September 2006

Howard, Michael, David LeBlanc, and John Viega. 19 Deadly Sins of Software Security. Emeryville, CA: Osborne, 2005. ISBN 0-07-226085-8.
During his brief tenure as director of the National Cyber Security Division of the U.S. Department of Homeland Security, Amit Yoran (who wrote the foreword to this book) got a lot of press attention when he claimed, “Ninety-five percent of software bugs are caused by the same 19 programming flaws.” The list of these 19 dastardly defects was assembled by John Viega who, with his two co-authors, both of whom worked on computer security at Microsoft, attempt to exploit its notoriety in this poorly written, jargon-filled, and utterly worthless volume. Of course, I suppose that's what one should expect when a former official of the agency of geniuses who humiliate millions of U.S. citizens every day to protect them from the peril of grandmothers with exploding sneakers team up with a list of authors that includes a former “security architect for Microsoft's Office division”—why does the phrase “macro virus” immediately come to mind?

Even after reading this entire ramble on the painfully obvious, I cannot remotely guess who the intended audience was supposed to be. Software developers who know enough to decode what the acronym-packed (many never or poorly defined) text is trying to say are already aware of the elementary vulnerabilities being discussed and ways to mitigate them. Those without knowledge of competent programming practice are unlikely to figure out what the authors are saying, since their explanations in most cases assume the reader is already aware of the problem. The book is also short (281 pages), generous with white space, and packed with filler: the essential message of what to look out for in code can be summarised in a half-page table: in fact, it has been, on page 262! Not only does every chapter end with a summary of “do” and “don't” recommendations, all of these lists are duplicated in a ten page appendix at the end, presumably added because the original manuscript was too short. Other obvious padding is giving examples of trivial code in a long list of languages (including proprietary trash such as C#, Visual Basic, and the .NET API); around half of the code samples are Microsoft-specific, as are the “Other Resources” at the end of each chapter. My favourite example is on pp. 176–178, which gives sample code showing how to read a password from a file (instead of idiotically embedding it in an application) in four different programming languages: three of them Microsoft-specific.

Like many bad computer books, this one seems to assume that programmers can learn only from long enumerations of specific items, as opposed to a theoretical understanding of the common cause which underlies them all. In fact, a total of eight chapters on supposedly different “deadly sins” can be summed up in the following admonition, “never blindly trust any data that comes from outside your complete control”. I had learned this both from my elders and brutal experience in operating system debugging well before my twentieth birthday. Apart from the lack of content and ill-defined audience, the authors write in a dialect of jargon and abbreviations which is probably how morons who work for Microsoft speak to one another: “app”, “libcall”, “proc”, “big-honking”, “admin”, “id” litter the text, and the authors seem to believe the word for a security violation is spelt “breech”. It's rare that I read a technical book in any field from which I learn not a single thing, but that's the case here. Well, I suppose I did learn that a prominent publisher and forty dollar cover price are no guarantee the content of a book will be of any value. Save your money—if you're curious about which 19 “sins” were chosen, just visit the Amazon link above and display the back cover of the book, which contains the complete list.

 Permalink

Mayer, Milton. They Thought They Were Free. 2nd. ed. Chicago: University of Chicago Press, [1955] 1966. ISBN 0-226-51192-8.
The author, a journalist descended from German Jewish immigrants to the United States, first visited Nazi Germany in 1935, spending a month in Berlin attempting to obtain, unsuccessfully, an interview with Hitler, notwithstanding the assistance of his friend, the U.S. ambassador, then travelled through the country reporting for a U.S. magazine. It was then that he first discovered, meeting with ordinary Germans, that Nazism was not, as many perceived it then and now, “the tyranny of a diabolical few over helpless millions” (p. xviii), but rather a mass movement grounded in the “little people” with a broad base of non-fanatic supporters.

Ten years after the end of the war, Mayer arranged a one year appointment as a visiting professor at the University of Frankfurt and moved, with his family, to a nearby town of about 20,000 he calls “Kronenberg”. There, he spent much of his time cultivating the friendship of ten men he calls “my ten Nazi friends”, all of whom joined the party for various reasons ranging from ideology, assistance in finding or keeping employment, to admiration of what they saw as Hitler's success (before the war) in restoring the German economy and position in the world. A large part of the book is reconstructed conversations with these people, exploring the motivations of those who supported Hitler (many of whom continued, a decade after Germany's disastrous defeat in the war he started, to believe the years of his rule prior to the war were Germany's golden age). Together they provide a compelling picture of life in a totalitarian society as perceived by people who liked it.

