Copy Link
Add to Bookmark
Report
Computer Undergroud Digest Vol. 10 Issue 35
Computer underground Digest Wed Jun 24, 1998 Volume 10 : Issue 35
ISSN 1004-042X
Editor: Jim Thomas (cudigest@sun.soci.niu.edu)
News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)
Archivist: Brendan Kehoe
Shadow Master: Stanton McCandlish
Shadow-Archivists: Dan Carosone / Paul Southworth
Ralph Sims / Jyrki Kuoppala
Ian Dickinson
Field Agent Extraordinaire: David Smith
Cu Digest Homepage: http://www.soci.niu.edu/~cudigest
CONTENTS, #10.35 (Wed, Jun 24, 1998)
File 1--Special Issues of Book Reviews
File 2--Fan-wrttien Star Trek Book Sued for $22 Million
File 3--REVIEW: "Practical Computer Network Security", Mike Hendry
File 4--REVIEW: "Network and Netplay", Fay Sudweeks/Margaret McLaughlin/
File 5--REVIEW: "Digital Literacy", Paul Gilster
File 6--REVIEW: "Cookies", Simon St. Laurent
File 7--REVIEW: "Cyber Crime", Laura E. Quarantiello
File 8--REVIEW: "Affective Computing", Rosalind Picard
File 9--AOL in a Nutshell
File 10--REVIEW: "The Year 2000 Software Problem", Capers Jones
File 11--Cu Digest Header Info (unchanged since 25 Apr, 1998)
CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION ApPEARS IN
THE CONCLUDING FILE AT THE END OF EACH ISSUE.
---------------------------------------------------------------------
Date: Thu, 25 Jun 98 23:26 CDT
From: Cu Digest <TK0JUT2@MVS.CSO.NIU.EDU>
Subject: File 1--Special Issues of Book Reviews
CuD encourages book reviews of books related to computer culture,
law, and related topics. One of the best (and most prolific)
reviewers we've come across is Rob Slade. In this issue, we
showcase some of his latest reviews along with some others.
We encourage readers to send over their comments on books that
they find especially useful (or hopelessly clueless).
------------------------------
Date: Tue, 02 Jun 1998 15:17:51 +0200
From: Luca Sambucci <luca@SAMBUCCI.COM>
Subject: File 2--Fan-wrttien Star Trek Book Sued for $22 Million
Online Freedom Federation
http://www.off-hq.org
June 02, 1998
For immediate release
Set Phasers on Sue -- Fan-written Star Trek Book is the Target of
$22 Million Lawsuit
Reversing a 30 year practice, Paramount Pictures has sued Star
Trek fan Samuel Ramer and his publishing company in federal court
in New York for writing an unauthorized book about the world of
Star Trek fandom.
Ramer is the author of The Joy of Trek: How to Enhance Your
Relationship with a Star Trek Fan. Thirty-four year old Ramer, a
self-proclaimed loyal "Trekster" since the age of 6, dedicated the
book to his wife and intended it as a humorous guide to help
"non-fans" like her understand the fierce devotion fans hold for
Star Trek in all its incarnations.
Paramount, represented by the Manhattan law firm of Richards &
O'Neil, argues that the book violates the copyrights of 220 Star
Trek episodes, and is seeking civil damages in the amount of $22
million, as well as an order banning sales of the book.
At the outset, lawyers for Ramer and his publishing company have
raised a number of compelling arguments in defense of the book.
Most notably, they illustrate how for 30 years Paramount tolerated
and even encouraged fans to engage in technically unauthorized
activities in order to maintain interest and enthusiasm for the
then-struggling franchise. They point to over 100 unauthorized
books, including the famous Star Trek Concordance by Bjo Trimble.
Trimble, who was instrumental in the letter-writing campaigns to
save the original series from extinction, wrote the beloved
Concordance as a comprehensive encyclopedia and episode guide.
Had Paramount adopted the same stance with Trimble as it has done
with Ramer, Star Trek would have been an obscure footnote in
entertainment history, rather than the unparalleled success that
it has become today.
Sadly, with Gene Roddenberry gone and Paramount swallowed up by
monolithic Viacom Corporation, appreciation and respect for fans
has given way to litigation and disdain, as Viacom continues its
misguided campaign to eliminate interactive fan participation in
the Star Trek universe.
OFF expresses its full support for Samuel Ramer and his publisher,
and will continue to post updates on the case.
Meanwhile, OFF supporters are encouraged to write to Viacom with
their concerns. As always, be polite and articulate in order to
be taken seriously.
---
The Online Freedom Federation is a non-profit organization
dedicated to the preservation of freedom of speech on the
Internet. Its executive council can be reached at
<executives@off-hq.org>. Representatives of the various presses
can contact OFF's Public Relations council at to more quickly
arrange to speak with OFF representatives. Local presses will be
deferred to their local representative for official comment.
