In this well-researched book, Keen presents two theses: that Web 3.0 is turning into an Orwellian infrastructure and that the hype of the Web 3.0 prognosticators is all hype. For the first point, it is a false premise, while the later has significant merit.

Keen has a misinterpretation of Big Brother and 1984. The book has scores of references to George Orwell, Big Brother, 1984 and related themes. Orwell describes Big Brother as the dictator of a totalitarian state, where the ruling party wields total power over the inhabitants.

In the society that Orwell describes, everyone is under complete surveillance by the authorities. Since the publication of 1984, the term has been synonymous for abuse of government power, particularly in respect to civil liberties, often specifically related to mass surveillance.

It is hard, if not impossible to see how Facebook and other social media services, which are voluntary and operate on an opt-in model, are anything close to totalitarianism and forced surveillance. The notion that Facebook is absolutism flies in the face of its tens of thousands of groups and topics, often in conflict with each other. Ironically, Keen never mentions the fact that Facebook founder Mark Zuckerberg was born in 1984.

One of the inherent problems with Facebook is that even if a person likes something, it is unclear if they bought the item, truly like it, or simply liked it to enter a raffle or help a friend. That is one of the reasons why General Motors Co. recently announced plans to stop advertising with Facebook. They found that that paid Facebook ads have little impact on consumers car purchases.

And therein is the rub; while all of that information is somewhat nebulous within the databases of Facebook, there is another organization, where substantial amounts of a person's most personal data is stored. That is an organization Keen seems oblivious to. That company is Experian, the largest of the big 3 credit firms.

While someone may like the New York Times on Facebook, Experian knows if the person has a subscription to the Times, what type of subscription they purchased, how long they have been a subscriber and how they paid for it. That is but one small example of the myriad data Experian has. Experian is not a social media company, they are not part of the Web 3.0 social revolution, yet they are significantly more dangerous than Facebook, Twitter and LinkedIn combined; a fact the book never discusses.

While Keen is critical of the social media wonks that the future will be social, he assumes that their prognostications of a social future are completely accurate. But as Facebook's growth has slowed and the fruits of its IPO stalled, there are many people who are simply tiring of social media.

In the introduction, Keen astutely quotes British philosopher John Stuart Mill that privacy is not only essential to life and liberty it's essential to the pursuit of happiness, in the broader and deepest sense. Keen sees social media in direct contradiction to that notion of privacy.

He closes the chapter with the observation estimating that in 2020; about 50 billion intelligent networked devices such as his BlackBerry Bold will be in use, many of which will be gathering personal data. Note though that at the recent 14th Annual AT&T Cyber Security Conference, one of the speakers put that number closer to 500 billion.

In chapter 1, Keen quotes Julian Assange that Facebook is that world's most comprehensive database about people, their relationships, names, address, locations, and more. Keen accepts that observation as gospel, uses it as an underpinning in the book, oblivious to Experian, which is interminably more comprehensive and authoritative than Facebook will ever be.

Case in point, many people put their birthday on Facebook as January 1, as it is a required field. While that Facebook data is utter rubbish, Experian has the person's true DOB.

Chapter 1 closes with numerous social media services being termed Orwellian services. It is hard to understand how an opt-in system is Orwellian. The chapter then closes with the histrionic question of "has Nineteen Eighty-Four finally arrived on all of our screens".

The histrionics continue with Orwell and its derivatives being used nearly 10 times on the first page of chapter 2. With that, Keen does note the importance of privacy and how it is being significantly eroded in social media. He quotes social media research scientist Dr. Julie Albright that privacy is taking a back seat to the notion that our every thought, act or desire should be publicized.

There are interesting insights in chapter 2 where he writes that social media has enabled new kinds of collective stupidity, and that it makes it hard for people to think for themselves; rather they simply cite what has already been cited.

He also notes that social media makes it effortless to destroy a life of integrity and a person's reputation. He notes that in our hypervisible age, all it takes is a camcorder and a Skype account to destroy someone's life; using the Dharun Ravi case as an example.

A point Keen perceptively makes is that there is little evidence that with all the sharing in social media, that it actually makes people more forgiving or tolerant. Rather it fuels a mob culture of intolerance, Schadenfreude and revengefulness. He writes that the tolerance that Jeff Jarvis thought Web 3.0 would bring, are in fact fueling the corrosive belligerence that has infected much of the snarky, gotcha public discourse in contemporary society.

Keen writes in depth about Mark Zuckerberg's notion of frictionless sharing and is concerned about its privacy consequences. Yet Zuckerberg's grand plan will only work if everyone opts in, which is still quite speculative.

In chapter 8, much of Keen's fears are allayed when he writes that the truth is that most of us don't want to share everything we read, watch and listen to online. In June 2012, noted security guru Marcus Ranum announced that he was deleting his Facebook account due to the inanity of the posts and invitations.

Keen himself said that he stopped using Facebook as he was embarrassed by some of the things people put up so he decided to close his account; calling it one of the best things he'd ever done online. With that, frictionless sharing goes nowhere.

Chapter 5 — The Cult of the Social, presents some of the most perceptive thoughts in the book. Keen quotes historian John Tresch that today's social media systems encourages people to manage their fame machine, with the goal to build followers and establish their own cloud of glory;but gaining nothing in the long-term.

The book closes with John Stuart Mill's notion that remaining human requires us to sometimes disconnect from society, to remain private, autonomous and secret. The alternate Mill recognized was the tyranny of the majority and the death of individual liberty; which Keen notes is not an unrealistic fear.

Another observation of Mill's that our uniqueness as a species lies in our ability to stand apart from the crowd, to disentangle ourselves from society, to be let alone and to be able to think and act for ourselves. For the proponents of Web 3.0, they see our uniqueness as a species as being social; for Keen, it is the antithesis.

In the book, Keen advocates that we need to ensure the balance between our public and private lives and is rightfully scared of those that say we are heading into a world that will no longer have privacy. Mills notion of the fundamentals of privacy mean that if we abandon it, we lose some of our essence as human beings.

Keen lets the reader know that he is not a Luddite and doesn't advocate completely abandoning social media. As a Twitter devotee, he has found the time to write over 10,000 tweets and amass nearly 20,000 followers.

