Computer underground Digest Wed Jun 24, 1998 Volume 10 : Issue 35 ISSN 1004-042X Editor: Jim Thomas (cudigest@sun.soci.niu.edu) News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu) Archivist: Brendan Kehoe Shadow Master: Stanton McCandlish Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Field Agent Extraordinaire: David Smith Cu Digest Homepage: http://www.soci.niu.edu/~cudigest CONTENTS, #10.35 (Wed, Jun 24, 1998) File 1--Special Issues of Book Reviews File 2--Fan-wrttien Star Trek Book Sued for $22 Million File 3--REVIEW: "Practical Computer Network Security", Mike Hendry File 4--REVIEW: "Network and Netplay", Fay Sudweeks/Margaret McLaughlin/ File 5--REVIEW: "Digital Literacy", Paul Gilster File 6--REVIEW: "Cookies", Simon St. Laurent File 7--REVIEW: "Cyber Crime", Laura E. Quarantiello File 8--REVIEW: "Affective Computing", Rosalind Picard File 9--AOL in a Nutshell File 10--REVIEW: "The Year 2000 Software Problem", Capers Jones File 11--Cu Digest Header Info (unchanged since 25 Apr, 1998) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION ApPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. --------------------------------------------------------------------- Date: Thu, 25 Jun 98 23:26 CDT From: Cu Digest Subject: File 1--Special Issues of Book Reviews CuD encourages book reviews of books related to computer culture, law, and related topics. One of the best (and most prolific) reviewers we've come across is Rob Slade. In this issue, we showcase some of his latest reviews along with some others. We encourage readers to send over their comments on books that they find especially useful (or hopelessly clueless). ------------------------------ Date: Tue, 02 Jun 1998 15:17:51 +0200 From: Luca Sambucci Subject: File 2--Fan-wrttien Star Trek Book Sued for $22 Million Online Freedom Federation http://www.off-hq.org June 02, 1998 For immediate release Set Phasers on Sue -- Fan-written Star Trek Book is the Target of $22 Million Lawsuit Reversing a 30 year practice, Paramount Pictures has sued Star Trek fan Samuel Ramer and his publishing company in federal court in New York for writing an unauthorized book about the world of Star Trek fandom. Ramer is the author of The Joy of Trek: How to Enhance Your Relationship with a Star Trek Fan. Thirty-four year old Ramer, a self-proclaimed loyal "Trekster" since the age of 6, dedicated the book to his wife and intended it as a humorous guide to help "non-fans" like her understand the fierce devotion fans hold for Star Trek in all its incarnations. Paramount, represented by the Manhattan law firm of Richards & O'Neil, argues that the book violates the copyrights of 220 Star Trek episodes, and is seeking civil damages in the amount of $22 million, as well as an order banning sales of the book. At the outset, lawyers for Ramer and his publishing company have raised a number of compelling arguments in defense of the book. Most notably, they illustrate how for 30 years Paramount tolerated and even encouraged fans to engage in technically unauthorized activities in order to maintain interest and enthusiasm for the then-struggling franchise. They point to over 100 unauthorized books, including the famous Star Trek Concordance by Bjo Trimble. Trimble, who was instrumental in the letter-writing campaigns to save the original series from extinction, wrote the beloved Concordance as a comprehensive encyclopedia and episode guide. Had Paramount adopted the same stance with Trimble as it has done with Ramer, Star Trek would have been an obscure footnote in entertainment history, rather than the unparalleled success that it has become today. Sadly, with Gene Roddenberry gone and Paramount swallowed up by monolithic Viacom Corporation, appreciation and respect for fans has given way to litigation and disdain, as Viacom continues its misguided campaign to eliminate interactive fan participation in the Star Trek universe. OFF expresses its full support for Samuel Ramer and his publisher, and will continue to post updates on the case. Meanwhile, OFF supporters are encouraged to write to Viacom with their concerns. As always, be polite and articulate in order to be taken seriously. --- The Online Freedom Federation is a non-profit organization dedicated to the preservation of freedom of speech on the Internet. Its executive council can be reached at . Representatives of the various presses can contact OFF's Public Relations council at to more quickly arrange to speak with OFF representatives. Local presses will be deferred to their local representative for official comment. ------------------------------ Date: Wed, 10 Jun 1998 08:42:24 -0800 From: "Rob Slade, doting grandpa of Ryan and Trevor" Subject: File 3--REVIEW: "Practical Computer Network Security", Mike Hendry BKPCNSEC.RVW 980426 "Practical Computer Network Security", Mike Hendry, 1995, 0-89006-801-1, U$55.00 %A Mike Hendry %C 685 Canton St., Norwood, MA 02062 %D 1995 %G 0-89006-801-1 %I Artech House/Horizon %O U$55.00 800-225-9977 fax: 617-769-6334 artech@world.std.com %P 203 p. %T "Practical Computer Network Security" This book asks the questions of what is security, and can security be achieved, for every level of audience. The text does, in fact, answer the questions, but the answers turn out to be profoundly uninteresting. Part one explains some of the conceptual framework for data security on networks. Chapter one is an introduction to the book overall. It is not terribly clear about the scope of the book, but does state that the material will look at failures