------------------------------
Date: Wed, 10 Jun 1998 08:42:24 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" <rslade@sprint.ca>
Subject: File 3--REVIEW: "Practical Computer Network Security", Mike Hendry
BKPCNSEC.RVW 980426
"Practical Computer Network Security", Mike Hendry, 1995,
0-89006-801-1, U$55.00
%A Mike Hendry
%C 685 Canton St., Norwood, MA 02062
%D 1995
%G 0-89006-801-1
%I Artech House/Horizon
%O U$55.00 800-225-9977 fax: 617-769-6334 artech@world.std.com
%P 203 p.
%T "Practical Computer Network Security"
This book asks the questions of what is security, and can security be
achieved, for every level of audience. The text does, in fact, answer
the questions, but the answers turn out to be profoundly
uninteresting.
Part one explains some of the conceptual framework for data security
on networks. Chapter one is an introduction to the book overall. It
is not terribly clear about the scope of the book, but does state that
the material will look at failures caused by humans (both deliberate
and accidental) as well as short and long term machine failures. The
terms defined seem to indicate an emphasis on problems in the actual
transmission of data. Six types of failures are outlined quickly in
chapter two, although there is no explanation of the difference
between "inaccuracy" and "alteration" of data, both seeming to relate
to the more general realm of reliability. Tables relating these types
of failures to those outlined in the preceding section are confusing.
The overview of systems aspects of security in chapter three is terse
and seemingly random. A simple idea of risk assessment is given in
chapter four. Chapter five looks at a number of specific points of
failure in hardware and software: confidence is not increased by a
network diagram that demonstrates no knowledge of the OSI (Open
Systems Interconnect) reference model. Specific perils for particular
applications are mentioned in chapter six, but only for a small set of
industries.
Part two reviews security technologies. There is a brief introduction
to encryption (and an even briefer look at identity) in chapter seven.
Chapter eight is quite odd, showing a number of partial algorithms for
key use, but almost nothing on key management. Various hardware
security devices are discussed in chapter nine, but, again, the
overview seems to be fairly random. Chapter ten is a vague and
generic look at different aspects of software related to security.
The section of viruses is appalling, containing almost no accurate
information at all. The material on access control in chapter eleven
is also nebulous, and not likely to be of help to either the user or
manager. Chapter twelve, on types of networks, has no relation to
security at all, even though network type may very well have a bearing
on risks.
Part three looks at security by application type. Chapter thirteen is
a very general overview of commercial applications, ranging from a
simplistic look at database security to a section that gets very
detailed about the motives that drive sales people to defraud the
company but doesn't present very helpful advice on what to do about
it. Banking gets a fair amount of space in chapter fourteen, but then
it does cover a considerable amount of territory. Subscription
services, from confidential databases to email, are discussed in
chapter fifteen. The rest of the world is covered in the five pages
of chapter sixteen. Chapter seventeen is a review of the chapters.
For the complete novice to computer and communications security, the
book does raise a number of issues to think about. The lack of scope
in the book means that a number of additional points would need to be
considered in any workable security plan. The lack of detail included
means that other references will be needed to make any plan workable.
copyright Robert M. Slade, 1998 BKPCNSEC.RVW 980426
------------------------------
Date: Mon, 1 Jun 1998 10:35:52 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" <rslade@sprint.ca>
Subject: File 4--REVIEW: "Network and Netplay", Fay Sudweeks/Margaret McLaughlin/
BKNWKNPL.RVW 980328
"Network and Netplay", Fay Sudweeks/Margaret McLaughlin/Sheizaf
Rafaeli, 1998, 0-262-69206-6, U$35.00
%A Fay Sudweeks
%A Margaret McLaughlin
%A Sheizaf Rafaeli
%C 55 Hayward Street, Cambridge, MA 02142-1399
%D 1998
%G 0-262-69206-6
%I MIT Press
%O U$35.00 800-356-0343 fax: 617-625-6660 www-mitpress.mit.edu
%P 313 p.
%T "Network and Netplay: Virtual Groups on the Internet"
Because of the title, or rather the subtitle, I was somewhat
disappointed by this book. Not that the papers are without interest,
but they do not, or at least only tangentially, deal with groups and
communities and their activities on the net. The collection of papers
is characterized by formal style and the general topic of aspects of
computer mediated communications (CMC), but is otherwise fairly random
in terms of subject, approach, and even background.
The first study is interesting not because of its results (it almost
doesn't have any) but due to the intriguing research possibilities it
suggests. The researchers theorized that there were gender
differences in computer mediated communications, and that 1) women
used more graphical accents (smileys, emoticons, and the like) while
2) men were more challenging and 3) used more flames. Some of the
study protocol is detailed, but the source of sample messages for the
study is not. With the plethora of mailing list archives plus Usenet
news archives such as DejaNews and Rendezvous similar studies could
now be done with enormous, and almost completely randomized, samples,
which would allow multidimensional analyses. Chapter two likewise
news postings examines in terms of tension or conflict. The intent,
however, was to test some established observations of verbal (face to
face) conversations in comparison to electronic discourse. The
results are generally supportive, but the paper reports some problems
with methodology (which are not, unfortunately, spelled out in
detail).
