Back to: Crib Sheet: The Delirium Brief | Forward to: Happy Halloween!

Publishing: A Slice of Life

The problem of fraud on the internet needs no introduction, but sometimes it takes on manifestly surreal forms. Here's an extract from the US National Cyber-Security Center's weekly threat report from last week: Publishing House Phishing Warning:

Penguin Random House North America has issued an alert to staff following a spate of global phishing scams attempting to access agencies' and publishers' manuscripts and other sensitive information.

The UK arm has been similarly targeted, with fraudsters posing as literary agents and foreign-rights staff from seemingly legitimate email addresses. Macmillan has confirmed that it has also been targeted by scammers trying to access manuscripts and has reportedly issued an internal briefing to staff.

I will confess I was somewhat boggled when I stumbled across this one. Everybody knows that the best way to make a small fortune in publishing is to start with a large one. And while there are some reasonable targets for fraudsters targeting a large publishing house (the accounts department springs to mind), author's manuscripts are not among them! Targeting manuscripts for profit is a bit like burgling a farm in order to steal all the crops growing in the field, three months before they're ready for harvest.

But still, it caught my attention. Scammers posing as literary agents and foreign rights staff have apparently targeted Macmillan and Random Penguin? My author-brain immediately started generating screwball heist caper comedy plot lines in which hapless scam artists discover how publishing really works.

(Continued below the fold.)

THE SCENE: a seedy boilerroom scam office/call centre somewhere unspecified, where our protagonists, SCAMMER 1 and SCAMMER 2, are discussing their heist.

Scammer 1: "I just got ahold of the submission draft of the next Charlie Stross Laundry Files novel! We're gonna be rich!!"

Scammer 2: "All we have to do is copy edit the hell out of this sucker, slap a cover on it, run a marketing campaign, upload valid metadata to all the wholesaler databases, and get our version published on Amazon before Tor beats us to the punch ...!"

(contd.)

Scammer 1: "Shouldn't be too hard. I mean, publishing is easy money, right?"

Scammer 2: "Tell you what, you go work up a marketing campaign while I find some clip art of unicorns an' shit to put on the cover and feed it into Microsoft Word to make it look good. Shouldn't take long."

Scammer 1: "Marketing campaign ... how do I do that?"

Scammer 2: "I dunno. I thought the author was supposed to go on a signing tour?"

Scammer 1: "That could be a problem: we'll need an author. Unless you're volunteering? Anyway, that sounds expensive. Why should we pay for some dude with a laptop to go on vacation for a month?"

Scammer 2: "I got it! I know how! We'll tell Charlie we're his publisher's marketing people. Think he'll buy it?"

Scammer 1: "But, uh, he is with Tor. Doesn't he, like, know those people?"

Scammer 2: "Naah, we'll tell him they just outsourced marketing to us. He's dumb enough to sign up with those marks and they're dumb enough they clicked on the link in the phishing email, so dumbness squared, know what I'm saying?"

Scammer 1: "Okay, so I'll figure out a, uh, a tour. Where do they send authors, anyway?"

Scammer 2: "I dunno, the Canary Islands? The Dead Sea?"

Scammer 1: "Do they have bookstores in the Dead Sea? Isn't he supposed to sell books while he's on tour or something?"

Scammer 2: "Yeah, that sounds right. Guess he's supposed to go where the bookshops are."

(Scammer 2 googles a list of likely bookstores, and sends an email to the author.)

(Time passes.)

(An email reply is received the next day, and responded to.)

(More time passes.)

(An email reply is received the next day, and responded to.)

Scammer 1: "Are you getting anywhere with the marketing, dude? I've got the book designed and ready go to on Lightning Source! We're waiting on you!"

Scammer 2: "I dunno, he's like, really slow replying to my emails?"

Scammer 1: "That's because we're in Tulsa and he's in Europe. It's, like, three in the morning in Europe right now. Every time you send him an email it takes a day to get a reply."

Scammer 2: "Shit. Maybe I should phone him ..."

(A telephone is resorted to.)

Scammer 1: "So?"

Scammer 2: "He swore at me and hung up. And now it's going through to voicemail."

Scammer 1: "Dude, it's 5am."

(More time, and email, passes.)

Scammer 1: "So, how's the marketing campaign coming along?"

Scammer 2 (whining): "He says we're supposed to pay for his tour!"

Scammer 1: "He's just trying it on. Persist. If he won't budge, tell him we'll repay his expenses if he keeps receipts."

Scammer 2: "Got it, boss."

(Later)

Scammer 2: "He says he can't afford the bus fare from, uh, Edinburgh to Kansas City? He wants us to fly him everywhere in business class, put him up overnight in boutique hotels, and have a bowl of M&Ms waiting in every motel room—with no blue ones?"

Scammer 1: "Well, forget that. You can send him on a blog tour instead: it's cheaper."

Scammer 2: "What's a blog?"

Scammer 1: "Dunno, it's something you send authors on a tour of, like 4chan only more polite."

(Later)

Scammer 2: "He says he already did that the last seven books running and he's bored and can I place an ad in the New York Times?"

Scammer 1: "That sounds like a great idea! How much do they charge?"

(Later)

Scammer 2 (despondent): "I had to max out my credit card, but the guy in advertising said they'll take it. All I need to do now is get author dude to write some, uh, copy, whatever that is? By tomorrow?"

Scammer 1: "Don't worry about the Amex card, I'll steal you another one. Copy is like an advert or something, he's a writer, he does this shit for a living. How much space did you manage to buy?"

Scammer 2: "Fourteen words, no punctuation."

Scammer 1: "He'll have to make every letter count, then. He's used to twitter, fourteen words to promote his yarn is luxury."

Scammer 2: "How's the book coming along?"

Scammer 1: "Oh, Microsoft Spell Check cleaned it up good, and I've made a great cover for it! There were loads of rainbow-pooping unicorns on Pinterest and they'll never notice me ripping off their artwork."

Scammer 2: "Looks legit! Let's upload it to Amazon, then we're—"

(DANCE ROUTINE IN THE SCAMMER'S OFFICE)

Scammer 1: "We're in the money! We're in the—wait."

Scammer 2: "What now?"

Scammer 1: "It's Amazon. They want our bank details, credit card number, date of birth, street address, mortgage lender, blood group, and a W8 form from the IRS before they'll pay us."

(FADE TO BLACK)

130 Comments

| Leave a comment
1:

Please also note that an aspect ratio of 1.5:1 is completely wrong for any book cover anywhere, anytime. But don't tell the scammers!

2:

The reasonable, sophisticated scam is they are shorting the publisher and are going to mass dump the manuscripts to pirates and cratering the stock once their entire portfolio of future products is in the wild


A more likely scam is that this is the puppies brigade trying to destroy the companies/livelihoods of "cultural marxists" (read as those in DFF who are not on board with Beale and the reactionaries) by dumping all the manuscripts into the wild.

3:

The reasonable, sophisticated scam ... except that won't actually work; book pirate sites are a persistent minor annoyance but don't actually hit the mass sales to folks who don't know enough/are too risk averse/too honest to go looking for them.

A more likely scam ... entirely plausible, but stupid (see above) and risky: it opens the perps up to criminal prosecution if they're identified, and gives a couple of multinationals with aggressive legal departments every incentive to hunt them down.

Personally, I advise against attributing to sophistication that which is easily explained by stupidity and ignorance on the part of the greedy.

4:

I would think the "this is really a sophisticated scam" case is "someone is testing their spear-phishing capabilities against a corporate and picked manuscripts as a simple, countable, tangible-and-thus-checkable deliverable for those tasked with carrying out the test". Faking a manuscript is hard, and even harder when it gets published and you can compare the extracted to the published.

I doubt this is the case; hardly anyone engaged in anything like phishing has that kind of planning horizon.

5:

And now, I kind of want a copy of The Labyrinth Index with *that* version of the cover.

6:

Really obsessive fans trying to get advance copies of their favourite authors’ books? Sounds a bit more plausible than someone figuring they’ll make money off them…

7:

That's actually my guess, although it'd have to be really obsessive fans who haven't figured out how to game NetGalley.

