Author: Michael Lucas

Writer. Sysadmin. Owns this site.
Posted on

Floating business ideas past my readers

As I beaver away on the new Absolute OpenBSD book, I’m pondering options for what to do afterwards. Part of that pondering concerns the business aspect of publishing. And I want your opinion.

This blog post is about tech books — or, more generally, “highly researched non-entertainment nonfiction,” a category which includes but is not limited to technology books. I’m explicitly excluding fiction and entertainment nonfiction. I’m discussing books meant to help the reader make more money, or at least keep their job.

I’ve wanted to write about certain technologies for years, but there aren’t enough buyers to support a traditional publishing run. They’re topics that would appeal to a majority of my blog readers, but a few hundred readers just can’t support a traditionally-published book. If I self-publish on such topics, I would get more money per reader. This could make special-interest books sufficiently profitable for me to invest a year writing them.

My goal is to make “enough” money so that I feel it’s worth spending my evenings and weekends writing a book. The exact value of “enough” varies with the topic, how hard the book is to write and research, how much I have to spend to write the book, who I have to work with to write the book, and what exactly I gave up in favor of writing the book. (Yes, I’d like to make great big steaming HEAPS of money. But that’s not realistic.) To achieve this, I must set the price of a book such that the reader feels he’s getting fair value, but still puts “enough” money in my pocket.

The problem comes in the payments I receive on the book.

You’ve probably heard that Amazon pays 70% royalties on self-published ebooks. That’s not quite accurate. It pays 70% royalties on self-published ebooks with a retail price of $9.99 or less. Barnes & Noble has a similar policy (look under Pricing and Payment Terms). Smashwords has a more complex royalty system, because they feed multiple ebook vendors. Royalties on books bought directly from Smashwords are about 85%, but royalties through various platforms that they feed pay varying percentages up to certain ceilings. For example, Kobo pays 60% up to $12.99, and 38% above that.

Physical book pricing is simpler. I get a certain amount for sales through Amazon, and a lower amount for sales through third parties such as Barnes & Noble or indie bookstores. Those royalties don’t have artificial ceilings.

I have no problem giving an ebook retailer their fair cut for delivery. I don’t wish to waste my time building and maintaining an ebook store when I could be writing. But the royalty scheme used by the large ebook retailers is clearly aimed at novels.

Companies like Amazon and B&N want self-published novels to be priced under $10. But there’s a definite difference between a 100,000-word novel with a potential audience of millions and a 300,000-word technology book with a potential audience of hundreds.

I cannot afford to spend a year writing a book with 500 expected buyers and sell it for $9.99. The income is not “enough.” Once I raise the price over $9.99, however, my royalty is halved. To raise my income a penny, I must increase the ebook price to over $20.

Unfair? Probably. Unnecessary? I’d say so. But that’s the retailer’s business decision, and I cannot change it, waste my time griping about it, or go on a long rant about how companies X, Y, and Z are destroying all that is good and wholesome in the world. (They aren’t, by the way. But that’s a separate blog post.)

So, for the sake of a purely hypothetical business decision, let me make up some numbers and facts. The pedantic will note that I’m rounding everything to the nearest dollar, but I’m already making up my own numbers, so who cares?

Assume I want to write a hefty book about a hypothetical project, MaguffinBSD. This project will take a year, expenses are minimal, and I have friends, allies, and supporters in the community. I decide that $14,000 gross is “enough”. My research indicates that maybe 500 people will buy the book. (How do I get that number? The community is about 1/10th the size of FreeBSD’s, and Absolute FreeBSD sold about 5000 copies in the first three years, with a dwindling long tail thereafter.) Let’s also assume that the book is up to my usual standards; it’s readable, mostly free of really blatant errors, and so on.

500 customers to raise $14,000 means that I must extract $28 from each buyer.

Option 1: I set the ebook price at $80, and sell it at that price across all platforms. Per various terms of service, the ebook must be priced at least 20% cheaper than the physical book retail price, so the print book is $100. My profit on the physical book is much higher, but sales are much lower.

Option 2: I write four smaller books: “MaguffinBSD, vol 1: Base Configuration,” “vol. 2, services,” “vol. 3, ongoing support,” and “vol 4: stupid MaguffinBSD Tricks.” Each of these books is available at all ebook retailers. I price each at $9.99.

A “MaguffinBSD, vols 1-4” is available as a print book, with a consolidated index and Table of Contents.

The version that appears in print is available as an ebook via Smashwords, and only Smashwords. It would not go to the other ebook retailers fed by Smashwords. Where you would pay $39.96 to buy each individual volume, I could sell the compendium for $32.

People who want individual volumes have the option to get them. People who want the compendium can get it in any desired format.

