Thursday 28 February 2008

iPhone to be Launched in Ireland by O2 Today

I heard this on the radio this morning and apparently O2 are finally launching the iPhone officially in Ireland on March the 14th. Pricing will be €399(8GB)/€499(16GB), €45 per month package including some unspecified amount of built in call time and 1GB per month of data.

Since the best deal I've been able to get from Vodafone is currently costing me over €100 per month just so I can get some data this actually looks like a good deal.

I have lots of reservations about the iPhone but frankly I think that it's positives should more than compensate for it's deficiencies especially since I'm not too bothered about the capacity - I'd prefer a 30/60GB data capacity but I'm not an iPod junkie who needs to carry my entire music collection with me and in terms of other data (e-books etc) I'm getting along fine at the moment with my BlackJack with a 1GB MicroSD card.

Thoughts?

Friday 22 February 2008

Full Disk Encryption DRAM Attack

Ed Felton never fails to deliver interesting things but his announcement yesterday of a viable attack against full disk encryption products by using the fact that DRAM isn't actually as volatile as we thought it was is a doozy. Memory scraping has been used before, for example it was the method used to lift the encryption keys that led to the first successful attacks on the HD-DVD\Blu-Ray AACS security system. Most of the previous uses of memory scraping that I've come across required that the attackers worked within the constraints of the active OS and that meant that software based defences could prevent these attacks provided developers (of the OS and the applications) were careful. Windows Vista for example protects encryption keys and other secure data in memory and prevents other processes from accessing the keys. The specific problem here is that even when a Trusted Platform Module (TPM) is used the OS doesn't use the TPM to handle the actual decryption of the disk data. In Vista's BitLocker, for example, the drive is encrypted with an AES key called the Full Volume Encryption Key (FVEK). That key is stored in encrypted form on the hard drive and it is encrypted using a key called the Storage Root Key#. In the simplest model that key is generated within the TPM and never leaves*. This means that the the SRK is very secure. However the FVEK must be available to the OS as it needs that to decrypt the drive data on the fly. This means that even with a standard TPM module protecting the keys, the FVEK must remain unencrypted in memory in some accessible form. In practice it will be stored in a predictable data structure and Felton's team have found that it is not very hard to locate if you have access to a copy of the physical memory from a running system.

It should be noted that Microsoft explicitly called out the potential for this class of attack in their BitLocker documents ( e.g. on slide 16 of this BitLocker presentation from 2006) where they note that the physical PC must Memory Overwrite on Reset in order to prevent physical memory attacks and that is a feature of the Trusted Computing Group's client platform specifications but I'm not aware of any systems that actually implement it. The problem with Overwrite on Reset is that it's only a protection in the case where the attacker reboots using the same BIOS. It definitely makes the attack much harder though - without it USB key and PXE Boot based attacks are perfectly viable.

The attack works because the TCG's trusted platform specifications (and the various software based full disk encryption products) do not require the use of cryptographic hardware to handle the decryption of the actual drive data. If the FVEK was never decrypted to RAM but was instead retained within a cryptographic hardware module then all the drive data would have to be channeled through that module in order to be decrypted and that would be a serious performance problem. Current DRAM technology has throughput speeds in the range of 2-5Gbit/sec and hard drives are typically in the 400Megabit-1Gbit/sec range. The typical TPM of the type used in consumer PC's (e.g the ATMEL AT97SC3203 ) are too slow (Atmel chip has a 100khz serial data interface) and doesn't provide support for streaming bulk decryption and so could never be used for this sort of task in any case. The hardware to carry out decryption at the sort of speeds that hard drives operate at is available and given that HD-DVD, HDCP and Blu-Ray all require decryption speeds in the range of 400Megabits/sec so it should be available but overhauling PC architectures to integrate this would take time. Felton's team's paper identifies some other options - the simplest of which is basically making tamper proof memory. In any case whatever the implementation it will require a bit of care and attention to detail in order to be genuinely secure. Bunny Huang's attacks on the original Microsoft X-Box attacks showed why it's dangerous to separate cryptographic functions across a connecting bus that isn't encrypted although the capability to do this sort of active attack is not trivial. My gut feeling is that the best eventual solutions to this will be cryptographic modules built into the core cpu that provide high bandwidth decryption, key management and the rest of the TPM functions so that no unencrypted keys ever end up either in RAM or moving between modules over a snoopable bus. Intel had plans to do this but I don't know if it's actually made it into production hardware yet beyond some of the Bulverde mobile CPUs that were sold to Marvell.

