domingo, maio 28, 2017

Micro-Fiction, Text 008: "The Moon" by Myselfie (Dedicated to My Father)

The moon must have risen high in the sky, because the fog around them had turned into a silvery and impenetrable cocoon that seemingly had started self to shine. The humidity that was reflected down on his face and his forearms was cooling and let him slowly emerge from a state of deep exhaustion, like a submarine emerges from the pitch-black of deep sea into the twilight above it.
His first, blurred thought slowly drove over to Casabian, who still walked right behind him. The thick, glowing fog swallowed almost every noise but he knew she was there. He thought about whether he might have heard her footsteps and her breathing, without perceiving it consciously or whether he had developed an extra sense that made him feel Casabian's aura. The extreme terror that they had been through, might perhaps quite have been able to produce such a sense. The chance had made her to the only thing left to him and what would remain to him in view of his future prospects. Although he had no occasion for a glimpse into a future that lay farther than a few hours before him. But no matter how the situation would develop, if it should develop for him at all, then Casabian would be the only confided in his life.
He ordered his legs to go no further. Apparently his legs followed his command reluctantly two further steps and let him stop abruptly. Casabian also seemed to emerge from her reverie before she came to stand next to him. Her slender body was almost swallowed by the luminous mist and was no more than a thin, black silhouette. Wordlessly, she looked up at him and her eyes shone with silvery luster in the diffuse light of the moon.
As their eyes met, he felt the icy grip that had his heart squeezed in the course of the last few days to a cold, steely lumps, slowly loosen. The panicked fear of being tracked down and killed by their hunters, gave way to a feeling that seeped slowly into his body, like the alcohol of a heavy wine. If he was going to die in this strange place, then he would be close to the one person who meant everything to him. And that person would join him. Otherwise, he had nothing to lose.
With a slight breeze the fog seemed to set in motion and became thinner. Suddenly it teared up and opened a view of the desert-like environment that lay around them, such as under a silver shroud. He knew that he would fight until the last drop of his blood and to the last twitch of his muscles - for Casabian and for the justice that they deserved?

Dedicated to my father.

sábado, maio 27, 2017

WannaCry Ransomware

Question? As Linux is open source, is there not the chance that hackers can find vulnerabilities more easily?
Answer: No. Since it is open source, defects are easily found by competent engineers and patched quickly, as you'd know had you any competence yourself.

We are frequently told that proper architecture and solutions are too expensive and that they need to be more "pragmatic" (i.e. cheaper) in their approach and everything will be fine. The reality is that it doesn't work. The direction comes from the top; project and program managers are under pressure to reduce costs as their number one priority. Ministers take the line from those who tell them about cost reduction, not from experts who are "just being perfectionist" and "scaremongering".

There's a few other things in here. Security Architecture and Data Protection strategies need good threat and risk modelling and the application of year by year transformation. Overwhelmingly the 80/20 rule applies and that 20% (essential, difficult, error prone) gets descoped. We are only just getting to the point our expertise can handle the challenges at scale. This is because the last 20 years have seen the birth of the Internet and all its attendant tech... but even if we have reached the end of the beginning (and I would argue we haven't quite hit that, the IoT is just birthing all around us) things will not stand still, and our new-found powers won't keep up. Add to that the impotency of people relying on one and only one operating system without the ability to embrace other much safer and locked down systems and you know why IT literacy is thriving. And this start in schools where the “OS with windows” is basically creating a generation of young people not knowing that knowing how Excel works is not IT knowledge. Nevertheless, I rather resent the implication that this is a generational problem. The fact is the tech-savvy and the tech-incompetent are well-represented in every group. Being able to use instagram or attach a photo to an email doesn't mean that the person doing it necessarily has the first clue about how any of this stuff works, or indeed how to avoid security problems. It is certainly true that few politicians seem to understand how any of this works. Unfortunately, neither do their interlocutors in the media who seem quite capable of pinning down a slippery spokesman like the Portuguese one I saw on the TV this last week whose surname rhymes with “turbulent”, blaming the previous governments and companies for this latest security breach. Things are not so clear-cut.

