Computer underground Digest Wed Jan 20 1999 Volume 11 : Issue 04

Computer underground Digest    Wed  20 Jan, 1999   Volume 11 : Issue 04
                           ISSN  1004-042X

       Editor: Jim Thomas (
       News Editor: Gordon Meyer (
       Archivist: Brendan Kehoe
       Proof Readur:   Etaion Shrdlu, Jr.
       Shadow-Archivists: Dan Carosone / Paul Southworth
                          Ralph Sims / Jyrki Kuoppala
                          Ian Dickinson
       Cu Digest Homepage:

CONTENTS, #11.04 (Wed, 20 Jan, 1999)

File 1--REVIEW: "Ace the Technical Interview", Michael Rothstein
File 2--REVIEW: "Virus Alert of the Day",
File 3--REVIEW: "Web Navigation", Jennifer Fleming
File 4--REVIEW: "Democracy and Technology", Richard E. Sclove
File 5--REVIEW: "Steal This Computer Book", Wallace Wang
File 6--REVIEW: "Digital Property", Lesley Ellen Harris
File 7--REVIEW: "The Transparent Society", David Brin
File 8--Cu Digest Header Info (unchanged since 10 Jan, 1999)



Date: Tue, 10 Nov 1998 10:19:26 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" 
Subject: File 1--REVIEW: "Ace the Technical Interview", Michael Rothstein


"Ace the Technical Interview", Michael Rothstein, 1998, 0-07-054048-9,
%A   Michael Rothstein
%C   2600 Tenth St., Berkeley, CA   94710
%D   1998
%G   0-07-054048-9
%I   McGraw-Hill
%O   U$24.95 905-430-5000 fax: 905-430-5020
%P   497 p.
%T   "Ace the Technical Interview"

I happened to notice, a couple of months ago, a human resources
officer working with someone from the MIS department, preparing
questions for a set of job interviews.  This might have been laudable,
were it not for the fact that the time set for the first interview had
already passed before they even started and, in fact, the first
candidate was waiting in a reception area where their conversation was
audible.  Given that this astounding incompetence in the hiring
process is lamentably common, I will not bother to take any stand in
regard to the fairness of "crib sheets" for interviewees.

Instead, let us consider whether this book would be effective in
helping a candidate to secure a job.  Each chapter in the collection
is a separate essay by a different author.  Thus, the quality varies
widely.  There are some that give general advice on the interview
process, most of which is simple common sense.  The remaining chapters
address a number of different technologies, heavily weighted towards
IBM systems.  Specifically, there is coverage of MVS, UNIX, AS/400,
RS/6000, Oracle, CICS, DB2, SQL, IDMS, VSAM, IMS DB-DL/1,
client/server, COBOL, Java, Sybase, C and C++, Visual Basic 5,
PowerBuilder, and Delphi.  But the big item, of course, is the year
2000, which gets five chapters all to itself, and mentions in several
of the others.

Some of the chapters give you material on terminology, which is likely
the most helpful.  The content on client/server is fairly general, and
so would probably be of use as a quick brush up on the essentials.
Some provide references, but some of the references are simply the
system documentation.  Much of the text is trivia, or quite limited.

Given the overpowering emphasis on Y2K in this latest edition of this
book, we'll use that material as our sample.  And the verdict this
time is (the envelope please, Shelagh): don't rely on this book.
(Surprise!)  The introduction to the problem blames it all on punch
cards.  (The book goes on to state that there may not be enough
qualified people in the world to fix the Y2K problem, begging the
question of the ethics of a text promoting the playing of job games
with such an important crisis looming.)  (Then again, it's mostly
management's fault that the problem still exists, so ...)  A question
about hardware issues is answered with functions related strictly to
software.  Chapters duplicate topics (essentially, is there any
difference between "planning" a conversion and "managing" one?) and
are disorganized.  The information that is provided is mostly the same
generic advice that almost anyone in the technical field could come up
with off the top of his or her head.  In fact, the chapter on managing
a Y2K project contains almost no information specific to the year 2000
issue at all.  The subsequent chapter on testing does have a little
information that relates to Y2K, but less than a quarter of the total
material.  Content discussing conversion tools is specific to the Year
2000 situation, but is so simplistic that the answers to the sample
questions are inherent in the questions themselves.  Other advice is
simply wish fulfillment.  One section asks what upper management is
going to look for in a Year 2000 problem manager and answers with a
bunch of warm fuzzies.  Poppycock!  What management is going to look
for is a resume with 20 years experience in managing Y2K conversion
projects, so you'd better be a good liar and have a bunch of buddies
primed and ready to back you up.