Overall this is a very interesting demonstration of what had been a mostly theoretical attack. It's not a new "class break" in the sense that it was a known potential vulnerability and memory scraping is a common technique but their demonstration of the persistence of sensitive encryption data in DRAM following a reset is certainly going to give the security community (and the hardware hacking community) lots of new risks and opportunities to ponder.

# I'm not a Bitlocker expert so forgive me if the terms are wrong - I've seen some documents discuss the Bitlocker trusted boot process that refers to the Volume Master Key (VMK)that appears to be what I'm calling the Storage Root Key (SRK). The principle remains that there is a master key protected by the TPM that eventually decrypts the actual AES key that decrypts the disk data that is stored in memory.

* This is not the case when using some of the Bitlocker key recovery options. Whether the SRK is attackable or not doesn't change the fact that the FVEK ends up more or less in the clear in physical memory once the OS has booted.

Sunday 17 February 2008

What I've been Reading

In Flight.

Jon Ronson: "The Men Who Stare At Goats". Just getting started on this and not sure where it's going but we'll see.

Finished:

Craig Murray: "Murder in Samarkand" . A must read for anyone who is genuinely interested in the true cost of the west's abandonment of the principles of liberty and natural justice in the execution of their "War on Terror". I've seen events like those described by Murray unfold before when I was somewhat close to the political action during South Africa's transition to democracy but in that case the efforts of the British, Americans and the EU at large (especially the Danes as I recall) were, by and large, directed towards fostering genuine democratic change and nation building. It must be said though that that represented a change of heart for most of the parties involved as many of the suddenly very friendly types I met regularly in the early 90's had spent upwards of twenty years either encouraging the former Apartheid Government's various anti-communist "wars" or supporting and training their various formal and informal opponents. That included (for example) facilitating the supply of Nuclear Weapons material and technology to the South African Government in the 1970's despite the fact that doing so was in breach of the NNPT and training many people (on both sides) of that particular fight on methods of terror. The fact is that realpolitik has always meant that countries' "diplomatic" actions have often been morally suspect and for my part I've never doubted that the morality of these people (Diplomats and their political and military "Advisors") is something that I would always have thought was dubious at best but I was still chilled by this insider's description of what appears to be a complete state of moral rot at the heart of the British Foreign and Commonwealth Office under Blair's New Labour Government.

There's much to doubt in the story, it is just one person's account of a political\personal conflict that involved many, but it has far more than a grain of truth in it, especially with respect to the attitude of the British Government towards a seriously questionable "ally". His story does lead me to see him as an arrogant and wilfully careless man in a personal sense and one that was frequently culturally arrogant to such a degree that I often felt that he actually got into less trouble than he deserved for his behaviour. Despite this, and maybe even because it strikes me as being honest in a "warts and all" sense, I think that his account of the events surrounding his time as British Ambassador to Uzbekistan is about as close to the truth as we're ever likely to get from anyone directly involved. We now know that many of the claims that Murray makes, which were strenuously denied initially by the British Government, are almost certainly true and I suspect that very few of his more serious accusations are far wrong. I suspect that some of the opposition that he almost universally saw as political was actually just personal but overall it is still almost certainly true that he was nailed because his stance against the Uzbek Government was politically unacceptable and this lead to him being targeted because he was unwilling to follow the (New Labour) party line in supporting the post 9/11 wars in the Middle East.

Given the fact that the the ruling faction in the US establishment is making every effort at the moment to justify its acceptance of torture as an interrogation technique, that the Police and Government in the UK continue to try and make "Thought Crime" a reality, and the fact that no matter where we live we all continue to suffer extensive and egregious loss of personal liberty as a result of the security theatre surrounding the "War on Terror" this book is a welcome, if disturbing, description of just how easy it seems to have been for those who describe themselves as protectors of liberty to have thrown away almost everything that that used to stand for.