If I’d built a car which was so badly designed it not only crashed all the time but anyone could steal it, you could call it a ShittyOS. Human nature being what it is, what can be easily stolen will be. And rather than redesign it you just added reinforcements, patches, bits and pieces and lock after lock after lock (equally flawed) onto the bits and pieces you might expect that no one would buy it and that victims of its failures would run to the courts. But inexplicably this glutinous tangle of threads, patches and flat tires still has a market and the idea that the maker is responsible doesn’t seem to occur to the owners of ShittyOS products.  Rather than focusing on the very simple point that the current administrations are culpable for both ending a support contract with some software houses I won’t name here, and failing to provide the resources to enable all older machines to be upgraded from older OS.

I think this problem is endemic in the public and private sectors. How many businesses were affected by the Dyn outage last year, the AWS S3 outage some time ago? The list goes on.

To protect and ensure services run smoothly, costs money, and also requires a proactive stance rather than a reactive one. Board members often see little value (wrongly) in upping their IT spend, and some IT professionals have apathy towards the confrontation it takes to push forward with initiatives. Commoditisation of the IT sector has also contributed in some way, with many providers on the 'race to zero' and therefore devaluing such services and conversations.

We rely on our IT, and services can crumble if there's a problem. Budgets need to reflect this fact better. I don't see this as a generational issue, an education one maybe, a reactive Vs proactive mentality. definitely.

By the way, do you know who the real beneficiary of the global ransomware attack will be? No, not the hackers. It will be none other than the software houses. I can almost hear the champagne bottles pop, because the attack will force companies and governments that still use WinXP, Windows Vista, Win7, Win8 (or Windows Server 2003) to switch to Win10 (or Windows Server 2012+). Incidentally, it appears it was Win7 and not WinXp which was the bad guy in this picture.

People think IT is a onetime spend, and it will work for its lifetime independent of investment. This is just not the case. IT is an ongoing expense, and should be one of the first things allocated in the budget. As much as you espouse the free OS's, users just aren't ready to learn them, and a lot of applications do not support them. It surprises the hell out of me they let the contract with some software houses to end though, without renewing or updating the machines. That is just stupid, and simply suggesting that "switch to Linux" is a flawless solution is pure hubris, both because of compatibility (have the diagnostic tools been written for non-Windows operating systems? It's not like you can just copy the .exe over and expect it to work) and for the fact that it's not 100% secure like so many people seem to fallaciously claim (remember Heartbleed?). Regardless of this, I'd always recommend Unix or Unix base systems because they were engineered for security from the start - for heavy duty use - but glossy marketing hype ensures we still use effectively the same old ropey ShittyOS that have been around for generations. Unix BSD kernel systems were indeed built for much more resilient counter virus infection, scalable robust operation.

Unix is used to manage the NY stock exchange, the ATM Banking systems and so on. All. Mission. Critical. Systems.

Any computer at work or home based on a UNIX kernel is hard to crack. And even harder to spread.
If you can’t go the Unix/Linux way, Win 10 made some major advances in the field of security. So much so that it would make my system more vulnerable if I were to install a third party anti-virus product than if I were to only use the included Windows Defender. Even Google engineers now recommend only using Windows Defender.

What’s the bottom-line? It's not 'tech experts' that are necessarily needed. What is required are senior IT managers that understand the issues and listen to the technical experts.

I vividly recall a period in my career when part of my brief was to oversee the implementation of management information systems. The constant battle was against a short-term accountancy mentality (and I knew even then that we had too many of them and too few practical technicians) which laboured under the delusion that computerised systems offered immediate savings for a modest one-off expenditure. Which they don't - any decent system will take time to implement, and will probably require a short-term rise in costs (apart from the capital expenditure) in order to glean any long-term savings.