Option 3: Kickstarter. I include this because someone’s going to suggest it. I don’t like kickstarting books. Yes, some people do it, but publishing is a business. If I ever hope to make a living at writing, I need to treat it as a business. You can apply this same reasoning to asking for donations.

Model 2 increases my expenses and production time. I must prepare one book five times, in three different formats. But I might pick up some extra readers who are only interested in one or two volumes of the set, so I’ll consider that a wash.

But my gut reaction to model 1 is: oh dear God, NO.

So, my question to you lot is: which model would you accept more? Which would be more offensive? Or should I give up on writing specialty tech books and start writing about Windows, Apple, and Linux?

Posted on

New review of “SSH Mastery”

Samiuela LV Taufa was kind enough to write a review of SSH Mastery. Thank you, sir!

For those who are wondering why I haven’t posted much lately: I’m beavering away at the new Absolute OpenBSD, getting ready for a summer writing workshop with Kris Rusch, trying to get an article together for BSD Magazine, and when my brain is too tired to put words together, assembling a print version of Vicious Redemption.

So yes, I’m working. You just can’t see any results yet.

Posted on

Truth versus Art

There’s been a slow-burning furor over dishonesty in “creative nonfiction,” most recently in this Fact vs. Artistic License in Creative Nonfiction post. Now and then someone accuses me of making stuff up in my books. For the record, here’s the truth.

I lie. I make stuff up all the time. But not technical stuff.

One technique I use in each tech book is to create a narrator. The narrator is not me. I don’t actually blackmail coworkers, as the narrator of Network Flow Analysis recommends. The narrator’s role is to bring life to the material, point out possibilities that are difficult to expose in pure technical text, and try to jolt the reader into paying attention.

I don’t create the narrators beforehand. They evolve from the material. The narrator of AO2e is worryingly like forensic blood spatter analyst Dexter Morgan. I’m trying to change that, but he’s fighting back.

Of course, some things are true. The afterword for Absolute OpenBSD 2nd ed. is the true story of a really bad night. But I don’t have enough of those stories to color a book.

This technique works. It helps the reader pay attention. Some people even find reading my books enjoyable (for example, there’s this review that made me giggle madly). There are readers who hate my books for exactly this reason. But I’m not going to change my writing style to chase a readership.

If I’m giving instructions on how to fdisk and disklabel a hard drive, the information is as correct as I can make it. Facts are inviolate.

If it’s more personal, it might be true. It might be fictional. I am a writer, and am not to be trusted.

So don’t try to call me out on this. I know. I don’t care.

Posted on

Death of a Web Server

My first day at BSDCan, my Web sites died. Hard drive failure. The latest backups are defective. I think I’ve recovered the blog, but some links have changed, dang it. I’ll have to learn more about mod_rewrite to fix them. Web site is next. RSS readers will see some repeats, sorry.

Other than that, BSDCan was awesome. As usual. In fact, it was just awesome as expected. So it was kind of routine. But still awesome.

Posted on

50% off sale on my No Starch ebooks through O’Reilly, 4th May only

Yep, Cisco Routers for the Desperate and Absolute FreeBSD are 50% off when you buy through No Starch Press’s O’Reilly distributor.

And other books. By other authors. Most of whom are more awesome than I am, so I’m not going to mention any names. Like Peter Hansteen. Or Joe Kong. Or Tom Limoncelli. Or Chris Sanders. Because they sure don’t need the press.

This is part of the EFF’s Day Against DRM. Use the code DRMFREE to get 50% off ebooks via O’Reilly.

Go to the O’Reilly site for all the details.

For the record, my tech books are all DRM-free. (I have one short story with DRM on Amazon. It was the first story I put up. Amazon doesn’t allow you to change your DRM choice without removing and republishing the title. And I have two good reviews on that story, which I would lose if I did so. So I’m stuck. But you can get that story DRM-free on other sites.)

And how do I feel about doing this as part of a “GNU promotion”? Despite what a lot of people think, I have no objections to the GPL. I think it’s morally inferior to the BSD license. Sharing with the condition that people share back is generous. A pure gift is even better, however.

Posted on

Debugging RANCID

I’m a big fan of RANCID for managing configurations for embedded devices, such as most routers and switches. While you can go buy CiscoWorks, OpenView, or any number of proprietary products, RANCID is good enough for the overwhelming majority of us. (Those products do have other advantages, but simple configuration revision control isn’t one of them.)

For those who haven’t used RANCID: it logs into your devices every hour, gets the device configuration, and compares it to the stored configuration. If the configuration has changed, RANCID checks the new version into CVS. Combined with CVSWeb, RANCID really simplifies embedded device management.

Every now and then it breaks, however. Last week, I started getting an email every hour, whining that RANCID couldn’t get the configuration of one of my Mikrotik border routers. I hadn’t changed the router configuration in several days. My cow-orkers claimed they hadn’t touched the router.