As a work of literature it's probably not much over a 5/10 and maybe even less so you have to work at reading it but as an expose on the reality of politics in a post 9/11 world it gets 9+/10 .

Iain M. Banks: Matter. Banks returns to the Culture with a classic. I'm sure there will be many critics complaining that this is "just another Culture" story but I was delighted by it. I would have read this in one sitting had I been able to stay awake long enough last night, I found it absolutely engaging and a pleasure to get lost in. It's paced well and in the end the storylines converge into what may be one of Bank's best closing scenes ever. I would still love to see Banks try his hand at something Sci-Fi but closer to home (in the way that Vinge did with "Rainbows End", or MacLeod with "Execution Channel") but if he kept churning out Culture novels like this one I'd not be complaining at all. Excellent, 9/10.

Looking Forward To

Charlie Stross: Saturn's Children

Alastair Reynolds: The Prefect

Alastair Reynolds: House of Suns

Terry Pratchett: Nation

Friday 15 February 2008

It's The User Experience, Stupid

I haven't used an iPhone yet but it's pretty clear that at least in terms of its internet browsing experience that it does deliver on the user experience that it promised. Having had a lot of experience with the alternatives - Palm, Windows Mobile, Symbian and a shed load of other minor hand held platforms - I don't find it in the least bit surprising that Google has found that the iPhone crops up in their access logs 50 times more than the next most popular mobile platform. The browsers on all of the other mobile phones are awful and users are simply not using them because the experience is unpleasant.

The other problem is that with the vast majority of carriers your average Joe Public user hasn't a hope in hell of figuring out what "browsing" will actually cost. That situation is one where the US is now significantly further ahead than the rest of the world - it's still a poor service by comparison with full blown broadband but at least flat rate data contracts are available and understood there - those of us in our highly regulated European markets are not generally as lucky as I've ranted on about before.

So I'm amazed when the industry say they are surprised when an outsider manages to create a device that users actually choose to use despite realising that its success is almost certainly due to it's intuitive usability and transparent cost.

It's also hardly surprising that other mobile phones don't get a look in when (for example) you can't even get to Google's home page directly on a Vodafone* consumer phone that is configured for their "mobile internet". You can get to it but you have to switch over to their ISP internet service and then you will pay handsomely for the privilege. Switching over isn't hard per se but it requires a non trivial amount of research that effectively prevents the vast majority of their subscribers from ever even trying.

O2 Ireland's recent announcement of a partnership with Bebo joyfully proclaims that their users can now get to Bebo for Free! (up until November 30th after which it will cost €1.50 per week, offer subject to conditions, the value of your investment may fall as well as rise, yadda yadda yadda). What's clear here is that the absence of anything like network neutrality in the mobile sphere means that the providers are determined to ensure that they will get to retain ultra fine levels of control over traffic and will certainly charge more to carry traffic to more popular web sites. Vodafone do something similar for Exchange push e-mail and I'm certain that they all do - the ability to differentially manage traffic is seen as a huge revenue spinner. I don't particularly blame them for making money from it but I think that in choosing to do things this way they are seriously limiting the size of their market and they are acting as a major roadblock in the development of new mobile data services.

This could be fixed fairly easily and I think the end result would be increased revenues (and far happier customers) for the mobile providers that chose to do it right, it certainly should be a windfall for those that chose to jump first. Make it easy for users to understand their costs (ie make data access flat rate), abandon the walled gardens and optimise your networks for the stuff that is popular (Google, YouTube, myspace, bebo, facebook, IM, Flash games ...) and then get hammering on at the handset manufacturers to make kit that has a good user experience for those things. You will get a flood of new customers once they actually begin to see real people using them in the wild - they have been duped by claims of "Mobile Internet" that is in reality no such thing for so long that all such marketing claims from Cellular companies are now simply ignored and almost nobody buys a phone yet for its internet data capabilities. The exception to this is, of course, the iPhone which has continued to succeed past its over-hyped launch because it actually delivers those type of capabilities to real people. Deliver something like that and a cellular provider will have a compelling feature that will give them a good enough reason move and they will abandon their existing providers.