Overall, Digital Vertigo: How Today's Online Social Revolution Is Dividing, Diminishing, and Disorienting Us is a book well worth reading. Keen raises countless fundamental questions of the underlying hazards of Web 3.0. He writes of our often blind infatuation with this new thing called Web 3.0 in which people are reveling far too much of their inner self, just for the use of a free service.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Digital Vertigo: How Today's Online Social Revolution Is Dividing, Diminishing, and Disorienting Us from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

snydeq writes "Charles Nutter, Rich Hickey, and Gavin King each discovered that 'simplicity' doesn't mean the same thing as they developed Ruby, Clojure, and Ceylon, respectively. 'Languages that are created with similar goals in mind may yield highly disparate final results, depending on how their communities understand those goals,' writes Andrew Oliver. 'At first, it surprised me that each language's creator directly or indirectly identified simplicity as his goal, as well as how differently the three creators and their languages' communities define what simplicity is. For Ruby, it is about a language that feels natural and gets out of your way to do what you want. For Clojure, it is about keeping the language itself simple. For Ceylon, it is a compromise between enabling the language to help, in King's words, "communicating algorithms to humans" and providing proper tooling support: the same general goal, three very different results.'"

snydeq writes "While privacy groups are working to lock away your personal data, a better — or perhaps supplementary — option may be to let you sell it for what it's really worth. 'Whether it's Facebook, Twitter, Google Drive, or Pinterest, the truth is the product is you — all that data about you used to target ads and sales pitches. It's hardly a new business model — it's how trade publications have made their money for decades — but in the online world all that information is easily stolen, traded, and spread. ... If the data has value — and we know it does — its creators (you and me) should be paid for it. And if we take over the selling of our data, all those companies using it now have to respect us and abide by our standards.'"

OverTheGeicoE writes "Over a month after Sen. Rand Paul announced his desire to pull the plug on TSA, he has finally released his legislation that he tweets will 'abolish the #TSA & establish a passengers "Bill of Rights."' Although the tweet sounds radical, the press release describing his proposed legislation is much less so. 'Abolition' really means privatization; one of Paul's proposals would simply force all screenings to be conducted by private screeners. The proposed changes in the 'passenger Bill of Rights' appear to involve slight modifications to existing screening methods at best. Many of his 'rights' are already guaranteed under current law, like the right to opt-out of body scanning. Others can only vaguely be described as rights, like 'expansion of canine screening.' Here's to the new boss..."

snydeq writes "IT professionals jumping into the cloud with both feet beware: It's irresponsible to think that just because you push a problem outside your office, it ceases to be your problem. It's not just the possibility of empty promises and integration issues that dog the cloud decision; it's also the upgrade to the new devil, the one you don't know. You might be eager to relinquish responsibility of a cranky infrastructure component and push the headaches to a cloud vendor, but in reality you aren't doing that at all. Instead, you're adding another avenue for the blame to follow. The end result of a catastrophic failure or data loss event is exactly the same whether you own the service or contract it out.'"

snydeq writes "After hearing objections from developers, Microsoft will offer a version of its Visual Studio Express 2012 package for desktop application development after all. The company had previously announced that Express 2012 editions, which are free, platform-specific versions of the Visual Studio 2012 IDE, would be limited to Windows 8 Metro-style development as well as development for the Windows Azure cloud platform, Windows Phone, and Web applications. 'We heard from our community that developers want to have for Windows desktop development the same great experience and access to the latest Visual Studio 2012 features at the Express level. ... And it will enable developers working on open source applications to target existing and previous versions of Windows.'"

snydeq writes "As the self-proclaimed 'cloud OS for the datacenter,' OpenStack is fast becoming one of the more intriguing movements in open source — complete with lofty ambitions, community in-fighting, and commercial appeal. But questions remain whether this project can reach its potential of becoming the new Linux. 'The allure of OpenStack is clear: Like Linux, OpenStack aims to provide a kernel around which all kinds of software vendors can build businesses. But with OpenStack, we're talking multiple projects to provide agile cloud management of compute, storage, and networking resources across the data center — plus authentication, self-service, resource monitoring, and a slew of other projects. It's hugely ambitious, perhaps the most far-reaching open source project ever, although still at a very early stage. ... Clearly, the sky-high aspirations of OpenStack both fuel its outrageous momentum and incur the risk of overreach and collapse, as it incites all manner of competition. The promise is big, but the success of OpenStack is by no means assured.'"

Dangerous_Minds writes "ZeroPaid is documenting some comments made by an encrypted chat developer who was interrogated at the U.S. border recently. According to the CryptoCat developer, border guards confiscated his passport and interrogated him about the application he developed. Most notably, he commented, "The interrogator (who claimed 22 years of computer experience) asked me which algorithms Cryptocat used and about its censorship resistance.""

CWmike writes "Oracle CEO Larry Ellison declared the company is ready to offer 'the most comprehensive cloud on the planet Earth,' during a webcast event on Wednesday. 'It's been a long time coming,' Ellison said of the Oracle Public Cloud, which encompasses Oracle's suite of Fusion Applications delivered as both SaaS (software as a service) and PaaS (platform as a service) features, including the Java Cloud Service and Database Cloud Service. It's also the home of Oracle Social Network, the company's foray into Facebook-like collaboration tools for enterprises. Wednesday's event — and Twitter (where his first tweet is a gem) — also provided Ellison with an opportunity to tout what he called Oracle Public Cloud's many advantages over rivals such as SAP and Salesforce.com, as well as to engage in some of his traditional competitive trash talk."

snydeq writes "After years of battling Linux as a competitive threat, Microsoft is now offering Linux-based operating systems on its Windows Azure cloud service. The Linux services will go live on Azure at 4 a.m. EDT on Thursday. At that time, the Azure portal will offer a number of Linux distributions, including Suse Linux Enterprise Server 11 SP2, OpenSuse 12.01, CentOS 6.2 and Canonical Ubuntu 12.04. Azure users will be able to choose and deploy a Linux distribution from the Microsoft Windows Azure Image Gallery and be charged on an hourly pay-as-you-go basis."

jones_supa writes "A user in a Russian forum is claiming to have hacked LinkedIn to the tune of almost 6.5 million account details. The user uploaded 6,458,020 SHA-1 hashed passwords, but no usernames. Several people have said on Twitter that they found their real LinkedIn passwords as hashes on the list. The Verge spoke with Mikko Hyppönen, Chief Research Officer at F-Secure, who thinks this is a real collection. He told us he is 'guessing it's some sort of exploit on their web interface, but there's no way to know.' We will have to wait for LinkedIn to report back to be sure what exactly has happened." An anonymous reader tipped us to related news: The LinkedIn iOS application harvests information from your calendar and transmits it to their servers unencrypted.

