Posts Tagged counting from zero
On Saturday, I gave a presentation and demo of ZRTP at Hackfest 2013, organized by the Washington University in St. Louis chapter of ACM (Association of Computing Machinery) .
A group of about 60 undergrads had gathered in Urbauer 211 to learn about hacking and try it out. I gave a short presentation about ZRTP, the media path keying protocol for SRTP invented by Phil Zimmermann.
I was fortunate to serve as the editor of the ZRTP specification, which was published as RFC 6189 two years ago. I showed how ZRTP allows users to detect the presence of a MitM (Man in the Middle) attacker by checking the Short Authentication String.
Here is a PDF of my presentation.
Then I used the Jitsi open source voice, video, & chat application to demo ZRTP. Emil Ivov, founder and chief developer at Jitsi answered my ZRTP call, and we checked the SAS. The sequence of steps used to secure the voice & video session is shown in this animated GIF.
Afterwards, I gave away a copy of Counting from Zero, my technothriller that incorporates elements of ZRTP, hacking, exploits, and zero-day attacks.
We then spent the rest of the afternoon playing with Metasploit on an isolated network of virtual Windows machines. It was an interesting day. Just like at IETF meetings, the biggest excitement of the afternoon was when the cookies arrived!
Perhaps at next year’s session, we can try out VoIP hacking tools such as SIPvicious!
As 2011 draws to a close, I wanted to take a moment to thank everyone who has helped me this year. It has been an amazing year! Here’s a short list of my highlights:
– In January I gave a SIP Tutorial for the FCC staff in DC. It was a great event, and hopefully I will get another chance to do it again in 2012. The FCC has lots of VoIP and SIP work to do with the transition of the PSTN and E911 to all VoIP. Hopefully we can soon end the ridiculous subsidies for rural telephone service and instead use them to subsidized high speed Internet service for rural areas. My friend Henning Schulzrinne was just appointed Chief Technology Officer, so I know the FCC is in good hands technically. I also enjoyed giving the SIP Tutorial in Miami, Sydney, and Austin.
– In February I published my first novel, a Techno thriller about a massive attack on the Internet that gives this blog its name – Counting from Zero. Little did I know how much hacking and security stories there would be in 2011. Some have even called 2011 the Year of the Hactivist, which is hard to argue with. Overall, I couldn’t be happier with the response to the book. Thank you do much to anyone who has read, reviewed, tweeted, or blogged about it – I am very grateful. Look for more book news in early 2012…
– In March I participated in my first robotics competition. The experience was amazing, and I look forward to the start of another build season in just over a week!
– In April, the ZRTP VoIP media security protocol was published as an RFC by the IETF, after 6 years of hard work. Editing this document is my small contribution to making the Internet more secure. Here’s to more adoption and deployment in 2012.
– In May the RTCWEB Working Group was chartered by the IETF. The work is progressing slowly but steadily. I expect more progress in 2012, and hope for some strong security to be built into the protocols – lets show that we have learned something over the years…
– In June, I participated in the first ever SIP Network Operators Conference or SIPNOC for short. It was a great success and really shows how SIP has grown up. I am privaleged to have another term on the Board of Directors of the SIP Forum. With the publication of SIPconnect the SIP Trunking recommendation, the business use of SIP continues to grow and expand.
– In November, I has my first experience as a cricket coach. My son started the Priory Amateur Cricket Association or PACA as a club at his school. It has been a blast so far helping the boys learn the basics of cricket. They have done a great job, although we need to reduce the number of no balls! In 2012 we plan to play a one day match against a local cricket club.
So, here’s to 2011 – it was definitely an interesting year! I hope it was a good one for you and yours. Here’s to 2012!
Today I ditched a long time partner, Smashwords. I feel really, really bad. I remember clearly the day I found the site and realized I could use this one excellent site for distributing my eBook on multiple platforms: iBooks, Nook, Diesel, Kobo, Sony, etc. I loved the way I could generate free download coupons for my eBook. I raved about Smashwords on this blog. Between Smashwords and Amazon KDP (Kindle Direct Publishing), I had my eBook publishing bases covered.