And then there is the phenomenon of data growth that systems often generate, whereby what was an impossibility becomes possible, and expands the role of a particular activity. The syndrome illustrates poor IT management understanding - at a wider level - of the role of investment.

What about this specific wnacry issue? No, Microsoft doesn't have a duty of care here. If they had suddenly stopped providing security patches with no warning, then they would be at fault. But that's not the case. Windows XP has been unsupported (so-called 'End of Life', or EOL) since 2014, a date that had been widely known about since 2007. Win 7 since 2009. The reason for this is that security patches don't write themselves, and there logically must be a cutoff point where the software needs to be written off and upgraded (kind of like how, the fourth or fifth time your car fails its MOT, the repair costs eventually become higher than the value of the car and it's far more worthwhile to get a new one instead of patching up the old one).

Windows XP has been around for almost sixteen years now. Windows 7 for almost 8 years. This is ancient when it comes to software. It's long been time to upgrade, and the risks of not doing so were well known by those who decided not to. The emails that were opened should never have got that far. It's that simple. Of course, end-users cannot be trusted to act sensibly. Not open suspect emails. Not click on links in them. Ignore screen messages asking, "Are you sure?". Heck, one of mine even clicked the button when the whole page was in a foreign language and she didn't have a clue, literally, to what she was agreeing to. They trust the system providers to protect the system.

This isn't only a matter of "government and company cuts"; it's IT management failure. There should be a sudden blossoming of job adverts for IT staff and managers. Time for the dead wood to be identified and thinned out.

Once the email containing the worm got inside a network, it would not need any email attachment to spread further. The worm had been quietly spreading from machine to machine for weeks. The worm's encryption package triggered world-wide on May 12th, but it has been spreading silently for much longer. It seeks out machines that were not patched with the Microsoft solution in the last two months. Any Windows machine (10, 8, 7, or XP) not patched since March was vulnerable EVEN if its user never opened any attachments. Once an un-patched machine capable of being addressed by an infected machine on the same network or wide area network was switched on, if there was even one infected machine elsewhere in that network, t would become infected and would begin searching out vulnerable machines itself.

Imagine people take lots of LSD and keep jumping off balconies, breaking their legs, backs and /or killing themselves. You could say: “we need lower balconies” or you could get rid of LSD. Anyone with a degree in Computer Science will tell you that whatever IT system you have put in place, it will be hacked - many reasons for this, one of the simplest is that the dudes who develop the security systems are the same ones who hack it, since they know how to. Any senior people in industrial IT will tell you this. Modernity and its defenders will happily say that we need to lower the balconies, whilst our LSD-stoned friends now wander into the road and are killed by oncoming traffic. IT is the problem so we need more IT to counter it?

No, not really.

sábado, maio 13, 2017

The 4th Pope in Portugal (6th visit of a Pope to Portugal): Fátima's 100 Years of the Prophecies

Some atheist friends of mine keep saying this Pope faces a daunting challenge not faced over most of the 2000 years since a hastily assembled collection of short stories made it onto the bestseller list: the march of science. There was a time when the church could just impose rules and people knew they had to live by them because heaven or hell awaited. They knew this to be true because there were no alternative narratives. Sure, there were competing sects but these said pretty much the same kinds of things: god is in charge, do what we tell you he says. In the last 100 years, science has looked at the cosmos and found no god; it has looked back to the beginning of time and found no god; it has considered the building blocks of matter and found no god; and it has considered the formation of life and found no god. It is almost as though there is no god. The harder the church makes it to be a Christian the greater the incentive to accept what science is saying: that god is how people understood the world before people understood the world.

But I prefer to think otherwise.

