Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical
 
PerlMonks  

Re: Re: Boycott O'Reilly

by Wassercrats
on Jan 22, 2004 at 06:52 UTC ( #323105=note: print w/ replies, xml ) Need Help??


in reply to Re: Boycott O'Reilly
in thread Boycott O'Reilly

I'd do all of that, depending on the nature of "hacking related" and the others you mentioned, if there were convenient alternatives. And maybe even if there weren't.


Comment on Re: Re: Boycott O'Reilly
Re: Re: Re: Boycott O'Reilly
by stvn (Monsignor) on Jan 22, 2004 at 22:06 UTC
    Wassercrats

    Any good security consultant, police officer, government agent or member of the military will tell you, in order to defend yourself from theats you must understand two things; the attacker and the mode of attack. People who work in the security field train themselves to think like their "foes", so they can anticipate their moves. It only makes sense, how can you defend yourself if you dont know whats threating you? Stupidity and rampant fear results, after all mankind's greatest fear is the fear of the unknown (to sorta quote H.P. Lovecraft).

    Also any encryption expert worth his salt will tell you that a closed system/algorithm is far less secure than an open system/algorithm. Most cryptographers spend as much time writing algorithms as they do trying to break them.

    A book about hacking, no matter who publishes it, is just like any other bit of information. It can be used for good,.. and it can be used for evil. There is little doubt in my mind that this book was published with the "know your attacker" thought in mind, rather than "Learn to crack the IRS DBase in 24 hours".

    This information is all valuable, and since information itself is an abstract concept and not a concious entity with a moral capacity of its own, its all about how you use it.

    Think a bit before you post.

    -stvn

      I don't think the belief that such a book causes more good than harm has anymore basis in fact than my belief. In fact, I believe it has less. Someone, several responses back made a good point about open source/Perl people being more liberal about these things. That's to be expected from them, but there are two sides to the story.

      Now that we got passed the "it teaches bad guys/it teaches good guys" stage, lets look at this in some more detail. It's probably true that anti-hacker/cracker/whatever organizations publish stuff that could be used for illegal activity, but you have to compare their audience with that of the book. I won't pretend to know the difference for sure, but there surely is one. The organizations have more reason to be careful about who gets their information (though that's difficult) and to be careful about what information they provide. The book publishers want to sell books.

      If such material wasn't published at all, by well meaning organizations or elsewhere, what would happen? Only those with enough brains to learn programming, without being given any security related tips or code, would be able to write new computer cracking software (and protection). Is that good or bad? For crackers, it would create a roadblock. For real programmers, they would have had to learn to program anyway, so it's not as bad.

      Several posts back, I think someone said that there is actual code in the book I'm complaining about that could be used for cracking. That means the book removes a roadblock for hackers who want to do harm, and it removes only a smaller roadblock for the good guys. I haven't heard about any code it contains that's meant to prevent cracking.

      I guess those anti-hacker organizations are good, but the government also wants to prevent computer break-ins, with even more urgency because their focus is on national security. I don't know what they say about books like these, but I know something about the USA Patriot Act and how the government feels about encryption, and I bet they would be on my side.

      God bless America.

      *******---------------
      *******---------------
      *******---------------
      ----------------------
      ----------------------
      ----------------------
        If such material wasn't published at all, by well meaning organizations or elsewhere, what would happen? Only those with enough brains to learn programming, without being given any security related tips or code, would be able to write new computer cracking software (and protection). Is that good or bad? For crackers, it would create a roadblock. For real programmers, they would have had to learn to program anyway, so it's not as bad.

        In the dark ages, the few fortunate enough to be literate were the recipients of enormous benefit. And everyone else, well, they got screwed. This was a good arrangement (seemingly) for the literate few; they got to have cheap labor and could tell their 'loyal' subjects anything they wanted, claiming it was God's will, quote a few scriptures (which nobody else could read), and their subjects would be compelled through force or fear to follow along.

