sARTSurday Sci-Fi Books

Not all arts is visual — and so after a number of terrific visual artists, let me bring you some written words artistry. And because I’m trying to just point people at arts rather than provide full book reviews, I’m going to point at a few different authors and different content.

First of all, my Gentoo-focused readers can possibly remember Tobias Klausmann as a Gentoo developer — some of my ex-colleagues might remember Tobias as a colleague as well. The Slingshot Trilogy is an awesome science fiction trilogy of books, that take place in a distant future, where technology progressed, but human interaction… pretty much stayed the same.

Tobias’s work was particularly enjoyable for me, not just because he’s a friend, but because it’s lightweight, it’s dark and gritty, but it also comes with a positive message that if somehow we work together, we can change things. I like that. We have plenty of terrible negative narratives out there.

Speaking of a bit more dark books, this month John Scalzi‘s The Interdependency trilogy came to conclusion with The Last Emperox. This is a bit more gritty, definitely more adult-oriented (and at times NSFW) sci-fi. This is one of the funniest series I’ve read in a while, starting from the various names of starships, but also considering the way characters behave and all.

From adult to young adult, Brandon Sanderson, of Mistborn and The Stormlight Archive fame, published over the past couple of years two out of a sci-fi book series called Skyward. It’s much more clearly aimed at young adults, and it avoids swearing, any more adult themes, and so on.

Of this whole set of sci-fi books, this is the one that I would suggest for those who are looking for readings for teens, or who prefer some more lighthearted readings. I definitely enjoyed it even at my age, particularly because Sanderson is a real artist with words!

To switch again gear, Chen Qiufan‘s Waste Tide is another awesome title, and he brings you not to another galaxy but, if you like me grew up in continental Europe, to a completely different culture. The book take place “fifteen minutes into the future” in China.

While I’m sure that for quite a few people reading this post China is not that far of a place, or that unknown either, I have to say that for me it has been a mystery up to a few years ago. I took a shine to Chinese sci-fi after listening to Christine‘s talk a few years ago, while I was supporting a whole product development team in Shanghai — it was actually very helpful to have a (small) inkling about the different culture when I landed in the city to work closely with them, and I started keeping an eye on anthologies and new books.

Chen Qiufan’s book is probably my favourite when it comes to the “expansion” of the story, and I totally recommend it, even more so in the current political situation.

Happy reading!

(Audio)book review: We Are Legion (We Are Bob).

I have not posted a book review in almost a year, and I have not even written one for Goodreads, which I probably should do as well. I feel kind of awful for it because I do have a long list of good titles I appreciated in the meantime. So let me spend a few words on this one.

We Are Legion (We Are Bob) tickled me in the list of Audible books for a while because the name sounded so ludicrous I was expecting something almost along the lines of the Hitchikers’ Guide To The Galaxy. It was not that level of humour, but the book didn’t really disappoint either.

The book starts in the first scene in present time, with the protagonist going to a cryogenic facility… and you can tell from the cover that’s just a setup of course. I found it funny from the first scenes that the author clearly is talking of something he knows directly, so I wasn’t entirely too surprised when I found that he’s a computer programmer. I’m not sure what it is with people in my line of work deciding to write books, but the results are quite often greatly enjoyable, even if it takes a while to get into them. On this note, Tobias Klausmann of Gentoo fame wrote a two-part series¹, which I definitely recommend.

Once you get on with the main stage for the book, it starts off in the direction you expect with spaceships and planets as the covers lets you to imagine. Some of the reviews I read before buying the book found it very lightweight and no-brainer, but I don’t see myself agreeing. While taking it with a lot of spirit and humour, and a metric ton of pop-culture references², the topics that are brought up include self-determination, the concept of soul as seen by an atheist point of view, global politics as seen from lightyears away³, and the vast multitudes of “oneselves”.

Spoilers in this paragraph, yes definitely spoilers, and a bit of text so you may not read them out of line of sight. Go back to the following paragraph if you don’t want any. Indeed, it’s very hard to tell, and a question that the book spends quite a bit of time pondering over without an answer, whether the character we see in the first scene is actually the protagonist of the book. Because what we have later is a computer “replicant” of the memories and consciousness of him… and a multitudes of copies of that, each acting more or less differently from the original, leaving open the question whether the copies are losing something in the process, or whether it is the knowledge of not being the “original” that make them change. I found this maybe even more profound than the author intended.

Spoilers aside, I found the book enjoyable. It’s not an all-out bright and shiny future, but it’s also not the kind of grim and dark dystopia that appears to be a dime a dozen nowadays. The one thing that still bothers me a little bit, and that probably is because I would have fallen into the same trap, is that the vast majority of the book focuses on technical problems and solutions, though to be fair it pulls it off (in my opinion) quite healthily, rather than by hiding all the human factors away into “someone else’s problem” territory. It reminded me of an essay I had to write in middle school about the “school of the future”, and I ended up not spending a single word on people, even after the teacher pointed out I should have done so and got me to rewrite it. I’m glad there are people (who are not me) studying humanities.

