Totally agree. This book gets great reviews because it is entertaining, but fails totally as an "guide". It will not turn anyone into a security practioner.

Regarding the author, while his heart is certainly in the right place, his research has erred a little on the sensatianalistic side ("Chip and Pin is Broken!"). I will have a look at this book, but my expectations are low.

... and most of them run in a controlled environment (server-side). So lots of Joel's advice is not going to apply.
Then they have the balls of comparing their move to the transition from Mac OS 9 to Mac OS X!
In the end, while their story is interesting, it adds really little value to the "Rewrite/No Rewrite" debate.

I'm all for energy-efficient algorithms and datacenter but this PR is nothing but green-washing. IBM's algorithm is just faster so it uses less energy. Duh.

Automatically spreading loads across datacenters in multiple locations to take advantage of local environmental conditions so you don't have to use chillers, now that's something.

Effective Java, Second Edition, by Bloch. This book is quite unique and can save you a lot of journey time as you travel the path from "beginner" to "expert". I wish it had been available when I started. Caution: it can make you grow a beard and mumble about the advantages of respecting the .equals() contract.

The weaknesses of this algorithm are well-known and a new version that fixes those issues has been available for a long time. Now, does anyone knows whether this new version has been deployed everywhere? Who is still relying on the older version?

BTW, the algorithm used by 3G networks is different. It is based on AES and the design is publically available.

Encrypting a hard drive protects the confidentiality of its data. It does not prevent you from cloning the hard drive i.e. it does not protect the authenticity of the hard drive.

In many applications that use RFID tags, authenticity is much more important than confidentiality. Those researchers seem to propose a way to authenticate the RFID tag using its "fingerprint". What I'm saying is that a dynamic challenge-response scheme is much more practical and more reliable.

Crypto is not only about encrypting data.

If you want a secure challenge/response mechanism it would require much more power, an active tag would be required.

An active RFID tag (i.e. a battery powered tag) is not required. Just look at DESFire cards: probably not as cheap as passive RFID tags but they can handle a simple challenge/response mechanism. If you want something more beefy, look at the DDA mechanism specified by EMV and used by Visa and Mastercard: it uses RSA with 3 levels of public keys. It works just fine on simple microprocessor-based contactless cards.

Just use a sensible crypographic authentication mechanism and be done with it. I guess that it is interesting from a "pure science" point of view but I'm not quite sure that this should be used to detect fake passports.

The fact that reading comics promotes litteracy is pretty obvious to anyone living anywhere with a strong "comic book" culture such as Japan, South Korea or French-speaking countries. The problem is that most US comic books are not very good, and the good ones are not targeted as kids (mostly).

Well, I kind of like him. I like how he's clearly getting older and his roles reflect that. But he also starred in the last major SF-book-murdering movies (I, Robot and I Am Legend) so I hope that he will stay away from those now.

All of the above

Well there's really no debate about Verhoeven's goals. Now, unlike you I do like this movie, probably because I love this cheesy side. Totall Recall and Robocop were quite similar in this regard.

Now why did he decided to adapt the book instead of coming up with his very own story? I don't know. I mean, Starship Trooper is no Harry Potter, it was not a strong franchise. I think that Verhoeven started reading the book, liked the basic idea and bought the rights on the cheap instead of taking the risk of being accused of plagiarism. He also probably loved the idea of Heinlein fans being lured in a movie theater to endure a two-hour long assault on militarism.

Now if you want to watch a really bad movie, locate a copy of Starship Troopers 2. And while I was researching this post, I discovered that there is a Starship Troopers 3. God help us all.

I really wonder how many people on /. will get this one.

Do you have some hard facts about the history of the scenario of Starship Troopers (the movie)? It's been a while since I read the book but it seems to me that it followed the book quite closely (more than "I, Robot" anyway, this one was really screwed up). However it's obvious that Verhoeven used this movie to express, let's say, a different point of view than Heinlein's. Lots of people complained about the missing "power armors" but I think that Verhoeven simply wanted to make the soldiers more vulnerable, in order to strenghten his arguments regarding the top brass.