snydeq writes "The NYTimes reports on the San Francisco's shifting socio-economic landscape thanks to a massive influx of tech workers and tax and regulation breaks to big-name startups. 'In a city often regarded as unfriendly to business, Mayor Edwin M. Lee, elected last year with the tech industry's strong backing, has aggressively courted start-ups. But this boom has also raised fears about the tech industry's growing political clout and its spillover economic effects. Apartment rents have soared to record highs as affordable housing advocates warn that a new wave of gentrification will price middle-class residents out of the city. At risk, many say, are the very qualities that have drawn generations of outsiders here, like the city's diversity and creativity. Families, black residents, artists and others will increasingly be forced across the bridge to Oakland, they warn.'"

howhardcanitbetocrea writes "WHMCS has had 500,000 records leaked, credit cards included, by hackers calling themselves UGNazis. Apparently UGNazis succeeded in obtaining login details from the billing software's host by using social engineering. UGNazis accuse WHMCS of knowingly offering services to fraudsters. After almost 24 hours UGNazis still seem to have control of WHMCS twitter account @whmcs and is regularly updating their exploits. These tweets are also feeding into WHMCS software."

benrothke writes "Elementary Information Security, based on its title, weight and page length, I assumed was filled with mindless screen shots of elementary information security topics, written with a large font, in order to jack up the page count. Such an approach is typical of far too many security books. With that, if there ever was a misnomer of title, Elementary Information Security is it." Read below for the rest of Ben's review Elementary Information Security author Richard E. Smith pages 800 publisher Jones & Bartlett Learning rating 10/10 reviewer Ben Rothke ISBN 978-1449648206 summary Information security magnum opus For anyone looking for a comprehensive information security reference guide - Elementary Information Security is it. While the title may say elementary, for the reader who spends the time and effort to complete the book, they will come out with a complete overview of every significant information security topic.

The book is in fact a textbook meant to introduce the reader to the topic of information security. But it has enough content to be of value to everyone; security notices or experienced professional.

Author Richard Smith notes that if you want to get a solid understanding of information security technology, you have to look closely at the underlying strengths and weakness of information technology itself, which requires a background in computer architecture, operating systems and computing networking.

With that, Elementary Information Security is a tour de force that covers every information security topic, large and small. The book also provides a relevant overview of the peripheral topics that are embedded into information security.

In 17 chapters covering over 800 pages, the book is well organized and progressively gets more complex. Two large chapters of the book are freely available online, with chapter 3 here and chapter 9 here. The early chapters focus on the fundamentals of computers and networking, and the core aspects of information security. The chapters progress in complexity and deal with distributed systems and more complex security topics. The mid-chapters deal with cryptography, starting with an introduction to the topic, into more complex topics and scenarios. One is hard-pressed to find an information security topic not covered in the book.

Chapter 1 is on Security from the Ground Up and lays the groundwork for what security is. Various topics around risk are detailed; such as identifying, prioritizing and assessing risks.

Chapter 2 is on Controlling a Compute rand reviews the underlying architecture around computers.

For some people, much of their learning about information security is based on rote memorization. In the book, Smith eschews this and each chapter closes with a glossary of topics, and penetrating questions. There are also problem definitions which detail practical situations with the hope that the reader can create and adequate security solution. The reader who spends extra time reviewing the questions will find that it will significantly help in their mastering the myriad topics.

The goal of the questions and exercises is to make the knowledge real. Some of the exercises include watching movies with computer security related topics such as The Falcon and the Snowman, Crimson Tide, and others. For example, in The Falcon and the Snowman, the author asks the reader to identify two types of security measure that would have helped prevent theft of the crypto keys. In Crimson Tide, it asks the reader to consider the missile launch procedures portrayed in the film and asks if it is possible for a single person to launch a nuclear missile. Another scenario is that under what circumstances a recipient should accept an unauthenticated message. It also asks the reader to give an example of a circumstance in which accepting an unauthenticated message would yield the wrong result.

The book is not meant as a For Dummies guide to the topic, and it assumes a college-level comprehension of relevant mathematical concepts. Note though that the requisite math is detailed in the sections on encryption and cryptography.

The book is also the first textbook certified by the NSA to comply with the NSTISSI 4011 standard, which is the federal training standard for information security professionals. The author notes on his blog that in order to gain that certification, he had to map each topic required by the standard to the information as it appears in the textbook.

Given the value of the book, (ISC) should consider using this title as a reference for their CISSP certification. With all of the CISSP preparation guides available, even the Official (ISC)2 Guide to the CISSP CBK, one is hard pressed to find a comprehensive all-embracing security reference such as this. Some may even want to simply use this book as their definitive CISSP study guide.

For those looking for a single encyclopedic reference on information security, they should look no further than Elementary Information Security. Richard Smith has written a magnum opus on the topic, which will be of value for years to come.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Elementary Information Security from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

theodp writes "His old day job at Gawker entailed calling BS on tech's high-and-mighty, but Ryan Tate still found things to like about Silicon Valley. In The 20% Doctrine, Tate explores how tinkering, goofing off, and breaking the rules at work can drive success in business. If you're lucky, your boss may someday find Tate's book in his or her conference schwag bag and be inspired enough by the tales of skunkworks projects at both tech (Google, Flickr, pre-Scott Thompson Yahoo) and non-tech (Bronx Academy of Letters, Huffington Post, Thomas Keller Restaurant Group) organizations to officially condone some form of 20% time at your place of work. In the meantime, how do you manage to find time to goof off to get ahead?"

suraj.sun writes "Microsoft quietly fixed a flaw in Hotmail's password reset system that allowed anyone to reset the password of any Hotmail account last Friday. The company was notified of the flaw by researchers at Vulnerability Lab on April 20th and responded with a fix within hours — but not until after widespread attacks, with the bug apparently spreading 'like wild fire' in the hacking community. Hotmail's password reset system uses a token system to ensure that only the account holder can reset their password — a link with the token is sent to an account linked to the Hotmail account — and clicking the link lets the account owner reset their password. However, the validation of these tokens isn't handled properly by Hotmail, allowing attackers to reset passwords of any account. Initially hackers were offering to crack accounts for $20 a throw. However, the technique became publicly known and started to spread rapidly with Web and YouTube tutorials showing the technique popping up across the Arabic-speaking Internet."