caused by humans (both deliberate and accidental) as well as short and long term machine failures. The terms defined seem to indicate an emphasis on problems in the actual transmission of data. Six types of failures are outlined quickly in chapter two, although there is no explanation of the difference between "inaccuracy" and "alteration" of data, both seeming to relate to the more general realm of reliability. Tables relating these types of failures to those outlined in the preceding section are confusing. The overview of systems aspects of security in chapter three is terse and seemingly random. A simple idea of risk assessment is given in chapter four. Chapter five looks at a number of specific points of failure in hardware and software: confidence is not increased by a network diagram that demonstrates no knowledge of the OSI (Open Systems Interconnect) reference model. Specific perils for particular applications are mentioned in chapter six, but only for a small set of industries. Part two reviews security technologies. There is a brief introduction to encryption (and an even briefer look at identity) in chapter seven. Chapter eight is quite odd, showing a number of partial algorithms for key use, but almost nothing on key management. Various hardware security devices are discussed in chapter nine, but, again, the overview seems to be fairly random. Chapter ten is a vague and generic look at different aspects of software related to security. The section of viruses is appalling, containing almost no accurate information at all. The material on access control in chapter eleven is also nebulous, and not likely to be of help to either the user or manager. Chapter twelve, on types of networks, has no relation to security at all, even though network type may very well have a bearing on risks. Part three looks at security by application type. Chapter thirteen is a very general overview of commercial applications, ranging from a simplistic look at database security to a section that gets very detailed about the motives that drive sales people to defraud the company but doesn't present very helpful advice on what to do about it. Banking gets a fair amount of space in chapter fourteen, but then it does cover a considerable amount of territory. Subscription services, from confidential databases to email, are discussed in chapter fifteen. The rest of the world is covered in the five pages of chapter sixteen. Chapter seventeen is a review of the chapters. For the complete novice to computer and communications security, the book does raise a number of issues to think about. The lack of scope in the book means that a number of additional points would need to be considered in any workable security plan. The lack of detail included means that other references will be needed to make any plan workable. copyright Robert M. Slade, 1998 BKPCNSEC.RVW 980426 ------------------------------ Date: Mon, 1 Jun 1998 10:35:52 -0800 From: "Rob Slade, doting grandpa of Ryan and Trevor" Subject: File 4--REVIEW: "Network and Netplay", Fay Sudweeks/Margaret McLaughlin/ BKNWKNPL.RVW 980328 "Network and Netplay", Fay Sudweeks/Margaret McLaughlin/Sheizaf Rafaeli, 1998, 0-262-69206-6, U$35.00 %A Fay Sudweeks %A Margaret McLaughlin %A Sheizaf Rafaeli %C 55 Hayward Street, Cambridge, MA 02142-1399 %D 1998 %G 0-262-69206-6 %I MIT Press %O U$35.00 800-356-0343 fax: 617-625-6660 www-mitpress.mit.edu %P 313 p. %T "Network and Netplay: Virtual Groups on the Internet" Because of the title, or rather the subtitle, I was somewhat disappointed by this book. Not that the papers are without interest, but they do not, or at least only tangentially, deal with groups and communities and their activities on the net. The collection of papers is characterized by formal style and the general topic of aspects of computer mediated communications (CMC), but is otherwise fairly random in terms of subject, approach, and even background. The first study is interesting not because of its results (it almost doesn't have any) but due to the intriguing research possibilities it suggests. The researchers theorized that there were gender differences in computer mediated communications, and that 1) women used more graphical accents (smileys, emoticons, and the like) while 2) men were more challenging and 3) used more flames. Some of the study protocol is detailed, but the source of sample messages for the study is not. With the plethora of mailing list archives plus Usenet news archives such as DejaNews and Rendezvous similar studies could now be done with enormous, and almost completely randomized, samples, which would allow multidimensional analyses. Chapter two likewise news postings examines in terms of tension or conflict. The intent, however, was to test some established observations of verbal (face to face) conversations in comparison to electronic discourse. The results are generally supportive, but the paper reports some problems with methodology (which are not, unfortunately, spelled out in detail). Chapter three is truly occult. It appears to be an attempt to define the nature of computer mediated communication overall. I say "appears" because the author seems not only determined to hold fast to the most arcane jargon of his own field (and I'm not even sure what that field is), but to coin new terms. "Telelogue" is a proposed equivalent to CMC (OK, I'll admit that "computer mediated communications" is pretty cumbersome), polylogue is many-to-one, dialogue is the usual one-to-one, but I still can't figure out what monologue