Archive for January 2021

Book Review: Ghost In the Wires

Surprisingly, for a memoir about a guy who spends most of his time sitting in front of a computer, Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker is a gripping thrill ride. And it’s a testament to Kevin Mitnick and his co-author, William Simon, that it works. In the wrong hands, the same material could easily be boring or overly technical. They found the right balance of action, technical detail, and non-hacking content to keep the story engaging. The book gives you a real sense of the hacking underworld, as well as how surprisingly easy it is to social engineer individuals, companies, and government agencies.

The most surprising part of the story is how little of Mitnick’s exploits were due to what we traditionally think of as computer hacking, and how much was due to social engineering. Mitnick learned to be a master manipulator, and in this book he explains to you how he convinced cops to turn over records, trusted employees to send files to people they just met, and just about anyone to do anything over the phone. If you want to better protect yourself from social engineering, this book is a great primer. It really makes you think about how quick we are to trust someone with a bit of confidence when they know a couple details we assume they would only know if the confidence were warranted.

Mitnick manages to make himself relatable. By including personal details, descriptions of family life, and imagery of his surroundings, he comes across as a regular guy. He compares his hacking activities to an addiction. I can almost buy that. He was getting notoriety, solving interesting puzzles, and probably feeling the same kind of rush that cleptomaniacs feel. It sounds like it could easily become a compulsion if you’re good at it and don’t have a certain moral wavelength turned on.

And I say that last sentence carefully. Because Mitnick (as far as I know and he claims in the book) never did anything especially damaging compared to some of the other well known hackers. He says he wasn’t in it for money or to do harm, but instead to satiate his curiosity. A significant portion of the book concentrates on this fact, and how the media played up his story to make him sound a lot more evil than he deserved. And that apparently affected his prosecution by the government. John Markoff, a well known New York Times reporter at the time, is singled out for particularly incredulous stories.

Yet, my biggest criticism with the book, would be Mitnick’s lack of sympathy for his victims. He spends a lot of time emphasizing how little damage he did, and almost no time apologizing for the damage that he did do. Sure, he may not have sold the source code he stole for a profit. And sure, the people he tricked mostly just had their time wasted. He didn’t actively try to ruin anybody’s life. Yet, mitigating his “work” inevitably cost companies and individual a lot of time. Employee time is money. It probably cost taxpayers millions of dollars investigating, trying him, and catching him. His exploits made people feel unsafe and caused them emotional distress. And he doesn’t seem very sorry. For that reason, I found him especially difficult to root for during the early chapters. Even his “pranks” as a teenager sometimes seemed mean spirited if I were to be on the receiving end of the frustration they caused.

In the end, though, Mitnick won me over. I found his relationship with his mother and grandmother endearing. I think the way he turned his life around after getting out of prison the last time is remarkable. It seems he’s done a lot of good the last twenty years. He’s an example of why people deserve a second chance, and his book is an interesting examination of social engineering and the media-legal system complex.

Posted in , , , |

The Web Has No Design Standards

A reader recently complained to me about the hyperlinks on this blog. The reader thought the links were too hard to distinguish from the rest of the text. And the reader’s right. The Swedish Greys desktop theme that I thought looked cool eight years ago, while attractive in an aesthetic sense (to me at least), is not the most usable or accessible. I’ll be looking for another theme.

I was able to style my blog however I wanted to and it looks the same in all browsers. That’s the flexibility of good HTML/CSS standards. Every site can look and behave exactly as the creator envisioned. It’s also why the Web’s a usability nightmare. We have to learn to use every site we visit because every site is designed differently. How come when we talk about Web standards the focus is almost entirely on technical standards? Where is the worry about design standards?

I recently finished reading the classic book The Design of Everyday Things by Don Norman and it talks about standards. Normans says “When all else fails, standardize.” Basically when you have no other way of implementing good design, you turn to standardization so at least every user only needs to learn how to use the similar things (in this case web pages) once. And I think we have no other way, because if we did, we would have figured it out in the past 30 years.

It wasn’t always this way. I remember using the pre-CSS and pre-JavaScript Web as a little kid on Mosaic. You knew there that the blue underlined text was always a hyperlink. And you knew that the back button always took you back a page. And you didn’t have to worry what different actions buttons did, because there was no JavaScript. I’m not saying we should go back there, but in many ways having the constraints made pages easier to use. There was no need to think. Now we have no constraints, but that’s why we need standards.

Every other major consumer computing platform but the Web has design standards. Apple’s platforms are famous for their Human Interface Guidelines. They are an attempt to ensure all apps follow some standard design conventions. Not every app does, but Apple has some ability to enforce them through its app stores, and some users even demand developers follow them. So, they are at least kinda sorta followed by most major apps. If the Web had design standards, maybe users would demand developers follow them too. Google and Microsoft have design suggestions and guidelines for their developers. This is why a good app for each platform feels “at home.”

But we have no design guidelines for the Web that are widely accepted. Sure, people have tried. But the only way we’re going to get something that’s actually followed is if we have a standard. And a standard needs to come from a standards body (Apple, Microsoft, and Google are the standards bodies for their respective platforms). W3C, please put some focus on a design standard. Not everybody will be forced to follow it, but it could do a lot of good in terms of usability.

Posted in , , |

Classic Computer Science Problems in Java is Published

I am pleased to announce that my fourth book, Classic Computer Science Problems in Java, has been published. It is now available for purchase from the publisher’s website. As Manning’s deal of the day, the book is available today (January 5, 2021) for 50% off.

Classic Computer Science Problems in Java is a continuation of the Classic Computer Science Problems series, with previous incarnations in Swift and Python. They teach problem solving techniques from the realm of computer science in an approachable code-centric tutorial-like fashion. They are relatively light on theory and heavier on analogies, examples, and code. You don’t need a computer science education to pick up the books. In fact they were designed with self-taught programmers in mind. You do need to be at least an intermediate programmer. You can find out more about the contents of the series at classicproblems.com.

The Java book follows the success of Classic Computer Science Problems in Python which has sold more than ten thousand English copies and has been translated into eight other human languages including Portuguese, Simplified Chinese, German, Russian, Polish, Korean, Traditional Chinese, and Japanese. Beyond the three original book programming languages, the source code has been ported by the community into five additional languages including Go, C++, Ruby, PHP, and JavaScript.

I don’t know if the Java book will be as successful as the Python book, but I do know that there will be a lot less readers upset about the inclusion of type annotations. Manning provides a short free sample of the book on their website, so you can check it out before you buy. Let me know if you have any questions on Twitter. I’m @davekopec.

Posted in , , , , , |
Copyright 2012-2021 David Kopec. As an Amazon Associate I earn from qualifying purchases. Powered by Blogger.

Search

Swedish Greys - a WordPress theme from Nordic Themepark. Converted by LiteThemes.com.