Reliance on this book to bluff your way through a technical interview
depends primarily on the interviewer's being a lot dumber than you
are.  The assessment of this probability is left as an exercise to the

copyright Robert M. Slade, 1995, 1998   BKACTCIN.RVW   980621


Date: Thu, 12 Nov 1998 09:45:53 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" 
Subject: File 2--REVIEW: "Virus Alert of the Day",

MLVAOTD.RVW   981016

"Virus Alert of the Day",, 1998 -,
%C   City (place of publication)
%D   1998 -
%I   TipWorld
%P   1 paragraph daily
%T   "Virus Alert of the Day"

Aside from VirusHelp (cf. MLVIRHLP.RVW) and the rather noisy
alt.comp.virus, there is one other regular source of virus
information.  No discussion, since this is a one way list, but one
more source of clutter for your mailbox.

Virus Alert of the Day is one of the (very many) TipWorld mailing
lists.  Like all of them, it is primarily an advertising tool, so
expect a lot of ads.  In the case of the virus alert list, you can
expect roughly a one paragraph tip per day, along with several screens
of commercial announcements of various types.  Actually, that is not
quite true.  There is usually about a screenful of viruses due to go
off on the day in question.  However, this is only a list of names,
without descriptions, and there are, of course, a great many viruses
that can go off on any day, or are not subject to date alerts.

The information provided by this list is highly suspect.  The author,
and the closest I've been able to get to an identity is, provides very little information, and
does not betray much basic fact, let alone conceptual, checking in the
postings.  (Yes, doing it on a daily basis is hard, but remember that
I ran the CVP postings for three solid years, week in and week out,
and wasn't even close to running out of material.)  Some comes from
recycled press releases alerting users to new viruses or types.
Sometimes the tip of the day is simply an announcement of a new
antiviral release, ensuring that the entire message for the day is one
long string of ads.  But sometimes when the list actually tries to
help it does the greatest disservice.

Let's look at three postings from the recent past.  On September 10th,
readers were advised to "Lock your floppies."  Apparently, if you just
"flip the `switch' up on the top-left corner on the back of the
diskette ... you can prevent diskette-transferred viruses from being
loaded onto your PC."  Now, it's very nice that the instructions were
that detailed, but, unfortunately, they were flat out wrong.  If your
computer is already infected, then locking your floppy disks may keep
viruses off the floppy.  But if your diskette is infected, locking it
will do nothing to protect your computer.  (This tip was later
corrected by a reader.)

September 16th saw a note from a reader wondering what to do about an
infection by a stealth, boot sector virus.  He had tried various
antivirals and none had removed it.  The advice was to wait until the
antiviral vendors got around to a release that did deal with it.
Unfortunately, a number of the antivirals the reader had mentioned do
deal with the virus, and quite effectively.  The real secret in this
case is to ensure that you "boot clean" and ensure that the virus is
not resident in memory before you try to run the antiviral.  The
secret to booting clean is to ensure that your boot disk was created
before the virus infected the system.

October 2nd saw the relaying of Symantec's report of the world's first
Java virus.  This viral non-event was widely ignored by the virus
research community, since everyone had already known it was possible.
Java is a computer language much like any other, and you can write
anything you want in it.  The potential threat of a Java virus lies in
Java's ability to create applets for the Web.  Fortunately for Web
users, and unfortunately for "Strange Brew," applets submitted over
the Web and run in browsers are confined to a "sandbox" that restricts
some of the operations which "Strange Brew" needs in order to run.

On October 16th, users of Microsoft Word were told, in order to avoid
spreading MS Word macro viruses, to save files in RTF (Rich Text
Format) if they were going to send them to other users.  Now, while
this advice might be inconvenient (RTF is not capable of saving all
possible MS Word formatting information), there is some valid
reasoning behind using it as a security precaution.  RTF does not
support MS Word macro viruses, either, so an RTF file wouldn't
transmit them.  A *true* RTF file, that is.  A number of common macro
viruses intercept the FileSaveAs call.  CAP, for one, will save the
file as a template document, with the infection present, in spite of
the RTF extension on the filename.