As of today, I am using Amazon KDP exclusively to distribute my eBook, Counting from Zero.
Why? Because of the terms of the new KDP Select program Amazon launched today. In exchange for forsaking Smashwords (and all others), my eBook will be a part of Amazon’s Kindle Owners’ Lending Library, a brand new part of their Prime service. Users of this service get to “borrow” one eBook per month for free. Authors and publishers get no royalty, but instead will split a slush fund from Amazon based on their books share of lending. How much will this be? No one knows – it depends on the degree to which users adopt this new model. There is also the opportunity to offer my eBook for free promotions, as well.
Why did I decide to participate? Well, the financial calculation was trivial. As the pie chart shows, 88% of my sales have been eBooks on KDP, with 7% paperbacks (on Amazon and B&N), and just 5% eBooks through Smashwords. To give up those 5% sales to add a new distribution channel is an easy calculation. Also, I just love being able to participate in the disruption of the publishing industry, and it will be a very interesting ride the next few months to see if this takes off.
Despite the title of this blog (apologies to Dr. Strangelove), I do still worry about Amazon. Their power in the publishing industry is growing exponentially. If the Kindle Fire takes off and lending as well, it will give Amazon even more leverage. I really, really don’t like the exclusive requirement for Kindle Select. It feels awful to say goodbye to Smashwords, a site that has been extremely useful to me this year.
So, here it is – it will be interesting to see how it goes!
I spent all last week in Austin, Texas at the Internet Telephony Expo, ITEXPO conference. In addition to giving the SIP and RTCWEB Tutorial and having a board meeting of the SIP Forum, I moderated a security panel at the 4th Generation Wireless Evolution 4GWE conference. It was a great panel, with Patricia Steadman, CEO of Telesecret,a company founded by Phil Zimmermann to commercialize the ZRTP media security protocol, and a good friend and former colleague from Avaya, Andy Zmolek from LG Electronics.
As I enjoyed the cool and damp weather back in St. Louis (the opposite end of the weather spectrum from last week!), I was elated to discover that my novel “Counting from Zero” was ranked #12 on Amazon’s Computer Network Security sales list! (Of course, this ranking changes minute-by-minute, so it might very well be ranked a bit lower when you read this.) I mark this as yet another milestone with this book, my first attempt at fiction. To have it doing so well in a ranking filled with security text books is very exciting!
I was also thrilled to see two other books I greatly admire ranked just above me at #7 and #9: The Art of Deception: Controlling the Human Element of Security and The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers by Kevin Mitnick and William Simon: I use both these books as references in my book. I was thinking of Kevin all last week during my travels as I finished reading his newly released memoir Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker. It was an amazing read, and I highly recommend it. Maybe I’ll post a full review here one day soon.
My original goal with “Counting from Zero” was to teach the fundamentals of computer and Internet security, but to do it in a non-traditional way. I had written one other book on security, “Understanding Voice over IP Security”. Its sales have not been great, compared to some of my other SIP and VoIP books. One reason is perhaps that security books tend to be dry, and a little theoretical, not well-connected with real life. In “Counting from Zero” I tried to invent a plot that would not only teach security, but help motivate it. I set out to create a character, Mick O’Malley, who would initially seem over-the-top in his security, but have the subsequent action and events make him seem more normal, and the rest of us who barely give security a thought the strange ones.
I have greatly enjoyed the reviews of the book, and those complementing my characters, writing, plot, etc. But I enjoy hearing the most that a reader learned something from the book.
If you have an interest in Internet or computer network security, my book will help explain some basic concepts and help motivate the topic. If you have ready my book (thank you!) and learned something useful from it (fantastic!), I’d love to hear from you…
I have an eBook giveaway of my cyber crime mystery thriller ‘Counting from Zero’ underway at LibraryThing. Until June 17, 2011 you can enter to win one of 100 free eBooks! Winners will be able to download an eBook in all the formats supported by Smashwords.