It's not just the TRS-80; new submitter sebt writes "ZX Spectrum, the microcomputer launched in 1982 by Sinclair Research (Cambridge, UK) turns 30 today. The launch of the machine is seen by many today as the inspiration for a generation of eager young programmers, software and game designers in the UK. The events surrounding its launch, notably Sinclair's well-known rivalry with Acorn, later helped to inspire the design of the ARM architecture and most recently the Raspberry PI (based on ARM), in an effort to reboot the idea of enthusiastic kid programmers first captured by the Spectrum and Acorn's BBC micro. Happy birthday Spec!"

benrothke writes "While Julius Caesar likely never said 'Et tu, Brute?' the saying associated with his final minutes has come to symbolize the ultimate insider betrayal. In The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes, authors Dawn Cappelli, Andrew Moore and Randall Trzeciak of the CERT Insider Threat Center provide incontrovertible data and an abundance of empirical evidence, which creates an important resource on the topic of insider threats. There are thousands of companies that have uttered modern day versions of Et tu, Brute due to insidious insider attacks and the book documents many of them." Read on for the rest of Ben's review. The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes author Dawn Cappelli, Andrew Moore, Randall Trzeciak pages 432 publisher Addison-Wesley Professional rating 10/10 reviewer Ben Rothke ISBN 978-0321812575 summary Definitive resource on insider threats The book is based on work done at the CERT Insider Threat Center, which has been researching this topic for the last decade. The data the threat center has access to is unparalleled, which in turn makes this the definitive book on the topic. The threat center has investigated nearly 1,000 incidents and their data sets on the topic are unrivaled. With that, the book truly needs to be on the desktop of everyone tasked with data security and intellectual property protection.

The book provides a unique perspective on insider threats as the CERT Insider Threat Center pioneered the study of the topic, and has exceptional and empirical data to back up their findings. While there are many books on important security topics such as firewalls, encryption, identity management and more; The CERT Guide to Insider Threats is the one of the first to formally and effectively tackle the extraordinary devastating problem of trusted insiders who misappropriate data.

In the introduction, the authors write that a common misconception is that insider threat risk management is the responsibility of IT and information security staff members exclusively. The reality is that it is the responsibility of senior management to ensure that there is an overarching program to deal with insider threats at the enterprise level. Surpassingly and shockingly, far too few organizations have insider threat programs in place, and the book has scores of stories and case studies on those organizations that have become victims. While senior management created information security solutions to secure the perimeter; they were oblivious to the data leakage emanating from the interior network.

The authors reiterate that it is critical that all levels of management recognize and acknowledge the threat posed by insiders and take appropriate steps to mitigate malicious insiders. While it is impossible to stop every attack, what management can certainly do is build resiliency into their organizations infrastructure and business processes. This enables the organization to detect the attacks earlier and minimize the financial and operational impact. The book provides the specific details on how an organization can precisely do that.

In 9 detailed chapters and 6 appendices, the book provides a comprehensive and exhaustive analysis of the problem and menace of insider threats. After completing the book, one is well-prepared to initiate an insider threat program. The book provides examples of insider crimes from nearly every industry segment and ample data to share with management to convince them that the threats, both to their intellectual property and corporate profits, are very real.

After a high-level overview of the topic in chapter 1, the next chapter gets into the details of insider IT sabotage. While some think that stopping IT sabotage is next to impossible, the authors detail and have identified distinct patterns in nearly every IT sabotage case. The book details those patterns and also presents mitigation strategies, both technical and non-technical, to deal with those threats.

The chapter provides fascinating insights into how these crimes are carried out. The authors note that by their very nature, these attacks require technical sophistication and privileged access and are usually carried out by sysadmins, DBA's and programmers. A surprising CERT finding is that the majority of the attacks occur after the insider has been terminated or quit the organization. Part of the problem is that many organizations don't have a process in place to immediately terminate access when a worker resigns or is fired. In addition, 25% of the cases were carried out by full-time contractors.

Chapter 3 provides an intriguing look at the issue of insider theft of intellectual property (IP). Any firm that has a sizable amount invested in their IP (i.e., anything you can put on a USB stick) needs to take this chapter to heart. One of the many misconceptions CERT research has uncovered on this topic is that sysadmins are indeed not the biggest threat to IP, even though they have complete access to networks, systems and data.

According to the CERT data, they have not found a single case in which a sysadmin stole IP. Rather the biggest threat to IP is insider theft by scientists, engineers, programmers or salespeople. Also, CERT found that about a third of the IP cases were carried out for the benefit of a foreign government of organization, with China having more cases of IP theft than the other 9 countries combined.

Given the nature of China and its appetite for data theft, the book is surprisingly silent on specific suggestions in which to deal with threats from China. I would have liked to have seen at least a chapter dedicated to this topic.

The chapter continues and provides detailed lists of issues leading to job dissatisfaction that can lead a trusted employee or contractor to commit IP theft, and provides detailed steps on what companies can do to stop it.

Chapter 4 details everything you need to know about insider fraud. A fascinating statistic detailed is that the average insider fraud crime spans about 15 months, with half of the crimes lasting 5 months or more. The authors write that insider fraud is typically a long and ingoing crime. All of this is happening, over the course of months and years, and the organizations being pilfered are oblivious to it.

The book is worth reading for chapter 6 alone, which details best practices for the prevention and detection of insider threats. The best practices in chapter 6 give the reader a framework for establishing an insider threat program. Many of the best practices detailed are elements of a good security program, so they should not be news to anyone. Some of the best practices include: security awareness training, physical security controls, separation of duties, and perhaps the most blatantly obvious suggestion of them all: deactivate access following termination.

Another fascinating fact detailed in the book is that almost all insiders involved in acts of IT sabotage displayed behavioral indicators prior to committing their crimes. Some of those indicators include: conflicts with coworkers or supervisors, improper use of data assets, sanctions and rule violations. Organizations that act on these precursors can prevent the insider crimes from taking place.

Aside from its lack of coverage on how to specifically deal with the China threat, the only other lacking in the book is that in all of the examples and case studies, even those whose breaches are publicly known, organizations are not mentioned by name.

According to author Dawn Cappelli, Technical Manager at the CERT Insider Threat Center, they took that approach based on interviews for approximately 230 of their cases, with prosecutors, investigators, victim organization, or convicted insiders. In those interviews they guaranteed confidentiality of the information they obtained. Therefore, CERT considers the success of their research directly related to their reputation in the community for being trustworthy for maintaining confidentiality. While there reasoning makes sense, anonymous case studies are often unsatisfying

Insider threats are pervasive and indisputable. Organizations such as the CERT Insider Threat Center and individuals like Antonio Rucci provide vital services evangelizing about this critical topic. This entertaining video of Rucci from DEFCON 17 is a great primer on the topic.

Most of the firms who fall victim to insider threats are oblivious to them as they occur. The book details effective and operational security practices which can help every organization create an insider threat program to counterattack the majority of insider attacks.