Should you wish to chronicle the further misadventures of the virus
alerts, check out the TipWorld signup page at

copyright Robert M. Slade, 1998   MLVAOTD.RVW   981016


Date: Wed, 18 Nov 1998 10:05:57 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" 
Subject: File 3--REVIEW: "Web Navigation", Jennifer Fleming


"Web Navigation", Jennifer Fleming, 1998, 1-56592-351-0,
%A   Jennifer Fleming
%C   103 Morris Street, Suite A, Sebastopol, CA   95472
%D   1998
%G   1-56592-351-0
%I   O'Reilly & Associates, Inc.
%O   U$34.95/C$49.95 707-829-0515 fax: 707-829-0104
%P   288 p. + CD-ROM
%T   "Web Navigation: Designing the User Experience"

Chapter one is supposed to address the definition of "navigation" for
the purpose of the book.  Instead we have a very vague scolding of
site designers for not paying attention to user needs.  While I am in
full agreement with the statement that Web design needs work, the
material here doesn't seem to help, or even start to point the way.
Most of the list of navigation principles, in chapter two, makes
sense.  However, some get too involved in the latest cute technology,
and even fly in the face of one principle that is *not* included:
sites should not demand specific technologies.  This point is tacitly
admitted in chapter three, where surveys of users note that demands to
install plug-ins and instruction to enable JavaScript are not welcome.
However, the titular subject of designing for users seems to get a bit
lost.  (There is also an odd reference to the "80/20 rule."  Usually
this refers to the Pareto principle, but here it is used to suggest
that if 80 percent of your users are happy, that's good enough.)  The
standard suggestions for site organization are given in chapter four.
Interaction design throws a few interesting conceptual ideas into
chapter five, but little useful advice.  Chapter six uses a standard
planning cycle in a standard way.

The latter half of the book looks at example sites in six different
categories.  Chapter seven reviews some retail sites, but in a very
limited manner.  For example, a major concern is said to be security.
Reassuring a customer about security seems to be confined to stating
"our site is secure."  Similarly, several questions are raised about
"community" Web sites but chapter eight's exemplar sites don't appear
to address those queries fully.  It is difficult to say anything about
entertainment sites from chapter nine.  I'm not even sure what chapter
ten refers to as "identity" sites, but they look a lot like simple
vanity pages.  Perhaps the less said about education, in chapter
eleven, the better.  Chapter twelve's look at "information" sites is
limited to the news media and more retail.

The first six chapters provide some directions for further reading.
There is also a "netography" in Appendix C.

This book is no worse than dozens of others on Web design, but it's no
better, either.

copyright Robert M. Slade, 1998   BKWBNVGN.RVW   981017

Subscribe to techbooks mailing list at
       or via the WEb at
Robert Slade's Guide to Computer Viruses, 0-387-94663-2 (800-SPRINGER)


Date: Fri, 30 Oct 1998 09:58:02 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" 
Subject: File 4--REVIEW: "Democracy and Technology", Richard E. Sclove


"Democracy and Technology", Richard E. Sclove, 1995, 0-89862-861-X,
%A   Richard E. Sclove
%C   72 Spring Street, New York, NY   10012
%D   1995
%G   0-89862-861-X
%I   The Guilford Press
%O   U$18.95 212-431-9800 fax: 212-966-6708
%P   319 p.
%T   "Democracy and Technology"

"This book promotes the reconstruction of technology along more
democratic lines.  [...]  Insofar as (1) citizens ought to be
empowered to participate in shaping their society's basic
circumstances and (2) technologies profoundly affect and partly
constitute those circumstances, it follows that (3) technological
design and practice should be democratized."  Personally, I can
sympathize with the aims, and even the thesis, that the author
proposes for this text.  However, he also notes a personal experience
that taught him "that even the most well-intentioned, elite study
group can be deeply unaware of the extent to which its conclusions
embody far-reaching value judgements."  What Sclove seems to have
missed is the fact that however important your ideas may be, they have
to be communicated to those who may have different backgrounds, and
also have to be backed up by some kind of evidence.  Although the
declamations may be impassioned, only the most sympathetic and
dedicated reader will be able to plow through the prose; and the
arguments, as they proceed, have little support beyond force of

