The No Starch Press Blog

Ryan Harris, author of our Hacking the Cable Modem, has been indicted on charges of Computer Fraud and Wire Fraud. You can read the complete indictment here. These charges carry a maximum of 20 years in prison and a $250,000 fine.

I’ve known Ryan for several years and I worked closely with him as editor and publisher of his book, Hacking the Cable Modem. Having read the indictment it’s clear to me that Harris is being made an example of by cable companies that won’t implement DOCSIS correctly or who won’t put the effort in to manage their users and their bandwidth. Whether you like Harris or not, this is a travesty. (Now, why Harris wouldn’t simply be sued over this instead of being arrested is anyone’s guess.)

According to the Indictment,

“Cable modem hacking” involves the alteration of the modem’s software for the purposes of accessing an ISP’s network without authorization in order to obtain internet service without an account and without paying for the service.

The first part is correct; the last part is not necessarily the case.

Harris visited our office a few years back to demonstrate his cable modem hacking abilities. He’s quite skilled and I think he rooted a Motorola Surfboard 5100 in about two minutes. I was pretty impressed. He had hacked the modem, altered its firmware, and was able to access its admin page. But guess what? He wasn’t stealing anyone’s service. In fact, the modem was only connected to his computer. It wasn’t even on the Internet. But, but . . .it was hacked!

And that’s exactly the point. Hardware can be hacked just for the fun of it or simply to gain control over a piece of hardware that one owns. In fact, that’s why I originally contacted Ryan to express interest in publishing a book on hacking cable modems. I don’t like black boxes (unless they’re Shuttles), and I like to understand how hardware works. I also don’t like the fact that my cable company pushes out a config file to my modem that blocks the admin page. (I didn’t even know that my cable modem had an admin page until Ryan explained that it was being blocked.)

Here’s the thing: If I own a piece of hardware, I can do whatever I want to it. I can modify it; disassemble it; load DD-WRT on it; overclock it; even repurpose it. Why? Because I own it. And there’s nothing more American than that.

I’m breaking the law if I use that piece of hardware to steal something. I’m not breaking the law if I tell someone how that piece of hardware can be used to steal something any more than I’m breaking the law if I publish a book about how to make bombs or commit suicide. (Not that we do or ever would.)

Our country grants us certain rights. One of those is freedom of speech. Another is freedom of press which is probably why No Starch Press has yet to be indicted, I suppose. (Although I’m guessing I now have an FBI file. Woohoo!) Yeah, we bad.

I take just a bit of credit for this bit of the Indictment:

20. HARRIS and TCNISO also offered for sale a book entitled “Hacking the Cable Modem,” which Harris wrote under his alias “DerEngel”

Harris offered this book for sale and so do we. Unfortunately, due to this recent bit of publicity, Hacking the Cable Modem is currently out-of-stock but we’ve got a quick reprint on the way. (PDF available now if you’d like to buy it.)

And yes, we’ll keep printing and publishing Hacking the Cable Modem as well as any other books about hardware hacking or modding that are interesting, compelling, and worth reading. That’s why we call our line “The finest in geek entertainment.”

Stay tuned.

Bill

Another snippet from the continuing dialog on Slashdot. Here’s my response to someone’s question about the level of editing at No Starch Press.

————-snip————————–

I’ve been publishing technical books since 1991. In my experience, and according to reports from the authors we’ve worked with, there doesn’t seem to be a company that consistently edits every title as deeply as we do. Of course I may be wrong and this information is based only on my experience with other publishers and reports from other authors.

The reports that I get from authors are either that their work is left basically unedited (or it’s left to a copyeditor to clean up), or, as was the case with one large publisher that I worked with in the 1990s, a couple of chapters are edited and then the authors are left on their own.

On all of our titles, one of our in-house editors does a developmental edit first. This edit may involve rewriting/reorganizing chapters; extensive queries; reworking paragraphs and sentences; and so on. Or, if the book needs minimal editing, chapters may move on to technical review, once our editor has approved them.

Once chapters are returned by the technical reviewer and cleaned up (by author and editor), they move onto copyedit. Once through copyedit they move onto proofreading. Our authors see every stage of the process.

If you’ve been receiving this level of editing that’s great news. Every publisher in the tech book business should be doing a similar level of editing, as necessary. I wish they all would because the business would be better for it.