When it comes to insider threats, the only way to avert them is to have a prevention program in place. In The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes, the authors have created an invaluable guidebook, with myriad details in which to enable the reader do that. The facts around insider threats speak for themselves. Anyone charged with protection of corporate data should ensure this book is on their required reading list. If not, and they fall victim to an insider attack, they have no one to blame but themselves.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

benrothke writes "While Julius Caesar likely never said 'Et tu, Brute?' the saying associated with his final minutes has come to symbolize the ultimate insider betrayal. In The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes, authors Dawn Cappelli, Andrew Moore and Randall Trzeciak of the CERT Insider Threat Center provide incontrovertible data and an abundance of empirical evidence, which creates an important resource on the topic of insider threats. There are thousands of companies that have uttered modern day versions of Et tu, Brute due to insidious insider attacks and the book documents many of them." Read on for the rest of Ben's review. The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes author Dawn Cappelli, Andrew Moore, Randall Trzeciak pages 432 publisher Addison-Wesley Professional rating 10/10 reviewer Ben Rothke ISBN 978-0321812575 summary Definitive resource on insider threats The book is based on work done at the CERT Insider Threat Center, which has been researching this topic for the last decade. The data the threat center has access to is unparalleled, which in turn makes this the definitive book on the topic. The threat center has investigated nearly 1,000 incidents and their data sets on the topic are unrivaled. With that, the book truly needs to be on the desktop of everyone tasked with data security and intellectual property protection.

The book provides a unique perspective on insider threats as the CERT Insider Threat Center pioneered the study of the topic, and has exceptional and empirical data to back up their findings. While there are many books on important security topics such as firewalls, encryption, identity management and more; The CERT Guide to Insider Threats is the one of the first to formally and effectively tackle the extraordinary devastating problem of trusted insiders who misappropriate data.

In the introduction, the authors write that a common misconception is that insider threat risk management is the responsibility of IT and information security staff members exclusively. The reality is that it is the responsibility of senior management to ensure that there is an overarching program to deal with insider threats at the enterprise level. Surpassingly and shockingly, far too few organizations have insider threat programs in place, and the book has scores of stories and case studies on those organizations that have become victims. While senior management created information security solutions to secure the perimeter; they were oblivious to the data leakage emanating from the interior network.

The authors reiterate that it is critical that all levels of management recognize and acknowledge the threat posed by insiders and take appropriate steps to mitigate malicious insiders. While it is impossible to stop every attack, what management can certainly do is build resiliency into their organizations infrastructure and business processes. This enables the organization to detect the attacks earlier and minimize the financial and operational impact. The book provides the specific details on how an organization can precisely do that.

In 9 detailed chapters and 6 appendices, the book provides a comprehensive and exhaustive analysis of the problem and menace of insider threats. After completing the book, one is well-prepared to initiate an insider threat program. The book provides examples of insider crimes from nearly every industry segment and ample data to share with management to convince them that the threats, both to their intellectual property and corporate profits, are very real.

After a high-level overview of the topic in chapter 1, the next chapter gets into the details of insider IT sabotage. While some think that stopping IT sabotage is next to impossible, the authors detail and have identified distinct patterns in nearly every IT sabotage case. The book details those patterns and also presents mitigation strategies, both technical and non-technical, to deal with those threats.

The chapter provides fascinating insights into how these crimes are carried out. The authors note that by their very nature, these attacks require technical sophistication and privileged access and are usually carried out by sysadmins, DBA's and programmers. A surprising CERT finding is that the majority of the attacks occur after the insider has been terminated or quit the organization. Part of the problem is that many organizations don't have a process in place to immediately terminate access when a worker resigns or is fired. In addition, 25% of the cases were carried out by full-time contractors.

Chapter 3 provides an intriguing look at the issue of insider theft of intellectual property (IP). Any firm that has a sizable amount invested in their IP (i.e., anything you can put on a USB stick) needs to take this chapter to heart. One of the many misconceptions CERT research has uncovered on this topic is that sysadmins are indeed not the biggest threat to IP, even though they have complete access to networks, systems and data.

According to the CERT data, they have not found a single case in which a sysadmin stole IP. Rather the biggest threat to IP is insider theft by scientists, engineers, programmers or salespeople. Also, CERT found that about a third of the IP cases were carried out for the benefit of a foreign government of organization, with China having more cases of IP theft than the other 9 countries combined.

Given the nature of China and its appetite for data theft, the book is surprisingly silent on specific suggestions in which to deal with threats from China. I would have liked to have seen at least a chapter dedicated to this topic.

The chapter continues and provides detailed lists of issues leading to job dissatisfaction that can lead a trusted employee or contractor to commit IP theft, and provides detailed steps on what companies can do to stop it.

Chapter 4 details everything you need to know about insider fraud. A fascinating statistic detailed is that the average insider fraud crime spans about 15 months, with half of the crimes lasting 5 months or more. The authors write that insider fraud is typically a long and ingoing crime. All of this is happening, over the course of months and years, and the organizations being pilfered are oblivious to it.

The book is worth reading for chapter 6 alone, which details best practices for the prevention and detection of insider threats. The best practices in chapter 6 give the reader a framework for establishing an insider threat program. Many of the best practices detailed are elements of a good security program, so they should not be news to anyone. Some of the best practices include: security awareness training, physical security controls, separation of duties, and perhaps the most blatantly obvious suggestion of them all: deactivate access following termination.

Another fascinating fact detailed in the book is that almost all insiders involved in acts of IT sabotage displayed behavioral indicators prior to committing their crimes. Some of those indicators include: conflicts with coworkers or supervisors, improper use of data assets, sanctions and rule violations. Organizations that act on these precursors can prevent the insider crimes from taking place.

Aside from its lack of coverage on how to specifically deal with the China threat, the only other lacking in the book is that in all of the examples and case studies, even those whose breaches are publicly known, organizations are not mentioned by name.

According to author Dawn Cappelli, Technical Manager at the CERT Insider Threat Center, they took that approach based on interviews for approximately 230 of their cases, with prosecutors, investigators, victim organization, or convicted insiders. In those interviews they guaranteed confidentiality of the information they obtained. Therefore, CERT considers the success of their research directly related to their reputation in the community for being trustworthy for maintaining confidentiality. While there reasoning makes sense, anonymous case studies are often unsatisfying

Insider threats are pervasive and indisputable. Organizations such as the CERT Insider Threat Center and individuals like Antonio Rucci provide vital services evangelizing about this critical topic. This entertaining video of Rucci from DEFCON 17 is a great primer on the topic.