8:

My guess: that's what you get for writing mean cliffhangers. When I finished book 2 of the Merchant Princes, I went "WHAAAAT?!? YOU CAN'T STOP HERE!" so loudly at 2am that I woke up my partner, who then promptly bought me book 3 on Kindle so that I would shut up. For Empire Games I was smart enough to not start book 2 until book 3 is actually available. Maybe these scammers weren't so prepared, and had to resort to desperate measures... ;)

9:

"Invisible Sun" exists (the draft is with my editors) but is delayed; parental deaths will kind of do that to you, they don't exactly put you in a creative state of mind. (Many authors stop producing for years when one or both parents die: I just blew a bunch of deadlines and was late delivering three books ... so far ... although two of the three are indeed delivered.)

10:

I don't know about you, but I'm replacing the cover of my e-book with that one.

11:

Ditto. The artifact-laden overcompressed look is a nice touch.

12:

Charlie, the first thing that comes to my mind is the fake Harry Potter book that was published in Asia, and they made good money on it, selling it over the 'Net.

Or, a varient of your own thought, get the copy and a) sell copies to people with way more money than sense[1], or find ways to, say, bet on what happens.

1. Like the folks who, a few years ago, bought "cryogenically-treated audio cables, for the true audiophile", cheap at only $1,000 US (yes, it was really for sale on Amazon, I think).

13:

I fully understand, and I didn't mean to criticize or push buttons. It was intended as a joke, and more a comment on my own inability to put down books (or trilogies, for that matter) once I start them... Patience is a virtue, and books come out when they are ready.

14:

The thing that came to my mind was "what series does Random Penguin currently have the unpublished manuscript to the next volume in?" Because having a copy of the next Harry Potter before publication was actually worth something. Note that A Song of Ice and Fire is Simon and Schuster.

The other possibility that I've thought of is "what about non-fiction?" Is there, like a non-fiction book that might affect the markets or politics that they could get?

For instance, if there's a #MeToo book that names names across a bunch of corporations and they could short all of those corporations. Philip Green got named today, for instance (though Arcadia Group is privately held, so you couldn't have shorted it).

15:

with fraudsters posing as literary agents and foreign-rights staff from seemingly legitimate email addresses. Macmillan has confirmed that it has also been targeted by scammers trying to access manuscripts and has report
There's been a outbreak of similar elsewhere - people using my apparrent own email address to try to extract money.
I forward them to my ISP.
If I open the email properly, I can see all the header information.
WHich one in all that garbage, is the actual phisher/scammers address, so that I can block it, as well as informing my ISP, generally?

16:

Maybe the folks in Asia who like to rip off movies are trying to move into print? I wonder if there's a halfway decent English to Mandarin machine translation program out there.

17:

Have you seen "The Devil Wears Prada"? From the Wikipedia article:

"The next day, Miranda tells Andy that she wants the new unpublished Harry Potter book for her daughters and, if Andy cannot find a copy, she will be fired."

What you are dealing with is an obsessive teenage fan with a wealthy parent who has a very good PA.

18:

$1000 audio cables? That's nothing: Amazon used to carry $10,000 Cat5 cables for audio use! The reviews were a scream.

Anyway, if you could round up as many as ten readers willing to pay $1000 a pop for an exclusive preview of my novels, I'm pretty sure my publishers would be extremely happy to figure out a way to monetize that market. (They get a lot less than that in income from some sub-rights markets.)

19:

As someone who networks on a daily basis, I gave some thought to this one day on a long car trip, and question that concerned me was this: TCP or UDP?

If we're talking about TCP, then the cheapest of low quality cables will give exactly the same quality as the most expensive cables, given a network that moves faster than the music needs to load (so there is some overhead allowing lost packets to be replaced.) In other words, a $5.00 cable will work just fine.

But UDP is another matter entirely. UDP doesn't resend packets which turn out to be bad or non-existent. If the music application is UDP, (and most of them are) then it is necessary to take some precautions to make sure that no packets are lost. This means a need for high-quality connectors and really good, shielded cable in which the shield has actually been tested. So I'd say an audiophile could justify buying a "better" cable. It would not be out of line to pay $25.00 (or slightly more, depending on the distance involved) if super-high-quality stereo gear was involved.

$10,000, of course, is ridiculous.

20:

another theory: Maybe someone has identified SF writers as eerily good predictors of future political events. Tor was apparently not a target so they're not onto you yet, but who are William Gibson or Bruce Sterling with? Getting early access to next year's crazy events must be worth quite a bit among the stock market folks...

21:

Not worth trying; it's not sensibly blockable. Just delete and ignore, which is all an ordinary user can usefully do with any spam. Forgive me for not cluttering up the thread with an explanation this early on :)

22:

Wait until you run across, I Am Not Making This Up, cryogenically treated tubes (valves across the pond).

Wait, don't tubes run warm enough to have at least one element glow red hot, thus rather defeating the purpose of a cryogenically induced phase transition? Why yes, yes they do.

23:

oh, ok - I assumed this was about "fancy" CAT5 cables for audiophile extremists (the people who would spend thousands on a rock, if told that it somehow improves quantum coherence in the oxygen-free brain of the listener...) I did read some DIY audio forums a long time ago where people recommended CAT5 as cheap and good speaker cables (using the strands in parallel). Maybe it spilled over into the esoteric section, and someone decided to cash in?

Regarding pro-audio for stage or studio use, people are using ethernet now with customised protocols for low-latency live audio (

24:

(mmh, somehow half my previous comment disappeared... bad cables?) was going to say:
I'd think that pro-audio protocols would use forward error correction (FEC) to combat bit errors - much cheaper to use some software redundancy than relying on fancy cables.

25:

It wouldn't surprise me if that actually was possible - meaning that the ten people probably exist - although finding them might be another matter. They might well not even read it, just want to be able to say "ah, but I've got the preview copy". Same as with people who obsessively collect as many "unreleased", "experimental", bootleg, draft, whatever, versions of their favourite band's songs as they possibly can, regardless of the applicability of Sturgeon's Law to the resulting collection.

26:

Pigeon
I was afraid that what you said would be the case ...
Pass it on to the ISP & delete, in other words

27:

Getting early access to next year's crazy events must be worth quite a bit among the stock market folks...

This sort of assumes that SF authors are (a) in the prediction business, and (b) are good at it.

Your examples are valid, but suffer from confirmation bias: you're not taking into account all the failed predictions, let alone the stories that are more preoccupied with dragons as a metaphor for ponies than anything remotely likely to happen.

Frankly, I'd bet on dart-throwing octopi: they're more likely to hit the target on average.

28:

It's older than that. Fancy cables for digital signals (and fancy optical fibres) have been around since the first CD player with an S/PDIF output. Application of the same principle to Cat5 was inevitable.

(Cheap speaker cables - use T&E. Fancy cheap speaker cables - use four-core flex cross-connected in pairs to cancel the cable inductance.)

29:

They've been reading all your blog entries complaining about real-world political developments making you have to rewrite everything...

The idea of SF authors as predictors is pretty well established, and has been for a very long time, never mind that it doesn't really stand up to analysis. And I'd hazard a guess that stock market people are even less likely to read guff about masturbating unicorns than ordinary people, so are probably unaware of it as a source of noise. They probably aren't even reading the stuff themselves anyway, just getting some minion to submit an analysis of it after some other minion has snaffled it to begin with.

30:

Alternate theory:

China is currently investigating local publishers of 'scientific journals' with intention to prosecute -- probably with extreme prejudice. Maybe one of these publishers decided that they'd make everything look like some silly misunderstanding: 'We're science fiction, not science, publishers. Here - take a look at our slush pile of manuscripts in all the various stages of completion! And every single one of these works is by a known author!'

If asked why these authors are using a Chinese-based publishing house: 'Because we can publish for less therefore the author will get a much higher royalty check.'

31:

And in most, if not all cases, if you look at the full headers, you';; see multiple lines begining with the word Received:, and they've falsely put your email address as the sender, and used an open relay, or they've set you as the Reply-to:. I get crap allegedly from several friends, that is not, in any way, from them or their actual accounts.

32:

IIRC, *audio* cables. computer speaker jack to speaker.

But then, 10 years or so ago, the video card makers were touting 32-bit cards, for what, a billion colors (note that humans can only see 5M....)

33:

Wait, Charlie, you mean that you *don't* expect an invasion of Leeds by Alfar?

34:

On a more serious note:

What agencies/businesses use similar publishing software and/or protocols? The SF phishing caper might have been a test.