That's obvious right? You'd think so but the fact that I can't buy a phone today with a half decent browser and a data plan that allows me to browse YouTube today that will also let me use tomorrows next new thing just as well tells me that the providers don't want that to happen. Not yet at any rate and their surprise at Google's iPhone usage stats is not very convincing.

* Vodafone Ireland at any rate.

Thursday 14 February 2008

OpenID Developments

The OpenID Foundation recently announced that a significant chunk of the premier league heavyweight tech companies ( Microsoft, Google, IBM, VeriSign, and Yahoo ) were joining their board. This follows hot on the heals of Yahoo and Google's initial implementations that in theory mean that all of their current account holders either have, or can fairly easily have, an OpenID compliant authenticator. There's a long way to go before OpenID based authentication actually becomes mainstream but these announcements mean that OpenID's chances of succeeding are a lot better than they used to be.

A number of us have been wondering when we would start to see a viable hardware based authenticator that would work with OpenID - now at least one vendor has begun to do just that and is selling what appears to be a simple to get and simple to use hardware based token for OpenID. This could be the start of the really interesting stuff. OpenID on it's own does little to resolve phishing style attacks and is no improvement at all over standard username\password authentication in situations where the network is possibly compromised. OpenID tied to CardSpace\InfoCard closes these holes reasonably effectively but both are still quite fragile (in my experience), somewhat tied to specific platforms and hot portability is a bit of a problem (it's definitely a high risk behaviour when it involves un-trusted local hardware).

This type of hardware based authenticator could, if implemented correctly, solve many of the shortcomings listed above. It should share CardSpace\InfoCard's protections against DNS hijacking\Evil Twin type network interception attacks and hash table attacks against intercepted authentication sessions. In addition it should be portable enough that you could use it on any and all systems of your choosing and it should be very resistant to local interception\snooping so that you could possibly use it safely on totally un-trusted local hardware such as PC's in Internet Cafe's.

I also believe that hardware authenticators are likely to be perceived by the public to be much more trustworthy than software solutions, even in situations where both are technically equivalent. This is only based on personal anecdotal evidence but my experience with users of hardware based authentication tokens in the past has been that people trust them far more than software solutions that are technically more robust, and continue to do so even when the weaknesses of the system are demonstrated.

Of course a lot depends on how well designed the specific hardware implementation actually is. For my part I've ordered one of TrustBearer's usb key devices so I can see whether it does deal with these things properly. I'll be posting some more on this once I've had a chance to put it through the ringer a bit.

Tuesday 12 February 2008

I've seen the future - and it's very cool.

Eddie got a really cool toy yesterday - the Celestron Sky Scout. It's a really clever handheld device that uses GPS and some internal electronic accelerometers to figure out where you, what you're pointing it at and it then tells you what that thing is. It only tells you about astronomical things since it's entire purpose is to act as an electronic star chart and that might seem pretty dull to those who have no interest in that sort of thing but I reckon that even those totally uninterested in astronomy and star gazing would find it addictive. It's very quick and that combined with an intuitive interface means that you get carried away looking at the sky in a whole new way, at least for those of us who haven't taken the years it takes to actually memorize it the tedious old manual way using paper charts and binoculars. You can point it at something in the sky and it will tell you what it is or you can pick something from its internal database and it will direct you to where it is in the sky. Its list price of around $500\€500 depending on where you live makes this a pretty expensive gadget which is the main reason I never bought one but Eddie managed to pick his one up, new, on E-Bay for about half that which is definitely worth considering. It has a bunch of connectivity options to allow you to connect it to a PC to update the internal database of objects that should allow it to be used for satellite tracking although I don't know for certain (yet) if that's true. In any case it really is a revelation to use and shows how a fully location\orientation aware device can be fantastically useful.