This is simultaneously a profoundly enlightening and disturbing book. The author's Nazi friends come across as almost completely unexceptional, and one comes to understand how the choices they made, rooted in the situation they found themselves, made perfect sense to them. And then, one cannot help but ask, “What would I have done in the same circumstances?” Mayer has no truck with what has come to be called multiculturalism—he is a firm believer in national character (although, of course, only on the average, with large individual variation), and he explains how history, over almost two millennia, has forged the German character and why it is unlikely to be changed by military defeat and a few years of occupation.

Apart from the historical insights, this book is highly topical when a global superpower is occupying a very different country, with a tradition and history far more remote from its own than was Germany's, and trying to instill institutions with no historical roots there. People forget, but ten years after the end of World War II many, Mayer included, considered the occupation of Germany to have been a failure. He writes (p. 303):

The failure of the Occupation could not, perhaps, have been averted in the very nature of the case. But it might have been mitigated. Its mitigation would have required the conquerors to do something they had never had to do in their history. They would have had to stop doing what they were doing and ask themselves some questions, hard questions, like, What is the German character? How did it get that way? What is wrong with its being that way? What way would be better, and what, if anything, could anybody do about it?
Wise questions, indeed, for any conqueror of any country.

The writing is so superb that you may find yourself re-reading paragraphs just to savour how they're constructed. It is also thought-provoking to ponder how many things, from the perspective of half a century later, the author got wrong. In his view the occupation of West Germany would fail to permanently implant democracy, that German re-militarisation and eventual aggression was almost certain unless blocked by force, and that the project of European unification was a pipe dream of idealists and doomed to failure. And yet, today, things seem to have turned out pretty well for Germany, the Germans, and their neighbours. The lesson of this may be that national character can be changed, but changing it is the work of generations, not a few years of military occupation. That is also something modern-day conquerors, especially Western societies with a short attention span, might want to bear in mind.

 Permalink

Smolin, Lee. The Trouble with Physics. New York: Houghton Mifflin, 2006. ISBN 0-618-55105-0.
The first forty years of the twentieth century saw a revolution in fundamental physics: special and general relativity changed our perception of space, time, matter, energy, and gravitation; quantum theory explained all of chemistry while wiping away the clockwork determinism of classical mechanics and replacing it with a deeply mysterious theory which yields fantastically precise predictions yet nobody really understands at its deepest levels; and the structure of the atom was elucidated, along with important clues to the mysteries of the nucleus. In the large, the universe was found to be enormously larger than expected and expanding—a dynamic arena which some suspected might have an origin and a future vastly different than its present state.

The next forty years worked out the structure and interactions of the particles and forces which constitute matter and govern its interactions, resulting in a standard model of particle physics with precisely defined theories which predicted all of the myriad phenomena observed in particle accelerators and in the highest energy events in the heavens. The universe was found to have originated in a big bang no more distant than three times the age of the Earth, and the birth cry of the universe had been detected by radio telescopes.

And then? Unexpected by almost all practitioners of high energy particle physics, which had become an enterprise larger by far than all of science at the start of the century, progress stopped. Since the wrapping up of the standard model around 1975, experiments have simply confirmed its predictions (with the exception of the discovery of neutrino oscillations and consequent mass, but that can be accommodated within the standard model without changing its structure), and no theoretical prediction of phenomena beyond the standard model has been confirmed experimentally.

What went wrong? Well, we certainly haven't reached the End of Science or even the End of Physics, because the theories which govern phenomena in the very small and very large—quantum mechanics and general relativity—are fundamentally incompatible with one another and produce nonsensical or infinite results when you attempt to perform calculations in the domain—known to exist from astronomical observations—where both must apply. Even a calculation as seemingly straightforward as estimating the energy of empty space yields a result which is 120 orders of magnitude greater than experiment shows it to be: perhaps the most embarrassing prediction in the history of science.

In the first chapter of this tour de force, physicist Lee Smolin poses “The Five Great Problems in Theoretical Physics”, all of which are just as mysterious today as they were thirty-five years ago. Subsequent chapters explore the origin and nature of these problems, and how it came to be, despite unprecedented levels of funding for theoretical and experimental physics, that we seem to be getting nowhere in resolving any of these fundamental enigmas.