Another scary scenario: Now that they know how to grab stuff out of the real publishers' data base, they'll be able to figure out how to put stuff into these same data bases. Least scary possibility is that the hacker alters an okayed doc (story) just as it sent to the printers. I'm guessing this could mess up the production process resulting in cost over-runs and delays. I'm also guessing that even though a physical tree-based book is more expensive to produce per unit, messing with it is probably safer from the book buyer's/reader's POV vs. a potentially messed up e-book (and device).

35:

I'm sure it's only a matter of time before a masturbating unicorn correctly predicts the winner of the next awards ceremony, sports match or something similarly important.

Allegedly using one to predict which stocks to buy and sell is likely to work better than using a stock market analyst or funds manager. Sadly none of the latter advertise themselves as "nearly as good as random".

36:

Your examples are valid, but suffer from confirmation bias: you're not taking into account all the failed predictions

yes, yes, that's very true... if one could accurately predict which SF writer will have happened to predict the future (and which parts of which book will turn out to be predictions), one could also just skip that step and predict the future right away without the detour.
For stock market purposes it might be enough to spread a narrative on social media that a particular author happens to be correct a lot, and have enough people buy into it to make it a self-fulfilling prophecy. Having early access to an unreleased novel wouldn't do much good in that scenario though.

let alone the stories that are more preoccupied with dragons as a metaphor for ponies than anything remotely likely to happen.

Let's wait and see how 2019 turns out before jumping to conclusions regarding the likelihood of dragons... ;)

Frankly, I'd bet on dart-throwing octopi
... or that - we heard it here first! I'll better stay away from the coast from now on...

37:

There is one other reason for a publishing firm (like any creative firm) to scream about phishing and hacking attempts for books: they may well have insurance on a book tanking.

Now, regardless of the book being good or bad, if the book goes out to the world and doesn't sell like expected they could put a claim in against some form of insurance citing that the book would have sold a lot - if only it hadn't been pirated on booktorrentz.net and elsewhere.

38:

Fake news. You just wanted an excuse to post the cover art that you really wanted for your book. (Good job by the way).

39:

Umm, that's not how networking works.

If you had bad cables then TCP can result in worse results than UDP because it has timeouts and retry periods that you don't get to control. With UDP the application can decide, for itself, how to handle transmits.

TCP is a reliable(ish) transport but it is not necessarily best for consistent throughput; jitter can be a lot worse. For audio less jitter is extremely important (for voice it has more impact that packet loss).

So a bad cable would result in worse results with TCP than UDP.

However, since a $5 cable can easily handle Gigabit speeds, audio frequencies are trivial (HDMI is up to 192kHz 24bit samples)

40:

Maybe a form of blackmail... "Pay us $$$ or we'll spread your book all over the warez sites and no one will buy it".

Not recognising that books appear on warez sites within a day of publishing, anyway!

41:

Oh God, don't remind me about Audiophools and especially "cryotreated" valves/vacuum tubes.

I have some (cough) interest in old military radio, and the buggers have seized on transmitting valves (triodes were traditionally best for audio, they claimed, but they've branched out into beam tetrodes and triode-connected pentodes now), and "military spec" is seen as a selling point. So the somewhat oddball valves used in 1950s British radios are seized upon as a premium product and the price goes through the roof.

Admittedly some of the "small signal" valves would be an improvement if you're in a rock band - the ones suffixed "WA" are a ruggedized design for use in AFVs and aircraft, but solid state is tougher still. The point at which I cannot maintain a straight face is where they are extolling the virtues of valve rectifiers and the shape/internal design of the various makes of particular valves. They're well up into the 'green felt tip' and lumps of rock idiocy, with the drawback that they've rammed the price of a 53KU (GZ37) up to 80+ GBP, which is more than a Racal RA17 receiver (that uses one in the power supply) can cost. (OK, the RA17 cost several times as much as a house when they were new, but still....)

</grumble>

Chris

42:

they may well have insurance on a book tanking.

Ha ha nope.

(Most books tank: nobody would offer them a policy! Publishers make it back the same way single-payer health coverage makes it back, i.e. by volume working out net-positive per unit.)

43:

Could this be "ordinary" identity theft? They don't care about writers, editors, agents or publishers, but they've finally gotten around to trying to penetrate Penguin Random House's systems?

They'd steal anyone's personal information if it gave them a way to open fake accounts & stick someone else with the cost.

I bet publishers buy office equipment from time to time. How big a bill for office electronics could an identity thief run up at somewhere like Staples before Penguin Random House got wise and called a halt?

44:

That's actually plausible. (But boring.)

45:

"Umm, that's not how networking works."

Just in case I wasn't clear, I definitely know the difference between analog and digital, and understand that a voltage drop doesn't have to be of audio quality for a computer/router/switch to interpret it correctly 100 percent of the time.

The question is not "how networking works." The question is "how high-end audio works," and whether the networking involved does what a network tech would expect it to do, or whether other considerations override the protocols a network tech would expect it to use.

"If you had bad cables then TCP can result in worse results than UDP because it has timeouts and retry periods that you don't get to control."

I'm assuming modern networking speeds, but even 10M would be sufficient for TCP to retransmit all your lost packets faster than audio would need them, even if the cable was so bad you were at half-duplex. (Note that I haven't done the math on this - life's too short.) At 100M TCP will certainly give your audio device faster service than it could ever use.

With UDP the application can decide, for itself, how to handle transmits."

BLARF! As for Layer 5 (or above) deciding how to handle UDP retransmits, that's not something I can guarantee as a technician, particularly if the two pieces of equipment are not made by the same manufacturer.

For an example of something "simple" gone very wrong, I recently had a customer who insisted on mating a 100M, unmanaged Trendnet switch with a newer unmanaged device made by a different manufacturer. You'd think this would go very simply and easily, but the results were astoundingly bad - the two devices simply wouldn't talk to each other - and nothing on either switch was even attempting to get beyond Layer 2. Fortunately, they both could talk to the router, which luckily had a second network port available. So when you blithely tell me that Layer 5 of a UDP-capable device will arrange retransmits somehow... In the real world you simply can't guarantee it (Though the job paid well, because I was on site for 7 hours more than I'd expected!)

"TCP is a reliable(ish) transport but it is not necessarily best for consistent throughput; jitter can be a lot worse. For audio less jitter is extremely important (for voice it has more impact than packet loss)."

For one piece of a home audio setup transmitting to another piece of a home audio setup at modern speeds I don't think jitter would be an issue - modern speeds are too fast and of course packets are numbered and check-summed (for TCP.) Obviously we're not talking about real time transmission here; we're discussing a file transfer or possibly filling up a buffer in a networked piece of audio equipment. For real-time transmission you OBVIOUSLY wouldn't use TCP.

"So a bad cable would result in worse results with TCP than UDP."

First of all, at modern networking speeds, absolutely not. Is there something about retransmitting a bad or missing packet over a five-foot length of cable which you don't understand? Second, are we talking about transferring a file or sending audio in real time? (I'd hope high-end audio gear would have a meg or two for buffering.) For real-time - a live performance, perhaps - UDP would certainly be better.

"However, since a $5 cable can easily handle Gigabit speeds, audio frequencies are trivial (HDMI is up to 192kHz 24bit samples)"

I know. I BELIEVE that's my whole point. If you're transferring files into some kind of buffer/file, TCP is probably better. If you're doing something in real time, UDP is better. But since UDP can drop a packet, if I'd spent thousands of dollars on my audio setup, (remembering that I can't control what each device does with retransmission) I'd probably buy the best Cat-5 cable I could find AS LONG AS IT DIDN'T COST OVER $25.00, because if I was rhapsodizing over David Gilmore's technique and I lost a bit of vibrato I'd have less enjoyment of the music.

Once again, is the equipment using TCP or UDP, or something exotic?

"Umm, that's not how networking works."

Fuggoff!

46:

Anyway, if you could round up as many as ten readers willing to pay $1000 a pop for an exclusive preview of my novels, I'm pretty sure my publishers would be extremely happy to figure out a way to monetize that market.

How about one reader with a terminal illness and a sufficiently positive bank account who would be willing to pay $10,000? I could see doing that. Details as to how to work out the exclusiveness TBD.

47:

That's not particularly hard. Imagine a level above the standard hardcover. It gets some extra content in the form of a short story, and/or author commentary, a cleaned-up version of the notes you wrote yourself while writing the book, special cover art, printing with acid-free materials, and it is signed by the author and the artist. I don't know that you could get $1000 for it, but IMHO the commercial possibilities are good.