Part one is intended to synthesize modern research in the social
dimensions of technology and democratic theory into a rudimentary but
comprehensive democratic theory of technology.  Chapter one, using a
statistical sampling of two communities (one of which is
oversimplified into caricature) states that technology affects
society, but that society can choose those technologies that it will
accept.  The idea that technology affects society is re-examined in
greater detail and verbiage in chapter two.  Democratic decision-
making is said to be superior in chapter three, and some objections
are replied to.  Unfortunately, this entire section is based on only
four real examples, and those situations include one failure, one
closed and homogeneous community, and two "megaprojects" requiring
massive, formal bureaucratic and political decisions.  The theory
eventually turned out is extremely rudimentary: it states that
technology should be democratized, but fails to determine whether it
can be.

Part two proposes a set of evaluation points that can be used to
review technologies for compatibility with democracy.  Chapter four is
supposed to look at technologies of community, but concentrates
primarily on work situations.  In this regard it weakens the arguments
of part one in that examples are given of cooperative social
structures (successfully) imposed on hierarchical work environments,
and democratically designed work technologies subsumed to a
centralized corporate structure.  When the topic does finally turn to
a purer consideration of community it is to dismissively denigrate the
possibility of technological support of virtual community.  Democratic
work is said to be free of routine and inflexible schedules, but
chapter five singularly fails to say how this utopian state of affairs
is to be accomplished.  The first of three discussions of politics,
chapter six proposes that technologies that promote distorted
ideologies or exacerbate social inequities be avoided.  Actually,
though, the material hardly touches on any example technologies at
all.  Two of the points in chapter seven boil down to "smaller is
prettier" since technologies with a smaller scope of impact promote
local self-governance.  The third, however, is rather vague.  We are
to prefer technologies that promote decentralization and federation,
without any real ideas of what those are.  (There is also no analysis
of the relative importance of self-governance versus federation, a
debate that my Canadian heritage finds most compelling.)  The first
point in chapter eight is that we should not foul our own nests, and I
assume that most would agree with that; the only problem being the
determination of how strictly to adhere to it.  The second, however,
seems to be an almost religious insistence on flexibility.  For the
perpetuation of a species we might note that adaptability is a good
thing, but technology can be managed by the species (that is, us)
according to changing conditions.  Is the slotted screw somehow
morally superior to the Robertson because slotted screwdrivers can be
used as (rather clumsy) chisels?

Part three is a defence of the democratic politics of technology
against traditional economic models.  Chapter nine appears to want to
eliminate the concept of value from the discussion.  Economic theory
is not actually challenged in chapter ten.  Instead it is turned into
a straw-philosophy, "economism," and attacked as unfit for comparison
with social justice.  I fully agree with the kind of participatory
inventiveness that chapter eleven espouses, which used to go by the
name of amateur scholarship.  It cannot, however, be successfully
mandated: it must be self-driven.  This has to be obvious from the
examples given in the chapter which are almost universally either
proper systems analysis stories or failures.  Chapter twelve purports
to lay out a roadmap for pursuing more democratic technologies, but is
weakened by a vast majority of statements that use "could" or "might"
rather than "will."  Sclove does admit to a number of important social
factors that work against his ideals (at least in the United States)
in chapter thirteen, but finishes by only hoping that they can be

This book is forceful, turgid, passionate, dull, and verbose.  At
first reading, I thought that the nine criteria for evaluation of
technologies were the most important part of the work.  However, as an
exercise I tried reviewing some processes.  War and weapons
technologies came out surprisingly well, marred only by a tendency to
perpetuate authoritarian structures.  Guerilla or sectarian violence
came out even better.  Again, I am in full agreement with the general
aims of the book, but have to conclude that a lot more work needs to
be done on the specifics.

copyright Robert M. Slade, 1998   BKDEMTEC.RVW   980816


Date: Tue, 3 Nov 1998 14:46:34 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" 
Subject: File 5--REVIEW: "Steal This Computer Book", Wallace Wang


"Steal This Computer Book", Wallace Wang, 1998, 1-886411-21-2,
%A   Wallace Wang
%C   555 De Haro Street, Suite 250, San Francisco, CA   94107
%D   1998
%G   1-886411-21-2
%I   No Starch Press
%O   U$19.95/C$28.00 415-863-9900 fax 415-863-9950
%P   340 p.
%T   "Steal This Computer Book: What They Won't Tell You About the

Although this book seems to be being promoted as a security text, the
table of contents seems to list a bewildering variety of topics, some
related to security and others not.  The introduction doesn't really
provide much information about what the book is about, either, except
that it seems to be big on self-improvement.  On the other hand, the
book starts out by claiming that "unlike other books, this book
provides more objective information about hackers, the Internet,
unwholesome Web sites, and viruses than any other book on the shelf,"
which seems to indicate that the author does not suffer from any lack
of self-esteem.