This prolonged dry spell in high energy physics has seen the emergence of string theory (or superstring theory, or M-theory, or whatever they're calling it this year) as the dominant research program in fundamental physics. At the outset, there were a number of excellent reasons to believe that string theory pointed the way to a grand unification of all of the forces and particles of physics, and might answer many, if not all, of the Great Problems. This motivated many very bright people, including the author (who, although most identified with loop quantum gravity research, has published in string theory as well) to pursue this direction. What is difficult for an outsider to comprehend, however, is how a theoretical program which, after thirty-five years of intensive effort, has yet to make a single prediction testable by a plausible experiment; has failed to predict any of the major scientific surprises that have occurred over those years such as the accelerating expansion of the universe and the apparent variation in the fine structure constant; that does not even now exist in a well-defined mathematical form; and has not been rigorously proved to be a finite theory; has established itself as a virtual intellectual monopoly in the academy, forcing aspiring young theorists to work in string theory if they are to have any hope of finding a job, receiving grants, or obtaining tenure.

It is this phenomenon, not string theory itself, which, in the author's opinion, is the real “Trouble with Physics”. He considers string theory as quite possibly providing clues (though not the complete solution) to the great problems, and finds much to admire in many practitioners of this research. But monoculture is as damaging in academia as in agriculture, and when it becomes deeply entrenched in research institutions, squeezes out other approaches of equal or greater merit. He draws the distinction between “craftspeople”, who are good at performing calculations, filling in blanks, and extending an existing framework, and “seers”, who make the great intellectual leaps which create entirely new frameworks. After thirty-five years with no testable result, there are plenty of reasons to suspect a new framework is needed, yet our institutions select out those most likely to discover them, or force them to spend their most intellectually creative years doing tedious string theory calculations at the behest of their elders.

In the final chapters, Smolin looks at how academic science actually works today: how hiring and tenure decisions are made, how grant applications are evaluated, and the difficult career choices young physicists must make to work within this system. When reading this, the word “Gosplan” (Госпла́н) kept flashing through my mind, for the process he describes resembles nothing so much as central planning in a command economy: a small group of senior people, distant from the facts on the ground and the cutting edge of intellectual progress, trying to direct a grand effort in the interest of “efficiency”. But the lesson of more than a century of failed socialist experiments is that, in the timeless words of Rocket J. Squirrel, “that trick never works”—the decisions inevitably come down on the side of risk aversion, and are often influenced by cronyism and toadying to figures in authority. The concept of managing risk and reward by building a diversified portfolio of low and high risk placements which is second nature to managers of venture capital funds and industrial research and development laboratories appears to be totally absent in academic science, which is supposed to be working on the most difficult and fundamental questions. Central planning works abysmally for cement and steel manufacturing; how likely is it to spark the next scientific revolution?

There is much more to ponder: why string theory, as presently defined, cannot possibly be a complete theory which subsumes general relativity; hints from experiments which point to new physics beyond string theory; stories of other mathematically beautiful theories (such as SU(5) grand unification) which experiment showed to be dead wrong; and a candid view of the troubling groupthink, appeal to authority, and intellectual arrogance of some members of the string theory community. As with all of Smolin's writing, this is a joy to read, and you get the sense that he's telling you the straight story, as honestly as he can, not trying to sell you something. If you're interested in these issues, you'll probably also want to read Leonard Susskind's pro-string The Cosmic Landscape (March 2006) and Peter Woit's sceptical Not Even Wrong (June 2006).

 Permalink

Wells, H. G. Little Wars. Springfield, VA: Skirmisher, [1913] 2004. ISBN 0-9722511-5-4.
I have been looking for a copy of this book for more than twenty-five years. In this 1913 classic, H. G. Wells essentially single-handedly invented the modern pastime of miniature wargaming, providing a (tin soldier) battle-tested set of rules which makes for exciting, well-balanced, and unpredictable games which can be played by two or more people in an afternoon and part of an evening. Interestingly, he avoids much of the baggage that burdens contemporary games such as icosahedral dice and indirect fire calculations, and strictly minimises the rôle of chance, using nothing fancier than a coin toss, and that only in rare circumstances.

The original edition couldn't have appeared at a less auspicious time: published just a year before the outbreak of the horrific Great War (a term Wells uses, prophetically, to speak of actual military conflict in this book). The work is, of course, long out of copyright and text editions are available on the Internet, including this one at Project Gutenberg, but they are unsatisfying because the text makes frequent reference to the nineteen photographs by Wells's second wife, Amy Catherine Wells, which are not included in the on-line editions but reproduced in this volume. Even if you aren't interested in the details, just seeing grown men in suits scrunching down on the ground playing with toy soldiers is worth the price of admission. The original edition included almost 150 delightful humorous line drawings by J. R. Sinclair; sadly, only about half are reproduced here, but that's better than none at all. This edition includes a new foreword by Gary Gygax, inventor of Dungeons and Dragons. Radical feminists of the dour and scornful persuasion should be sure to take their medication before reading the subtitle or the last paragraph on page 6 (lines 162–166 of the Gutenberg edition).

 Permalink