Coincidentally I read an article on Google Blogoscoped this morning about a more intuitive approach to mobile search that describes something that is practically identical in broad concept to the Sky Scout - simply point this (hypothetical) device at something you are interested in and it will tell you exactly what it is and possibly a whole bunch of other stuff about it. Alternatively it could give you spatial clues (as opposed to the directions that standard GPS systems provide) to allow you to find something within your field of view.

Having seen how the Sky Scout totally changed the way I saw the sky last night when I had it I am certain that we are going to see a host of these type of systems released over the next couple of years that use similar principles to provide people with devices that tell them a host of useful things about what they are looking at and enable them to find interesting stuff around them. I can't wait.

Monday 11 February 2008

"Mobile Internet"

It's in quotes for a reason. Vodafone do not provide the service that I need and I want to figure out what my options are. They charge me €5 per megabyte to use the only service that I can find that they provide that works for the connectivity that I want to use and I find that to be exhorbitant*.

They claim to offer a 500Meg per month "Mobile Internet" package for €9.99 per month which would actually suit me perfectly for now but their "Mobile Internet" requires me to use their live.vodafone.ie GPRS APN and that does not allow me to access any of the services that I want. I would expect something being described as "Mobile Internet" to allow me to get to http://www.google.com , for example. On my Windows Mobile 6 based Blackjack it doesn't work and whatever it actually does do is not Internet connectivity of any sort in my book. Their isp.vodafone.ie APN does work (more or less) but that results in the aforementioned €5 per megabyte charge.

So what are the alternatives? A quick search through the competition has demonstrated that none of them clearly provide a service that is obviously a genuine mobile internet data connection (for a phone that is) and those that appear to provide something are not obviously cost effective.

I'd love to see some evidence that there was genuine competition here. Since the market is heavily regulated (necessarily in my view) and the primary area of competition is for their voice and text products I would actually have expected that data would be one area where there would be genuine differences in the scope and cost of the services offered. I honestly thought when I opted for Vodafone that that was what their €9.99 bundle meant but I have been very severely disappointed by that. So if anyone reading this has any suggestions, or better yet some hard data from experience, please post a comment.

* I initially had this phrased differently because I have handed over the best part of €300 to Vodafone over the past three months for a total of around 60Meg of data that I believe should have cost me no more than €30 and that upsets me no end. Clearly I should have paid more attention to the terms and conditions but lads, I hate getting screwed and the way this was pitched means that I was screwed as far as I'm concerned even if you are perfectly protected by your very comprehensive terms and conditions. Congratulations on the €300 win but for me when I feel that a company screws me I get heavily encouraged to never give them any more business.

Friday 8 February 2008

What I've been Reading

Niall Ferguson: "Empire". I picked this up on a whim while browsing the special offers selection at Borders sometime back in August I think. When I brought it home I was tempted to find some reviews online but decided that it would be interesting to read it and form an entirely personal opinion of it before I let other people's views colour mine which I've managed to do despite the four month hiatus in the middle caused by moving house.

My general impression has been that it is an excellent overview of the rise and fall of the British Empire. It's necessarily shallow throughout as there is simply no way that something as complex a subject as this is can be dealt with in detail in a single 400 odd page book. Despite that, I think Ferguson manages to capture many, if not most, of the important events and driving forces that led to the creation and demise of the what was certainly the largest Empire the world has ever known and he does so in a very appealing and entertaining way. He is at his best when he attempts to explain the likely motivations of the principle actors while putting them in the context of the day. He doesn't avoid dealing with the many horrors that enabled British Imperialism to gain and keep control of many of its subjects and by and large seems to do a good job of putting them in a context so that the reader gets a credible impression of how the Zeitgeists of the Empire at large and the British Homelands developed over time.

My own personal understanding of British Colonial history has been informed mostly by an exceptionally biased standard Irish education, Irish cultural norms and what I picked up in my 10 years in some other former Colonies, (South Africa and Botswana) and which has given me a relatively patchy understanding of what the British Empire really was about and almost no ability to understand how it actually managed to become what it was.The brevity of the book meant that I was surprised by how little of the history of the countries that I was familiar with made it into his story but I can understand why he needed to be selective and I think that the overall value of the book is not hampered by the fact that Ireland gets no more than a handful of pages mostly concerned with the original Elizabethan Plantations, and the lead up to independence while South Africa is almost entirely focused on the economic and ideological fallout from the South African War (the Boer War as it is known here). It seems reasonable to assume that the same can be said about how he chose which parts of the histories of the other ex colonies and the key events in Britain to include and which to avoid.