Chapter three is truly occult. It appears to be an attempt to define
the nature of computer mediated communication overall. I say
"appears" because the author seems not only determined to hold fast to
the most arcane jargon of his own field (and I'm not even sure what
that field is), but to coin new terms. "Telelogue" is a proposed
equivalent to CMC (OK, I'll admit that "computer mediated
communications" is pretty cumbersome), polylogue is many-to-one,
dialogue is the usual one-to-one, but I still can't figure out what
monologue is meant to be in the context of the paper. Those parts of
the piece that I have been able to figure out do *not* correspond with
my experience on the net, or are rather trivial and obvious
observations.
A review of the playful aspects of IRC (Internet Relay Chat) is
compared with Caillois's "classic" taxonomy of play in chapter four.
The essay is, however, weakened by a poor exegesis of the typology.
(I am not sure why counting rhymes are spontaneous while lotteries are
difficult.) The use of a single IRC session is acceptable given that
it is being used as an illustration rather than for research.
However, the paper fails to deal with self-selection issues, such as
the fact that the play drive seems to be necessary for discovery
learning and a thorough mastery of a relatively little used
technology. (Comments about IRC addiction also seem to indicate a
relatively naive level of knowledge of the medium.)
Chapter five is an anecdotal review of media use and preferences by
Usenet news participants. Although the methodology appears sound, the
conclusions are uninteresting. Usenet responses to failures of
normative behaviour (or netiquette) is studied in great detail in
chapter six, but the results are, again, disappointing. The primary
result of a survey of Relcom (a Russian Usenet technology system)
participants in chapter seven seems to have been that the participants
approved of the survey. Chapter eight asks a very important and
interesting question: why do some people involve themselves in risky
online communications? Unfortunately, the study is based on a self-
reported, and pretty much self-selected, survey, and only deals with
perceptions of secrecy, at least as far as the paper reports.
A paper on the "Mr. Bungle" multi-user domain "virtual rape" case, in
chapter nine, concentrates on sociological and historical studies of
rape and really has little to say about online communications. (It
also has absolutely none of the poetry of the Dibbell account.)
Chapter ten defines both its terms and methods poorly, and so it is
difficult to say what results, if any, it produces aside from the fact
that people in conversation tend to want to agree. The same data set
appears to be used in chapter eleven for a turgid example of neural
net analysis that does not appear to come to any conclusions. Chapter
twelve appears to try to build a conceptual model of community
building on the Internet, but does so by looking at the World Wide
Web, surely the least "communing" technology on the net. The book
concludes in chapter thirteen with a report on the ongoing development
of an online avatar intended for use in guiding children through
explorations on the net. It is somewhat depressing to see how little
artificial intelligence has progressed in twenty years.
The addition of abstracts and biographical notes included with the
papers would have been a great help in getting something out of the
essays. The intent, approach, and background of the authors varies
greatly from item to item, and some introduction would probably help
ease the sense of dislocation when reading through the book.
For those interested in social study of interpersonal communications
conducted via computer, the text does provide a series of examples and
an extensive bibliography. As far as guidance is concerned the work
provides little: many of the papers could best be used as the
proverbial bad examples. However, given limited material available in
this field, at least it does provide examples to critique.
copyright Robert M. Slade, 1998 BKNWKNPL.RVW 980328
------------------------------
Date: Wed, 20 May 1998 08:23:11 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" <rslade@sprint.ca>
Subject: File 5--REVIEW: "Digital Literacy", Paul Gilster
BKDGTLIT.RVW 980322
"Digital Literacy", Paul Gilster, 1997, 0-471-24952-1, U$12.95/C$18.50
%A Paul Gilster gilster@mindspring.com
%C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
%D 1997
%G 0-471-24952-1
%I Wiley
%O U$12.95/C$18.50 416-236-4433 fax: 416-236-4448
%P 276 p.
%T "Digital Literacy"
Having said many unkind things about the hype surrounding the World
Wide Web, I *do* acknowledge that the Web is useful. It's value,
however, lies not in graphics or a WIMP (Windows, Icon, Mouse,
Pointer) interface, but in the invention of the URL: the Uniform
Resource Locator. Text based dinosaur that I am, I find URLs in mail
messages to be more useful than almost any approach to the Xanadu of
hypertext. Utility lies in informational substance and ease of access
thereto, not in multimedia style.
As a card carrying propellorhead, therefore, I greatly appreciate
Gilster's avowed non-technical approach to the net. "The Internet
Navigator" (cf. BKINTNAV.RVW), despite the efforts of literally
hundreds of authors, is still the most mature general guide to the
Internet. "Finding it on the Internet" (cf. BKFNDINT.RVW) stands
alone after all this time as the only solid answer to the second
question every net novice asks. Now, in this present work, Gilster
once again draws back the unnoticed curtain behind the smoke and noise
to reveal that which we truly need to make the Internet work: critical
analysis. (I should note that it is not quite present: this is a
reissue, for some reason, of a book I somehow missed two years ago.