Most of the firms who fall victim to insider threats are oblivious to them as they occur. The book details effective and operational security practices which can help every organization create an insider threat program to counterattack the majority of insider attacks.

When it comes to insider threats, the only way to avert them is to have a prevention program in place. In The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes, the authors have created an invaluable guidebook, with myriad details in which to enable the reader do that. The facts around insider threats speak for themselves. Anyone charged with protection of corporate data should ensure this book is on their required reading list. If not, and they fall victim to an insider attack, they have no one to blame but themselves.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Fluffeh writes "Twitter today unveiled a bold new commitment that will be made in writing to its employees — the company will not use any patents derived from employee inventions in offensive lawsuits without the inventor's permission. Twitter has written up a draft of what it calls the 'Innovator's Patent Agreement,' or IPA, which encourages its developers to invent without the fear that their inventions will be used for nefarious purposes. 'The IPA is a new way to do patent assignment that keeps control in the hands of engineers and designers. It is a commitment from Twitter to our employees that patents can only be used for defensive purposes,' Messinger wrote. 'We will not use the patents from employees' inventions in offensive litigation without their permission. What's more, this control flows with the patents, so if we sold them to others, they could only use them as the inventor intended.'"

linjaaho writes "Three major textbook publishers have sued a startup company making free and open textbooks, citing 'copyright infringement,' as the company is making similar textbooks using open material. From the article: 'The publishers' complaint takes issue with the way the upstart produces its open-education textbooks, which Boundless bills as free substitutes for expensive printed material. To gain access to the digital alternatives, students select the traditional books assigned in their classes, and Boundless pulls content from an array of open-education sources to knit together a text that the company claims is as good as the designated book. The company calls this mapping of printed book to open material "alignment" — a tactic the complaint said creates a finished product that violates the publishers' copyrights.'"

Presto Vivace writes "When the Australian Financial Review published its series on News Corp's pay TV pirates, it asked DocumentCloud to host the internal NDS emails which documented the allegations. Last week DocumentCloud was forced to take down the emails when NDS threatened legal action and the Financial Review declined to indemnify it. The Financial Review reports that: 'DocumentCloud is a free service operated by journalism organization Investigative Reporters and Editors at the University of Missouri. It aims to enable newspapers, websites and broadcasters to host documents supporting investigative reports. The website uses open source – or community developed – technologies to scan and index information, allowing users to quickly search hundreds or even thousands of pages for references to people, places, dates,company names and key terms.' The NDS emails are available as zip files at the Financial Review's server. Because DocumentCloud uses open source software, 'any news organization — or anyone else — is free to use DocumentCloud's code to build its own hosted version, on its own secure server, with many of the same capabilities, Aron Pilhofer, DocumentCloud's co-founder told me. Pilhofer, who is also interactive news editor at The New York Times, said that provides a little bit of breathing room for news organizations whose lawyers may be wary of exposing newspapers to risk through partnering with a third-party.'"

An anonymous reader writes, quoting Network World: "As with any platform that sees a meteoric rise in popularity, it's only a matter of time before spammers throw their hats in the ring and try and exploit the masses for financial gain and other sinister purposes. As the relatively new kid on the block, Twitter is still busying itself trying to tackle and ultimately prevent spammers from destroying the user experience. While Twitter's previous efforts centered exclusively on engineering-based solutions, the company today announced that they are also pursuing legal avenues to fend off spammers." From the Twitter blog: "With this suit, we’re going straight to the source. By shutting down tool providers, we will prevent other spammers from having these services at their disposal. Further, we hope the suit acts as a deterrent to other spammers, demonstrating the strength of our commitment to keep them off Twitter."

An anonymous reader writes, quoting Network World: "As with any platform that sees a meteoric rise in popularity, it's only a matter of time before spammers throw their hats in the ring and try and exploit the masses for financial gain and other sinister purposes. As the relatively new kid on the block, Twitter is still busying itself trying to tackle and ultimately prevent spammers from destroying the user experience. While Twitter's previous efforts centered exclusively on engineering-based solutions, the company today announced that they are also pursuing legal avenues to fend off spammers." From the Twitter blog: "With this suit, we’re going straight to the source. By shutting down tool providers, we will prevent other spammers from having these services at their disposal. Further, we hope the suit acts as a deterrent to other spammers, demonstrating the strength of our commitment to keep them off Twitter."

SWroclawski writes "Well known hacker and hackerspace advocate Mitch Altman has decided to temporarily part ways with Maker Faire over their involvement with DARPA (as reported on Twitter and Facebook). This public parting of ways raises the question of what role government, especially the military, should play in working alongside hackers and educators."

eternaldoctorwho writes "Jenna-Louise Coleman will be the newest companion to the Doctor (Matt Smith) on the hit series Doctor Who. The announcement came earlier today on the BBC's Twitter page devoted to the program, along with some other details about the upcoming season of the show. Miss Coleman is also known for her previous roles on Emmerdale and Captain America: The First Avenger."

benrothke writes "The Chicago Manual of Style (CMS), now in its 16th edition, is the de facto style guide for American writers. It deals with aspects of editorial practice, grammar, usage, document preparation and more. It's just one of many style guides for writers. The Microsoft Manual of Style, just released in its 4th edition, attempts to do for the technical writers what the CMS has done for journalists and other writers." Read below for the rest of Ben's review. Microsoft Manual of Style author Microsoft Corporation pages 464 publisher Microsoft Press; rating 10/10 reviewer Ben Rothke ISBN 978-0735648715 summary Invaluable guide to becoming a better technical writer A style guide or style manual is a set of standards for the writing and design of documents, either for general use or for a specific publication, organization or field. The implementation of a style guide provides uniformity in style and formatting of a document. There are hundreds of different style guides available — from the The Elements of Style by Strunk and White, to the Associated Press Stylebook and Briefing on Media Law and many more.

Microsoft's goal in creating this style manual is about standardizing, clarifying and simplifying the creation of content by providing the latest usage guidelines that apply across the genres of technical communications. The manual has over 1,000 items, so that each author does not have to make the same 1,000 decisions.

Anyone who has read Microsoft documentation knows it has a consistent look, feel and consistency; be it a manual for Visual C#, Forefront or Excel. With that, the Microsoft Manual of Style is an invaluable guide to anyone who wants to better the documentation they write.

For example, many writers incorrectly use words such as less, fewer, and under as synonymous terms. The manual notes that one should use less to refer to a mass amount, value or degree; fewer to refer to a countable measure of items, and not to use under to refer to a quantity or number.