48:
Least scary possibility is that the hacker alters an okayed doc (story) just as it sent to the printers.

This actually offers you a potential way not only to bankrupt publishers and authors pretty much at will, but also to much more subtly damage reputations, especially in long-form reportage (books on recent political history, say).

The first is done by inserting libellous accusations against (or descriptions of) specific wealthy individuals or organisations. Obviously this works best with non-fiction, but having a sub-plot in the next Empire Games novel where a named real-world retail mogul turns out to be a serial child-rapist would get both Charlie and his publishers into a lot of trouble. (There's a reason why one character in the Merchant Princes series is only named after he's dead, after all.)

Reputational damage of some kinds might be achieved the same way, but you could also make more subtle changes so that it was only gradually noticed that certain aspects of a non-fiction book were actually completely wrong. (Or, to discredit other writers with a different market, change things so that the book gets the facts right.) Even if the primary effect is academics going "that's not right" and the author replying "but I didn't say that!", you can create the public impression of disagreement, casting unwarranted doubt over a person, hypothesis, or piece of evidence.

And even apparently trivial changes that don't result in lawsuits, or affect the overall story could result in a novel appearing to support ideas that the author actually opposes.

49:

This could be the new frontier for fake news.

50:

The one explanation I've heard for the super pricey audiophile networking cables is that usually these things are installed as a whole package by a reseller. Some rich person decides they want a new stereo, the sales person upsells them on everything and then some low paid technician actually has to go to the rich person's house and set up all the gear.
In this situation, there's no way you'd get away with using a £5, plastic covered, ethernet cable. If only for aesthetics you'd go for the £100, fabric wrapped cable, because that's what the rich person expects and wants. Plus the reseller will add their own 20% markup to everything and make bank.

As for scammers trying to get hold of manuscripts, if the warning didn't very specifically say they were after them, I'd have assumed it was just straight-forward identity theft. My first guess is maybe they want to take almost completed manuscripts, and then try to shop them to other publishers under a false name. To someone that doesn't know that much about publishing it seems like you might possibly get away with it once or twice?
That or it's just old school hackers who still adhere to "information wants to be free", and are just trying to acquire manuscripts just because they can.

51:

That or it's just old school hackers who still adhere to "information wants to be free", and are just trying to acquire manuscripts just because they can.

There's more to it than that, though probably not in this case. There are a LOT of documents (including books) that are effectively censored by the copyright holder, which seriously hampers research and investigative journalism and even independent authors. This is usually for bureaucratic reasons, but is fairly often for much less respectable ones.

Frankly, I think that they just chose an easy target.

52:

Dunno. If you check out a random Kickstarter, eg, some graphic novel by the person who does kill six billion demons, it may raise 90k, of which 9k was for pledges of 200 USD or more for a 15 USD ebook. The superpremium market for rich fans may be uderestumated.

53:

How about one reader with a terminal illness and a sufficiently positive bank account who would be willing to pay $10,000?

Forget terminal illness and think $BIG_CORPORATION with some mechanism for monetizing the IP that isn't based on copyright/resale.

Most authors earn piss-all, and even those of us who're making a decent middle-class income off it aren't exactly in a position to indulge in Maseratis, hookers, and blow. There are individual executives at the likes of Google, Facebook, and Amazon whose take-home pay with bonuses exceeds the combined income of every science fiction and fantasy author in the United States, from George R. R. Martin down.

I'm pretty certain that Google could indeed afford to hire all the semi-pro and pro trad published novel authors in the English-speaking world (and possibly the rest of the world, too) and pay us roughly what we're currently earning in return for the right to redistribute our writings globally. They could afford to hire the editors and layout and graphic design folks we'd need, too, at least until their algorithms people could put them all out of work (joke).

Frankly, if Google would stump up $100K/year plus health benefits to pay me to write fiction full-time (agreed productivity target: one book/year, averaged over a 3 year sliding window, to allow for "difficult" projects) and in return would agree to publish the resulting books for free, I'd take it. (How they'd monetize it ...? Well, remember Google is the result of the merger of a search company with DoubleClick, and is the world's largest advertising corporation. Go figure.)

54:

After the dot-com crash, I ended up spending a year working on software for a high-end hi-fi manufacturer (you know, £25K CD players, £12K speaker pairs, etc, etc). Prices are now fifteen years old, adjust to taste...

The new staff induction course had us spend a day plugging together progressively more expensive components under the direction of one of the company's "golden ears", and listening to the results. I stopped being able to spot the difference somewhere around the point where we were listening to a £30K system, and several things came out of it.

Firstly, use decent speaker cable. No, bell wire or CAT5 won't cut it. It doesn't have to be the ludicrous-price "oxygen free copper", "lay it with the arrows pointing in a set direction" (seriously!) - decent stuff is affordable at several pounds per meter, and works well.

Secondly, use speaker stands. Oh, and position the speakers away from the wall behind them. Adjust that standoff distance to taste, it makes a difference. Yes, really; you don't want the sounds being reflected off the wall to be antiphase with the bulk of sounds coming directly from the speaker (not sure how much of that last explanation is rubbish science, but it still made a difference).

Finally, use a decent recording. Most popular music is recorded in anticipation of being played through a single two-inch tweeter or a air of cheap headphones; so the bass levels are adjusted accordingly. When you drag your favourite album into the demo room, to hear what it sounds like through a £100K system (as in, single power amp per speaker cone, world-standard preamp, worlds'-best CD player, perfect setup, etc, etc) it's rather depressing to hear every hiss, crackle, and clipped dynamic range exposed in all its horror. You suddenly realise why they put certain recordings on compilation CDs - it's because they're rubbish enough that no-one is going to buy them to listen anywhere outside of their car...

Anyway, this high-end hi-fi firm did make use of CAT5, but only to carry the pre-amplified signals to a power amp. They would send one channel in phase and antiphase signals down one of the twisted pairs, then invert the antiphase and combine them so that any noise was cancelled out. It was reckoned that you could get well into the hundreds of meters of cable before there was a noticeable quality degradation.

The idea was that if you'd just dropped £6K on a preamp and £3K on a CD player, it would be nice to listen to that around the house, not just in the one room. So, you ran CAT5 around the house, put a power amp and speakers into other rooms, and fed back inputs from remote controls. What mildly annoyed them, was that they'd done the wiring spec of their CAT5 into an RJ11 connector before the Ethernet standard wiring setup came along - so the company's installers couldn't just use pre-wired ethernet patch cables, but had to wire them up by hand...

...I'd just like to thank their staff purchase scheme for the suspiciously capable sound system in my living room; but I haven't identified them, because it was a toxic environment, driven from the top down.

55:

Your awareness of and desire to block spammers is commendable.

As Pigeon says; after a couple of months you'll finish up with a black list longer than my company address book (high 4 figures of staff, most or all with 1 or 2 addresses). No-one on that black list will have tried to contact you more than once or twice.

56:

Least scary possibility is that the hacker alters an okayed doc (story) just as it sent to the printers.

That's actually pretty pointless.

The whole process of publishing is so inextricably human-driven that somebody is likely to spot meddling along the way. Also, actual human meat-persons look at the product that comes back from the (outsourced) printer and throw a hissy fit if the product is defective. Also, adding material to the final PDF of a book tends to just slightly mess up the pagination, which will have immediate and obvious effects on the amount of paper the printing press is gulping down. Also, the books are actually printed some weeks before they go on public sale, to allow for shipping and distribution and final QA checks. Also, also, also.

You might be able to do a text injection attack on an ebook while it's being uploaded, but at that point you're attacking a file in a pipeline that's designed to provide cryptographic integrity checks and impose DRM when the product is shipped, because every time the ebook platform sells a copy someone is supposed to credit the publisher's bank account immediately: every ebook sale is, implicitly, a financial transaction. So again, it'd be pretty clear that the product had been tampered with by an external bad actor, which should be a fairly sound defense in event of a defamation lawsuit ("a big boy did it and ran away — and here are the audit logfiles to prove it").

57:

There are open source phishing toolkits available on GitHub (let alone the dark net) so the technical barriers to entry (for the scammers) are now very low. And I'm guessing that typical publishing houses (which are not exactly critical national infrastructure) don't have well defended networks with tested incident response plans, etc. They probably have some personal data, financial information or similar, or machines that would be vulnerable to ransomware.