I found it funny that the Wikipedia page about the book insisted on pointing out that reviewers noted the lack of female characters. That’s true, there are a handful of throwaway women throughout the book, but no major character. I don’t know if there was any way around it given the plot as it stands now though, so I wouldn’t read it too much into it, as the book itself feels a lot like a trip into one’s own essence, and I’m not sure I’d expect an author to be able to analyse this way someone else but themselves. I have not read/listened to the other books in the series (though I did add them to my list now), so maybe that changes with the change of focus, not sure.

As for the audiobook itself, which I got through Audible where it was at “special price” $1.99, I just loved the production. Ray Porter does a fantastic job, and since the book is all written in the first person (from somewhat different points of view), his voicework to make you know which point of view is speaking is extremely helpful not to get lost.

All in all, I’ve really enjoyed the book, and look forward to compare with the rest of the series. If you’re looking for something that distracts you from all the dread that is happening right now in the world, and can give you a message of “If we get together, we can do it!”, then this is a worthy book.

I hadn’t realized book two was out until I looked Tobias up on Amazon. I’ll have stern words with him next time I see him for not warning me!
^[return]
This happens most of the time with geeks writing books, although not all the time thankfully. From one side it does build a nice sense of camaraderie with the protagonists because they feel like “one of us” but on the other hand sometimes it feels too much. Unless it’s part of the story, like here or in Magic 2.0.
^[return]
Pun totally intended.
^[return]

Reverse Engineering is just the first step

Last year I said that reverse engineering obsolete systems is useful giving as an example adding Coreboot support for very old motherboards that are simpler and whose components are more likely to have been described somewhere already. One thing that I realized I didn’t make very clear in that post is that there is an important step on reverse engineering: documenting. As you can imagine from this blog, I think that documenting the reverse engineering processes and results are important, but I found out that this is definitely not the case for everybody.

On the particularly good side, going to 33c3 had a positive impression on me. Talks such as The Ultimate GameBoy Talk were excellent: Michael Steil did an awesome job at describing a lot of the unknown details of Nintendo’s most popular handheld. He also did a great job at showing practical matters, such as which tricks did various games use to implement things that at first sight would look impossible. And this is only one of his talks, he has a series that is going on year after year, I’ve watched his talk about the Commodore 64, and the only reason why it’s less enjoyable to watch is that the recording quality suffers from the ages.

In other posts I already referenced Micah’s videos. These have also been extremely nice to start watching, as she does a great job at explaining complex concepts, and even the “stream of consciousness” streams are very interesting and a good time to learn new tricks. What attracted me to her content, though, is the following video:

I have been using Wacom tablets for years, and I had no idea how they really worked behind the scene. Not only she does a great explanation of the technology in general, but the teardown of the mouse was also awesome with full schematics and explanation of the small components. No wonder I have signed up for her Patreon right away: she deserve to be better known and have a bigger following. And if funding her means spreading more knowledge around, well, then I’m happy to do my bit.

For the free software, open source and hacking community, reverse engineering is only half the process. The endgame is not for one person to know exactly how something works, but rather for the collectivity to gain more insight on things, so that more people have access to the information and can even improve on it. The community needs not only to help with that but also to prioritise projects that share information. And that does not just mean writing blogs about things. I said this before: blogs don’t replace documentation. You can see blogs as Micah’s shop-streaming videos, while documentation is more like her video about the tablets: they synthesize documentation in actually usable form, rather than just throwing information around.

I have a similar problem of course: my blog posts are not usually a bit of a stream of consciousness and they do not serve an useful purpose to capture the factual state of information. Take for example my post about reverse engineering the OneTouch Verio and its rambling on, then compare it with the proper protocol documentation. The latter is the actual important product, compared to my ramblings, and that is the one I can be proud of. I would also argue that documenting these things in a easily consumable form is more important than writing tools implementing them as those only cover part of the protocol and in particular can only leverage my skills, that do not involve statistical, pharmaceutical or data visualisation skills.

Unfortunately there are obstacles to these idea of course. Sometimes, reverse engineering documentation is attacked by manufacturer even more than code implementing the same information. So for instance while I have some information I still haven’t posted about a certain gaming mouse, I already know that the libratbag people do not want documentation of the protocols in their repository or wiki, because it causes them more headaches than the code. And then of course there is the problem of hosting this documentation somewhere.

I have been pushing my documentation on GitHub, hoping nobody causes a stink, but the good thing about using git rather than Wiki or similar tools is exactly that you can just move it around without losing information. This is not always the case: a lot of documentation is still nowadays only available either as part of code itself, or on various people’s homepages. And there are at least two things that can happen with that, the first is the most obvious and morbid one: the author of the documentation dies, and the documentation disappears once their domain registration expires, or whatever else, or if the homepage is at a given university or other academic endeavour, it may very well be that the homepage gets to disappear before the person anyway.

I know a few other alternatives to store this kind of data have been suggested, including common wiki akin to Wikipedia, but allowing for original research, but I am still uncertain that is going to be very helpful. The most obvious thing I can think of, is making sure these information can actually be published in books. And I think that at least No Starch Press has been doing a lot for this, publishing extremely interesting books including Designing BSD Rootkits and more recently Rootkits and Bootkits which is still in Early Access. A big kudos to Bill for this.

From my side, I promise I’ll try to organize my findings of anything I’ll work on in the best of my ability, and possibly organize it in a different form than just a blog, because the community deserves better.