This book filled in a lot of detail onto the broad outline of British Imperial History that I had and in particular it put some good arguments forth for why it succeeded when it did and failed the way it did. What I found really interesting was his understanding of the decline from 1914 through to the rapid unwinding of the colonies post WWII and his positioning of the emerging economic and ideological imperialism of the United States as key factor.

He makes a good (maybe even compelling) argument that some of the fundamental principles of British Imperialism made it a good thing (eventually) for many of those countries that at one time or another were part of it. He is at times too dismissive of any alternative paths but he is right in claiming that countries that today can claim that these principles still apply to them are, in general, better places to live than they would be without them. In particular he points out that by and large the British Empire tried to introduce some features into the societies that it conquered that are generally now believed to be a good thing:

  • Secure rights of private property.
  • The framework for effective contract law.
  • Stable Government that plays by clearly known and understood rules
  • Honest Government and public service.
  • Moderate levels of Government - small in size (relatively speaking), efficient and with low taxes
  • Free trade (at least within the club)

These claims are to me unarguably correct and pretty obvious when you travel through the former colonies. What the Empire failed to do by its very nature was to build a universal foundation of representative democracy. Where it did do that it has stuck well but that has happened reliably, for the most part, only in the White Dominions. The other major failing, to my mind, is the one that those of us who grew up in post colonial societies most despise the empire for: Its singular failure to introduce universal rights of personal liberty. Arguably you couldn't have built an empire on those grounds, at least not at the time, but Ferguson certainly seems to think that, well, you've got to break a few eggs to make an omelette so that's OK, right? Some might not be so sanguine.

The book seems to me to have suffered badly right at the end due to its timing, in particular his concluding chapter positions him as a sympathizer with, or at the very least not an opponent of, the post 9/11 "new world order" ideology of a new imperial hegemony of the western powers. He certainly believed at the time (2002/2003) that the military actions that had started (Afghanistan) and were likely to come (Iraq) would follow the pattern of mid Victorian British Imperial Gunboat Diplomacy and be successful in the same sort of ways. Certainly my current opinion on the complete lack of moral and ethical motivations that lie behind the "War on Terror" lead me to be dismissive of anyone who appears to be sympathetic to the jingoistic reactionary mood of the first years of the millennium but his rather fawning description of Blair's 2001 "re-order the world" call to arms speech at the Labour Party Conference just after the 9/11 bombings appears to be very simplistic in the light of the damage done to Liberty in the west by those who heeded that call and led their countries into seemingly interminable wars. Ferguson's admiration for the benefits of empire despite what he sees as occasional collateral damage is clear throughout the book but I wonder whether he really believes that a present day empire could survive having to do the sort of things that would be necessary to impose its order on the world as it is today. He fails to even begin to address those issues in his conclusion despite clearly positioning the United States as the new Imperial power if it would just decide that it wanted to take on that role actively. An Empire might be a grand thing when it's all up and running but if you have to decimate populations (or the leadership structures of populations) across the globe to get there that seems to be something that would present a problem given the way the world works today. Or at least so it seems to me, possibly some people still think you can actually just kill enough people and then everything will be fine but I rather doubt it works in a world where everyone can see it happening almost immediately.

Present day ideological problems aside, the one other area where the book left me feeling let down was in his dealings with the unwinding of the empire at its end. He wraps up the chapter on the decline of the Empire right at the point where the rapid de-colonising program was unfolding and he fails to delve into the consequences for those countries almost entirely. He notes than in many cases the de-colonization process was hurried but doesn't attempt to analyse whether there was any correlation between the post colonial failure of some countries and the care (or more specifically the lack of care) taken when they were being "handed back". The speed with which the empire had grown in the late 19th and 20th Centuries meant that many colonies had had little time to develop a society that accepted the cultural norms outlined above and those were repeatedly corrupted, stolen or simply abandoned in cases where the imperial departure was careless. Much of the torment in Africa and the Middle East today can be directly linked to the failure of the decolonising Europeans to establish a sustainable or equitable transition for the states put in place. Not all, to be sure, as it didn't fail in many cases but where it has it has been very bad indeed.