In responding to the draft of this review, Gilster has said that he
would have made some additions if he had been given the opportunity.)
The first chapter introduces digital literacy as a new skill made
necessary by a new type of information utility: the computer, and more
particularly the computer network. The text briefly looks at the
changes in style and even substance of data in the new medium, and at
those who use, do not use, praise, and decry the net. Yet this is
mere introduction, for all that it covers the total contents of most
"information superhighway" books. Chapter two develops a definition
of this new literacy. Drawing upon the historical changes from speech
to phonetic writing, from scrolls to codex, and from hand copying to
moveable type, Gilster demonstrates that it is the interaction with
content that changes. And, whereas in the immediately previous media
information could not be questioned, on the net, information not only
can be critiqued, but must be. Chapter three seems to be somewhat of
a digression as Gilster describes a day using the Internet. It does,
however, give a quick and realistic picture of what information use on
the net is like in reality right now. In one sense, though, it does a
minor disservice to the book. All of the information Gilster obtains
is deemed to be trustworthy. There is little mention of spam and
other junk, nor of the ubiquitous "404" indicator of abandoned sites
on the Web, nor of the assessment, in terms of a Usenet news posting,
of whether this shrill electronic cry is a vital warning or an ill-
tempered complaint. While some evaluation is done, the critical
analysis promoted in the first two chapters is missing.
Chapter four, however, takes up the slack. Most of the details here;
and the chapter is very detailed; are concerned with determining the
identity, background, and credentials of providers of content on the
net. Even when all the information is available on the Internet,
chapter five notes that perception can be distorted by presentation.
Web pages linked to supporting materials lend credibility to proposals
that may very well be built on thin air, or at least badly lopsided
foundations.
Chapter six is an examination of the various models of libraries,
traditional, online commercial, and Internet, that are developing in
the current environment. Ultimately Gilster proposes a design that
may not be fully supported by either the installed base of technology
nor social will, but the discussion is a definite wakeup call for many
information providers. But it is chapter seven that demonstrates the
real strength of the net: the multiplicity of voices that can be
accessed in any situation. This strength carries the inevitable
downside and caveat: the reader/user is fully responsible for pursuing
and judging the data. The price of being informed is eternal
searching.
As a singular book on a vital topic, this work is not written to the
excellent standard of "Finding it on the Internet." A number of
resources for analysis and information gathering are either missed, or
mentioned only briefly. Time, of course, is one of the most
important. Contrary to popular impression, the Internet is not
necessarily a source of instant or ready answers. Development of
resources is indispensable. While note was made of the need for
search engines to check material presented on Web pages, the DejaNews
and Rendezvous sites are useful as search engines on another matter:
the determination of the history, interests, expertise, and biases of
individuals. Mailing list archives can be another source of similar
information. The last, best resource any seasoned netizen has is a
circle of acquaintances; personal contacts with a range of experts in
a variety of fields that would astound the literati of any pre-digital
age.
Gilster's look to the future, in chapter eight, is disappointing in
light of the insightful work that preceded it. While fair and
balanced, avoiding both the rose coloured digital crystal ball and the
mechanized cyberpunk dystopia, this final piece in the book does not
travel much beyond a generally informed look at short range futures in
technology. Still, while the tag end does not provide you with any
last minute advice or guidance, the book overall gives much useful
advice on developing the new literacy of the digitally networked age.
copyright Robert M. Slade, 1998 BKDGTLIT.RVW 980322
------------------------------
Date: Tue, 26 May 1998 08:13:29 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" <rslade@sprint.ca>
Subject: File 6--REVIEW: "Cookies", Simon St. Laurent
BKCOOKIE.RVW 980320
"Cookies", Simon St. Laurent, 1998, 0-07-050498-9, U$34.95
%A Simon St. Laurent
%C 300 Water Street, Whitby, Ontario L1N 9B6
%D 1998
%G 0-07-050498-9
%I McGraw-Hill Ryerson/Osborne
%O U$34.95 800-565-5758 fax: 905-430-5020 louisea@McGrawHill.ca
%P 361 p.
%T "Cookies"
I am probably more aware of cookies than most. I do allow cookies,
but I get a warning each time somebody tries to set one on me. (For
those who are aware of cookies, this fact alone will tell you that I
do not spend a lot of time "surfing".) I know that you cannot
download a number of things off the Microsoft Website without they
feed you a cookie and you accept. I know that a large number of
cookies are not being set by the pages I am looking at, but by servers
listing banners on those pages. I know that PCWorld magazine holds
the record as far as I am concerned: thirteen attempts to set a cookie
on a single access to a single page. I know that Clinique gets a
bonus, as far as I am concerned, for personalizing the page for the
user without setting a cookie at all.