Book Review: Life Nomadic

I think it’s fitting that I’m starting the review of this book while sitting in the AirFrance lounge at Charles de Gaulle Airport, coming back from a four days trip to Paris to see Video Games Live playing at Le Grand Rex.

Life Nomadic was one of a set of suggestion that my dentist, of all people, gave me. Since the book is short, and it was available on Kindle Unlimited, I thought to start with it, even though it was possibly the one I was the least interesting of the list. Turns out my instincts were right and shouldn’t have even read this.

The premise of the book may be interesting, and depending on the cover you see for it, it might be what catches your eye: How to travel the world for less than you pay in rent. I find this is quite the clickbait (how do you call clickbait on a book cover?) because that’s not what it talks about at all; it’s not just travelling the world, the author argues for a complete overhaul of your life to be able to do so, and that, in my opinion, is myopic to say the least.

It might sound “trendy” to say this, but the book clearly reeks of white privilege — while the author never mentions that directly, it becomes very clear by oblique references that he’s white, and he’s clearly male, he says that at the beginning. He’s also healthy, and he’s insisting that this is thanks to his diet, rather than having won the health lottery and having grown up in a rich, healthy environment.

Indeed, the whole premise of the book is that if you’re privileged, in one way or another, travelling around the world is easy. But until you get to the end, when he’s talking about what to do with work (again in a fairly myopic way), you don’t realize that all his suggestions hinge on one important node: you have to be able to risk your job.

Forget to follow the advises of these books if (and this is an incomplete list, I’m sure):

you have a medical condition, light or heavy, that requires you have a relationship with a medical professional — I find it difficult to make appointments with my diabetologist while travelling for work, and with a relatively fixed schedule, if I were to follow his advise of just taking whichever next flight comes to your mind, I would probably be half-dead with untreated diabetes.
you are not American or European, as he’s ignoring all the difficulties of getting visas for most other nationalities; it is true that if you have an American or European passport getting visas for most of the world is just triviality and spending some money, it is less the case if you have other nationalities — and in some cases, it might actually get you outright in trouble;
you are not a white male, for whichever part of the world — the book starts with the author recounting doing something quite illegal and being given a slap on the wrist by the authorities; while it is true that I’d fear American police more than the rest of the world right now, plenty of stories from friends and acquaintances tell me this is a privilege; the risk of jail time is real if you’re not white even in Europe, let alone what may happen in some random country in which you happen to be one of the most obscure minorities;
your work actually requires presence, or timing, or any kind of (even flexible) schedule — the author does not quite specify what he works on, except by describing himself as a “die hard entrepreneur”; he says he stared by writing some software to sell, and points out he was mostly living off royalties of a previous book he published; I’ll get back to this;
you have any family ties at all — a relative, parent, close friend that is ill, or that you support directly or indirectly, as a lot of the talk in this book relies on how “cheap” (compared to US dollars) is the life in many developing countries.

To expand a little bit about how myopic his advises are, I’ll also point out how they can’t even apply to me, and I’m a well-off, single, straight, white guy with (loose) family ties. Even seeing my doctor three times a year (which is not much), I have to have with me a significant amount of “paraphernalia” for my diabetes: pills, insulin, needles, glucometer, etc. This by itself makes it almost impossible to just spend months at a time without a fixed schedule of being able to refill them. Not only some of those medications would not be available in some parts of the world at all, but even if they are, they are a significant cost, and I’m not even factoring in effects of the craziness of the US insurance system on the drugs prices. Besides, those things don’t really travel well. I have a refrigerated pack for my insulin, and luckily I never had trouble through airports before, but I have heard horror stories with insulin pumps and metal detectors. Even the Libre’s simple sensor managed to get me a stern questioning by the Nice airport security guards (and if you want to know, that was before the terrorist.)

While at it, I would like to present a thank you to AirFrance; their lounges at CDG are the only ones I’ve seen, up to now, that make it welcoming to take insulin: they have a sharps container in the bathroom, so you don’t have to ask for it (possibly embarrassingly for some people.) They also have signs on their aircrafts pointing you at their cabin crew for the container, which I’ve done before when flying back from Japan.

A particular note I’ll spend on the work section I noted above. As I said the guy defines himself as an entrepreneur, and if you have spent as much time as me around the Silicon Valley crowd, you can easily recognize the type in the book, even when they are from Austin, instead. He’s the kind of person who made “techie” into a bad word. The whole section about “Earning Money as You Travel” takes no consideration of workers outside of “our” (damn, I don’t want to be associated with this guy’s peers!) industry. The first suggestion is to start a business — well, I know how that goes, and it’s not easy at all, indeed it can only work well if you have capital to invest on it to begin with, which was a big problem for me when I did, because I had none, this guy clearly had since early on (as he goes on to say how he used to order random crap off Internet just for the giggles.)

The other suggestion is to go on contracting, or being a remote worker, suggesting that you may work on websites or software, or that (and I quote) «many office jobs can translate into contractor work» which to me sound like this guy has never seen an office worker outside of tech. And even within tech, he clearly has no idea what he’s talking about (emphasis mine):

Jobs that are particularly conductive to going mobile are jobs that require minimal interaction with others, like writing, editing, programming, graphic design and system administration.