I admit that I came to the ebook party fairly late. I read my first ebook after I got an iPhone and discovered Stanza and Project Gutenberg. I was amazed at all the books that were available. I think the first thing I did was download then read every novel by Jane Austen! I hadn’t read a book on Kindle until just a few months ago, as I describe in my first blog entry My First Foray into Fiction.
Since then, I have published my first novel, Counting from Zero. The advantages and disadvantages of books and bits has become even more clear to me. For example, some advantages of ebooks:
- It is wonderfully easy to give away copies of my ebook – I just email the EPUB file or a coupon to download it from Smashwords (BTW, a fantastic site for ebook distribution). The recipient gets it immediately at no cost to me!
- It was terrifically quick to get my book out there – Amazon only took a few hours, Smashwords took a few days, and it was even on Barnes & Noble and iBooks within a week or so!
- One can carry an entire library in the palm of your hand, and it is always with you. I love to just pull out my iPhone and read when I am stuck somewhere waiting, very pleasantly filling in what would otherwise have been wasted time.
- Some people just don’t have any reading devices for ebooks, and printing out pages on an inkjet printer, or trying to squint at a computer screen is no way to enjoy a book.
- Your ebooks don’t end up on your bookshelf when you are done. How will you rediscover them years from now, or how will friends or family happen upon them and ask about them and perhaps borrow them? How will do you learn about friends and acquaintances without nosily browsing their bookshelf when visiting their house?
- How do you loan or give away an ebook?
- In some ways, an ebook doesn’t quite feel ‘real’. I know it is silly, but there is nothing like a book in your hand.
Now, some of these things are slowly being solved. For example, most people will have a tablet or phone with an ereader soon – I think the days of everyone owning a conventional desktop computer or laptop are really numbered (sorry Microsoft…). Most people do not create content, they just consume it, and the computer requirements for this are much different. Also, the security of these devices is so much better than a Windows PC, so this will really help with problems like botnets, but that is a topic for another day…
I recently discovered Shelfari and started putting up my bookshelf online, which I found kind of fun. Goodreads lets you do this as well. I’m not sure how well it works, but here is, my virtual bookshelf.
Loaning now is possible on Kindle and some other devices. However, DRM (Digital Rights Management) protected ebooks will continue to be a problem. Could you imagine a conventional book that wouldn’t let you read it unless it could verify your purchase license?
As for the feel and look, I’m not sure how this one will go away. Perhaps paper books will always be with us, as a ‘backup’ to our digital versions. If only the Library of Alexandria had backup stone or clay editions of those books…
This discussion leads me to today: I just opened a box containing the first printed version of my novel, Counting from Zero.
I did it using the print-on-demand service CreateSpace. I must say, the process has been very smooth and nice so far. I was able to upload a PDF of the interior and a PDF of the cover. I created both with template files provided, and some work in Word and Photoshop. There really are NO upfront costs. As in none. Zero, if you like! This was the hardest thing for me to believe – I was sure there was some hidden fees or costs, but there aren’t. Of course, most of the website describes various packages that provide support and services which do cost money. However, look carefully and you will find a do-it-yourself option where you prepare and format all the files yourself!
The only fee I have paid was a $39 Pro Plan which allows my book to be included in book store catalog distributions. Otherwise, I only paid for copies of the proof book ($4) and shipping ($12 2nd day). Once I OK the proofs, my book will be ready and can be purchased at Amazon! Just amazing!
So, my proof copy looks really, really good! CreateSpace has done an excellent job, and they have printed exactly what my PDF files showed. I do need to fix a few formatting issues that I didn’t notice in the PDF files (and typesetting in Word is just awful!) Here are pictures of my ebook and my book…
Both books and bits have their pros and cons, and I expect both will be with us for a long time. I’m just really, really excited to have Counting from Zero as a paperback now. Look for it on Amazon in about a week or so!