Bill

Hey, I wrote something on Slashdot today. Time for a blog post.

Here are my (biased I’m sure) thoughts on selecting a publisher as posted to Slashdot.

First of all, remember that a publisher is not a printer. If all you want is to see your book in print or to “get your book out there,” you don’t necessarily need a publisher to do that. You can use any of several print-on-demand printers; buy a run of books from an offset printer; sell your book as a PDF; post it as HTML; or other. And there’s nothing wrong with doing that at all — your choice depends on your goals.

Publishing is, or should be, a service business. A publisher should work with you to develop, craft, and market your book. They should help you to make the writing clear and understandable. They should be your harshest critics (because if they’re not, the reviewers will be). They should involve you in the process and you should get to know their staff. You should feel free to ask them questions and they should provide you with clear and direct answers. Unfortunately, publishers are becoming more like printers everyday. We’re resisting that trend.

If you’re not getting editorial services from a publisher you might think of using a printer instead and trying distribution though Amazon directly or through your website if you’ve got a popular one. After all, if you’re not getting service from a service business, what are you getting?

At No Starch Press, we read and edit everything. That’s what our editors do in addition to bringing in new authors. Throughout our publishing process our emphasis is on producing quality books, not more books. We release a title when we think that we’ve done our part to make that book the best that it can be and if we think that the book isn’t ready we delay it. That’s true of all of our titles whether they’re our Manga Guides or our hacking, sys admin, or programming titles. That doesn’t mean that every book we publish is a winner but we’ve worked hard on every book to make it great.

When contacting publishers, ask the hard questions before signing a publishing agreement. How does your publisher market and sell books? How will they sell your book? Who will work on it? How will the editing process work? How involved will you be as author and how much can you be involved? What if you have concerns about the editorial work? How will you be paid? How does the agreement work?

We’re a pretty editorially-driven publisher. But by the same token, thanks to our distribution relationship with O’Reilly and our agreements with various international partners, we’ve got great reach into the world marketplace. We’ve had books translated into over 20 different languages and we sell our books around the world.

One thing that makes No Starch Press unique though is that we are very picky. We don’t publish a lot of books because our goal is not to have 10% of our list carry the rest; I’d rather see 90% of our list carry the remaining 10%.

I bit the bullet and bought a Mac Mini for the office. What a piece of cake to set up. (Not that I didn’t expect it to be easy.) Just about $380 at Microcenter for the 1.83 machine with 1GB RAM and a small hard drive. But who cares.

Take it out of the box, plug in a DVI cable, attach keyboard and mouse (whatever I had sitting around), plug in network cable, and turn it on. The music plays, the screen shows some silly movie (which I’ll call “Ta Da!), and it sets itself up.

Type a couple of keys on the keyboard so that OSX can figure out which driver to load, run a bunch of updates, install iLife ‘09, and you’re pretty much done. And unlike a Windows install, not one error message!

I’m always impressed by the Apple packaging — even down to the rounded edges on the sytrofoam and the plastic wrap on each piece of electronics. Someone is thinking through the entire experience and they do a fantastic job.

I know I’m about the 10 millionth person to discover the beauty of the Mac, but I think further praise is due here. I still prefer Ubuntu and that’s what I plan to keep running on my machines, but I just ordered another Mini for home.

Now to tackle the Ram Upgrade. Maybe the hard drive, too.

Microsoft’s Bing is interesting and I’d wager that it will give Google a run for the money over the longterm.

I’m not saying that Bing is distinctly better than Google’s search or that I like the design better. In fact, I prefer Google’s approach to search, but maybe that’s because I’ve been using Google for so many years. (Before Google, Altavista was my favorite.)

I’ve found a couple of interesting sites that compare the search engines from Google, Microsoft, and Yahoo. One that’s particularly interesting is BlindSearch which has you do a blind comparison.

I searched BlindSearch three times and chose the Google results each time. But again, this may be more a matter of habit than anything. I’m used to reading Google’s search results and parsing them for what I want. Perhaps more telling, the differences between the three sets of results was not clear to me, which is saying something in and of itself: most users won’t be able to tell much of a difference. Based on this very limited study, the winner in search may be the one to launch a stronger marketing campaign — and we know that Microsoft will come out swinging.

