From: Nikolai Bezroukov (firstname.lastname@example.org)
Subject: The quality of Elizabeth Zinkann reviews
I am disappointed with the quality of Elizabeth Zinkanns reviews. They are both superficial and unfair. For example in her recent review she wrote the following about the extremely weak book Solaris Security by Peter H. Gregory:
Solaris Security by Peter H. Gregory is an outstanding addition to any administrators security library. The author demonstrates how to make your system more secure and the best ways to protect it. The information provided applies to most UNIX systems with the examples implemented on a Solaris system. Gregory presents detailed information, well-documented disadvantages (e.g., TCP/IP problems), and numerous references for further information. (The information in the Appendices alone is worth the price of the book.) This is a superb book on system security and how to achieve it, written in an excellent and detailed style.
As a subscriber of the journal I think that this is a direct assault on reader intelligence and the magazine probably will benefit from more realistic reviews. Just compare this review with reviews for this book at Amazon.com. IMHO Sys Admin readers do deserve a better reviewer.
I read the reviews posted on Amazon, including yours. The result was that half of the readers thought it was an excellent book; the other half didnt like it.
You objected to the authors coverage of current tools. Utilities can develop or become popular overnight; books take longer to print. No printed publication is done in Internet time. Gregory goes through all of the steps and procedures connected with each topic. Most administrators dont need all of the steps, but there are administrators who prefer that type of description. When a problem arises, it is often necessary to start at square one. It is also very easy to miss a step, which is both frustrating and time-consuming. Not every administrator is solely responsible for every facet of the system. Even when they are, its not difficult to find a segment of the system that they didnt set up or that was set up when they had less expertise. Security, backup, and recovery issues are typically the most neglected areas. Additionally, there are a lot of administrators who havent been administrators until their last promotion or job change. This type of detail and explanation is needed and preferred by many readers who are administrators. Thank you for your interest in Sys Admin.
Contributing Editor/Review Columnist
Heres a response to my remarks about the ILOVEYOU virus (in July syslog). AA
From: Joel Munt (email@example.com)
Subject: July 2000 Editorial
Though UNIX is a very powerful system it IS very often hacked and has often been brought down by viruses and worms. Its best defense (as is Windows) is a decent security policy and education of the users (no one with any computer sense should have assumed that a VBS file was a letter anymore than they should have to an EXE file). As Linux grows in popularity, viruses on it will grow as well (and likely be more devastating because most Linux systems do not have as knowledgeable administrators as on a traditional big UNIX system)! All OSes are open to attack and those who think differently are only fooling themselves about how secure their system is.
And, in response to the question of is the Sys Admin newsletter spam, I received some excellent replies. Heres an example:
From: Tim Boyer (firstname.lastname@example.org)
Ive already opted in, and I find the newsletter useful.
That said yes, its spam. I didnt complain because I would have opted in, given a choice.
Heres why. The fact that we have a business relationship does not mean that I want to receive email from you. Otherwise, any relationship no matter how tenuous could be used. You visited our Web page, therefore, were sending... You once bought something from us, therefore, were sending.. You posted something on usenet, therefore, were sending....
Intent does not really matter. Im sure that youre sending out your mailing list with the best of intents. Consent is the issue.
This can be done in a number of ways: a separate mailing to subscribers; a blow-in card in the magazine; a check-off box on the Web site. But it must be closed-loop opt-in see http://mail-abuse.org/rbl/manage.html.
Denman Tire Corporation
Your points are well taken. Thanks for writing! AA