If you have ever tried doing system administration remote, you would know right away that this is clearly bullshit — if you have no idea what the customer is doing, and how they are doing it, you are a horrible system administrator. Yes, you can work remote, but there is no way that they only require “minimal interaction”: they need plenty of interaction, maybe even more so when doing it remote.

Want to have even more fun? Again emphasis mine.

Figure out which program you’d like to become proficient at. Buy the software, buy the great tutorials to learn it from [omissis], and spend some time practicing. The money you’ve amassed from selling everything should easily last you through the transition period.

Yes, he did argue selling everything you own at the beginning of the book. He seems to think that you can do that, and amass money, probably while living in an RV and working from the tables of a closed-up restaurant in-between lunch and dinner, as he did. And that should be enough to learn something new you never did before. I’m sure this guy would have been able to, if he wasn’t lucky (because it’s all a matter of luck.)

Okay, enough with the usual SV-style no-work-is-important-but-tech part, let’s see if there is any value in this book otherwise.

He does have a significant amount of useful information on the actual travelling part, although some of it is clearly only important to note to Americans, such as the viability of train travel in Europe. He has good suggestions for the use of ferries (that I may actually try once in a lifetime too, because I am indeed lucky, and despite disliking travel, taking a week or so to traverse the ocean without a flight sounds cool to do.) Unfortunately that makes up only about half of the book.

He’s got a good list of suggestions about gear, too — although a lot of it is already part of privilege: most of the options are bloody expensive and not something that you can even consider without an injection of capital at the “transition” as he calls it. If you are lucky and privileged it might be worth a look, I have particularly been tempted by Smartwool, and particularly by their wool socks, as my diabetes makes it more likely I get blisters, if my feet get wet — but before those even got to me, I ended up buying a pair of tights in Paris, because it was very cold while I was there, and The North Face store in the city stocks Smartwool too; they are significantly expensive, but also much more comfortable that others I tried before.

His suggestions for services are also out of touch — among others he’s suggesting the American Express Platinum card, which admittedly it is a very useful card for a traveller lucky enough to afford one: not only it ignores the fact that not everybody can get a credit card but also that it’s not only the price that makes American Express an elitist card. It is effectively limitless (or rather, has a very flexible limit) which means their credit score requirements can be significantly higher.

In the book he points at his website to provide a list of gear — which sounded like a cool idea, I do something similar myself for my hardware, but the link is now dead. Which is a shame, because that might have been the only useful thing he could have done for the public. Too bad.

Finally, some of his suggestions are downright unethical, including abusing airfare rules to enter lounges he should not have access to (although I hope he took a shower while there, because one of the most anoying things while travelling is the well-off traveller smelling like goats for a four hours flight.) And mine and hsi point of view are clearly at odds on the general ethical side, too:

[speaking about airfare systems] I like systems like this — they reward the smart and determined at the cost of the lazy or ignorant.

I would rephrase it as “They reward the lucky elite at the cost of the otherwise busy masses.” But clearly my belief system and his are very different. It should not be a surprise by then that the book the guy got his money from, and that allowed him to start, sound like that a PUA title (or, in his words, “a book on dating for men”.

Travel should widen your horizons, it’s very hard not to, but my feeling is that this guy has been looking at the world as if he deserves all of it. Rather than being empathetic to the condition of others that might not have his privilege, he pours contempt for them: friends locked in their lives (whether by choice or lack of opportunities), people living in their own home countries, and even the readers of this book.

Final result: not a fan. I’ll actually synthesise this review in a form that is acceptable to Amazon and GoodReads and post it as a warning.

The Italian ISBN fraud

Photo credit: Moyan Brenn

The title of the post is probably considered clickbait, but I think there is a fraud going on in Italy related to ISBN, and since I noted on my Facebook page that I have more information on this than the average person, even those who are usually quite well informed, I thought it’s worth putting it down on paper.

It all started with an email I got from Amazon, in particular from the Kindle Direct Publishing service, which is how I publish Autotools Mythbuster as a Kindle book. At first I thought it was about the new VAT regulation for online services across Europe that are being announced by everybody and that will soon make most website give you ex-VAT prices and let you figure out how much you’re actually paying. And indeed it was, until you get to this post-script:

Lastly, as of January 1, 2015, Italy has put in place a new law. Applicable VAT for eBooks sold in Italy will depend on whether the book has an ISBN. All eBooks with an ISBN will have a 4% VAT rate and eBooks without an ISBN will have a 22% VAT rate. This is the rate that is added to your price on January 1st and is the rate deducted when an Italian customer purchases your book. If you obtain an ISBN after January 1st, the 4% VAT rate will then apply for future sales but we will not adjust your list price automatically.

Since I’ve always felt strongly that discriminating books on whether they are paper or bits is a bad idea, the reduced VAT rate for books was actually good news, but tying it to the ISBN? Not so much. And here’s why.

First of all, let’s bust the myth of the ISBN being a requirement to publish a book. It’s not, at least not universally. In particular, it’s not a requirement in either Italy, Republic of Ireland or the United States of America. It is also not clear for many that in many countries, including at least Italy and Republic of Ireland, it’s privately held companies that manage the ISBN distribution. In other countries there’s a government agency to do that, and it may well be that it’s more regulated there.