        But it was a false superiority, for during that time real innovation ground to a halt. It seems that it takes many minds, not just a select few, to turn the wheels of progress for a society. It wasn't until the renaissance that things began to improve, hand in hand with the improvement of the literacy rate. But remember, this came after the moors almost wiped the "keepers of truth" (the Christian literate) from the face of the globe.

        Obscuring knowledge is rarely the key to safety, security, and progress. It is generally a key to power abuse, an impedement to societal progress, and in the end doesn't even really benefit the few in posession of 'literacy'.

        Everything in that book is going to be pretty much common knowledge, readily available either from legitimate sources online, or through illegitimate sources. Either way, the book, as I understand it, is geared toward helping systems administrators and programmers to understand the beast they face, so they may refine their approach to slaying it. Keep books like that off the shelves, and the knowledge won't go away, but the knowledge to protect ourselves from that knowledge might suffer.

        Your points earlier were unsubstantiated, blamed the wrong people, shouldn't have blamed anybody at all, and were too diverse to be effective. O'Reilly isn't the enemy. Knowledge is not our foe.


        Dave

        If such material wasn't published at all, by well meaning organizations or elsewhere, what would happen? Only those with enough brains to learn programming, without being given any security related tips or code, would be able to write new computer cracking software (and protection). Is that good or bad? For crackers, it would create a roadblock. For real programmers, they would have had to learn to program anyway, so it's not as bad.

        So by this, it seems to me you are saying smarter crackers are a good thing? The point is that the information is out there, neither you nor I can change that. Best to be prepared. Knowledge is power.

        I guess those anti-hacker organizations are good, but the government also wants to prevent computer break-ins, with even more urgency because their focus is on national security. I don't know what they say about books like these, but I know something about the USA Patriot Actand how the government feels about encryption, and I bet they would be on my side.

        The government has long had issues with encryption, and its "export" to other countries, this is nothing new. The Patriot Act may have "strengthened" these positions, but strength does not directly correlate to intelligence. Much of legislation out there which pertains to computers is either outdated before its passed or written from a techno-ignorant point of view.

        The government's attempt to control the dissemination of encryption techniques and algorithms illustrates my point best. If knowing the implementation of an encryption algorithm makes it less secure, then it was never secure in the first place. With a truely secure encryption algorithm, it won't matter if you have the implementation in front of you or not.

        If you want to read about encryption, I wouldn't recommend the Patriot Act, there are far better texts on the subject. For starters, try anything by Bruce Schiener.

        -stvn

        In response to your "God Bless America" comment and concerns for national security. I will leave you with a few words of wisdom from our founding fathers.

        They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.
           - Benjamin Franklin

        Ignorant and free has never been and never will be.
           - Thomas Jefferson

        If the freedom of speech is taken away then dumb and silent we may be led, like sheep to the slaughter.
           - George Washington

        Wassercrats, while I won't seriously tear into you (as so many others have) for expressing your views, I do disagree with you. What I will tear into you about is your use of "God bless America" and "I bet <The US Government> would be on my side" in an attempt to get others to back you. Statements like that are just lame grabs at approval from the nearly brain-dead. It's the equivalent of a four year-old child saying, "unh-huh" when somebody disagrees with the child. Attempting to use our government's (or any government for that matter) view as justification for an intellectual argument is akin to using Wyle E. Coyote to justify something regarding physics.

        If you want to make an argument pro or con, then do it, but use credible, non-biased sources! And while we're at it, don't bring anybody's god(s) into a justification. It just shows poor taste and automatically degrades any argument you might make.

Re: Re: Re: Boycott O'Reilly
by chaoticset (Chaplain) on Jan 23, 2004 at 02:10 UTC
    Let's compare this philosophy to a guiding principle of mine.
    Those with more information are better equipped than those with less information.

    You seem to disagree, as if somehow some books should not be published, or should not be available to the public, and that if you had other options than them, you would use them instead, avoid said books. Okay -- you're saying that you'd intentionally remove information that you could use, because you have some sort of ethical problem with...what? Reading it? Other people knowing it?

    There's no way for you to control the latter.

    Regardless, let's move to another guiding principle of mine.