All the scammers need is for one employee to click a link and they are in.

58:

Interestingly, I recently acquired an Apple HomePod for bedroom audio listening purposes. It's an interesting piece of kit; one subwoofer pointing straight down, but multiple microphones and the equivalent of a late 1990s supercomputer just to do waveform calculations and media streaming and a whole bunch of other stuff.

I planted this on a nice hardwood bedside cabinet and the HomePod was smart enough to use it as a field-expedient bass resonator: it certainly doesn't sound like just another six-inch-tall bluetooth speaker! It's not really high-end audiophile kit, but when funds permit I'm buying another one for the cabinet other side of the bed so I can get the full adaptive stereo Airplay 2 experience. As an alternative to a pair of floor-standing big-ass speakers, an amp, and an Airport Express or other Airplay streaming device to drive them, they're pleasingly unobtrusive.

59:

I'm guessing that typical publishing houses (which are not exactly critical national infrastructure) don't have well defended networks with tested incident response plans, etc.

I wouldn't bet on that.

True, publishers aren't in the security business. But the two mentioned ones are billion-plus turnover multinationals with their own in-house IT departments who obviously have the usual security remit.

60:

Actually, I would! They probably are as secure and well-managed as more critical infrastructure, but you can gauge the security of that by the stream of reported breaches. And remember that there will be at least ten breaches for every one that hits the press, probably a lot more.

Also, I should be flabberghasted if Penguin and Macmillan had NOT been hit by the downsizing and outsourcing disease. Even organisations that still have significant in-house IT capability buy in the majority of their networking and security tools, and rely on turnkey black boxes far more than is safe.

61:

"lay it with the arrows pointing in a set direction"

Yes I have seen digital audio and HDMI cables marketed as directional, with arrows to indicate the direction in which the signal is supposed to flow.
Shame digital protocols normally require bidirectional signalling...

62:

Getting hold of an unpublished manuscript sounds like the perfect training assignment in Social Engineering 101.

Success or failure is indisputably determinined when the book is published.

There is no way to cheat which isn't, ipso facto, the same as acing the test.

The stolen object has no realizable economic value, so the student is not tempted to stray outside the four corners of the assignment.

The actual harm caused to the author/publisher by stealing it is, as Charlie points out, nonexisting.

Which again means that there are no risk that anybody is ever going to ask INTERPOL/NSA/FiveEyes to investigate.

And therefore it is not a problem if the students blunder around and leave traces.

Case Closed.

63:

Interesting to hear your experience as a professional. Some things matter, some don't at all. The funniest experience was a sales guy trying to convince me to buy a fancy 0.5m optical TOSlink cable for $100, instead of the $10 one. It had a gold-plated connector. For an optical fibre cable. He then tried to convince me that I'd notice differences in the digital signal due to dispersion in the cheap fibre, which I found highly unlikely over half a meter, at less than 100kHz clock rate. And even that is far less ridiculous than the claims from some people that "breaking in" a speaker cable with hours of white noise really, really makes a difference... hey, the placebo effect is a real thing. I'm sure that after listening to white noise for a while, actual music does sound really nice.

I only dabble in audio as a hobbyist, have built amplifiers and subwoofers, and also bought a measurement microphone at some point to do some objective analysis. My experience: per money spent, the biggest room for improvement is with the speakers. Once you get beyond a few 100 bucks, amplifiers these days are really, really good, generally. Cables cost almost nothing for decent quality. In terms of all measurable parameters, speakers are by far the worst component of the chain in terms of frequency response, THD, phase shifts, resonance, etc. and also have a very noticable subjective "colour" of sound. Go to an audio show room and ask them to switch back and forth between all their speakers without delay, and it becomes very obvious, even with expensive gear. The ear adjusts quickly though, in isolation it's a lot harder to notice. SACD players with 24 bit and >115db SNR cost less than 200 bucks, and a modern amplifier has no problem to be flat within < 1db and < 0.1% THD over the full range. Finding speakers that are somewhat flat within 6db is challenging, getting bass response below 35Hz is tricky, and even the best speakers are highly dependent on the listening position. From an engineering perspective, I would agree that having individual amplifiers per speaker cone and an electronic crossover (probably digital) makes a lot of sense, as it gives far more control over the always imperfect speakers. But the individual amplifiers don't have to be that expensive, and pre-amps are mostly a problem of good design, not component costs (once you get beyond the ultra-cheap crap). Off the shelf it can of course still be expensive, as designers want to get paid too.

Having said all that, at the high end, there is one thing that has an even bigger impact on the final sound experience than the speakers, or all that other gear - the room. When I moved house, the same speakers, amplifier, etc. had a wildly different frequency response, due to standing waves between the walls (e.g. a huge 70 Hz peak, which happened to be the quarter wavelength between front and back wall, reduced a lot by different speaker placement, and moving the subwoofer to the side). A lot of modern gear now actually comes with DSPs that can measure and compensate the worst characteristics of a room, but there are limits on how much can be fixed this way.
So if I'd ever be in the situation to spend >20K on an audio system, at least half of that would go into room improvements (baffles, curtains, diffusers, etc.), a decent analysis system, and maybe a few hours of a capable sound engineer.

64:

... and maybe a few hours of a capable sound engineer.

Half an hour will usually do! I have two friends that are just that, and one helped us solve an appalling reverberation problem in our kitchen, not least by telling us that the most effective solutions were large complex or non-rectilinear shapes. Curtains etc. don't work half as well, unless they are ridiculously heavy.

So I mounted a large bookshelf on one wall and made a 7'x4' pinboard angled down for another. End of problem. At work, I objected to an inaudible lecture room, and they (eventually) installed expensive commercial baffle boards that JUST brought it up to the lower of two recommended minimum levels. It remained ghastly for anyone with hearing problems, and a problem for everyone.

But there is no way that such companies would recommend the former, nor will the customers who buy their kit do what I did, so they will end up with a fiendishly overpriced and probably only partly effective solution.

65:

Speakers with smarts and superior basic hardware ought in the long run to kill most of the audiophile market simply by creeping ever further down in price until nobody can really tell the difference between anything from mid-range on up.

I mean, this already happened for headsets - Last time I went shopping, the deciding factor was not sound, it was comfort of wear, because every set in the price range I was looking at had top-notch sound.

66:

The other problem with trying to get predictions from sf is recognizing the true predictions which seem implausible.

67:

The Washington Post reported this week that the D.C. city government had fallen victim to a vaguely similar scam. Scammers created an email address that was off-by-one-letter from the address of a construction contractor, and emailed the city to ask it to switch from paying by check to paying by electronic funds transfer. The city did so, and paid the scammers about $690k for the contractor's pending invoices before the scam was discovered.

68:

That's no octopus throwing those darts... it's Cthyaaaaaaaaaaaaaaaaaaa!!!!!!!!!

69:

Y'know, if I were concerned about that, I'd check the md5 sum of the .pdf against the original, the way it's done with open-source software releases.

I really can't see *anyone* wasting the time to make a one-off for a novel, to hide the code in various replacements. They only do that for things that have more than one copy... y'know, like Lookout, er, Outlook.

70:

(Yes, I was eaten by Cthulhu a couple of posts ago, but got better....)

Y'all going on on all this audiophile stuff.... It was around late in 2010 that I was driving, and heard a review of the Latest! and Greatest! new phones. Nine minutes into the 10-min report, after reviewing all of the gosh-wow features, the reporter asked, "and how's the voice quality on the new phones?"

The answer was that one was almost ok, one was mediocre, and all the rest were terrible. I'd say it's gotten worse since then... and, of course, we have the same (or worse) frequency range on our phone calls that Mr. Bell had....

71:

I don't know about the The Labirynth(sic) Index, but that definitely should have been the cover for Eqoid.

72:

I really can't see *anyone* wasting the time to make a one-off for a novel

Except that's effectively what happens every time with commercial ebooks sold with DRM, which is most of them; the ebook is encrypted using the customer's reader app's public key, so that only the licensed customer can read the copy they download. (Ahem. This assumes the consumer doesn't crack the DRM—which, as they have access to the reader app's keys, is often quite possible.)

Anyway books aren't usually sold as PDFs, at least in my field; the PDF is what they download to the printing press.