In the case of the UK agency (that also handles Republic of Ireland and is thus relevant to me), they make also explicit that there are plenty of situations in which you should not apply an ISBN, for instance for booklets that are not sold to the public (private events, museums, etc.). It might sound odd, but it makes perfect sense the moment when you realize what ISBN was designed to help with: distribution. The idea behind it is that any single edition of a book would have an unique code, so when your bookstore orders from the distributor, and the distributor from the publisher, you have the same ID over the place. A secondary benefit for citing references and bibliographies is often cited, but it is by far not the reason why ISBN was introduced.

So why would you tie the VAT rate on the presence of an ISBN? I can’t think of any particular good reason off the top of my head. It makes things quite more complex for online ebook stores, especially those that have not been limited to stocking books with an ISBN to begin with (such as Amazon, Kobo, …). But even more so it makes it almost impossible for authors to figure out how to charge the buyers, if they are both in Europe. All is still easy of course if you’re not trying to sell to Europe, or from Europe — wonder why we don’t have more European startups, eh?

The bothersome part is that there is no such rule about VAT for physical books! Indeed many people in Italy are acquainted with schemes in which you join a “club” that would send you a book every month (unless you opt-out month by month, and if you don’t you have to pay the price for it), and would sell books at a price much lower than the bookstore.

I’m sure they still exist although I’m not sure if Amazon makes them any interesting now, it was how I got into Lord of the Rings, as I ended up paying some €1.25 for it rather than the price of €30 for the same (hardcover) edition.

All those books were printed especially for the “club” and would thus not have an ISBN attached to them at all. One of the reason was probably to make it more difficult to sell them back second hand. But they have always been charged at 4% VAT anyway!

But the problems run further and that’s hard to see for most consumers because they don’t realize just how difficult the ISBN system is to navigate. Especially for “live” books like Autotools Mythbuster, every single revision needs its own unique ISBN — and since I usually do three to four updates to the book every year, that would be at least four different ISBNs per year. Add to that the fact that agencies decided that “ebook” is not a format, ePub, Mobi and PDF are, and you end up requiring multiple ISBNs per revision to cover for these formats.

Assume only two formats are needed for Autotools Mythbuster, which is only available om Amazon and Kobo. Assume three revisions an year (I would like to do more, I plan on spending more of 2015 writing documentation as I’m doing less hands-on work in Open Source lately). Now you need six ISBNs per year. If I was living in Canada, the problem is solved to begin with – ISBNs assignments in Canada are free – but I live in Ireland, and Nielsen is a for-profit company (I’ll leave Italy aside for a moment, will go back to it later). If I were to buy a block of 10 codes (the minimum amount), I would have to pay £120 plus VAT and that would last me for almost two years — but that requires me making some €300-400 in royalties over those two years to break even on the up-front cost — there are taxes to be payed over the royalties, you know.

This means well over two hundreds copies of the book to be sold — I would love to, but I’m sure there aren’t that many people interested in what I write. Not the two hundreds, but two hundreds every year — every update would have a hidden cost due to the ISBN needing to be updated, and if you provide the update for free (as I want to do), then you need to sell more copies incrementally.

Now I said above I’ll leave Italy aside — here is why: up until now, the Italian agency for ISBN assignment only allowed publishers to buy blocks of ISBN codes — independent authors had no choice and could not get an ISBN at all. It probably had something to do with the fact that the agency is owned by the Italian publishers association (Associazione Italiana Editori). Admittedly the price is quite more affordable if you are a publisher as it is €30 to join and €50 every 10 codes.

But of course with the new law coming into effect it would have been too much of a discrimination against independent authors to not allow them to get ISBNs at all. So the agency decided that starting this January (or rather, starting from next week, as they are on vacation until the 7th) they will hand out individual ISBNs for “authorpublishing” — sic, in English, I wonder how drunk they were to come up with such a term, when the globally used term would be self-publishing. Of course the fee for those is €25 per code instead, five times as expensive as a publisher would pay for them.

And there is no documentation on how to apply for those yet, because of course they are on vacation still (January 6th is holiday in Italy, it’s common for companies, schools, etc. to take the whole first week off.) and of course they only started providing the numbers when the law entered into effect, to avoid the discrimination. But of course it means that until the authors can find the time to look into the needed documentation, they will be discriminated. Again, only in Italy, as the rest of Europe does not have any such silly rule.

Now, at least a friend of mine was happy that at least for the majority of the ebooks we’ll see a reduced VAT — but will we? I doubt so, as with any VAT change, prices will likely remain the same. When VAT increased from 20% to 21%, stores advertised the increased price for a week, then they came back to what they were before — because something priced at €3.99 wouldn’t remain priced at €4.02 for long, it’s even less convenient. In this case, I doubt that any publisher will change their MSRP for the ebooks to match the reduced VAT — I think the only place where this is going to make a difference is Amazon, as their KDP interface now matches the US price to the ex-VAT price of the books, so that the prices across Amazon websites no longer match across markets as they apply the local VAT, but I wouldn’t be surprised that publishers would still set a MSRP to Amazon to match the same in-VAT price before and after the 22%→4% change, essentially increasing by over 10% their margin.