is meant to be in the context of the paper. Those parts of the piece that I have been able to figure out do *not* correspond with my experience on the net, or are rather trivial and obvious observations. A review of the playful aspects of IRC (Internet Relay Chat) is compared with Caillois's "classic" taxonomy of play in chapter four. The essay is, however, weakened by a poor exegesis of the typology. (I am not sure why counting rhymes are spontaneous while lotteries are difficult.) The use of a single IRC session is acceptable given that it is being used as an illustration rather than for research. However, the paper fails to deal with self-selection issues, such as the fact that the play drive seems to be necessary for discovery learning and a thorough mastery of a relatively little used technology. (Comments about IRC addiction also seem to indicate a relatively naive level of knowledge of the medium.) Chapter five is an anecdotal review of media use and preferences by Usenet news participants. Although the methodology appears sound, the conclusions are uninteresting. Usenet responses to failures of normative behaviour (or netiquette) is studied in great detail in chapter six, but the results are, again, disappointing. The primary result of a survey of Relcom (a Russian Usenet technology system) participants in chapter seven seems to have been that the participants approved of the survey. Chapter eight asks a very important and interesting question: why do some people involve themselves in risky online communications? Unfortunately, the study is based on a self- reported, and pretty much self-selected, survey, and only deals with perceptions of secrecy, at least as far as the paper reports. A paper on the "Mr. Bungle" multi-user domain "virtual rape" case, in chapter nine, concentrates on sociological and historical studies of rape and really has little to say about online communications. (It also has absolutely none of the poetry of the Dibbell account.) Chapter ten defines both its terms and methods poorly, and so it is difficult to say what results, if any, it produces aside from the fact that people in conversation tend to want to agree. The same data set appears to be used in chapter eleven for a turgid example of neural net analysis that does not appear to come to any conclusions. Chapter twelve appears to try to build a conceptual model of community building on the Internet, but does so by looking at the World Wide Web, surely the least "communing" technology on the net. The book concludes in chapter thirteen with a report on the ongoing development of an online avatar intended for use in guiding children through explorations on the net. It is somewhat depressing to see how little artificial intelligence has progressed in twenty years. The addition of abstracts and biographical notes included with the papers would have been a great help in getting something out of the essays. The intent, approach, and background of the authors varies greatly from item to item, and some introduction would probably help ease the sense of dislocation when reading through the book. For those interested in social study of interpersonal communications conducted via computer, the text does provide a series of examples and an extensive bibliography. As far as guidance is concerned the work provides little: many of the papers could best be used as the proverbial bad examples. However, given limited material available in this field, at least it does provide examples to critique. copyright Robert M. Slade, 1998 BKNWKNPL.RVW 980328 ------------------------------ Date: Wed, 20 May 1998 08:23:11 -0800 From: "Rob Slade, doting grandpa of Ryan and Trevor" Subject: File 5--REVIEW: "Digital Literacy", Paul Gilster BKDGTLIT.RVW 980322 "Digital Literacy", Paul Gilster, 1997, 0-471-24952-1, U$12.95/C$18.50 %A Paul Gilster gilster@mindspring.com %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8 %D 1997 %G 0-471-24952-1 %I Wiley %O U$12.95/C$18.50 416-236-4433 fax: 416-236-4448 %P 276 p. %T "Digital Literacy" Having said many unkind things about the hype surrounding the World Wide Web, I *do* acknowledge that the Web is useful. It's value, however, lies not in graphics or a WIMP (Windows, Icon, Mouse, Pointer) interface, but in the invention of the URL: the Uniform Resource Locator. Text based dinosaur that I am, I find URLs in mail messages to be more useful than almost any approach to the Xanadu of hypertext. Utility lies in informational substance and ease of access thereto, not in multimedia style. As a card carrying propellorhead, therefore, I greatly appreciate Gilster's avowed non-technical approach to the net. "The Internet Navigator" (cf. BKINTNAV.RVW), despite the efforts of literally hundreds of authors, is still the most mature general guide to the Internet. "Finding it on the Internet" (cf. BKFNDINT.RVW) stands alone after all this time as the only solid answer to the second question every net novice asks. Now, in this present work, Gilster once again draws back the unnoticed curtain behind the smoke and noise to reveal that which we truly need to make the Internet work: critical analysis. (I should note that it is not quite present: this is a reissue, for some reason, of a book I somehow missed two years ago. In responding to the draft of this review, Gilster has said that he would have made some additions if he had been given the opportunity.) The first chapter introduces digital literacy as a new skill made necessary by a new type of information utility: the computer, and