To clarify: the typesetting software (typically Adobe InDesign, or Quark Publishing System) generates two outputs: a PDF file, paginated for printing on dead tree, which is formatted for a printing press, and an epub file, which is uploaded as a source to an "ebook warehouse", a back-office fulfillment system which receives requests (with public keys) from ebook vendors, encrypts a copy of the ebook and returns it (for the use of the customer with the supplied key) and bills the merchant (who supplied the order and the DRM key) while maintaining a log (for the royalty accounting department). Note that this is why Amazon's Kindle is billed as a publishing platform, not a store: they handle that side of things within Amazon rather than forwarding them to the publishers' virtual ebook warehouse. (Yes, yes, I know this sounds crazy: it's how they do it, though, because they're trying to maintain backward compatibility with 200 years of author/publisher contracts which have baked-in assumptions about books being stored in a warehouse until they're released for sale through a merchant who then pays for them in full, having first extracted money from a customer.)

73:

I guess it could be some kind of copyright scam.

- get access to manuscripts
- copy one or more characters/environment and/or plot ideas
- plug into your own 'framework' short story or novella
- publish via obscure vanity press or online site
- wait for official publication
- send claim to publishers and see if they decide its cheaper to settle

Bonus points for waiting until negotiations for film and/or serialisation rights are underway.

74:

You misunderstood me, Charlie. What I meant was them doing it to hit the mss between preparation and dead-tree publishing.

And if they did that for each book... hell, they might as well open a legit publishing house....

75:

I'll admit, the first thing I do when I buy a new ebook is strip the DRM. I prefer to use a reader that doesn't (sadly) support the encrypted formats that most books are sold in. That reader also doesn't compile all of my reading habits to send back to the Big River Corp (such a perfect name!)

I'm VERY happy that TOR doesn't add DRM to their EPUB files, as that removes a step before I can enjoy the media I have just paid for.

76:

whitroth @ 70: (Yes, I was eaten by Cthulhu a couple of posts ago, but got better....)

Y'all going on on all this audiophile stuff.... It was around late in 2010 that I was driving, and heard a review of the Latest! and Greatest! new phones. Nine minutes into the 10-min report, after reviewing all of the gosh-wow features, the reporter asked, "and how's the voice quality on the new phones?"

The answer was that one was almost ok, one was mediocre, and all the rest were terrible. I'd say it's gotten worse since then... and, of course, we have the same (or worse) frequency range on our phone calls that Mr. Bell had....

I'm guessing you're writing about so called "smart" phones.

I still have a half-way decent stereo system here ($1,000 linear tracking servo turntable), but I'd say 90%+ of my listening is from the car radio. It doesn't matter how pure the signal is when the listening environment is obviously CRAP. Even the best "audiophile" mobile sound systems deteriorate as the vehicle ages. You change the oil, rotate the tires and do all the required preventive maintenance, but how often do you take the door panels loose to tighten up the screws holding the speakers in and make sure all the electrical connections are tight? And if you've got "subs", when was the last time you went through and tightened all of the loose body panels so you can hear the mids above the rattling of the fenders?

Plus I'm a guitar player with severe tinnitus. Even though I've been fanatical all of my life about using hearing protection ($350 for a set of custom molded ear-plugs???), you can't protect yourself from the environment ALL of the time and it's eventually going to wear on you.

Forget cryogenic tubes (valves). Find a good tech who knows how to do a decent cap job on your amp.

77:

Those who've done jury service can attest: most crimes are just damn stupid. Tragically stupid. Really, really tragic: really really stupid.

Just putting "Cyber-" in front to make it "cyber-"criminals doesn't necessarily make them smart.

You don't need to be very clever at all to run a phishing scam.

78:

Trendy targets for phishing scams in the UK appear to be private schools.
Trying to get a list of parents' email addresses.

So they can send them "Note that the school bank account details have changed, please send fee payments to the new bank account" emails.

79:

icehawk @ 78
I wonder if anyone has told Nigel Molesworth's parents?

80:

Re: ' ... but at that point you're attacking a file in a pipeline that's designed to provide cryptographic integrity checks ... it'd be pretty clear that the product had been tampered with ...'

Reassuring to know - thanks!

81:

I have done things logically equivalent to hacking a PDF, transparently, and can think of at least a couple of ways to hack PDFs. While it is not seriously difficult, it needs a fair amount of skill and a lot of effort, and I fully agree that it's both beyond the average hacker and extremely implausible in the cases being considered. The payback for the effort simply isn't there. Hacking PDFs that contain documents like important contracts or regulations is another matter, but is usually implausible for other reasons.

Injecting into the upload pipeline would be most simply done by pwning the distribution system. SOP for many hackers, for a one-off and when subsequent detection is not an issue. Doing that transparently would need a LOT of skill, and completely beyond anyone except the most skilled hackers. Despite its prevalence in fiction, such a level of hacking is almost non-existent in real life, except POSSIBLY by a handful of governmental agents against much less capable opponents.

82:

That's a very good hypothesis. Such abuse of IP law is regrettably common in other fields, but would indicate the hackers had a very poor understanding of the law. Cases of concept or name plagiarism are rarely settled in the courts, but almost always by a wealthy publisher bankrupting (or intimidating) an impoverished author. The definition of derivative works, passing off etc. in English law (and, I believe, most countries' laws) doesn't include those.

It could be a revenge attack, I suppose but, again, it would be targetted at one of a VERY small number of authors or their estates if it were.

http://www.legislation.gov.uk/ukpga/1988/48/section/21
http://www.legislation.gov.uk/ukpga/1988/48/section/30A

83:

unfortunately the molesworth-peason electronick brane hav xploded when headmaster GRIMES ask it to predikt the winner of the 3.30 at kempton hem-hem so another grate plan bite the dust chiz chiz chiz.

84:

As someone who networks on a daily basis, I gave some thought to this one day on a long car trip, and question that concerned me was this: TCP or UDP? If we're talking about TCP, then the cheapest of low quality cables will give exactly the same quality as the most expensive cables, given a network that moves faster than the music needs to load

Actually I'll disagree. Loss can be bad enough with TCP that apps will give up. Just ran into this when upgrading network equipment the new SFP modules would mostly work with OM1 cable but only in a point to point short distance. Across the office through 2 splice points, nope. And not documented anywhere that they really wanted OM3. In a closer reading of some data sheets it was somewhat, sort of, maybe implied. Web pages would just load a bit more slowly if not too complicated but things would just give up at odd intervals.

OM1 is 62.5/125 MM fiber which was very common in office situations for over a decade. OM3 is 50/125 MM and it the go to size to use now.

Also what do you do when you find a bad, flaky, or just maybe bad Ethernet cable? You cut off the ends so an idiot will not see it in the trash and figure it must be OK to use as it looks OK visually.

85:

Is it reasonable that this is a 2nd or 3rd year lab project for a class in Hacking 301 at the PLA University for state careers. Or similar in the Ukraine, Russia, PRK, etc...

86:

Those who've done jury service can attest: most crimes are just damn stupid. Tragically stupid. Really, really tragic: really really stupid.

I remember doing jury duty for a fellow who was up on a list of fairly impressive sounding charges which were only vaguely related to what he'd actually done...but there's no formal charge of "being a dumb-ass crackhead."

We eventually sent him away on some of them, which was not terribly satisfactory; he would not be helped by being held in a cage or having a felony record. What he might have needed, and which we couldn't provide, was an old-style teaching nun with a wooden ruler who would follow him around and remind him, "Don't be a dumb-ass crackhead!"

87:

Yes. TCP is CLAIMED to be a reliable transmission protocol, but it ain't, not nohow, especially with modern event-driven software. This isn't the thread to go into details, but I could. It is a great pity that the stateless 'Internet' design won out against the stateful Coloured Book / OSI one. Not that OSI wasn't ghastly in its own ways.

88:

@70
Along similar lines I recall a newspaper cartoon with a customer in a mobile phone shop as two assistants leaf through the inch-thick instruction manual. One of the assistants is saying to the other, "He's right, you know - you can't actually make a phone call with it!"

89:

I am one of the few people who have implemented an OSI-TP4 stack from scratch and I can assure you that there neither is, nor ever was, anything desirable about the OSI protocols from a technical point of view.

That is not to say that TCP/IP cannot be improved, SCTP was excellent proof that it can, but it won't happen because of sunk cost in control and surveillance technologies.