I found another site as well that does a direct comparison between search results from Google and Bing. Enter your search terms into The “Google /Bing Comparison Tool” and you’ll be presented with side-by-side results.

Try searching Bing for “google” then Google for “bing.” Bing returns only one result with a link to show more. Google is more impartial. Eh, what did you expect?

After our brush with spam attacks, it’s time to harden WordPress.

I found the post titled “10 Tips To Make WordPress Hack-Proof. The Ultimate Guide” to be very useful, in that step-by-step sort of way. I don’t want to become an expert on hardening a blog; I just want to be sure that our blog is locked down better than most so that we’re not an easy target.

The Secure WordPress plugin is a nice and easy way to fill some security holes (after updating WordPress itself and any plugins). I also found WP-Security Scan worth running. (It pointed out some obvious holes.)

Finally, take a look at the WordPress-Password-Cracker, which is designed to set the security of user passwords against brute force attacks. (Warning: this can take a long time to run and it hasn’t been tested with 2.8. I’m testing it now.)

Update: Either this plugin is broken or it just takes forever to run. I’ve deactivated it for now.

Seems to me, that should lock the door reasonably well, but we always keep backups. Just in case.

I thought you could only convert something like a .daa (direct access archive) file to an ISO image under Windows.

Lo and behold, the kind folks at PowerISO offer a free version of PowerISO for Linux. It’s command line only but it works.

Download a copy here: http://poweriso.com/download.htm

Conversion is pretty simple.

./poweriso -?

for help.

One of the best ways to learn about an operating system is to break it, and I’ve gotten very good at breaking operating systems over the years.

After a bunch of random tweaks to Ubuntu, I succeeded in breaking it, too. Well, not as badly as I’ve broken Windows. For example — everything was running, just really slowly. (Really slowly was the Windows-like behavior.) And I’d sometimes get weird errors that I couldn’t trace.

The best thing to have done prior to this problem would have been to place /Home in a separate partition, which I’ll be doing soon enough. Had /Home been in its own partition I could have just wiped out the OS, reinstalled, then pointed it to /Home. Anyway, everything was (and still is) in one place so I didn’t want to play that game.

The fix was easy. I used Simple Backup to backup everything in the /Home directory then simply wiped out Ubuntu (using a Live CD), repartitioned the drives (to give Vista even less space), and reinstalled.

Unlike the nightmare that can attend this sort of thing under Windows, I had a working installation in about an hour. After choosing a few programs from the Add/Remove menu, everything was pretty much there. Selective restores from the Simple Backup backups have worked without a hitch.

Ubuntu is running beautifully, all of my files are where I want them, I have no DLLs to worry about, and it’s smooth sailing. And it looks as good as ever, too.

Aren’t these new phones — like the Palm Pre — fascinating?

The invention embodied in the UIs on these phones is just stunning. Who thinks of this stuff? Creative people, that’s for sure.

It’s not easy to turn common metaphors on their heads. It’s a lot harder to step back and create; think about how things work and how they can be different.

When we choose books to publish we always take a step back to think about what’s already been done and what can be done differently. Our goal is to push the envelope, whenever possible, with titles like our “Manga Guides.” Or even beginner books like our “My New” series. And let’s not forget titles like Forbidden LEGO or even Cult of Mac.

So yes, No Starch Press is like a smartphone. Except that our medium is just a little bit anachronistic, except when it’s digital. And it’s really hard to change the UI on a printed book. Well, maybe you could cut the binding off and rearrange the pages. You know, make it into an art piece.

File this in the “who knew” section.

I’ve used Thunderbird for years and Google Calendar for at least the last year or so. Who knew you could integrate the two so easily?

I found the Lightning Thunderbird extension in the Ubuntu packages when I did a reinstall, so I installed it. It integrates a nice calendar into Thunderbird.

And, thank you open source community (and Phillipp Kewisch in particular), there’s a plug in that offers bidirectional integration between Google Calendar and Lightning! (Or at least I think it’s bidirectional.) It doesn’t have the most exciting name (Provider for Google Calendar), but it works. At least in one direction.

Anyway, I’ll settle for one direction.

Why do I find this so exciting? Because I’m a dork?

Update: Bidirectionality works!