I tried the above-mentioned rationale with my house. I looked at the bricks and found no builder. I looked all around the street and found no builder. I looked up the plans and found no builder. It is almost as if there was no builder. I know the bricks look as if someone made them just as the fine tuning of the universe gives the very strong delusional impression that this is not "base reality". When Einstein resisted the concept of the Big Bang conceived by a Catholic priest he was part of an atheistic tradition that held out an "eternal cosmos" theory of the universe. He later called it the biggest mistake of his career. The Church isn't in the business of "making it easier to be a Christian". It is in the business of making us better persons, but that's like asking the Portuguese Olympic team to make it "easier to run the 100 metres in under 10 seconds", but some of us are not built that way.

I fail to see why anti-religionists and atheists feel so offended if I choose to believe in God. Why ridicule my beliefs? Am I hurting you in any way? If you do not like what Pope Francis says, then do not listen to him. If your ideology does not match my religion, why should you care? If I die and cease to be, then I won't know it, and it makes no difference. And if I do not exist, you won't be able to tell me, "I told you so." I've already not existed for millions and millions of years and it didn't bother me. If I die in the state of grace, I'll have an eternity to live in happiness. The only problem would be if there is no merciful God and I'm sent to hell for eternity. That would be an eternity of misery for me, but why should you care? Besides, if I live by the beatitudes I can be happy and make others happy. Not a bad life. You might ask me why I'm concerned about what you believe, and you are correct - I do not need to be. But it would be nice to have you for a friend and see you happy in an afterlife. But that is your choice. And if there is a merciful God maybe I'll see you anyway, and you will be happy. If there is reincarnation, then I'll have another chance, but "I" won't know it.

sábado, maio 06, 2017

My Father, 1941 - 2017

"He was a man, take him for all in all.
I shall not look upon his like again."

He lives on in his children and grandchildren's memory and hearts. I'm glad he was among us long enough to see my youngest bearing his surname.

segunda-feira, abril 24, 2017

Luminiferous Aether: "Four-Day Planet" by H. Beam Piper

“I went through the gateway, towing my equipment in a contragravity hamper over my head. As usual, I was wondering what it would take, short of a revolution, to get the city of Port Sandor as clean and tidy and well lighted as the spaceport area. I knew Dad's editorials and my sarcastic news stories wouldn't do it. We'd been trying long enough.
The two girls in bikinis in front of me pushed on, still gabbling about the fight one of them had had with her boy friend [sic], and I closed up behind the half dozen monster-hunters in long trousers, ankle boots and short boat-jackets, with big knives on their belts. They must have all been from the same crew, because they weren't arguing about whose ship was fastest, had the toughest skipper, and made the most money. They were talking about the price of tallow-wax, and they seemed to have picked up a rumor that it was going to be cut another ten centisols a pound. I eavesdropped shamelessly, but it was the same rumor I'd picked up, myself, a little earlier.”

In “Four-Day Planet” by H. Beam Piper

I used to read/watch SF and was also always careful to be scandalized at how little regard the genre got until I realized that ... well ... an awful lot of it does suck. Or at least, an awful lot of it is an awful lot like an awful lot else. The same five characters, the same one plot. There's good stuff out there, but the signal to noise ratio is lower than almost any other genre of entertainment or literature. Vast, vast, vast swathes of the stuff is bug-eyed monsters, buzz-cuts with guns, female eye-candy, and explosions: the power fantasies of 15 year old boys, in other words. Okay okay, okay, there's some good stuff -- someone will always point out the celestial Octavia Butler or Ursula Le Guin -- but the fact remains, you need to swim through an ocean of silicone and lasers to get to the good stuff. And oftentimes, the target SF demographic (who are all too often a lot more like Comic Book Guy than they want to admit) who rushes to lay claim to writers like Butler and Le Guin to legitimize themselves in the eyes of the oppressive lit-critic are the same ones who sneer at the stuff when asked to turn away from their tits-and-explosions for three seconds to read something that doesn't posit a 1950s Ward-and-June sensibility transplanted into The Future. (I'd always heard how "revolutionary" and "incredible" Asimov's books were, as an example, and I was incredibly disappointed to open the things and find out that his stuff was just one whiter businessman with a briefcase coming home to a pearl-necklace-wearing housewife who said hi-honey-how-was-your-day. Revolutionary? More stodgy and unimaginative to me, it reeked of the dust of the past even at the time it was written.) Even the supposedly "mind-blowing" 2001 movie could posit such "incredible" and "imaginative" things as enormous space babies and colonies on the moon but couldn't do any better than false-eyelash-wearing Space Stewardesses when it came to social imagination. Even at the time that stuff was dusty and stale. And SF is still no better. Again, sure, you can always flap Butler and Tiptree in people's faces, but they are plainly not in the mainstream and are often only mentioned by the core demographic as a means of telling people who call them out on their dull social imaginations to STFU. The ONLY time your typical white-guy SF geek even acknowledged the existence of a novel like "Kindred" is to shut up someone who asks why all the women in modern SF are housewives, harpies, or underwear models. And I can bet you a steak dinner that that same geek hasn't even read it.