So I was most interested to see this book. I approached it with some
trepidation, I admit, since books on "new" and "hot" technologies do
not have a good track record, particularly those with some link to
business. However, what I found was a book with something for
programmers, privacy advocates, and interested Internauts alike.
Chapter one explains what cookies are, and why. It does this with a
series of analogies of different types of activities (mostly, but not
uniquely, commercial) that require some kind of memory through certain
stages of the process. The structures of both the older version 0
Netscape and the newer RFC 2109 cookies are detailed in chapter two,
along with special notes (Lynx deletes *all* cookies on exit) and tips
(if you want to set an expiry date to maintain the cookie into the
future, note that you must set the path). Chapter three provides the
user with detailed, browser-by-browser information on how to manage
cookies, including blocking options and storage methods. It also
discusses proxy servers and add-in cookie blocking tools.
However, St. Laurent's major concern is for the effective programming
of cookies. Client-side programming, with JavaScript and VBScript, is
covered in chapter four. Server-side cookie programming, and the pros
and cons thereof, are discussed in chapter five. Chapter six
demonstrates the use of cookies in combination with CGI (Common
Gateway Interface) programming for more sophisticated activities.
Netscape's Server Side JavaScript and Microsoft's Active Server Pages
are covered separately in chapters seven and eight. "Pure" Java does
not allow for cookie generation, but with the extensions to provide
connections between Java and JavaScript an applet can now feed and
check cookies, which chapter nine demonstrates.
Chapter ten looks at Microsoft Site Server, which has perhaps the most
effective, and potentially invasive, tools for collecting information
about Web users through the use of cookies. St. Laurent explains the
various information gathering activities, and also presents effective
handling of both those who accept, and those who reject, cookies.
Chapter eleven examines probable developments in cookies in the near
future, and briefly looks at the question of identity information
gathering by Web site owners.
There is some small irony in the fact that St. Laurent expresses his
own concern for balance in the overall presentation at the end of
chapter ten. I am glad that he was worried about being biased in one
direction or another: it has made for a rational and clear
presentation of a topic which is currently rather overheated. The
book fully appreciates both the needs and the concerns, and provides
not only the facts, but a lucid and clear-sighted analysis of the real
situation.
copyright Robert M. Slade, 1998 BKCOOKIE.RVW 980320
------------------------------
Date: Fri, 12 Jun 1998 08:20:13 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" <rslade@sprint.ca>
Subject: File 7--REVIEW: "Cyber Crime", Laura E. Quarantiello
BKCBRCRM.RVW 980425
"Cyber Crime", Laura E. Quarantiello, 1997, 0-936653-74-4, U$16.95
%A Laura E. Quarantiello 73733.1653@compuserve.com
%C P.O. Box 493, Lake Geneva, WI 53147
%D 1997
%G 0-936653-74-4
%I Limelight Books/Tiare Publications
%O U$16.95 +1-414-248-4845
%P 144 p.
%T "Cyber Crime: How to Protect Yourself from Computer Criminals"
Running through the text of "About This Book," the preface, and the
introduction, is a statement that this work is for the protection of
the average computer user. Unfortunately, the "average" computer user
is a fairly ill-defined concept, and it is difficult to know
specifically what type fo user and what type of risks the book is
about. As the author notes, generic computer security books are of
daunting size, but that is because data security is a large field of
study.
Chapter one opens with a general look at computer crime. Most of the
chapter discusses the computer criminal, however. While Quarantiello
at least acknowledges the multiple users of the term "hacker" the
origins of unauthorized computer exploration lie at least two decades
further back than the book states, and the division between ethical
and non-ethical uses of computers is hardly the amicable separation
implied by the text. The more serious error, however, is that
computer crime somehow involves some extra level of skill or
knowledge. Not even system security breakers are the evil genii
suggested by the book, and, in fact, the bulk of computer crime is
committed by insiders with little knowledge of computers beyond menial
use. A very similar review of phone phreaks and system crackers
constitutes chapter two, which also includes a brief and jumbled
collection of the common types of telephone and computer scams and
myths, including the amazingly resilient legend of the "salami scam."
Except for the mention of shoulder surfing and social engineering,
though, little is of help to the common user. The coverage of viruses
in chapter three is abysmal. Although I am well used to
misinformation in general security texts, there is not a paragraph
that does not contain at least one error of fact, and most are not
minimal mistakes. (This is the more disappointing when the book twice
quotes from Fred Cohen.) Chapter four looks at the various dangers of
fraud, harassment, and invasion of privacy online. Unfortunately,
details are few, confusing criminal invasion with legitimate,
commercial databases of information, and weakening the warnings about
stalking by failing to explain the situations realistically.
Part two of the book discusses protective and defensive measures users
can take to safeguard themselves. Chapter five recommends a number of
steps to take. Unfortunately, few of the suggestions are practical.