Style guides by their very nature of highly subjective and no one is forced to take accept the Microsoft style as dogma. The authors themselves (note that the book was authored by a group of senior editors and content managers at Microsoft, not a single individual) note that they don't presume to say that the Microsoft way is the only way to write. Rather it is the guidance that they follow and are sharing it with the hope that the decisions they have made for their content professionals will help others promote consistency, clarity and accuracy. With that, they certainly have achieved that goal.

The book is made up of two parts; with part 1 comprised of 11 chapters on general topics.

Chapter 1 is about Microsoft style and voice and has basic suggestions around consistency, precision, sentence structure and more. The chapter also has interesting suggestions on writing bias-free text. It notes that writers should do their best to eliminate bias and to depict diverse individuals from all walks of life in their documentation. It's suggested to avoid terms that may show bias with regards to gender, race, culture, ability, age and more. Some examples are to avoid terms such as chairman, salesman and manpower; and use instead moderator, sales representative or workforce.

The manual also notes that writers should attempt not to stereotype people with disabilities with negative connotations. It suggests that documentation should positively portray people with disabilities. It emphasizes that documentation should not equate people with their disability and to use terms that refer to physical disabilities as nouns, rather than adjectives.

The book takes on a global focus and notes that since Microsoft sells its products and services worldwide, content must be suitable for a worldwide audience. For those writing for a global audience, those sections of the manual should be duly considered.

The manual also cautions authors to avoid too many technical terms and jargon. The danger of inappropriate use of technical terms is that people who don't think of themselves as computer professionals consider technical terms to be a major stumbling block to understanding. The manual suggests whenever possible, to use common English words to get the point across, rather than technical one.

The book provides thousands of suggestions on how to write better documentation, including:
do not use hand signs in documentation — nearly every hand sign is offensive somewhere
do not refer to seasons unless you have no other choice – since summer in the northern hemisphere is winter in the southern hemisphere
spell out names of months – as 3/11/2012 can refer to March 11, 2012 in some places and November 3, 2012 in others
use titles, not honorifics, to describe words such as Mr. or Ms. – not all cultures have an equivalent to some that are common in the United States, such as Ms.

Chapter 6 is on procedures and technical content, and explains that consistent formatting of procedures and other technical content helps users find important information quickly and effectively. In the section on security, the style guide notes not to make statements that convey the impression or promise of absolute security. Instead, the writer should focus on technologies or features that help achieve security; and suggests to be careful when using words such as safe, private, secure, protect,and their synonyms or derivatives. It is best to use qualifiers such as helps or can help with these words.

As noted earlier, the style guide is simply a guide, not an absolute. In the book Eats, Shoots & Leaves: The Zero Tolerance Approach to Punctuation, author Lynne Truss write of terms that are grammatically incorrect, but so embedded into the language, that they are what she terms a lost cause. With that, the style guide has the pervasive use of the term all right, as opposed to alright.

According to dictionary.com, although alright is a common spelling in written dialogue and in other types of informal writing, all right is used in more formal, edited writing. My own preference is that alright is clearer and ultimately more concise. In this guide, I found that Microsoft's preference for all right to be distracting.

Differences aside, part 1 provides vital assistance to any writer that is interested in writing effective content that educates the reader in the clearest manner possible. The book is the collective experience of thousands of writers and their myriad sets of documentation. The book provides page after pages of unique information.

Part 2 is a usage dictionary that is a literal A-Z of technical terms, common words and phrases. The goal of the usage dictionary is to give the reader a predictable experience with the content and to ensure different writers usage a standard usage of the same term. Some interesting suggestions in the usage dictionary are:

access rights – an obsolete term. Use user rights
collaborator – do not use collaborator to describe a worker in a collaborative environment unless you have no other choice as it is a sensitive term in some countries. Specifically, being a collaborator in a third-world country can get one killed.
email – do not use as a verb. Use send instead.
master / slave – do not use as the terminology, although standard in the IT industry, may be insulting to some users. The manual notes that its use is prohibited in a US municipality.
press – differentiate between the terms press, type, enter, and use, and to use press, not depress, hit or strike when pressing a key on the keyboard

Some of the terms suggested are certainly Microsoft centric, such as:
blue screen – they suggest not to use blue screen, either as a noun or a verb to refer to an operating system failure. Use stop or stop error instead
IE – never abbreviate Internet Explorer; always use the full name

Say what you will about Microsoft, but any technical writer who is serious about being a better writer can learn a lot from the writers at Microsoft. Microsoft is serious and passionate about documentation and it is manifest in this style guide.

Microsoft has been criticized for their somewhat lukewarm embrace of open source. With the Microsoft Manual of Style, Microsoft is nearly freely sharing a huge amount of their intellectual capital. At $29 for the paperback and $10 for the Kindle edition, the manual has a windfall of valuable information at a bargain-basement of a price.

This guide is a comprehensive manual for the serious writer of technical documentation, be it a high school student or veteran author. In fact, to describe the guide as comprehensive may be an understatement, as it details nearly every facet of technical writing, including arcane verb uses.

Many authors simply write in an ad-hoc manner. This manual shows that effective writing is a discipline. The more disciplined the writer, the more consistent and better their output. Anyone that wants to be a better writer will undoubtedly find the Microsoft Manual of Style an exceptionally valuable resource.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Microsoft Manual of Style from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Skuto writes "After offering a total prize fund of up to $1M for a successful Chrome hack, it seems Google got what it wanted (or not!). No more than 5 minutes into the Pwn2Own cracking contest team Vupen exploited 2 Chrome bugs to demonstrate a total break of Google's browser. They will win at least 60k USD out of Google's prize fund, as well as taking a strong option on winning the overall Pwn2Own prize. It also illustrates that Chrome's much lauded sandboxing is not a silver bullet for browser security."

First time accepted submitter emakinen writes "The new Citizens' Initiative service started today in Finland. On the Open Ministry website, anyone can present an idea for a law or initiative. If the idea wins enough support, the ministry's volunteer workers will work on it and turn it into a presentable bill for the MPs to chew over. If 50,000 citizens of voting age agree on a bill Parliament has to take it up."

ananyo writes "Bioethicist Glenn McGee has resigned his position as president of ethics and strategic initiatives at the stem-cell firm Celltex Therapeutics in Houston, Texas. Yesterday, Slashdot posted a story that suggested Celltex may have administered unproven treatments to several patients. The move comes at the end of a turbulent three months, which has seen McGee blasted by other bioethicists for working at the controversial stem-cell company while also holding the post of editor-in-chief of the American Journal of Bioethics, the most cited bioethics journal in the world. McGee announced that he had resigned, effective 28 February, on Twitter last night — the move came just two weeks after the 13 February press release by Celltex announcing that he would take the position."