I’m definitely unconvinced of the new VAT regulations in Europe; they are essentially designed as a protectionistic measure for the various countries’ companies for online services. But right now they are just making it more complex for all the final customers to figure out how much they are paying, and Italy in particular they seem to just be trying to ruin the newly-renewed independent authors’ market which has been, to me, a nice gift of modern ebook distribution.

A short list of fiction books I enjoyed

I promised in the previous review a few more reviews for the month, especially as Christmas gifts for geeks. I decided to publish this group-review of titles, as I don’t think it would have served anybody to post separate book reviews for all of these. I would also suggest you take a look at my previous reviews so that you can find more ideas for new books to read.

Let’s start with a new book by a well-known author: The Ocean at the End of the Lane by Neil Gaiman is, as it’s usual with him, difficult to nail (ah-ha) to a genre quickly. It starts off as the story of a kid’s youth but builds up to… quite something. I have listened to the audiobook version rather than the book, and as it started it seemed something perfect to make me sleep well, but then again it mixed with my own dreams to form something at the same time scary and full of warmth.

It’s common to say that it’s the journey, not the destination, that is important, and I find that is a very good description of what I like in books. And in the case of Gaiman’s book, this is more true than ever. I was not looking forward for it to end, not because it’s a bad ending (even though it did upset me a bit) but because I really wanted to stay in that magical world of the Ocean at the end of the lane.

Next up, two series from an author who’s also a friend: Michael McCloskey who writes both fantasy and scifi — I have yet to start on his fantasy series, but I fell in love with his scifi writing with Trilisk Ruins. I think it might be worth retelling the story of how I found out about it, even though it is a bit embarrassing: for a while I was an user on OkCupid – so sue me, it feels lonely sometimes – and while I did not end up meeting anybody out of there, my interest was picked by an ad on one of the pages: it was part of the cover of Trilisk Ruins but with no text on it. I thought it was going to be some kind of game, instead it was a much more intriguing book.

Michael’s secret is in talking about a future that may be far off, but that is, well, feasible. It’s not the dystopia painted by most scifi books I’ve read or skimmed through recently, although it’s not a perfect future — it is, after all, the same as now. And technology is not just thrown up from a future far away that we can count on it as magic, nor it is just an extension of today’s. It is a projection of it in a future: the Links are technologies that while not existing now, and not having a clearly-defined path to get to them, wouldn’t be too far fetched to be existing.

Parker Interstellar Travels – that’s the name of the series starting with Trilisk Ruins – is mostly lighthearted, even though dark at times. It reads quickly, once you get past the first chapter or two, as it jumps straight into an unknown world, so you may be stunned by it for a moment. But I would suggest you to brace yourself and keep going, it’s fully worth it!

There is a second series by Michael, but in this case an already-closed trilogy, Synchronicity, starting with Insidious, which is set in the same universe and future, but it takes a quite different approach: it’s definitely darker and edgier, and it would appeal to many of the geeks who are, as I write, busy reading and discussing potential AI problems. I have a feeling that it would have been similar in the ‘60s-‘70s after 2001 was released.

In this series, the focus is more on the military, rather than the individuals, and their use, and fear, of AIs. As I noted it is darker, and it’s less action-driven than PIT, but it does make up for it in introspection, so depending on what your cup of tea is, you may chose between the two.

The fourth entry in this collection is something that arrived through Samsung’s Amazon deals. Interestingly I already had an audiobook by the same author – B.V. Larson – through some Audible giveaway but I have not listened to it yet. Instead I read Technomancer in just a week or so, and it was quite interesting.

Rather than future, Larson goes for current time, but in a quite fictionalized setting. There’s a bit of cliché painting of not one, but two women in the book, but it does not seem to be as endemic as in other books I’ve read recently. It’s a quick-bite read but it’s also the start of a series so if you’re looking for something that does not end right away you may consider it.

To finish this up, I’ll go back to an author that I reviewed before: Nick Harkaway, already author of The Gone-Away World, which is sill one of my favourite modern books. While I have not read yet Tigeman which was on this year’s shortlist for the Goodreads Awards, last year I read Angelmaker which is in a lot of ways similar to The Gone-Away World, but different. His characters once again are fully built up even when they are cows, and the story makes you want to dive into that world, flawed and sometimes scary as it is.

Have fun, and good reads this holiday season!

When (multimedia) fiefdoms crumble

Mike coined the term multimedia fiefdoms recently. He points to a number of different streaming, purchase and rental services for video content (movies, TV series) as the new battleground for users (consumers in this case). There are of course a few more sides in this battle, including music and books, but the idea is still perfectly valid.

What he didn’t get into the details of is what happens one of those fiefdoms capitulates, declaring itself won over, and goes away. It’s not a fun situation to be in, but we actually have plenty of examples of it, and these, more than anything else, should drive the discourse around and against DRM, in my opinion.

For some reasons, the main example of failed fiefdoms is to be found in books, and I lived through (and recounted) a few of those instances. For me personally, it all started four years ago, when I discovered Sony gave up on their LRF format and decided to adopt the “industry standard” ePub by supporting Adobe Digital Editions (ADEPT) DRM scheme on their devices. I was slow on the uptake, the announcement came two years earlier. For Sony, this meant tearing down their walled garden, even though they kept supporting the LRF format and their store for a while – they may even do still, I stopped following two years ago when I moved onto a Kindle – for the user it meant they were now free to buy books from a number of stores, including some publishers, bookstores with online presence and dedicated ebookstores.