Make a policy never to discuss company computers with anyone aside
from the sysop? This is a simple rule? It'll last until the first
coffee break. "Take a minute or two to back up your hard disk" each
time you look at a new diskette or CD-ROM? I suppose it'll work if
your backup device is /dev/null. Get a copy of all public records
about you? You probably have no idea what they are, or how to access
them, and even if you have records of them all (updated how often?),
the records will still be public. Use encryption for all email?
*Which* encryption? The proposals for password choice are acceptable,
although nothing special. The advice for protecting children online
is basic but reasonably good.
Chapter six seems to be a collection of stories about the times that
authorities have been able to deal with computer crime. The final
chapter is a brief and rather naive personal view of the security
field.
This book is yet another attempt by a complete novice to inform the
world about data security. There are, regrettably, a great many
similar tomes, long on frantic warnings and short on both facts and
useful counsel. I have no doubt that many of the cautions are based
on true stories, taken from court cases and possibly personal
correspondence. However, I also know that a number of the tales are
mythic, and even the true anecdotes are presented in a spectacular
fashion. Statistics given are questionable, or not presented in
sufficient detail to give a true picture.
Overall, this is unlikely to be of value to the average computer user,
however defined.
copyright Robert M. Slade, 1998 BKCBRCRM.RVW 980425
------------------------------
Date: Wed, 17 Jun 1998 09:37:10 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" <rslade@sprint.ca>
Subject: File 8--REVIEW: "Affective Computing", Rosalind Picard
BKAFFCMP.RVW 980412
"Affective Computing", Rosalind Picard, 1997, 0-262-16170-2, U$27.50
%A Rosalind Picard
%C 55 Hayward Street, Cambridge, MA 02142-1399
%D 1997
%G 0-262-16170-2
%I MIT Press
%O U$27.50 800-356-0343 manak@mit.edu www-mitpress.mit.edu
%P 292 p.
%T "Affective Computing"
There will be, I dare say, a "religious" debate over this book. While
isolated visionaries have idly speculated about emotion in computers,
the vast majority of the computer using, and non computer using,
populace sees technology as cold, mathematical, and ultimately
objective (if occasionally in error). The fact that this assessment
is an emotional one gets conveniently forgotten.
One of the possible divisions in the study of artificial intelligence
is in the approach taken. The brute coding approach simply strives to
make programs more and more intelligent, the definition of
"intelligent" being left as a problem to be dealt with once we have
something that is at least marginally useful. This strategy has been
demonstrably successful in producing entities like Deep Blue and
techniques such as expert systems. The alternative route is to
observe that we already have at least one agreed upon model of
intelligence, and to seek to apply what we know of the human mind to
some form of programming. While that course suggests interesting
tactics like neural networks, spectacular triumphs have not been
forthcoming. Still, it is in pursuing this modelling approach that
Picard has divined a potentially revolutionary concept in computing.
So radical is this idea, in fact, that even those who praise Picard
and the book tend to see affective computing as only a means to a
superior user interface, and miss the proposal that affect is key to
intelligence itself.
The postulate that emotion is important to intellect is not new.
Picard acknowledges this, and, as any good scholar would, builds on
the work done by others. Part one of the book provides an overview of
emotion theory, as well as general questions about emotion and its
relevance to the development of computing. Part two looks more
specifically at the technical aspects of affective applications.
Chapter one outlines basic human emotion studies, concentrating first
on the physical aspects of emotion, and then on the cognitive. It is
quite easy, in this section, to see why so many readers see the book
as dealing merely with the user interface, since much of this primary
material has immediate implications in allowing computers to assess
the emotional state of the user, and to tailor presentation
appropriately. The ramifications for computing are more subtle, but
do exist, for example in the determination of urgent matters or the
drive to learn from errors. An initial examination of affective
components in computing is the emphasis for chapter two. In addition
to the ability to recognize and express emotions, Picard lays out an
interesting framework for deciding whether or not computers "have"
emotions. While perhaps not final, it is a very useful aid to
starting work on affective computing without diverting too much energy
to more philosophical questions of defining affect. Applications that
might benefit from affective computing, in chapter three, include
coaching, communications, counseling, education, consumer studies,
entertainment, motivation, search agents, and environmental agents.
(As one indication of the importance of the work Picard proposes,
consider how far we are from being able to give the command that she
throws away as the title of one section:" Fast Forward to the
Important Part.") Concerns, in chapter four, involve trust, fraud,
poor application, privacy, accuracy, tradeoffs in objectivity,
centralized manipulation, negative emotions, design, and computer
rights. The author states outright that many of these considerations
will only be problems in outlandish circumstances, or at far future
dates.
Chapter five starts to look at the technical issues involved in
programming emotion, starting with the processing of affective signals
in a way that mimics what we know of human emotional response. (My
own immediate reaction was to the lack of a coding mechanism for
measurement, storage, and communication, but I am probably getting
ahead of the work.) "Recognizing and Expressing Affect," in chapter
six, reviews current work in dealing with facial expressions, vocal
intonation, and other factors. Further research is reported in
chapter seven's look at the generation of emotion, primarily via
cognitive mechanisms. Chapter eight discusses in more depth the
concept of "wearable" computers, mostly in terms of the ultimate
"personal" computer (or network).