more particularly the computer network. The text briefly looks at the changes in style and even substance of data in the new medium, and at those who use, do not use, praise, and decry the net. Yet this is mere introduction, for all that it covers the total contents of most "information superhighway" books. Chapter two develops a definition of this new literacy. Drawing upon the historical changes from speech to phonetic writing, from scrolls to codex, and from hand copying to moveable type, Gilster demonstrates that it is the interaction with content that changes. And, whereas in the immediately previous media information could not be questioned, on the net, information not only can be critiqued, but must be. Chapter three seems to be somewhat of a digression as Gilster describes a day using the Internet. It does, however, give a quick and realistic picture of what information use on the net is like in reality right now. In one sense, though, it does a minor disservice to the book. All of the information Gilster obtains is deemed to be trustworthy. There is little mention of spam and other junk, nor of the ubiquitous "404" indicator of abandoned sites on the Web, nor of the assessment, in terms of a Usenet news posting, of whether this shrill electronic cry is a vital warning or an ill- tempered complaint. While some evaluation is done, the critical analysis promoted in the first two chapters is missing. Chapter four, however, takes up the slack. Most of the details here; and the chapter is very detailed; are concerned with determining the identity, background, and credentials of providers of content on the net. Even when all the information is available on the Internet, chapter five notes that perception can be distorted by presentation. Web pages linked to supporting materials lend credibility to proposals that may very well be built on thin air, or at least badly lopsided foundations. Chapter six is an examination of the various models of libraries, traditional, online commercial, and Internet, that are developing in the current environment. Ultimately Gilster proposes a design that may not be fully supported by either the installed base of technology nor social will, but the discussion is a definite wakeup call for many information providers. But it is chapter seven that demonstrates the real strength of the net: the multiplicity of voices that can be accessed in any situation. This strength carries the inevitable downside and caveat: the reader/user is fully responsible for pursuing and judging the data. The price of being informed is eternal searching. As a singular book on a vital topic, this work is not written to the excellent standard of "Finding it on the Internet." A number of resources for analysis and information gathering are either missed, or mentioned only briefly. Time, of course, is one of the most important. Contrary to popular impression, the Internet is not necessarily a source of instant or ready answers. Development of resources is indispensable. While note was made of the need for search engines to check material presented on Web pages, the DejaNews and Rendezvous sites are useful as search engines on another matter: the determination of the history, interests, expertise, and biases of individuals. Mailing list archives can be another source of similar information. The last, best resource any seasoned netizen has is a circle of acquaintances; personal contacts with a range of experts in a variety of fields that would astound the literati of any pre-digital age. Gilster's look to the future, in chapter eight, is disappointing in light of the insightful work that preceded it. While fair and balanced, avoiding both the rose coloured digital crystal ball and the mechanized cyberpunk dystopia, this final piece in the book does not travel much beyond a generally informed look at short range futures in technology. Still, while the tag end does not provide you with any last minute advice or guidance, the book overall gives much useful advice on developing the new literacy of the digitally networked age. copyright Robert M. Slade, 1998 BKDGTLIT.RVW 980322 ------------------------------ Date: Tue, 26 May 1998 08:13:29 -0800 From: "Rob Slade, doting grandpa of Ryan and Trevor" Subject: File 6--REVIEW: "Cookies", Simon St. Laurent BKCOOKIE.RVW 980320 "Cookies", Simon St. Laurent, 1998, 0-07-050498-9, U$34.95 %A Simon St. Laurent %C 300 Water Street, Whitby, Ontario L1N 9B6 %D 1998 %G 0-07-050498-9 %I McGraw-Hill Ryerson/Osborne %O U$34.95 800-565-5758 fax: 905-430-5020 louisea@McGrawHill.ca %P 361 p. %T "Cookies" I am probably more aware of cookies than most. I do allow cookies, but I get a warning each time somebody tries to set one on me. (For those who are aware of cookies, this fact alone will tell you that I do not spend a lot of time "surfing".) I know that you cannot download a number of things off the Microsoft Website without they feed you a cookie and you accept. I know that a large number of cookies are not being set by the pages I am looking at, but by servers listing banners on those pages. I know that PCWorld magazine holds the record as far as I am concerned: thirteen attempts to set a cookie on a single access to a single page. I know that Clinique gets a bonus, as far as I am concerned, for personalizing the page for the user without setting a cookie at all. So I was most interested to see this book. I approached it with some trepidation, I admit, since books on "new" and "hot" technologies do not have a good track record, particularly