In all honesty though, I don't feel any more generous toward fiction of any kind. It's all the same five characters and the same one plot after a while. That's what nonfiction is for -- for when a reader gets sick of the smoothed-out predictability of fiction and wants to see what happens when stuff's actually not within any given "protagonist's" control. For me the problem is not the bad science. It's the bad fiction. But the best SF is, in its very different way, as good as the best literary fiction: that is, it enriches our culture and our lives just as deeply, though sometimes by rather different routes...

And that’s why I love reading vintage SF, the good and the bad. The appeal for me for has always been so I can learn more about what influenced the books that were written today and not for their own sake. Everything comes from somewhere, every author was influenced by some other author, and I enjoy these connections. Reading Vintage SF is like having a conversation with my grandmother, and watching her make the same hand motions as my Mom makes. Today’s SF is the descendants of what came before. Reading currently every Science Fiction anthology I own, just before I will chuck them all out (but the Stanislaw Lem/Robert Sheckley/ Ray Bradbury/ William Gibson/ Robert Silverberg and a few others stay!) Some of them, specifically from the 50-60, are truly awful (remember E.E. “Doc” Smith? Ah, EE Smith's coruscating beams of force ... he introduced these early on in every one of his novels, and then every couple of chapters would want to up the ante, so would have to try and outdo his earlier description, and they would become ravening beams of unimaginable pure power…), but you can still find some hidden gems like this one from H. Beam Piper. Piper has always been one of my favourite vintage SF authors. With Piper it is interesting how a specific subject of science (which is still Fiction) changes. But "science-fiction" is just a catch-all phrase for speculative fiction (SF), not an enforceable limitation. I read a lot of SF, all the way from junk/pulp through to the serious hard-science stuff and the only complaint I ever have about any individual book is if it's badly written. Some of the more glaring errors and redundant theories raise an eye-brow (I love H. P. Lovecraft despite plate tectonics being fifty years in his future and all his mentions of luminiferous aether...) but what the hell, if it's a good book it's a good book. H. Beam Piper wrote a good with SF book no fillers or infodumps at a time when it was very difficult to produce stuff above average.

I also read vintage SF for nostalgia, and that’s awesome as well.

SF = Speculative Fiction.

sábado, abril 22, 2017

Convoluted Crime Fiction: "She Died a Lady" by John Dickson Carr

Just about every book written by John Dickson Carr is a locked room mystery, and all of them try to play fair (thus also trying to drive the reader nuts), but I always feel Carr tried too hard. His books are so convoluted that they become almost unreadable. I’m a bit reluctant to continue reading books wherein the intricacies become utterly unbelievable (why do some authors bother to impinge on our consciousness crap like this?) I’m better off reading Agatha Christie. This Carr was me being back to 'easy' reading after a hard week reading hard stuff. This one is among his middle-rankers. The method of murdering two persons close to a cliff with only his own footprints on wet sand was clever - maybe a bit too clever-clever - and the characters a touch clichéd - but then you do meet the same people over and over again in a Carr novel. The fun is in trying to out-guess him, and in the wonderful, spooky atmospheres he creates. Unlike Christie, the Carr’s leave a lot to be desired. In this case the solution just doesn't hang together. The characters and motivations are there but the explanation of the murder is just too weird. Carr once again didn’t play fair.