But things didn’t always go smoothly: two years later, WHSmith partnered with Kobo, and essentially handed the latter all their online ebook market. When I read the announcement I was actually happy, especially since I could not buy books off WHSmith any more as they started looking for UK billing addresses. Unfortunately it also meant that only a third of the books that I bought from WHSmith were going to be ported over to Kobo due to an extreme cock-up with global rights even to digital books. If I did not go and break the DRM off all my ebooks for the sake of it, I would have lost four books, having to buy them anew again. Given this was not for the seller going bankrupt but for a sell-out of their customers, it was not understandable that they refused to compensate people. Luckily, it did port The Gone-Away World which is one of my favourite books.

Fast forward another year, and the Italian bookstore LaFeltrinelli decided to go the same way, with a major exception: they decided they would keep users on both platforms — that way if you want to buy a digital version of a book you’ll still buy it on the same website, but it’ll be provided by Kobo and in your Kobo library. And it seems like they at least have a better deal regarding books’ rights, as they seemed to have ported over most books anyway. But of course it did not work out as well as it should have been, throwing an error in my face and forcing me to call up Kobo (Italy) to have my accounts connected and the books ported.

The same year, I end up buying a Samsung Galaxy Note 10.1 2014 Edition, which is a pretty good tablet and has a great digitizer. Samsung ships Google Play in full (Store, Movies, Music, Books) but at the same time install its own App, Video, Music and Book store apps, it’s not surprising. But it does not take six months for them to decide that it’s not their greatest idea, in May this year, Samsung announced the turn down of their Music and Books stores — outside of South Korea at least. In this case there is no handover of the content to other providers, so any content bought on those platforms is just gone.

Not completely in vain; if you still have access to a Samsung device (and if you don’t, well, you had no access to the content anyway), a different kind of almost-compensation kicks in: the Korean company partnered with Amazon of all bookstores — surprising given that they are behind the new “Nook Tablet” by Barnes & Noble. Beside a branded «Kindle for Samsung» app, they provide one out of a choice of four books every month — the books are taken from Amazon’s KDP Select pool as far as I can tell, which is the same pool used as a base for the Kindle Owners’ Lending Library and the Kindle Unlimited offerings; they are not great but some of them are enjoyable enough. Amazon is also keeping honest and does not force you to read the books on your Samsung device — I indeed prefer reading from my Kindle.

Now the question is: how do you loop back all this to multimedia? Sure books are entertaining but they are by definition a single media, unless you refer to the Kindle Edition of American Gods. Well, for me it’s still the same problem of fiefdoms that Mike referred to; indeed every store used to be a walled garden for a long while, then Adobe came and conquered most with ePub and ADEPT — but then between Apple and their iBooks (which uses its own, incompatible DRM), and Amazon with the Kindle, the walls started crumbling down. Nowadays plenty of publishers allow you to buy the book, in ePub and usually many other formats at the same time, without DRM, because the publishers don’t care which device you want to read your book on (a Kindle, a Kobo, a Nook, an iPad, a Sony Reader, an Android tablet …), they only want for you to read the book, and get hooked, and buy more books.

Somehow the same does not seem to work for video content, although it did work to an extent, for a while at least, with music. But this is a different topic.

The reason why I’m posting this right now is that just today I got an email from Samsung that they are turning down their video store too — now their “Samsung Hub” platform gets to only push you games and apps, unless you happen to live in South Korea. It’s interesting to see how the battles between giants is causing small players to just get off the playing fields… but at the same time they bring their toys with them.

Once again, there is no compensation; if you rented something, watch it by the end of the year, if you bought something, sorry, you won’t be able to access it after new year. It’s a tough world. There is a lesson, somewhere, to be learnt about this.

(Short) Book Review: Xamarin Mobile Application Development for Android

You probably read by now that I’ve been thinking of build either an Android application or a Chrome one as either companion or replacement for the glucometer utilities which I’ve been writing in Python for the past few months.

Packt has been nice enough to let me review Xamarin Mobile Application Development for Android, and so I decided to take into consideration the option of actually building the app in C#, so that it can be shared across various platforms.

The book goes into details of what Android applications can and should do and provides nice examples, mostly around a points-of-interst application. It’s hard to say much when I don’t want to complain, so I’ll just say, give it a go, if you don’t plan to make your apps open source (which I think you should). As the book points out, being able to share your backend libraries (but not frontend/UI ones!) across operating systems and platforms (phone, tablet, computer) is a godsend, so I think Xamarin did build a very good tool for the job.

On the other hand, I’m definitely not going to pursue this — while C# is a language I like, and Xamarin for Android allows you to use JNI extensions as the one Prolific releases for their USB-to-serial adapter, I find having the tool open source is more important than any of this.

Book Review: OAuth 2.0 Identity and Access Management Patterns

PacktPub sent me another book for review after the quite good Learning Cython Programming (which I reccommend!), this time the book is OAuth 2.0 Identity and Access Management Patterns (Packt). I’m afraid to say I’m not incredibly impressed.