Overall though despite the obvious ideological differences that I have with the author it's a very worthwhile read especially for anyone who's exposure to history has been as biased and censored as my own was, or someone who simply wants a succinct overview of the British Empire written by a fan and it is immensely readable. I'll be looking for more by him. 8/10.

Postscript: Now that I've finished my own opinion I went and looked for others. It appears that he's a fairly controversial but well respected figure within history circles. His Thatcherite leanings are certainly plainly evident throughout this book but I was heartened to see that despite having been a supported of GWB when this book was written he had changed his mind by 2004 so perhaps he is not as ideologically alien to me as I'd feared. In any case it seems that I will have to add "The Pity of War" and "The War of The World" to my reading list now.

Tuesday 5 February 2008

What I've been Reading

In Flight:

William Gibson "Spook Country". I will have to restart this I'm ashamed to say. I started it in September and got distracted and I can't really remember what its about. Unlike every other Gibson book I've read this one didn't immediately grab me so I didn't get very far and was still a bit lost as the plot was finding its feet.

Niall Ferguson "Empire". This is turning out to be an excellent story about the evolution of the British Empire and the varied paths that British Imperialism and its colonies took as the Empire grew and then declined over the past four centuries.

Finished:

Colin Tudge: "The Secret Life of Trees".  It's a great book for getting a quick overview of what Trees really are. You will learn, for example, that much of the commercial use of timber uses names that are really only accurate in terms of broad appearance (Pine for example of very often not really Pine) and he does an excellent job at describing the genuine diversity of Rainforests vs the simple abundance of life that is a feature of the various temperate forests. I ended up feeling that the book was way too short which is not a bad thing really as I hope it will prompt me to go and read (heck even study) some more detailed books that dig deeper. Overall this was an excellent read although the list nature of the first 50% of the book might seriously dismay some readers. 8/10

Richard Dawkins: "The God Delusion" . I had to take a break from reading this because of all the other stuff that was happening over Christmas (oh the irony) but once I got back to it last week it became a proper page turner. "The God Delusion" is a thoroughly lucid and engaging effort to get people to start thinking rationally and humanely about what Religion really is, what it claims it is and what that means. This is a much better written (or possibly edited, who knows) book than "The Selfish Gene". Dawkins never gets caught up in the style of detailed technical argument that was necessary in some of his earlier popular works and he has developed a significantly more approachable tone since he wrote "The Selfish Gene" in 1976. The result is concise and engaging prose that keeps the book accessible and (at least for me) entertaining.  His destruction of the arguments for belief are comprehensive and powerful. Clearly I'm not someone Dawkin's needs to convert so I can't say how convincing these arguments would be to a believer but from my point of view he demolishes almost all of the viable counter arguments to rational atheism that I've come across. In particular he eviscerates the arguments for belief like "Well you can't _prove_ God doesn't exist, he might you know", "Religious belief is necessary for morality and to make us good" and (my particular pet hate) "Religion makes people feel spiritually better and sure what harm is there in that". 10/10.