It has been proposed that the AI goal of reproducing human
intelligence is a chimera and a false trail. Machine intelligence, so
the thesis suggests, is different in kind from human intelligence, and
the attempt to make one copy the other would be better directed to
finding the differences between them and assigning work appropriately.
If this latter hypothesis is true then Picard's recommended line of
enquiry would be futile in terms of producing better machine
intellect--but would still be valuable in determining the dividing
line.
In the Preface, the author demonstrates that she is aware that there
will be--how shall we put this?--an emotional response to the central
tenet of the text, and that, our culture being what it is, this
reaction will be additionally weighted by the fact of her gender.
Picard is walking a fine line between presenting a scientific thesis
to a scientific community and proposing an exciting, but radical, new
field of study. I suspect that she has deliberately chosen to display
an objective and understated exposition, and that she was correct in
doing so. However, the manner and structure of the book do readily
allow readers to consider only the mundane, if valuable, human-machine
interaction questions, and miss the more elusive and controversial
points.
I strongly recommend this book for all audiences. For general
readers, there are many interesting discussion points, both technical
and social. For developers, there is advice and direction to follow
in terms of the user interface. For the zealot, there may be the key
to the future.
copyright Robert M. Slade, 1998 BKAFFCMP.RVW 980412
------------------------------
Date: Fri, 5 Jun 1998 14:44:14 -0700 (PDT)
From: Lisa Mann <lisam@oreilly.com>
Subject: File 9--AOL in a Nutshell
For immediate release
For more information, contact:
Lisa Mann lisam@oreilly.com or
(707) 829-0515 ext 230
(708) For more info on the Nutshell series see:
http://www.oreilly.com/news/nutshell_0598.html
Nutshell Guide to AOL Released
"AOL in a Nutshell" is the definitive reference that breaks through the
hype and shows advanced America Online users and sophisticated
beginners how to get the most out of AOL 4.0's tools and features.
This detailed reference goes beyond the basics, answering all the
questions about AOL not just the most common ones in a no-nonsense,
easy-to-understand style. You'll learn how to customize AOL so it runs
the way you want it to, work around annoying idiosyncrasies, avoid
unwanted email and Instant Messages, actually understand Parental
Controls, and turn off intrusive advertisements. And it covers features
that many AOL users shy away from due to lack of documentation such as
FTP, Telnet, and alternative Web browsers.
"AOL in a Nutshell is designed to get under the skin of AOL. It's for
the curious AOL user who wants to go deeper into a particular feature
or get advice on how to carry out a particular task. We tell you
everything, including the things that aren't obvious and the things
that AOL hides form you. AOL, in it's quest to be user- friendly, has
buried some of its power under an easy interface. We help you unlock
AOLs potential." From the Preface
Created in the best-selling "In a Nutshell" series format, each topic
is divided into concise, distinct chapters, designed to help you find
the information you want at a glance. You can use it as a day-to-day
reference, or go further in-depth with an extensive cross- referencing
system. It's an indispensable guide for users who aren't dummies.
"AOL in a Nutshell":
Covers AOL 4.0 Provides the only quick reference to every task: not a
condescending tutorial
Presents an independent, honest look at AOL's strengths and weaknesses
Targets experienced users who want substance, not fluff; yet also
appeals to the sophisticated beginner
Clearly tells you what really works on AOL, and what doesn't
Provides insight and workarounds to scores of problems
About the Authors
Curt Degenhart is a writer and editor at Songline Studios' East Coast
office in Cambridge, MA. Besides separating the wheat from the chaff of
his AOL projects, he writes advice to the lovelorn at MixnMatch.com,
manages databases, hunts down the best of broadband, and daydreams.
Curt's foggy about how his life evolved from concentrating in
psychology at Vassar to writing about what's online, but he knows there
must be a really good explanation.
Jen Muehlbauer is a writer and editor at Songline Studios, an affiliate
of O'Reilly and Associates. When not knee-deep in AOL, she writes about
geeky topics such as broadband Web sites and happy couples who met on
the 'Net. Before moving to Boston and settling into 9-to-5 life, Jen
was a coffee-chugging English major at Wesleyan University.
###
AOL in a Nutshell
By Curt Degenhart & Jen Muehlbauer
1st Edition June 1998 (US)
540 pages, 1-56592-424-X, $19.95 (US$)
http://www.oreilly.com
------------------------------
Date: Wed, 24 Jun 1998 12:31:54 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" <rslade@sprint.ca>
Subject: File 10--REVIEW: "The Year 2000 Software Problem", Capers Jones
BKY2KSWP.RVW 980410
"The Year 2000 Software Problem", Capers Jones, 1998, 0-201-30964-5,
U$29.95/C$41.95
%A Capers Jones
%C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
%D 1998
%G 0-201-30964-5
%I Addison-Wesley Publishing Co.