those with some link to business. However, what I found was a book with something for programmers, privacy advocates, and interested Internauts alike. Chapter one explains what cookies are, and why. It does this with a series of analogies of different types of activities (mostly, but not uniquely, commercial) that require some kind of memory through certain stages of the process. The structures of both the older version 0 Netscape and the newer RFC 2109 cookies are detailed in chapter two, along with special notes (Lynx deletes *all* cookies on exit) and tips (if you want to set an expiry date to maintain the cookie into the future, note that you must set the path). Chapter three provides the user with detailed, browser-by-browser information on how to manage cookies, including blocking options and storage methods. It also discusses proxy servers and add-in cookie blocking tools. However, St. Laurent's major concern is for the effective programming of cookies. Client-side programming, with JavaScript and VBScript, is covered in chapter four. Server-side cookie programming, and the pros and cons thereof, are discussed in chapter five. Chapter six demonstrates the use of cookies in combination with CGI (Common Gateway Interface) programming for more sophisticated activities. Netscape's Server Side JavaScript and Microsoft's Active Server Pages are covered separately in chapters seven and eight. "Pure" Java does not allow for cookie generation, but with the extensions to provide connections between Java and JavaScript an applet can now feed and check cookies, which chapter nine demonstrates. Chapter ten looks at Microsoft Site Server, which has perhaps the most effective, and potentially invasive, tools for collecting information about Web users through the use of cookies. St. Laurent explains the various information gathering activities, and also presents effective handling of both those who accept, and those who reject, cookies. Chapter eleven examines probable developments in cookies in the near future, and briefly looks at the question of identity information gathering by Web site owners. There is some small irony in the fact that St. Laurent expresses his own concern for balance in the overall presentation at the end of chapter ten. I am glad that he was worried about being biased in one direction or another: it has made for a rational and clear presentation of a topic which is currently rather overheated. The book fully appreciates both the needs and the concerns, and provides not only the facts, but a lucid and clear-sighted analysis of the real situation. copyright Robert M. Slade, 1998 BKCOOKIE.RVW 980320 ------------------------------ Date: Fri, 12 Jun 1998 08:20:13 -0800 From: "Rob Slade, doting grandpa of Ryan and Trevor" Subject: File 7--REVIEW: "Cyber Crime", Laura E. Quarantiello BKCBRCRM.RVW 980425 "Cyber Crime", Laura E. Quarantiello, 1997, 0-936653-74-4, U$16.95 %A Laura E. Quarantiello 73733.1653@compuserve.com %C P.O. Box 493, Lake Geneva, WI 53147 %D 1997 %G 0-936653-74-4 %I Limelight Books/Tiare Publications %O U$16.95 +1-414-248-4845 %P 144 p. %T "Cyber Crime: How to Protect Yourself from Computer Criminals" Running through the text of "About This Book," the preface, and the introduction, is a statement that this work is for the protection of the average computer user. Unfortunately, the "average" computer user is a fairly ill-defined concept, and it is difficult to know specifically what type fo user and what type of risks the book is about. As the author notes, generic computer security books are of daunting size, but that is because data security is a large field of study. Chapter one opens with a general look at computer crime. Most of the chapter discusses the computer criminal, however. While Quarantiello at least acknowledges the multiple users of the term "hacker" the origins of unauthorized computer exploration lie at least two decades further back than the book states, and the division between ethical and non-ethical uses of computers is hardly the amicable separation implied by the text. The more serious error, however, is that computer crime somehow involves some extra level of skill or knowledge. Not even system security breakers are the evil genii suggested by the book, and, in fact, the bulk of computer crime is committed by insiders with little knowledge of computers beyond menial use. A very similar review of phone phreaks and system crackers constitutes chapter two, which also includes a brief and jumbled collection of the common types of telephone and computer scams and myths, including the amazingly resilient legend of the "salami scam." Except for the mention of shoulder surfing and social engineering, though, little is of help to the common user. The coverage of viruses in chapter three is abysmal. Although I am well used to misinformation in general security texts, there is not a paragraph that does not contain at least one error of fact, and most are not minimal mistakes. (This is the more disappointing when the book twice quotes from Fred Cohen.) Chapter four looks at the various dangers of fraud, harassment, and invasion of privacy online. Unfortunately, details are few, confusing criminal invasion with legitimate, commercial databases of information, and weakening the warnings about stalking by failing to explain the situations realistically. Part two of the book discusses protective and defensive measures users can take to safeguard themselves. Chapter five recommends a number of steps to take. Unfortunately, few of the