So, let’s see what RANCID is having trouble with.

Log into the RANCID server, and su – to your RANCID account. Use clogin(1) to log into the device.

%clogin edge-1
edge-1
spawn ssh -c 3des -x -l admin+ct edge-1
admin+ct@edge-1.lodden.com's password:
...

[admin@edge-1] >

So, I can log in.

The main command to get a Mikrotik configuration is export. I run the command. It completes, but takes a few minutes. Not really a shock — this device has several full BGP feeds on IPv4 and IPv6, packet filtering, traffic shaping, and folds my socks in its spare time.

So, it’s not the obvious problem; the router can export its config, and RANCID can log into the router.

So, run RANCID for the group that includes the trouble router.

%rancid-run mikrotik

%

No error messages, but let’s check the log. It’s full of messages like this:

...
Trying to get all of the configs.
edge-1: End of run not found
Error: TIMEOUT reached
=====================================
...

Well, that’s not good. Let’s try running a single command on the router, setting the timeout to the usual 90 seconds.

%clogin -t 90 -c "export;quit" edge-1
edge-1
spawn ssh -c 3des -x -l admin+ct edge-1
admin+ct@edge-1.lodden.com's password:
...
/ipv6 nd prefix default
set autonomous=yes preferred-lifetime=1w valid-lifetime=4w2d

Error: TIMEOUT reached
%

So, the export takes longer to run than RANCID’s default timeout. How long does it need? Run RANCID under time(1) to find out. Add -t 1000 to set the timeout to 1000 seconds.

% time clogin -t 1000 -c “export;quit” edge-1

Walk away. Eventually, come back to look at it.

...
set accounting=yes default-group=read exclude-groups="" interim-update=0s \
use-radius=no
[admin@edge-1] > quit
interrupted
Connection to edge-1.lodden.com closed.

Error: EOF received
0.102u 0.094s 2:57.84 0.1% 87+948k 0+0io 0pf+0w

This export took almost three minutes, or 180 seconds. Twice the default timeout. Ick.

Now we have to tell RANCID to use a different timeout. I didn’t find anything in the manual pages, so I asked on the rancid-discuss mailing list. John Heasley quickly answered. It seems that the timeout option in .cloginrc should cover this, but that the feature is missing from the Mikrotik login script. He included a patch. I applied the patch and added

add password edge-1 blahblah
add user edge-1 admin+ct
add method edge-1 ssh
add noenable edge-1 {1}
add timeout edge-1 500

I then re-run RANCID. It completes silently. I can’t be sure that the change actually works until I see RANCID check in a change. I logged into the router, corrected a typo in the login message, and tried again. This time, changes appeared in CVS and I received my email. So I can conclude the patch works.

The most important thing to do in all of this, though? Close the loop with John Heasley. Verify the patch works, so others can benefit from my annoyance.

On a related note, RANCID is one of those tools that gets less attention than it deserves. I’m pondering writing a short book about it, rather like SSH Mastery. Would anyone actually be interested, however?

Posted on

And now for something completely different…

Last August a friend of mine, Colin Harvey, died of a sudden unexpected stroke. He was in my fiction critique group, and we spend several years bashing each other’s efforts. He made it as a novelist, with two books to his credit. I haven’t reached that. Yet.

Today, I learned that one of his stories had been filmed.

The funny thing is, this film is based on a challenge he set in the critique group, based on random overheard phrases provided by group members. Every story had to incorporate all of the phrases, intact and unedited. My phrase was about truth. It’s changed in the film, but the new line is also about truth. So, this film has my shadow in it, in a vague and indirect way.

Posted on

Absolute OpenBSD reviewers

Lots of people have offered to tech review the second edition of Absolute OpenBSD before it goes to print. Peter Hansteen is doing the final tech edit, but I still need a reality check before it goes to him.

Henning Brauer has offered to do this for me. He’s reviewed a few chapters already, and he’s caught a vast array of my inadequacies. I’ve decided to rely on Henning for fact-checking, rather than my usual volunteer community review process.

This will probably disappoint those of you who really wanted to volunteer. I appreciate you more than words can say. But the community review process is the single biggest time consumer of my time in book production outside of actual testing. Henning certainly knows OpenBSD, is more than capable of catching my errors, and is highly motivated to have the book be accurate. (Or, if you prefer, he’d rather not have some doofus author misrepresent his hard work. I’m good either way.)

I’m highly confident in their ability to point out every single mistake I make. If I make an error and both Henning and Peter miss it, well, then, apparently it was meant to be that way.

Posted on

Configuring OpenBSD to use RADIUS auth

I have a love-hate relationship with RADIUS. RADIUS is the cheap white glue of authentication. Just about everything speaks it, so you can use it as cheap glue to unify passwords across your gear. But it’s a finicky protocol, with lots of edge cases, and those edges can be SHARP.