Instead what we see now is people doing exactly the "OSI" thing, slapping layer upon layer on top, to fix the oversights and deficiencies of the lower layer.

If you really pine for the OSI protocols, you can run HTTP2 over WEBSOCKETS over HTTP over SSL over TCP over IP over Ethernet.

And yes, there are implementations of that out there.

90:

As I said, OSI was ghastly in its own ways, but that was not my point. Your suggestion shows how badly you have misunderstood my comment, and possibly the situation. It would simply give the worst of both worlds.

The design of the 'Internet' protocols is fundamentally incompatible with providing reliable transmission, which means that aspect CAN'T be fixed. I have worked fairly deeply on some of the 'Internet' protocols, attempting to resolve some nasty reliability issues, and failed for that reason. The problems are quite simply insoluble without changing the basic design.

The aspects I am talking about have essentially nothing to do with the user interfaces, and are the basic design of the failure and recovery system. For all their faults, that was orders of magnitude better in the Coloured Books (excluding the abominable Fawn Book) than the 'Internet' protocols, and was INTENDED to be followed and improved in OSI. You may be right that it was cocked up - I can't say - but at least proper failure and recovery mechanisms were part of the design, which they weren't for the 'Internet' protocols.

I suggest rereading my posting with the text '/ OSI' removed; it may be clearer to you.

91:

The joke there is that the idea of a piece of consumer electronics coming with a genuine instruction manual is ridiculous.

92:

A side note: Bookpub this morning lists Dark State e-book on sale at Amazon for $2.99 US.

93:

Ever read "The Elements of Networking Style: And Other Essays & Animadversions on the Art of Intercomputer Networking" by M. A. Padlipsky? It's an essay collection published in 1984, when the threat of OSI getting somewhere still seemed very real. It's a very good read.

94:

It's important to remember, in the event of using TCP, that we're talking about a very short cable here, which is meant to carry files from one piece of electronics to another piece of electronics five-ten feet away, with something like twenty times the bandwidth actually needed for the operation.

In the event of UDP, we're talking about a similar operation; at worst, about information being sent from the customer's DSL/cable modem to a stereo system; a distance of no more than 200 feet even for a really big house.

Otherwise I might join the argument on one side or the other. As things stand, fighting over this one is just plain silly.

95:

Note for the wankers; when I said "something like twenty times the bandwidth actually needed for the operation" I was discussing 100 MB operations. I'm aware that a gigabit setup would be 200 times the necessary bandwidth.

This is a very simple idea which requires no further elaboration; that in no conceivable case relating to stereo equipment is a cable which costs more than 25 dollars* worth buying in the event of using either of the protocols most likely to be used to communicate the information.

* Yes wankers, I'm aware that a long cable run might cost more that $25 in materials, but the same principle applies.

96:

You clearly would be surprised at how much trouble I have seen just such a setup cause! I agree that the cable is unlikely to be the cause unless it is actually defective.

Lack of bandwidth is less often the cause of problems than packet corruption, or delays in the software. The latter is regrettably common, and isn't going to get better, as people increasingly put complete, general-purpose operating systems into simple devices. The Internet of Things and all that tripe. I should probably not have let myself be attracted to the diversion :-)

97:

The last TV I bought spent a ridiculous amount of time in the manual describing the serial-port protocol.

98:

That sounds like exactly the sort of information I would want to find in a manual. It's really annoying to get some piece of kit and find it has a serial port on the back but zero information on what the thing understands so you can't use it.

99:

You won't see packet corruption in well-written TCP software, as TCP should include a checksum of the packet's payload as one of the fields in the packet. (And I think Layer-2 frames also have a checksum, though I'd have to look it up to be sure.) The cynic in my suggests that the checksum is honored more in the breach than otherwise...

Obviously in the real world all kinds of stuff can cause tranmission to be screwed up. (Skipping the rant about the idiots yesterday who didn't know how to diagnose their own equipment. Feh!)

100:

Obviously in the real world all kinds of stuff can cause tranmission to be screwed up.

Like nachos?

https://xkcd.com/654/

(Link because I have no idea how to embed the image.)

101:

That is outstanding by modern standards.

102:

But these days you actually get very little interference on networking cables unlike say thick ethernet and the main problem was the vampire taps.


103:

Your customers mistake was using this "trendnet" not a brand I have heard of and seems to be designed for home use - and has some troubling security problems.

With networking just by HP or cisco and the stuff will run for years - quite why bob seem to have so many problems I am not sure :-)

104:

Like nachos? https://xkcd.com/654/

A friend of mine once did that in analog. Her neighbor was turning up his stereo much too loudly. She realized she had the gear to transmit on a quarter the frequency of the radio station he was listening to, so she moved her radio over to the wall opposite his stereo and waited.

So for some strange reason when he turned up the volume past a certain point the audio quality turned to crap with lots of interference. He learned quickly that the stereo would work fine if he just left the volume low. Mysterious!

105:

sf writers very good at predicting future political events? Things they've predicted includes the Soviet Union lasting for centuries.

In the 1950s, British sf writers mostly took for granted that England would remain a major world power well into the future. (That's "England," not "United Kingdom.") I think they were behind the times.

Stories about the first Black US President usually (always?) had him (sometimes her) achieving office by being in the line of succession and everyone above becoming unavailable or unsuitable. Not elected.

I don't recall any stories in which Canada had legalized the Dread Drug Marijuana, or its court system granted women the right to be topless in public.

106:

Robert Prior @ 100:

Obviously in the real world all kinds of stuff can cause tranmission to be screwed up.
Like nachos?

https://xkcd.com/654/

(Link because I have no idea how to embed the image.)

Ooooh! That's evil!

107:

Just some thoughts on the scammers. It seems these publishers have probably got caught in a wider net that could have included journalism news politically motivated), and just go poking around exploring everything you can hack to see whats there, at least your state sponsored hacking team have honed their skill set a bit more.

Then again, just because it's a silly and fruitless activity doesn't mean someone somewhere won't try it, and of those attempts, some will be very serious well organised attempts.

Also even less cool, some low level grunt at a troll farm didn't want to seem insubordinate by saying there's some pointless things on a list of targets they were handed, and just got on with deploying the team. (Visions of Mr Robot-esque Dark Army, where you probably end up "disappeared" if you insubordinate).

I'm basically saying state-sponsored hack troll farm outfits are probably developing their own internal bureaucracy and less than competent middle management and doing anything to make sure their budgets are renewed.

Back to scary possibilities, publishers are being targeted because of anything political in the works, they could intimidate a author into pulling a politically inconvenient book, or move early to counter it's fall out.

Apologies if I'm repeating anything already pointed out, can't read all of this thread :)

108:

D G @ 105
tories about the first Black US President usually (always?) had him (sometimes her) achieving office by being in the line of succession and everyone above becoming unavailable or unsuitable. Not elected.
Honorable exception for R A H ... one of his late stories had a brown, female, elected POTUS

Tim A @ 107
Back to scary possibilities, publishers are being targeted because of anything political in the works
Why bother? Much simpler to send a hit-man, or, if possible get some religous nutter to declare the author a sinner / apostate / blasphemer (etc) - see Salman Rushdie or Jamal Kashoggi ....

109:

I think people are approaching this phishing attack on publishers from the wrong point of view.

Perhaps the plan is not to steal Charlie's manuscripts, but to add to them. And to manuscripts by other authors in publishing houses around the world.

A fiendishly planned memetic attack...


110:

I wasn't talking about what it delivers - I was talking about what it receives - IP or (more usually) transmission layer packet corruption. Often due to poor shielding (including in the connectors) and electrical noise, or the cable being bent, pinched or otherwise maltreated. There are also more subtle problems with packets being duplicated or received out of order.

TCP's and IP's recovery strategy from such things assumes a very low noise level, and has horrible properties if that this not so or the duplication and ordering problems are too serious. Let's ignore the well-known problems with TCP and IP checksums, because I doubt that they will cause trouble in the usages being talked about.

Note that the symptoms are not usually corrupted data received from TCP (though that's a problem to some people), but disruption of the data flow - BAD news for audio, which was my problem with the early telephone codecs. And sometimes peculiarly jammed connections, or ones broken at one end and not the other.

Anyway, this is a digression, and I shall not post further.

111:

See #81 and its predecessors. It's very implausible.