suggestions are practical. Make a policy never to discuss company computers with anyone aside from the sysop? This is a simple rule? It'll last until the first coffee break. "Take a minute or two to back up your hard disk" each time you look at a new diskette or CD-ROM? I suppose it'll work if your backup device is /dev/null. Get a copy of all public records about you? You probably have no idea what they are, or how to access them, and even if you have records of them all (updated how often?), the records will still be public. Use encryption for all email? *Which* encryption? The proposals for password choice are acceptable, although nothing special. The advice for protecting children online is basic but reasonably good. Chapter six seems to be a collection of stories about the times that authorities have been able to deal with computer crime. The final chapter is a brief and rather naive personal view of the security field. This book is yet another attempt by a complete novice to inform the world about data security. There are, regrettably, a great many similar tomes, long on frantic warnings and short on both facts and useful counsel. I have no doubt that many of the cautions are based on true stories, taken from court cases and possibly personal correspondence. However, I also know that a number of the tales are mythic, and even the true anecdotes are presented in a spectacular fashion. Statistics given are questionable, or not presented in sufficient detail to give a true picture. Overall, this is unlikely to be of value to the average computer user, however defined. copyright Robert M. Slade, 1998 BKCBRCRM.RVW 980425 ------------------------------ Date: Wed, 17 Jun 1998 09:37:10 -0800 From: "Rob Slade, doting grandpa of Ryan and Trevor" Subject: File 8--REVIEW: "Affective Computing", Rosalind Picard BKAFFCMP.RVW 980412 "Affective Computing", Rosalind Picard, 1997, 0-262-16170-2, U$27.50 %A Rosalind Picard %C 55 Hayward Street, Cambridge, MA 02142-1399 %D 1997 %G 0-262-16170-2 %I MIT Press %O U$27.50 800-356-0343 manak@mit.edu www-mitpress.mit.edu %P 292 p. %T "Affective Computing" There will be, I dare say, a "religious" debate over this book. While isolated visionaries have idly speculated about emotion in computers, the vast majority of the computer using, and non computer using, populace sees technology as cold, mathematical, and ultimately objective (if occasionally in error). The fact that this assessment is an emotional one gets conveniently forgotten. One of the possible divisions in the study of artificial intelligence is in the approach taken. The brute coding approach simply strives to make programs more and more intelligent, the definition of "intelligent" being left as a problem to be dealt with once we have something that is at least marginally useful. This strategy has been demonstrably successful in producing entities like Deep Blue and techniques such as expert systems. The alternative route is to observe that we already have at least one agreed upon model of intelligence, and to seek to apply what we know of the human mind to some form of programming. While that course suggests interesting tactics like neural networks, spectacular triumphs have not been forthcoming. Still, it is in pursuing this modelling approach that Picard has divined a potentially revolutionary concept in computing. So radical is this idea, in fact, that even those who praise Picard and the book tend to see affective computing as only a means to a superior user interface, and miss the proposal that affect is key to intelligence itself. The postulate that emotion is important to intellect is not new. Picard acknowledges this, and, as any good scholar would, builds on the work done by others. Part one of the book provides an overview of emotion theory, as well as general questions about emotion and its relevance to the development of computing. Part two looks more specifically at the technical aspects of affective applications. Chapter one outlines basic human emotion studies, concentrating first on the physical aspects of emotion, and then on the cognitive. It is quite easy, in this section, to see why so many readers see the book as dealing merely with the user interface, since much of this primary material has immediate implications in allowing computers to assess the emotional state of the user, and to tailor presentation appropriately. The ramifications for computing are more subtle, but do exist, for example in the determination of urgent matters or the drive to learn from errors. An initial examination of affective components in computing is the emphasis for chapter two. In addition to the ability to recognize and express emotions, Picard lays out an interesting framework for deciding whether or not computers "have" emotions. While perhaps not final, it is a very useful aid to starting work on affective computing without diverting too much energy to more philosophical questions of defining affect. Applications that might benefit from affective computing, in chapter three, include coaching, communications, counseling, education, consumer studies, entertainment, motivation, search agents, and environmental agents. (As one indication of the importance of the work Picard proposes, consider how far we are from being able to give the command that she throws away as the title of one section:" Fast Forward to the Important Part.") Concerns, in chapter four, involve trust, fraud, poor application, privacy, accuracy, tradeoffs in objectivity, centralized manipulation, negative