First time accepted submitter benrothke writes "It is said that the song Wipe Out launched a generation of drummers. In the world of information security, the classic Applied Cryptography: Protocols, Algorithms, and Source Code in C by Bruce Schneier may have been the book that launched a generation of new cryptographers. Schneier's latest work of art is Liars and Outliers: Enabling the Trust that Society Needs to Thrive. For those that are looking for a follow-up to Applied Cryptography, this it is not. In fact, it is hard to classify this as an information security title and in fact the book is marked for the current affairs/sociology section. Whatever section this book ultimately falls in, the reader will find that Schneier is one of the most original thinkers around." Keep reading for the rest of Ben's review. Liars and Outliers: Enabling the Trust that Society Needs to Thrive author Bruce Schneier pages 384 publisher Wiley rating 10/10 reviewer Ben Rothke ISBN 978-1118143308 summary Brilliant book on trust and society, and it complex interrelation In Applied Cryptography Schneier dealt with the pristine world of mathematical cryptography where aspects of pure mathematics could be demonstrably proven. For example, non-repudiation is absolutely provable.

In Liars and Outliers, Schneier moves from the pristine world of mathematics into the muddy world of human trust. Non-repudiation is no longer an absolute in a world where a Windows kernel can be compromised and end-users can be victims of social engineering.

The book addresses the fundamental question of how does society function when you cant trust everyone. Schneier notes that nothing in society works without trust. Its the foundation of communities, commerce, democracy, in truth — everything. And Schneier deals extensively with social and moral pressures that effect trust.

Liars and Outliers is very similar to books by Umberto Eco, that have a Renaissance feel to them; bringing myriad and diverse topics together. Schneier does this here and intertwines topics such as game theory, evolution, surveillance, existentialism and much more. Schneier's brilliance is that he is able to connect seemingly disparate dots around information security and society, and show how they are in truth tightly coupled.

In the book, Schneier makes note of those that don't follow the rules. He calls these people defectors, and these are the liars and outliers of the book. The book notes that everything is a trade-off, and these defectors are the ones that try to break the rules.

An overall theme of the book, in which Schneier touches and references sociology, psychology, economics, criminology, anthropology, game theory and much more, is that society can't function without trust. He writes that in our complex interconnect and global society, that we need a lot of trust.

Schneier makes frequent reference to Dunbar's number, which he first references in chapter 2. Dunbars number was first proposed by British anthropologist Robin Dunbar and is a theoretical cognitive limit to the number of people with whom one can maintain stable social relationships. It is generally in the area of 150. So when someone sees a person with 3,000 Facebook friends, something is clearly amiss.

In chapter 9 on institutional pressures, Schneier takes a very broad look at threats facing society today. One of the biggest perceived threats we have today is terrorism, and the book astutely notes that we can never ensure perfect security against terrorism.

If Schneier had his way, the TSA budget would be measured in the millions, not billions of dollars. He incisively observes that all the talk of terrorism as an existential threat to society is utter nonsense. As long as terrorism is rare enough (which it is), and most people survive (which they do), society will survive. He writes that while that observation is true, it is not politically viable for our leaders to come out and say that.

While the book is heavy on the people focus, Schneier also acknowledges that sometimes and for some people, the incentives to commit crimes are worth the risk. To deal with those, that is where security technologies come into play.

An interesting observation made in chapter 10 around technology is that sometimes the technological changes have absolutely nothing to do with the societal dilemma being secured. For example, he notes that between the ubiquity of keyboards and the tendency for teachers to focus on standardized tests, cursive is no longer being taught that much in schools. The result is that signatures are more likely to be either printed text is an illegible scrawl; making them easier to forge; which in turns creates new security risks.

In the book Schneier makes scores of astute observations on how society functions around security. He notes in chapter 16 that we are currently in a period of history where technology is changing faster than it ever has. The worry is that if technology changes too fast, the attackers will be able to innovate so much faster than society can that the imbalance become even greater; with failures that negatively affect society.

In many of the examples in the book, Schneier paints a dark picture given the advantage that the attackers and defectors have. But he also notes that we are in a period of history where the ability for large-scale cooperation is greater than it has ever been before. On that topic, he refers to the book The Penguin and the Leviathan: How Cooperation Triumphs over Self-Interest by Yochai Benkler where he writes that the Internet can and has enabled cooperation on a scale never before seen. And that politics, backed by science, is ready to embrace this new cooperation.

On the lighter side, in chapter 17, Schneier notes that Mussolini didn't make the trains run on time; he just made it illegal to complain about them.

Schneier notes at the end of the book that its lesson isn't that defectors will inevitably ruin everything for everyone. Rather that we as a society need to manage societal pressure to ensure that they don't.

Liars and Outliers is an absolutely fascinating and groundbreaking book. In this election year where the candidates attempt to make sweeping simplistic promises to fix complex problems, Schneier simply answers that in our complex society, there are no simple answers.

In Applied Cryptography Bruce Schneier demonstrated he was quite the smart guy. In Liars and Outliers, he shows he is even smarter than most of us first thought.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Liars and Outliers: Enabling the Trust that Society Needs to Thrive from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

An anonymous reader writes "A preliminary settlement has been reached in the class-action lawsuit brought against Apple in June 2010 over the 'Antennagate' fiasco. Ira Rothken, co-lead counsel for the case, says there are 21 million people entitled to either $15 or a free bumper. 'The settlement comes from 18 separate lawsuits that were consolidated into one. All share the claim that Apple was "misrepresenting and concealing material information in the marketing, advertising, sale, and servicing of its iPhone 4 — particularly as it relates to the quality of the mobile phone antenna and reception and related software." The settlement has its own Web site, www.iPhone4Settlement.com, which will be up in the coming weeks (the site doesn't go anywhere right now). There, customers will be able to get information about the settlement and how to make a claim. As part of the arrangement, e-mails will also be sent alerting original buyers to the settlement before April 30, 2012. The claims period is then open for 120 days.'"

First time accepted submitter beerdragoon writes "In order to protest the government's new Internet snooping legislation, some Canadians have started a somewhat unorthodox protest. Vic Toews, the minister responsible for tabling the legislation, has had his twitter account bombarded with tweets regarding the boring, banal aspects of regular Canadians' lives. The idea is that since Toews wants to know everything about your personal life, we should oblige him and #TellVicEverything."