sexta-feira, abril 21, 2017

Tor2Web Proxy: "The Dark Net - How to Stay Anonymous Online Even from the NSA" by Peter Johansen

The darkness exists in the human mind not the technology.
Victorian Portugal was full of dark secrets that have had a negative effect on
this society ever since, far more than the internet has.

There's the "dark web" - i.e. the web you need to use Freenet or Tor or something like access (and those two are just examples, and they form distinct non-interconnected webs). And then there's the "deep web" - this is websites whose content is not indexed by search engines, because you need to register or pay to access the contents, or has Flash front ends, or is otherwise unavailable to a search engine. This is the thing that is likely much larger than the freely available web, and it's usually because there's money to be made by gate-keeping access to it. There's very little illegal, immoral or otherwise dodgy about the deep web; most of it is for-pay services, which are usually easy to clamp down on if they're illegal - just follow the money. 

Am I missing something here?

Yes. Google doesn't search every machine on the Internet. most of those don't have websites on them. Google only gets links by people who either fill out a "request for indexing" form or by following links from other pages. So if you create a website on your home machine and don't tell's part of the dark web. It only exists to people who know about it. If you post your link inside a chat room that isn't accessible to Google (maybe because you must login with a password, like say Yahoo chat) ...then it's still part of the dark net. However, it's obscurity rather than security. no one can find it because no one can second guess your url. However, (again) Freenet users don't talk to each other. The user doesn't ask the website author for the site like the regular, it asks a friend to do so on their behalf...who may ask someone on their behalf...thus no can work out who is reading the content. A system of replication ensures the author doesn't point directly at a machine but just somewhere "generally" in the network. Thus, everyone is anonymous. Even if Google could index the content...they wouldn't know what they were indexing or where it came from. Two aspects of Freenet immediately bother me, which is why I won't be downloading or using it. First up is the distributed nature of the data storage - even if my use is perfectly legal, it could be storing material on my computer which is not only illegal but also highly offensive. Now, perhaps that doesn't bother you, but it bothers me. Secondly, per the Freenet site, "Files are encrypted, so generally the user cannot easily discover what is in his data store, and hopefully can't be held accountable for it." Did you spot that there? hopefully. I must say that I find that statement rather irresponsible; fortunately, in Portugal especially there’s no RIPA legislation where you can be sent to jail for not revealing your encryption keys, irrespective of the content you are protecting. And if this sounds far-fetched, you should be aware that it has already happened ( There is also no commercial element in Freenet. The developers have deliberately eschewed the creation of anonymous money. That takes the rug from under some criminal activity. On the practical side of things, Freenet is slow and not an ideal environment for swapping large files. On Freenet, most people choose to remain anonymous; that limits their interactions to a degree. On the conventional internet groups of people may work together using opaque encrypted connections and truly conspire in illegality if they wish; they sacrifice their anonymity to connect in the first place. Conspiracies are broken by their weakest link. Most (perhaps all setting aside whatever GCHQ accomplishes) clever internet police detective work begins from traditional policing methods. A suspect is brought to their attention somehow either by acting suspiciously on the internet (say a chatroom) or by coming under suspicion in the ordinary world. The suspect's computer is inspected and this may lead to new suspects. At that point the police may opt to operate a scam to catch others in the act. Freenet was developed to promote freedom of speech, particularly in places like China.

TOR, at present, is anonymous only in some internet transmission modalities.