emotions, design, and computer rights. The author states outright that many of these considerations will only be problems in outlandish circumstances, or at far future dates. Chapter five starts to look at the technical issues involved in programming emotion, starting with the processing of affective signals in a way that mimics what we know of human emotional response. (My own immediate reaction was to the lack of a coding mechanism for measurement, storage, and communication, but I am probably getting ahead of the work.) "Recognizing and Expressing Affect," in chapter six, reviews current work in dealing with facial expressions, vocal intonation, and other factors. Further research is reported in chapter seven's look at the generation of emotion, primarily via cognitive mechanisms. Chapter eight discusses in more depth the concept of "wearable" computers, mostly in terms of the ultimate "personal" computer (or network). It has been proposed that the AI goal of reproducing human intelligence is a chimera and a false trail. Machine intelligence, so the thesis suggests, is different in kind from human intelligence, and the attempt to make one copy the other would be better directed to finding the differences between them and assigning work appropriately. If this latter hypothesis is true then Picard's recommended line of enquiry would be futile in terms of producing better machine intellect--but would still be valuable in determining the dividing line. In the Preface, the author demonstrates that she is aware that there will be--how shall we put this?--an emotional response to the central tenet of the text, and that, our culture being what it is, this reaction will be additionally weighted by the fact of her gender. Picard is walking a fine line between presenting a scientific thesis to a scientific community and proposing an exciting, but radical, new field of study. I suspect that she has deliberately chosen to display an objective and understated exposition, and that she was correct in doing so. However, the manner and structure of the book do readily allow readers to consider only the mundane, if valuable, human-machine interaction questions, and miss the more elusive and controversial points. I strongly recommend this book for all audiences. For general readers, there are many interesting discussion points, both technical and social. For developers, there is advice and direction to follow in terms of the user interface. For the zealot, there may be the key to the future. copyright Robert M. Slade, 1998 BKAFFCMP.RVW 980412 ------------------------------ Date: Fri, 5 Jun 1998 14:44:14 -0700 (PDT) From: Lisa Mann Subject: File 9--AOL in a Nutshell For immediate release For more information, contact: Lisa Mann lisam@oreilly.com or (707) 829-0515 ext 230 (708) For more info on the Nutshell series see: http://www.oreilly.com/news/nutshell_0598.html Nutshell Guide to AOL Released "AOL in a Nutshell" is the definitive reference that breaks through the hype and shows advanced America Online users and sophisticated beginners how to get the most out of AOL 4.0's tools and features. This detailed reference goes beyond the basics, answering all the questions about AOL not just the most common ones in a no-nonsense, easy-to-understand style. You'll learn how to customize AOL so it runs the way you want it to, work around annoying idiosyncrasies, avoid unwanted email and Instant Messages, actually understand Parental Controls, and turn off intrusive advertisements. And it covers features that many AOL users shy away from due to lack of documentation such as FTP, Telnet, and alternative Web browsers. "AOL in a Nutshell is designed to get under the skin of AOL. It's for the curious AOL user who wants to go deeper into a particular feature or get advice on how to carry out a particular task. We tell you everything, including the things that aren't obvious and the things that AOL hides form you. AOL, in it's quest to be user- friendly, has buried some of its power under an easy interface. We help you unlock AOLs potential." From the Preface Created in the best-selling "In a Nutshell" series format, each topic is divided into concise, distinct chapters, designed to help you find the information you want at a glance. You can use it as a day-to-day reference, or go further in-depth with an extensive cross- referencing system. It's an indispensable guide for users who aren't dummies. "AOL in a Nutshell": Covers AOL 4.0 Provides the only quick reference to every task: not a condescending tutorial Presents an independent, honest look at AOL's strengths and weaknesses Targets experienced users who want substance, not fluff; yet also appeals to the sophisticated beginner Clearly tells you what really works on AOL, and what doesn't Provides insight and workarounds to scores of problems About the Authors Curt Degenhart is a writer and editor at Songline Studios' East Coast office in Cambridge, MA. Besides separating the wheat from the chaff of his AOL projects, he writes advice to the lovelorn at MixnMatch.com, manages databases, hunts down the best of broadband, and daydreams. Curt's foggy about how his life evolved from concentrating in psychology at Vassar to writing about what's online, but he knows there must be a really good explanation. Jen Muehlbauer is a writer and editor at Songline Studios, an affiliate of O'Reilly and Associates. When not knee-deep in AOL, she writes about geeky topics such as broadband Web sites and happy couples who met on the 'Net. Before moving to Boston and