(In reaction to the initial draft of the review, the author has stated
that "the book is meant less as a how-to manual for hacking but more a
philosophical statement urging people to think for themselves."  In
response, all that I can say is that neither the promotion of the book
nor the text itself stresses this intention, and I personally cannot
find any utility in the volume for teaching critical thinking skills.)

Part one purports to promote freedom of thought.  Chapter one lists a
number of Web sites of major commercial publishers and news services.
It also presents a set of "search engines," actually directory pages
of conspiracy theorists, pornography, witchcraft, and other vital
topics.  Intelligence agency (mostly US) and terrorist Web sites share
chapter two.  The hate group pages listed in chapter three will
probably have fairly short life spans.  (I tried all of the racial and
gender preference links listed, and failed to get a page to load from
any of them.)

Part two seems more concerned with fiscal than personal freedom.  The
advice on getting cheap computers, in chapter four, may have its good
points, but you'll have to be able to judge it.  (For example, if you
can build your own computer you probably don't need anything this book
can tell you.)  As for "almost-free" software, I notice that for all
his bravado, Wang stops short of pointing out where to actually find
key generators for pirating software.  For that matter, there is
plenty of software that is completely free for use, without getting
into any dicey legal situations, that the book never gets beyond
mentioning.  The description of encryption, in chapter five, betrays
no real understanding of the technology, and the recommendation to use
the KOH virus, without mention of its well-documented flaws and
problems is almost criminally negligent.  For that matter, in telling
people about cookies the author has to recommend special programs,
rather than giving some fairly simple information that would allow
users to look for themselves.  Chapter six gives you the type of
information on phone phreaking that you can get in any underground
'zine: anecdotal, outdated, incomplete, and of interest primarily to
the gullible.  For anyone who does not know how to get past a Windows
3.1 screensaver password (do I see any hands?  I didn't think so) you
can get some rather labored instructions in chapter seven.  Broadly
speaking, it gives the computer illiterate just enough information to
be dangerous.  There are also some tedious workarounds so you can get
to porn sites even if your legal guardian has installed site blocking
software.  Somehow this adolescent activity seems to fit the general
tone of the book.

Part three glamorizes some basically criminal activity, but
fortunately most of it does *not* provide enough information to the
terminally stupid to create any kind of problem.  Chapter eight tells
you where to find the dirty pictures on AOL and CompuServe, and also
how to get yourself kicked off.  Spam generating programs, outdated
spam identification and tracking, and some phenomenally stupid things
to do if you are annoyed by spam is listed in chapter nine.  Chapter
ten describes some recent unauthorized modifications of prominent Web
sites.  The ways that chapter eleven lists for getting information on
people are fairly public and innocuous.  A few old frauds and
confidence games now "upgraded" with net involvement are discussed in
chapter twelve.

Chapter thirteen describes some viruses of the past, and fourteen has
some suggestions on protection.  These chapters were better than I
expected, although they seem to average about one error per two
paragraphs.  However, the author isn't terribly helpful, shying away
from any really detailed information, and countering just about every
piece of information or suggested action with an "or maybe not."
Chapter fifteen starts out by telling us that "[i]f the thought that
someone would deliberately write a computer virus horrifies you,
remember that every day someone on this planet wakes up and
deliberately dumps toxic waste into the environment, bribes a
government official, or sells weapons to unstable Third World
countries."  Those thoughts horrify me, too, so I'm not sure why that
idea is supposed to convince us that virus writers are "just plain
folks," and that virus writing is good, clean fun.  In the end it
doesn't matter much: this chapter is almost completely content-free.
A final chapter tries to sell you the idea that you can create
interesting hostile applets with Java, but aside from listing some old
implementation bugs and an applet that will send you some
unconvincingly forged email there is no indication that the author
understands Java security at all.