112:

There isn't a scrap of decent evidence that most of these attacks are state-sponsored. The only attacks that we are pretty certain were state-sponsored were the Stuxnet ones, and the culprits there were almost certainly the USA and Israel. Though other countries also have organisations set up to do such things (the UK has even admitted it). There are much better ways for properly-sponsored hackers (whether state, multinational or organised crime) to home their skills.

By far the most plausible scenario is the simplest: the hackers are just random trouble-makers, trying things out on relatively 'soft' targets that are still likely to be fairly well secured. The point is that hacking publishers is unlikely to provoke governments into unleashing their security services onto you.

113:

Perhaps the plan is not to steal Charlie's manuscripts, but to add to them. And to manuscripts by other authors in publishing houses around the world.

Thanks to you I am now having visions of how a CIA-like intelligence bureaucracy with internal oversight would go about trying to write a fiendish memetic attack payload to insert into one of my novels, and the likely reader response. "Hey, has Charlie contracted mad cow disease, or just a severe case of corporate management-speak?"

114:
Honorable exception for R A H ... one of his late stories had a brown, female, elected POTUS

If it's the story that appeared in Expanded Universe, the brown female President was actually elected VPOTUS. The Prez then died in a plane crash. This was a private plane, not air force one. The POTUS was at the controls, and it was implied that he was drunk and crashed it.

Nevertheless, the new POTUS was portrayed as a good person who was also a great person, and an extremely effective politician to boot. So kudos to RAH for that, at least.

Why such an effective politician couldn't be elected at the top of the ticket, while a white male with a drink and drive problem could be elected, is probably a deliberate part of the subtext of RAH's story.

115:

Yes, that's it & I had forgotten the subtext, which was undoubtedly R A H shit-stirring most effectively.

116:

"...shit-stirring most effectively."

Something for which he receives far less credit than he should.

117:

About internet protocols... remember, when DARPA had them expand the original concept to go a lot farther than down the hall, one of the *required* specs was that if two-thirds of *everyehwere* between you and me was radioactive dust, if there was *any* way to get from you to me, the packets would find a way.

Which is one of the things that makes it really hard to censor....

118:

Reminds me of how my first wife and I dealt with a problem.

Remember record players? Remember changers? Remember how, when it hit the last song, when that ended, it moved itself back to more-or-less the beginning, and replayed it?

We lived in a courtyard (ok, ok, a house that backed up on a courtyard). One Friday night, the next-door neighbor had a stack of records on... and apparently fell asleep before it got to the last record. About the time we were listening to the 13th replay of Fats Domino singing Blueberry Hill, we went downstairs, opened the French door, aimed our stereo speaker out... and put on one of the ultimate examples of white noise, Blue Cheer doing Summertime Blues.

Midway through the 14th repetition, we heard a slight scratch, and it stopped. We took off Blue Cheer.

119:

It would be the corporate-speak that would give it away. They would *not* be allowed to make a change that had not been approved by their management....

I am reninded of my Fortran textbook. This was late seventies, and in the amusing cartoons and programs, was one showing a line of protestors marching, and you were supposed to identify the govenment spy.

Most folks would, of course, skip the folks with varying footware and pick out the one guy in the polished, shiny shoes.... (A few years earlier, we could distinguish between sources: military, shiny black, FBI, shiny brown,a nd cops, shiny black plastic shoes.)

120:

Greg Tingey @ 108:

Tim A @ 107
Back to scary possibilities, publishers are being targeted because of anything political in the works

Why bother? Much simpler to send a hit-man, or, if possible get some religous nutter to declare the author a sinner / apostate / blasphemer (etc) - see Salman Rushdie or Jamal Kashoggi ....

I think Tim's prior paragraph about "state-sponsored hack troll farm outfits ... developing ... less than competent middle management" is likely spot on. Probably a better explanation than my supposition of straight up identity theft for inventory fraud.

Not to mention that sending a hit-man entails the possibility of blowback, while issuing a "Fatwā" doesn't always guarantee results.

121:

Anent Jamal Khashoggi, it's currently being alleged that the reason he was assassinated was that he had acquired—and was planning to publish in the Washington Post—documentary evidence of Saudi crimes against humanity, in the shape of the use of chemical weapons against Yemeni civilians.

If true, this would explain why the Saudi government was so anxious to silence him at any cost: he'd risen from the level of "annoying dissident" to that of "threatening the ruling family with a trial in The Hague" (if they ever lose control and have to flee, like the Shah in 1979) ... as is the situation with the Assad family in Syria.

122:

Charlie @ 121
Although nowhere nealy as deep in the pigshit as the US, the UK's "support" for the Saudis is deeply unpleasant & troubling.
When I was in Berlin, I went to the Pergamon museum - they had a spoecific small show on Yemen, with current pictures. Uckkkk....
If any of his ( Kashoggi ) files are recovered & the allegations are published & found believable ( I'm assuming they are true - but will the public believe it is the proposition ... ) then a mountain of said pigshit will fall - the Saudis doing the exact same as Assad - euw.

I have noted that the "support" for Saud is getting shriller, in a replay of the support for the Shah in 1977-79.
Also, that poking the Middle East with sticks has brought down several UK PM's & US presidents .....

123:

amal Khashoggi was the nephew of the high-profile Saudi Arabian arms dealer Adnan Khashoggi, known for his part in the Iran–Contra scandal,[14][15] who was estimated to have had a net worth of US$4 billion in the early 1980s. Adnan Khashoggi had claimed that their family grandfather was also of Jewish descent.
Jamal Khashoggi was also a first cousin of Dodi Fayed, who was dating Diana, Princess of Wales, when the two were killed in a car crash in Paris.
This is very high-profile dissident, by the way. Some people also say that such accident wouldn't be possible without certain people... notified.

use of chemical weapons against Yemeni civilians
Be afraid, be very afraid.

as is the situation with the Assad family in Syria
The big difference is that SA is supplied with billions worth of contracts in civilian and military sector and Syria is so barred by sanctions they can't get humanitarian aid to government-controlled areas.

124:

s-r @ 123
VERY murky indeed.
Son of Adnan, eh? I remember that scandal - something else the US Rethuglicans want you to forget .....
Alleged use of chemical weapons - proof would be nice, though I am inclined to suspect it might be true, if only because Assad has "got away with it"
... in Syria - your last half-sentence is not true, but you still have a valid half-point

125:

Yes. I am not denying that they have merits, too, but, like Unix(*), they aren't a good design for what users need them for today.

(*) Microsoft systems are worse, of course.

126:

Saudis are also closely involved in certain areas in Syria, so I fully expect a titanic effort to sweep the cause under the rug ASAP. Though experts now wonder what's Turkey's game in this situation, we got to see.

your last half-sentence is not true
How little do you know. I did not say that NATO was successful in blocking humanitarian aid to "wrong" people, but I can say they applied every humane effort to sanction as much aid as possible.
https://theintercept.com/2016/09/28/u-s-sanctions-are-punishing-ordinary-syrians-and-crippling-aid-work-u-n-report-reveals/
Apparently, people think that Syrian citizens weren't starving enough to abandon their president.
https://www.foreignaffairs.com/articles/syria/2018-09-20/how-un-humanitarian-aid-has-propped-assad
And I'm not even going to get into what they did with this aid in "opposition"-controlled areas, don't really want to spoil your impression.

127:

I mean its not much stranger than the CIA's Congress for Cultural Freedom.

128:

I mean potentially it could be about trend analysis, with someone finding popular writer X is about to do Y monsters, and thus we need to start buying Y now to ride the coat tails, or prep merch.

Way easier to just get drunk with some middle managers though.

129:

Profit could be made by shortselling publisher's stocks..

130:

One parenthetical note--the manuscript of DEATHLY HALLOWS (the final Harry Potter book) was really quickly scanned and distributed worldwide. The really sad part is that over half of the fandom who looked at it thought it was a bad fanfic scam...

Leave a comment

Here's the moderation policy. If this is your first time, please read it before you post.

If you need to sign in and want to create a local account on this blog, select "Movable Type" from the "Sign in ..." menu. You will need a working email address.

Specials

Merchandise

About this Entry

This page contains a single entry by Charlie Stross published on October 25, 2018 1:32 PM.

Crib Sheet: The Delirium Brief was the previous entry in this blog.

Happy Halloween! is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Search this blog

Propaganda