Okay, perhaps it’s more of a tolerate-hate relationship. But still.

OpenBSD supports using RADIUS to authenticate user accounts. Why would you possibly want to do this? For one thing, if you’re using authpf, it gives you a way to easily synchronize firewall passwords with your Windows domain through the Microsoft Internet Authentication Service. It’s not ideal — ideal would be making all of your users use public key auth — but it’s better than nothing, reduces your support workload, and helps convince management that your firewall is a real solution.

I’m assuming you already have a RADIUS server. Mine is freeRADIUS-2.1.12, but any basic RADIUS server will work.

OpenBSD uses BSD authentication, a competitor to PAM. The RADIUS auth process is documented in login_radius(8), but I’ll walk through the basics.

Configure your RADIUS server to allow access from your OpenBSD box, and assign it a shared secret. My RADIUS server is 192.0.2.2, and my secret is the string Insubordinate. (It’s a lousy secret, but it’s just an example, and I’m tired.)

Create a directory for the server list, and set the permissions as per the man page.

# mkdir /etc/raddb
# chgrp _radius /etc/raddb/
# chmod 755 /etc/raddb/

Create the file /etc/raddb/servers. List each server, and its secret, on its own line.

192.0.2.2 Insubordinate

Now switch your default authentication scheme in login.conf.

#auth-defaults:auth=passwd,skey:
auth-defaults:\
        :auth=radius:\
        :radius-port=1812:\
        :radius-server=192.0.2.2:

The change should take effect immediately. Be sure you have a window logged in as root beforehand, so you can switch back if necessary. If you have trouble, check your RADIUS server’s debugging log, or use a packet sniffer to examine the actual RADIUS dialog.

Your host will now check every password against the RADIUS server. That includes root. You probably want to set up an auth-su class, or only have the authpf class use RADIUS, or some combination thereof. I really recommend requiring anyone who can get an actual shell to log in with public key authentication.

And for those who care, you now know exactly what part of Absolute OpenBSD I’m writing.

Posted on

The Purpose of Tech Books

I just got asked one too many times, “What’s in this book that’s not in the man pages?” And I’ve snapped.

I’m blogging my answer, so I can point here and save myself from typing the answer again.

I’m best known for writing about BSD technologies, a field where the developers are notoriously detailed in their documentation. If you look at the man pages for any open-source BSD, you’ll see that everything is included. If something is missing, it’s a bug. In addition there are extensive, lovingly-maintained FAQs and community-supported handbooks. How could I possibly add anything to than knowledge?

The short answer is: integration and context.

The man pages almost certainly contain everything you want to know. But man pages are not examples. Man pages do not provide context for the use of that knowledge. The ability to read disparate manuals and assemble that knowledge into a working, cohesive whole is a very specific skill. Programmers, in particular programmers who learn new technologies, have that skill. Many systems administrators develop that skill, after years of practice.

Some people can take a whole pile of man pages, assimilate their contents, integrate that knowledge together, and create a holistic understanding of the field they cover. They can extrapolate from documents into use cases, and reverse-extrapolate from actual uses into configuration. If you are one of these people, I have two things to say to you:

1) You do not need my books.
2) You are smarter than me.
3) By attempting to convince me of things I already know, you are wasting your own time.

I also concede that many technology books are nothing more than recitals of man pages. Others are nothing more than collections of screenshots, saying “click the Next box” four hundred times. These books are a waste of electrons and wood pulp. I blame them for dragging down the reputation of technology writing. (I also writhe in envy because these books sell far, far better than mine. But that’s a separate issue)

Good technology writing provides context for the information, and guides the reader to create a holistic understanding. Yes, some people can do that purely by reading man pages. Others need help.

Why should I write a book that competes directly with, say, the FreeBSD Handbook or the OpenBSD FAQ? Not everybody learns in the same way. Discussing the same facts in different language, with a different organization, makes the knowledge take a different path through the reader’s mind. The reader’s job is to use new information to make new connections in their brain, and seeing the same information presented very differently can help.

On a personal level, I do my best to make the job of getting that information easy, and present the reader with a whole bunch of ready-made connections.

If you want me to listen to your proclamation of superiority, I have to say: put your money where your mouth is. Donate the list price of one of my books to an open-source project that I write about. If you feel the uncontrollable need to advertise your superiority, write “That Moron Lucas Is Wasting His Time” in the note field. Copy me on the emailed receipt. At that time I will pay attention to you, in direct proportion to the size of the donation. I won’t change what I do, mind you — I probably won’t even answer the email — but I’ll pay attention to you. And I promise you, the recipient project won’t mind.

Update 5/2/2013: With the OpenBSD book coming out, I’m getting more of these. What really amuses me is that people think it’s important that I know the book is not useful.