Bottom line?  This book is unfocussed in conception and hasty in
execution.  Again, in reaction to the initial draft of this review,
the author objected that my criticisms were more appropriate for a
book directed at a technically skilled audience.  In regard to that
charge, I would have to say that the lack of complete and analytical
technical tutorial rather supports my objections than the reverse.  On
the one hand, it does not provide the esoteric information that both
the author and publisher promise, so it isn't any threat.  On the
other hand, the author demonstrates no particular technical skill or
knowledge on any topic, so it hasn't any other value, either.  This
random collection of information may provoke some thought in non-
technical computer users, but browsing of the net for yourself is
probably much, much more useful in that regard.

copyright Robert M. Slade, 1998   BKSTLTCB.RVW   980927


Date: Tue, 20 Oct 1998 10:32:39 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" 
Subject: File 6--REVIEW: "Digital Property", Lesley Ellen Harris


"Digital Property", Lesley Ellen Harris, 1998, 0-07-552846-0,
%A   Lesley Ellen Harris
%C   300 Water Street, Whitby, Ontario   L1N 9B6
%D   1998
%G   0-07-552846-0
%I   McGraw-Hill Ryerson/Osborne
%O   U$16.95/C$22.99 800-5655758 fax 905-4305020
%P   240 p.
%T   "Digital Property: Currency of the 21st Century"

According to the preface, this is a book for everyone about
everything.  The author makes no distinction between "digital" and
"intellectual" property, basically admitting that the former title is
chosen to take advantage of the new interest in the net and all things
electronic.  Harris also maintains that this is a bedside and beach
book, as well a business, technical, or legal reference, and anyone
who thinks that intellectual property can be made "light" reading has
set quite a challenge.  Oddly, that is the difficulty Harris seems to
have met most handily.

Part one starts with the obvious question of what is this digital
property, or content.  Chapter one starts to provide a conceptual
background for intellectual property (referred to as IP) and in doing
so narrows the focus.  It becomes obvious that the primary emphasis is
on copyrightable materials, rather than patents, trade secrets, or
other forms of IP.  There is also some basic information on
information networks, electronic commerce, and other related topics.
A series of examples of content, or collections of digital content,
are listed in chapter two.  The general tone is fairly mercenary in
terms of seeing everything as potentially saleable, and I was reminded
of a piece of advice from Harvey Mackay, "Remember that you are never
going to get paid for everything you do."

Part two refers to currency but is concerned with the value of content
rather than any monetary instruments.  Chapter three's list of
business models for making money off IP will be easily recognizable to
anyone who has been on the net for a while.  As far as the actual
value of property, chapter four's final word is most accurate: there
are no hard and fast rules for determining the value of your IP.

Part three looks more specifically at the mechanics of making money.
Chapter five gives helpful details to think about when considering
about licensing agreements.  The various different types of property
rights, and national and international legislation in respect of them,
are covered in chapter six.  However, the advice on the transition
from traditional to "new" media, in chapter seven, is of the blue sky

Protection of property is reviewed in part four.  Chapter eight is a
rather pedestrian piece on piracy.  Chapter nine is a mixed bag of
non-IP related issues.

Part five looks at the future.  The question of jurisdiction can be a
very difficult one on the Internet, and is examined in chapter ten.
Chapter eleven is a brief wrap up.

The book certainly is readable, and as a beach bag companion it has a
decided edge over an Amway pamphlet.  While the non-specialist reader
with an interest in intellectual property in the digital age might
find it interesting, the techies, lawyers, and businesspeople might
find it less so.  The text is definitely intellectual property, but
professionals will find it oddly content-free.

copyright Robert M. Slade, 1998   BKDGTPRP.RVW   980726


Date: Fri, 6 Nov 1998 11:19:57 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" 
Subject: File 7--REVIEW: "The Transparent Society", David Brin


"The Transparent Society", David Brin, 1998, 0-201-32802-X,
%A   David Brin
%C   P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
%D   1998
%G   0-201-32802-X
%I   Addison-Wesley Publishing Co.
%O   U$25.00/C$34.95 416-447-5101 fax: 416-443-0948
%P   378 p.
%T   "The Transparent Society"

As the author points out, this book will probably be shelved alongside
texts on privacy.  It is, however, more properly about candour.  I
find, therefore, that I must make an admission of a rather important
bias.  Despite being considered by some to be a security expert, I
have never had any particular interest in the practice of privacy and
confidentiality.  I am much more interested in openness.