The book is not bad; the content is there and it can be useful, just I don’t know if the price attached to it, especially from Amazon or for the print edition is worth it. From one point of view, OAuth 2 itself is quite simple in its design, intentionally, as the previous implementation was obviously overcomplicated; on the other, the book sticks strictly to the protocol itself rather than describing ways to integrate it with your application.

One of the weakest points of the book is that it sticks strictly to the terminology used by the standard. While terminology is important, it would be nice to have a more “plain English” definition of what’s going on, and an explanation of said terms. Even things like “secure storage” are not obvious (secure to whom?).

Books like this to me are good if after reading it I have fewer questions than when I started. I did choose to review this one because I have had bad experience while trying to implement OAuth before – and the messy hybrid that was the first version of Facebook Connect – and I wanted to know what the current state of the art is in the authentication department. But the book did not make it any clearer to me.

There’s lots of hand-waving, too. For instance the state parameter that is passed on during requests is told «can be used for defending against man in the middle attacks» — but there is no explanation on how this works; sure it’s passed unmodified back to the caller, but what are the semantics? Similar to XSRF tokens? If there is such an attack, what stops Eve from using the same state value? I’m sure there are answers and best practices, but the book does not help me there.

There are also some references that while factually true, are rendered in such a way to be ambiguous and misleading. When explaining the advantages of OAuth 2 over previous authentication systems, for example, it gets compared to HTTP Basic Auth complaining:

The drawback here is that, in this type of authentication, the user, alongside his username, enters and sends his password over the wire as well.

While this is true, nobody in their sane mind would use basic authentication nowadays; indeed anybody who wants to use HTTP-level authentication would use digest auth which does not suffer from the just-listed problem. Sure it has other issues, but that’s still the case.

The book will eventually proceed to explain what the advantage of OAuth 2 over user/password authentication is (fine-grained access control to resources hosted at a third-party service), but even just pointing that out right away would have been an improvement. Indeed here the problem is not that username and password are passed over the wire (they almost always are, at some point), but rather than you don’t have to provide your (say) Facebook password to (say) Duolingo for it to be able to find your friends already on the system. This is a definitive win over user/password authentication, but is not really made clear. Not that OAuth was the first implementation of a token-based authentication: after all Kerberos is a technology of the 80s.

The calls to security measures are also vague, ranging from security through obscurity by suggesting to «perform code analysis» to make reverse engineering harder (what?), or to encrypt a whole SQLite database to prevent SQL injection attacks. Oh and there are no other apps beside JavaScript “client apps” and mobile applications. Maybe the desktop is already dead? I don’t think so.

I’m sorry if I sound harsh, but the author definitely knows the topic, so I would have hoped for more, especially for the not-so-cheap price the book is sold at. Toward the end of the book, lots of pages are “wasted” by XML dumps when trying to explain how to make use of SAML 2.0 — without explaining what it is or why we should care (not that online I could find a good answer to this).

At any rate if you’re struggling with OAuth 2, the book is not bad, but unless you really want to spend on books, this one is not for you.

Book Review: Learning Cython Programming

Thanks to PacktPub I got a chance to read an interesting book this week: Learning Cython Programming by Philip Herron (Amazon, Packt). I was curious because, as you probably noticed, after starting at my current place of work the past April, I ended up having to learn to use Python, which ended up with me writing my glucometer utilities in that language, contrarily to most of my other work, which has been done in Ruby. But that’s a topic for a different post.

First of all, I was curious about Cython; I heard the name before but never looked much into it, and when I saw the book’s title and I quickly checked what it was, my interest was definitely picked. If you haven’t looked into it either, at a quick summary it’s a code generator bridge between Python and good plain old C, wrapping the latter such that you can either make it run Python callbacks, or generate a shared object module that Python can load, and offload the computation-intensive code to a more performant language. And it looks a lot like a well-designed and well-implemented version of what I hoped to get in Ruby with Rust — no connection with Mozilla’s language with the same name.

The book is a quick starter, short and to the point, which is an approach I like. Together with the downloadable source code, it makes it a very good solution to learn Cython, and I recommend it if you’re interested. Not only it covers the obvious language itself, but it covers a wide range of use cases that show how to make good use of the options provided by Cython. It even goes on to show how to integrate it in a build system (although I have some reserves on the Autotools code in there, which I think I’ll send Philip a correction for).

I seriously wish I had Cython and this book when I was working on Hypnos, an Ultima OnLine «server emulator» for which I wanted to add Python-based scripting — other emulators at the time used either a very simple, almost basic-like scripting language, Perl or C#. This was before I tried to use Python for real, which turned me to hate its whitespace-based indentation. I did write some support for it but it was a long and tedious process, so I never finished it. Not only Cython would make that work much less tedious, but the book shows exactly how to add Python scripting capabilities to a bigger, C program using tmux as the example.

The book does not ignore the shortcomings of Cython of course, including the (quite clumsy) handling of exceptions when crossing the foreign language barrier. While there are still a bunch of issues to be straightened out, I think the book is fairly good at setting proper expectation for Cython. If you’re interested in the language, the book looks like the perfect fit.