%O U$29.95/C$41.95 416-447-5101 fax: 416-443-0948 bkexpress@aw.com
%P 335 p.
%T "The Year 2000 Software Problem: Quantifying the Costs and
Assessing the Consequences"
"When the twentieth century ends, many software applications
will either stop working or produce erroneous results since
their logic cannot accept the transition from 1999 to 2000,
when the dates change from 99 to 00 ... The costs of defending
against litigation and lawsuits can approximate half a year's
software budget, but damages and penalties from suits that are
lost can reach multiples of annual software budgets and lead
to bankruptcy ... Unfortunately, current data indicates that
at least 15% or software applications will not be repaired in
time." - from the Introduction
This book is a warning. By its own admission, however, it comes too
late. Is this book simply an insightful and focused locking of the
barn door after the horse has left the building?
Chapter one provides an executive overview of the situation. It shows
that year 2000 repairs should have started some time ago. However, it
does also demonstrate that it is barely possible to start such repairs
now, provided heroic measures are undertaken. It also proves that
such repairs then would have been much less costly than the same
repairs now, and furnishes rough, but well supported, estimates of
costs for the repair of applications, and for the failure to repair.
A historical review in chapter two also notes that there is a benefit
to the year 2000 problem: it will force companies to pay attention to
their software inventory. Chapter three is rather odd, defining a
handful of terms associated with applications development. The common
metric for year 2000 work is the number of lines of code to be
checked. Jones prefers the function point, and chapter four looks at
conversion factors plus a glance at the size of the problem as a
whole. However, it also starts to deal with direct and indirect
costs, particularly in regard to litigation, and loses some focus
thereby. Chapter five is a very thorough (perhaps at times overly
thorough) assessment of the total impact of the Y2K problem on the
United States, looking at the total cost, and cost by state, industry,
programming language, and so forth.
Advice on the actual fixing of the problem starts with program testing
in chapter six. Chapter seven looks very briefly at database repair.
Litigation and liability is reviewed in chapter eight. The analysis
of business failure risks, in chapter nine, seems to lean heavily on
litigation as well. Chapter ten discusses the rise of the year 2000
repair industry. Retrofitting applications by the use of masking or
windowing is mentioned in chapter eleven. The heavy United States
emphasis of the book is partially rectified in chapter twelve. The
analysis of the scope of the project by country is somewhat flawed by
assumptions that figures per line of code can be directly converted
from US surveys. However, the chapter also looks at the impact of
conversion to the Euro (the new European currency) and the diverse
impact this may have on the problem as a whole. Chapter thirteen
looks at factors that modify costs for various industries.
Chapter fourteen examines a number of problems that may arise in
various sectors if the problem is not fixed in time. A review of
general defensive tactics is contained in chapter fifteen. Appendices
B, C, and E contain additional sources of information.
In general terms, the book does not give much in the way of advice for
dealing with the crisis except for the suggestion to use masking in
preference to date field expansion. However, it does provide you with
some lovely frightening figures to use next time the CEO asks you if
this Y2K thing is really of any importance.
copyright Robert M. Slade, 1998 BKY2KSWP.RVW 980410
------------------------------
Date: Thu, 25 Apr 1998 22:51:01 CST
From: CuD Moderators <cudigest@sun.soci.niu.edu>
Subject: File 11--Cu Digest Header Info (unchanged since 25 Apr, 1998)
Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.
CuD is available as a Usenet newsgroup: comp.society.cu-digest
Or, to subscribe, send post with this in the "Subject:: line:
SUBSCRIBE CU-DIGEST
Send the message to: cu-digest-request@weber.ucsd.edu
DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS.
The editors may be contacted by voice (815-753-6436), fax (815-753-6302)
or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.
To UNSUB, send a one-line message: UNSUB CU-DIGEST
Send it to CU-DIGEST-REQUEST@WEBER.UCSD.EDU
(NOTE: The address you unsub must correspond to your From: line)
CuD is readily accessible from the Net:
UNITED STATES: ftp.etext.org (206.252.8.100) in /pub/CuD/CuD
Web-accessible from: http://www.etext.org/CuD/CuD/
ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/
aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/
wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland)
ftp.warwick.ac.uk in pub/cud/ (United Kingdom)
The most recent issues of CuD can be obtained from the
Cu Digest WWW site at:
URL: http://www.soci.niu.edu/~cudigest/
COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views. CuD material may be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission. It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified. Readers are encouraged to submit reasoned articles
relating to computer culture and communication. Articles are
preferred to short responses. Please avoid quoting previous posts
unless absolutely necessary.
DISCLAIMER: The views represented herein do not necessarily represent
the views of the moderators. Digest contributors assume all
responsibility for ensuring that articles submitted do not
violate copyright protections.
------------------------------
End of Computer Underground Digest #10.35
************************************