Part one looks at the new transparent world as access to all kinds of
information increases.  Chapter one points out that the time to
discuss whether we want technology or privacy has passed: technology
is here, and it *will* provide access to information, and erode
privacy, whether we like it or not.  Brin does suggest that we still
have a choice about the management of that technology.  Do we want to
have all data available only to a select few (such as the government),
or all data available to everyone?  The "information age" is reviewed
in chapter two, but there is also a very interesting examination of
the possibility of the resurgence of amateur scholarship.  Various
current invasions of, and attacks on, privacy are discussed in chapter
three.  In response to these, and in opposition to the usual calls for
more legislated protections on privacy, Brin proposes reciprocal
transparency: everyone who wants to collect information on the public
must make the same information about themselves publicly available.
Chapter four raises an extremely interesting point in relation to
copyright, patent, and other legal restrictions on intellectual
property, and the fact that the information age seems to have so much
trouble with it.  Transparency initially seems to threaten to totally
destroy the idea of copyright, but ultimately may present a unique
solution to maintaining its proper function.

Part two looks at those problems involved in an open society.  Chapter
five presents some of the arguments that should be reviewed, from the
toxicity of ideas to the irony of western civilization's delight in
individualism.  The inherent benefits of accountability are reiterated
in chapter six, although with less eloquence and insight than earlier
text displayed.  The encryption debate is a convoluted one, and is
fairly, but rather unclearly, portrayed in chapter seven.  The general
tone of most of the book is libertarian, so the author does not seem
to be completely comfortable with arguing against the merits of
confidentiality of communications.  It is, however, ironic that Brin
does not report the later research of Dorothy Denning that indicates
law enforcement agencies really do not need the ability to break
encryption, since in an odd way it strengthens his central thesis.

Part three proposes some means of achieving an open society.  Chapter
eight reviews a number of tools for transparency, but manages to look
ragged and disorganized.  Some future technological "tools races" are
described with a bit more coherence in chapter nine.  The various
arguments in favour of openness are extended, in chapter ten, to the
international arena.  Chapter eleven closes off with a summation of
the rest of the book.

Since Brin is well known as a popularizer of science and as a science
fiction writer, and since his scientific training is not in the field
of information technology it would be easy to see this book as yet
another attempt by someone to trade on a reputation and a currently
popular field in order to make a few bucks with minimal effort and
thought.  Although his writing background has helped to produce a text
that is easily readable, the work is informed by a thorough
understanding of the issues and technologies, and also leavened with
insight and wit.  Unfortunately, most of the really good stuff comes
in the first four chapters, leaving the rest of the volume somewhat

The book is both reasonable and provocative, and makes an interesting
counterpoint to much of the current discussion of privacy and
technology.  Discussions of the important topics of privacy and
encryption are both balanced and quite complete, providing those near
to the fields with a useful primer.  In addition, Brin's more
controversial points are well taken, and deserve serious

copyright Robert M. Slade, 1998   BKTRASOC.RVW   980919


Date: Sun, 10 Jan 1999 22:51:01 CST
From: CuD Moderators 
Subject: File 8--Cu Digest Header Info (unchanged since 10 Jan, 1999)

Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.

CuD is available as a Usenet newsgroup:

Or, to subscribe, send post with this in the "Subject:: line:

Send the message to:


The editors may be contacted by voice (815-753-6436), fax (815-753-6302)
or U.S. mail at:  Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.

To UNSUB, send a one-line message:   UNSUB CU-DIGEST
(NOTE: The address you unsub must correspond to your From: line)

CuD is readily accessible from the Net:
  UNITED STATES: ( in /pub/CuD/CuD
    Web-accessible from:
         ( in /pub/Publications/CuD/
         in /doc/EFF/Publications/CuD/
  EUROPE: in pub/cud/ (United Kingdom)

The most recent issues of CuD can be obtained from the
Cu Digest WWW site at:

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.  CuD material may  be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission.  It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified.  Readers are encouraged to submit reasoned articles
relating to computer culture and communication.  Articles are
preferred to short responses.  Please avoid quoting previous posts
unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
            the views of the moderators. Digest contributors assume all
            responsibility for ensuring that articles submitted do not
            violate copyright protections.


End of Computer Underground Digest #11.04

<--">Return to the Cu Digest homepage

Page maintained by: Jim Thomas -