There is much distasteful material on the internet and doubtless on Freenet. I suspect that much of this is the same stuff cycling round and round. The priority for law enforcement should not be the relatively easy option of identifying people in possession of this material but rather at grabbing those who create it in the first place. This is where the traditional internet is so important because only on it is there commerce. Cabals sharing a criminal interest, operating covertly and not putting the product of their activities for sale on the internet will be broken only by serendipity arising from traditional policing methods.

ToR causes a marked slowing of browser response. That's because the number of people using it are relatively few. What would make these technologies sit up and work is the introduction of millions of new non-combatant users motivated to avoid governmental surveillance and copyright controls. These dark side technologies are relatively immature, yet I can see at least one design that links ToR, Kademlia and strong cryptography that would present an intractable file sharing system and alternative email backbone. The question is this: given that relatively few malcontent users are using simple technologies, is it desirable to obfuscate them behind millions of benign users deploying strong technologies because of incontinent legislation? If I were employed by the Portuguese secret service, I'd be rather concerned about losing the ability to see the bad guys from the trees.

Ugh. Ok, so who is creating all this dark content? Are there 400-500 times more people creating content than we 'know' about? On the net content is king. There is unlinked content, mostly image files, but frankly most of that is probably illegal sexual stuff and while there is some truly unpleasant stuff out there in the hard to find places there are an awful lot more legal porn images (because it's a vast business) and teenagers on youtube putting up clips of them taking the piss out of their mates, because it's easier than videoing the construction of homemade nuclear devices.

Google doesn't simply search JSTOR - publishers are required to provide google with something called an abstract to crawl before their content can be indexed (basically the non-subscriber landing page). I create content on the darkweb (silly term) everyday such as hidden back content to support published websites, and none of it is crawled by google or anyone else for that matter. And none of it is in the least bit illegal or even morally dubious. Most of the unknown web is full of boring web infrastructures, and certainly not child pornography.

Predictive searches never show porn related stuff (or so I have read); I guess that would conflict with Google's public image, but if you type rotten you get before you've typed tomatoes; some time ago Google courted some controversy by refusing to take down a racist photoshopped pic of Michelle Obama - citing rules that they only removed content when legally required to do so, all of which makes their ethics seem a little patchy. The point I'm trying to make is that I would gladly trade free albums for the loss of sites like rotten.

I'll probably get criticised for this and I'm aware that there is no perfect solution. No-one wants an internet with little free content and a big buy button on the top of the screen, but I am concerned about the excesses of the internet (never mind the dark web freenet thing) and its influence on peoples' morality and behaviour. I think the idea of "public" content being in the minority is a complete fantasy and the percentages plucked from the air, also I think it should be made clearer that there is a big difference between actively hidden content and activity for clandestine, political or paranoid reasons, and content that is simply defunct, old outdated websites that no one links to any more but aren't deleted, abandoned personal websites or free websites for companies that have gone out of business. Hard drive space is cheap these days and older websites don't take up much room. Also important is separating traffic from actual useful available web content, files or communication; no doubt a huge amount of traffic is taken up by spam and automated programs like trojans and the like. The idea of a huge goldmine of interesting secret information that dwarfs the public web makes no sense, the number of users and content publishers in these "sub nets" are by their very nature minuscule.

Virtually everyone I know with a computer does or has at some point downloaded music or films through Limewire or rapidshare or whatever, and those who haven't have at the very least watched unlicensed rips of shows on youtube for example - and none of those people would consider themselves criminal, even remotely. It's one of the odd things I've always thought about the whole filesharing thing - it's right there, hugely visible and you don't need to search far to get to it - just post the name of a record in google and you're likely to get to a rapidshare link or an equivalent within two or three pages of results. Google will probably lead you to thousands more pirated works than I imagine you'd ever find on freenet.

Johansen’s book is not earth-shattering, but it gives all the basic necessary ingredients for you to dip your toes in the water dark-web-wise.