    People, on the whole, left to their own devices, will choose to do constructive things rather than destructive things.
    You seem to believe otherwise. You seem to think that one destructive act somehow outweighes thousands of constructive ones. I honestly don't think humankind could get anywhere without creating and producing being a better choice than destroying and nonproduction. We'd be living in caves. We'd be afraid of our shadows, and everyone else.

    Which, I suppose, we are to a degree -- but the degree to which we, as a whole, produce and create is greater.

    Believing these two things convinces me that there should be books about hackers, books with the word 'hackers' on the cover, etc., just as there should be books about terrorists, books about terrorism, etc. Not because of some notional concept of "harm" or "protection" or because I wish to see society fall -- it's because "harm" is irrelevant, the harm of not being informed is greater than any harm anyone can do me -- it's because "protection" is something I grant a nonsentient being, and I am sentient, and I don't need to be coddled -- it's because society requires information to proceed.

    You say this is harmful, and you are, by everything I've ever believed in, wrong. That would be my well-informed opinion, in terms of being well-informed about what I believe.

    Information causes action. Action, on the whole, is positive. Tell me why I should want to prevent X good things for less-than-X bad things.



    -----------------------
    You are what you think.

      Your argument sounds very philosophical. I hate philosophy. Applying a given set of beliefs to whatever problem comes your way simplifies things, but I prefer custom made problem solving. But it doesn't surprise me to hear a philosophical argument here because I see philosophy as being related to psychology, which I've heard alot of programmers are into. I hate psychology too.

      Information causes action. Action, on the whole, is positive. Tell me why I should want to prevent X good things for less-than-X bad things.

      Since there are no such things as units of goodness or badness, it depends on the quality of the good and bad things, not just the quantity, but generally, you shouldn't want to prevent X good things in order to prevent less-than-X bad things. I'm not certain whether books like the one I'm complaining about would help more good guys than bad, but some forms of helping good guys aren't as important as preventing helping bad guys.

        Applying a given set of beliefs to whatever problem comes your way simplifies things,
        It doesn't simplify anything. It's nice to refer to it as something so simple as "applying a given set of beliefs" but trust me when I tell you that book after book of philosophical what-have-you is not filled with One Right Way to apply a set of beliefs.

        I think the goal of philosophy is a consistency. I think a philosopher would like to look at the activities of the day before them and see a consistent goal emerging -- surpassing 'normal' humanity, ascribing to a percieved God's intended path, etc.

        but I prefer custom made problem solving.
        This isn't saying you have no philosophy. This is saying your philosophy is that you should examine each situation less in terms of 'beliefs' and more in terms of the uniqueness of the situation. It's still a philosophy.
        But it doesn't surprise me to hear a philosophical argument here because I see philosophy as being related to psychology, which I've heard alot of programmers are into. I hate psychology too.
        I cannot imagine why. Programming is psychology for a much less advanced brain. Psychology is programming for a much more advanced computer.
        Since there are no such things as units of goodness or badness, it depends on the quality of the good and bad things, not just the quantity, but generally, you shouldn't want to prevent X good things in order to prevent less-than-X bad things. I'm not certain whether books like the one I'm complaining about would help more good guys than bad,
        Okay -- then the original statement should probably have reflected a lack of sureness. It didn't. You titled it "Boycott O'Reilly" and, as far as I can tell, you're unhappy because the book describes security flaws. Describing security flaws is vital to fixing security flaws, even if it makes you uncomfortable somehow.
        but some forms of helping good guys aren't as important as preventing helping bad guys.
        That is true. "Some good things aren't as important as preventing some bad things." Unfortunately, that wasn't what you described -- you suggested that a book publisher be boycotted because you didn't like how one of their books was written. If you're telling me that I should punish the people who put the Camel, the Ram, etc. on bookshelves because they produced a book that got mixed reviews, then I'm going to think you're missing something, possibly on purpose.


        -----------------------
        You are what you think.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://323105]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others lurking in the Monastery: (6)
As of 2014-09-21 07:08 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    How do you remember the number of days in each month?











    Results (167 votes), past polls