If such material wasn't published at all, by well meaning organizations or elsewhere, what would happen? Only those with enough brains to learn programming, without being given any security related tips or code, would be able to write new computer cracking software (and protection). Is that good or bad? For crackers, it would create a roadblock. For real programmers, they would have had to learn to program anyway, so it's not as bad.

In the dark ages, the few fortunate enough to be literate were the recipients of enormous benefit. And everyone else, well, they got screwed. This was a good arrangement (seemingly) for the literate few; they got to have cheap labor and could tell their 'loyal' subjects anything they wanted, claiming it was God's will, quote a few scriptures (which nobody else could read), and their subjects would be compelled through force or fear to follow along.

But it was a false superiority, for during that time real innovation ground to a halt. It seems that it takes many minds, not just a select few, to turn the wheels of progress for a society. It wasn't until the renaissance that things began to improve, hand in hand with the improvement of the literacy rate. But remember, this came after the moors almost wiped the "keepers of truth" (the Christian literate) from the face of the globe.

Obscuring knowledge is rarely the key to safety, security, and progress. It is generally a key to power abuse, an impedement to societal progress, and in the end doesn't even really benefit the few in posession of 'literacy'.

Everything in that book is going to be pretty much common knowledge, readily available either from legitimate sources online, or through illegitimate sources. Either way, the book, as I understand it, is geared toward helping systems administrators and programmers to understand the beast they face, so they may refine their approach to slaying it. Keep books like that off the shelves, and the knowledge won't go away, but the knowledge to protect ourselves from that knowledge might suffer.

Your points earlier were unsubstantiated, blamed the wrong people, shouldn't have blamed anybody at all, and were too diverse to be effective. O'Reilly isn't the enemy. Knowledge is not our foe.

If such material wasn't published at all, by well meaning organizations or elsewhere, what would happen? Only those with enough brains to learn programming, without being given any security related tips or code, would be able to write new computer cracking software (and protection). Is that good or bad? For crackers, it would create a roadblock. For real programmers, they would have had to learn to program anyway, so it's not as bad.

So by this, it seems to me you are saying smarter crackers are a good thing? The point is that the information is out there, neither you nor I can change that. Best to be prepared. Knowledge is power.

I guess those anti-hacker organizations are good, but the government also wants to prevent computer break-ins, with even more urgency because their focus is on national security. I don't know what they say about books like these, but I know something about the USA Patriot Actand how the government feels about encryption, and I bet they would be on my side.

The government has long had issues with encryption, and its "export" to other countries, this is nothing new. The Patriot Act may have "strengthened" these positions, but strength does not directly correlate to intelligence. Much of legislation out there which pertains to computers is either outdated before its passed or written from a techno-ignorant point of view.

The government's attempt to control the dissemination of encryption techniques and algorithms illustrates my point best. If knowing the implementation of an encryption algorithm makes it less secure, then it was never secure in the first place. With a truely secure encryption algorithm, it won't matter if you have the implementation in front of you or not.

If you want to read about encryption, I wouldn't recommend the Patriot Act, there are far better texts on the subject. For starters, try anything by Bruce Schiener.

-stvn

In response to your "God Bless America" comment and concerns for national security. I will leave you with a few words of wisdom from our founding fathers.

They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.
   - Benjamin Franklin

Ignorant and free has never been and never will be.
   - Thomas Jefferson

If the freedom of speech is taken away then dumb and silent we may be led, like sheep to the slaughter.
   - George Washington

You said:

The government's attempt to control the dissemination of encryption techniques and algorithms illustrates my point best. If knowing the implementation of an encryption algorithm makes it less secure, then it was never secure in the first place.

I'm not an authority on this, but my impression about the reasoning behind the U.S. ban on "exporting" certain strong encryption methods was that these methods were considered "too strong". The perceived problem was not that America's own encrypted traffic might become compromised, but rather that the U.S. didn't want others using these methods, because then it would be harder for the U.S. to track what others were doing. I could be wrong about that, but it seemed plausible when I first heard the idea.

Your absolutely right. Thank you for refreshing my memory.

-stvn

If you want to make an argument pro or con, then do it, but use credible, non-biased sources! And while we're at it, don't bring anybody's god(s) into a justification. It just shows poor taste and automatically degrades any argument you might make.