Oliver Sacks: "The Man Who Mistook His Wife for a Hat". I picked this up at a friends house out of suriosity and read it in one sitting at some point in mid 1980's and I've wanted to re-read it ever since but just never got around to getting my hands on a copy of my own. Returning to it was a revelation in a number of ways. For those who are not familiar with it, it's a fantastic collection of stories based on fascinating examples of the bizarre effects of neurological damage. Some of the stories are terrifying when you consider what must be happening in the minds of those that he describes but for the most part Sacks has chosen stories that show how incredibly adaptable the human mind can be even when it is the victim of severely destructive trauma or illness. The stories remain fascinating and Sacks recounts show him to be an incredibly caring medical practitioner, were something to happen to you like has happened to any of the characters in his case studies I thing you should hope that those who ended up treating you were similarly driven to care for their patients' well being. Two other things stood out for me on re-reading this after two decades. The one thing that most surprised me was just how heavily obscure much of Sacks' prose is - he just dumps neurological and psychological terminology onto the reader in a heap and leaves it up to you to research the terminology or plow on regardless. In addition to that he is equally obscure in much of the prose that he writes. I don't tend to have a dictionary nearby when I read and only very rarely look stuff up as that tends to upset my reading style but I was hard pushed with this book. I had no recollection of that aspect of the book but at the time I read it I was reading stuff by Camus and Balzac for fun so that may be no surprise now that I think about it. The final thing that struck me was just how intrusive I found the religious overtones in the book are, I definitely didn't see it that way when I read it first - a small sign of progress in my own mind I suppose. Overall this is a 9/10 book for me though despite ( or maybe because ) it actually made me work harder than I expected.

Cormac McCarthy: "The Road". I've never read anything by Cormac McCarthy before and the only reason I bought this one was that somebody described it as a non Science Fiction Post Apocalyptic story which I couldn't quite get my head around. The description is perfect although it doesn't even begin to do justice to the book. It's quite short, you'll read it in one good sitting if you have not much on on a weekend. The psychological pressure is relentless, the story is terrifying from the very start and everything about it is depressing so don't go near this if you're having an existential crisis but in the end its something that I think everyone should read and most will enjoy. The writing is awesome but since I spend most of my time reading fairly run of the mill SF and Fantasy that's not very surprising. I suspect though that despite the fact that I am un-qualified to judge that McCarthy is something very special. 9/10.

Charlie Stross "Glasshouse". I forgot to blog about this after I posted my comments on Stross's latest work "Halting State" a couple of months back. It's an interesting enough far future SF tale that explores the concepts of identity within a society where minds and bodies can be easily replicated and changed. The story takes place within a Big Brother style experiment where groups of volunteers have opted to participate in a reconstructed "Dark Ages (ie 20th Century-ish America ) within the eponymous "Glasshouse". It's a good idea and pretty well executed but I thought that it lost its way somewhat in the middle and to be honest I was far more interested in the potential of the universe within which the Glasshouse experiment was running rather than the storyline that unfolded within. For me Stross has done better work and given my bias towards Space Opera I hope he returns to the style that featured in Singularity Sky and Iron Sunrise although another Accelerando or Halting State would be fine with me too. 6/10

Kim Stanley Robinson "60 Days and Counting". In short, disappointing. GrrlScientist has a pretty accurate review of it over at "Living The Scientific Life". The story started out pretty well in "Forty Signs of Rain" began to go a bit astray in "Fifty Degrees Below" and this just capped it off as a lost cause. It's very unfortunate as I've really liked some of his other stuff ( his Red\Green\Blue Mars Trilogy is excellent ). 1/10

Kim Stanley Robinson: "Icehenge". Just before I picked up "60 Days and counting" I got this on a whim as I'd heard nothing about it and assumed (correctly) that it was an early exploration of the sort of ideas that Robinson would go on to bring to fruition in the Mars Trilogy mentioned above. I was pleasantly surprised to find that despite it's age (it was first published in 1985 or so) it managed to age pretty well considering the fact that it's set in the nearish future. Some aspects of the story line are a bit jarring (the complete absence of interpersonal communications technology even on planets, the almost complete absence of personal computing resources, the continued human drudgery and manual labour) but the story works well enough and it made for a good bit of escapist SciFi with just enough of Robinson's thoughts on politics and sociology to make an entertaining story genuinely interesting. 6/10

Yet To Start:

Robert Harris: "Imperium"

Craig Murray: "Murder in Samarkand" ( thanks to Daithi.)

Jon Ronson: "The Men Who Stare At Goats"

Looking Forward To

Charlie Stross: Saturn's Children

Iain Banks: Matter

Alastair Reynolds: The Prefect

Alastair Reynolds: House of Suns

Terry Pratchett: Nation