settling into 9-to-5 life, Jen was a coffee-chugging English major at Wesleyan University. ### AOL in a Nutshell By Curt Degenhart & Jen Muehlbauer 1st Edition June 1998 (US) 540 pages, 1-56592-424-X, $19.95 (US$) http://www.oreilly.com ------------------------------ Date: Wed, 24 Jun 1998 12:31:54 -0800 From: "Rob Slade, doting grandpa of Ryan and Trevor" Subject: File 10--REVIEW: "The Year 2000 Software Problem", Capers Jones BKY2KSWP.RVW 980410 "The Year 2000 Software Problem", Capers Jones, 1998, 0-201-30964-5, U$29.95/C$41.95 %A Capers Jones %C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8 %D 1998 %G 0-201-30964-5 %I Addison-Wesley Publishing Co. %O U$29.95/C$41.95 416-447-5101 fax: 416-443-0948 bkexpress@aw.com %P 335 p. %T "The Year 2000 Software Problem: Quantifying the Costs and Assessing the Consequences" "When the twentieth century ends, many software applications will either stop working or produce erroneous results since their logic cannot accept the transition from 1999 to 2000, when the dates change from 99 to 00 ... The costs of defending against litigation and lawsuits can approximate half a year's software budget, but damages and penalties from suits that are lost can reach multiples of annual software budgets and lead to bankruptcy ... Unfortunately, current data indicates that at least 15% or software applications will not be repaired in time." - from the Introduction This book is a warning. By its own admission, however, it comes too late. Is this book simply an insightful and focused locking of the barn door after the horse has left the building? Chapter one provides an executive overview of the situation. It shows that year 2000 repairs should have started some time ago. However, it does also demonstrate that it is barely possible to start such repairs now, provided heroic measures are undertaken. It also proves that such repairs then would have been much less costly than the same repairs now, and furnishes rough, but well supported, estimates of costs for the repair of applications, and for the failure to repair. A historical review in chapter two also notes that there is a benefit to the year 2000 problem: it will force companies to pay attention to their software inventory. Chapter three is rather odd, defining a handful of terms associated with applications development. The common metric for year 2000 work is the number of lines of code to be checked. Jones prefers the function point, and chapter four looks at conversion factors plus a glance at the size of the problem as a whole. However, it also starts to deal with direct and indirect costs, particularly in regard to litigation, and loses some focus thereby. Chapter five is a very thorough (perhaps at times overly thorough) assessment of the total impact of the Y2K problem on the United States, looking at the total cost, and cost by state, industry, programming language, and so forth. Advice on the actual fixing of the problem starts with program testing in chapter six. Chapter seven looks very briefly at database repair. Litigation and liability is reviewed in chapter eight. The analysis of business failure risks, in chapter nine, seems to lean heavily on litigation as well. Chapter ten discusses the rise of the year 2000 repair industry. Retrofitting applications by the use of masking or windowing is mentioned in chapter eleven. The heavy United States emphasis of the book is partially rectified in chapter twelve. The analysis of the scope of the project by country is somewhat flawed by assumptions that figures per line of code can be directly converted from US surveys. However, the chapter also looks at the impact of conversion to the Euro (the new European currency) and the diverse impact this may have on the problem as a whole. Chapter thirteen looks at factors that modify costs for various industries. Chapter fourteen examines a number of problems that may arise in various sectors if the problem is not fixed in time. A review of general defensive tactics is contained in chapter fifteen. Appendices B, C, and E contain additional sources of information. In general terms, the book does not give much in the way of advice for dealing with the crisis except for the suggestion to use masking in preference to date field expansion. However, it does provide you with some lovely frightening figures to use next time the CEO asks you if this Y2K thing is really of any importance. copyright Robert M. Slade, 1998 BKY2KSWP.RVW 980410 ------------------------------ Date: Thu, 25 Apr 1998 22:51:01 CST From: CuD Moderators Subject: File 11--Cu Digest Header Info (unchanged since 25 Apr, 1998) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send post with this in the "Subject:: line: SUBSCRIBE CU-DIGEST Send the message to: cu-digest-request@weber.ucsd.edu DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS. The editors may be contacted by voice (815-753-6436), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. To UNSUB, send a one-line message: UNSUB CU-DIGEST Send it to CU-DIGEST-REQUEST@WEBER.UCSD.EDU (NOTE: The address you unsub must correspond to your From: line) CuD is readily accessible from the Net: UNITED STATES: ftp.etext.org (206.252.8.100) in /pub/CuD/CuD Web-accessible from: http://www.etext.org/CuD/CuD/ ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) The most recent issues of CuD can be obtained from the Cu Digest WWW site at: URL: http://www.soci.niu.edu/~cudigest/ COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #10.35 ************************************