OSSTMM 3 – the Open Source Security Testing Methodology Manual

Total Page:16

File Type:pdf, Size:1020Kb

OSSTMM 3 – the Open Source Security Testing Methodology Manual Designed for e-book readers or double-sided printing. OSSTMM 3 – The Open Source Security Testing Methodology Manual This manual provides test cases that result in verified facts. These facts provide actionable information that can measurably improve your operational security. By using the OSSTMM you no longer have to rely on general best practices, anecdotal evidence, or superstitions because you will have verified information specific to your needs on which to base your security decisions. Creative Commons 3.0 Attribution-Non-Commercial-NoDerivs 2010, ISECOM, www.isecom.org, www.osstmm.org Official OSSTMM Certifications: www.opsa.org, www.opst.org, www.opse.org, www.owse.org, www.trustanalyst.org 1 OSSTMM 3 – The Open Source Security Testing Methodology Manual Instructions This is a methodology to test the operational security of physical locations, human interactions, and all forms of communications such as wireless, wired, analog, and digital. Those who want to jump right into testing while using it may find the following quick-start information helpful. Quick Start To start making an OSSTMM test you will need to track what you test (the targets), how you test them (the parts of the targets tested and not the tools or techniques used), the types of controls discovered, and what you did not test (targets and parts of the targets). Then you may conduct the test as you are accustomed to with the objective of being able to answer the questions in the Security Test Audit Report (STAR) available at the end of this manual or as its own document. The STAR gives the specific test information on the state of the scope for the benefits of having a clear statement of the security metrics and details for comparisons with previous security tests or industry test averages. More details on the required information for the STAR is available throughout this manual and can be referenced as needed. As you may see, taking this approach means that very little time is required in addition to a standard test and the formalization of the report. It has been reported that this methodology actually reduces testing and reporting time due to the efficiencies introduced into the process. There should be no time or financial reason to avoid using the OSSTMM and no unreasonable restrictions are made to the tester. Upgrading from Older Versions If you are familiar with the OSSTMM 2.x series then you will find that the methodology has completely changed. The new rav provides a factual attack surface metric that is much more accurate for measuring the susceptibility to attacks. There are many other changes and enhancements as well but the primary focus has been to move away from solution-based testing which assumes specific security solutions will be found in a scope and are required for security (like a firewall). Another change you may notice is that there is now a single security testing methodology for all channels: Human, Physical, Wireless, Telecommunications, and Data Networks. The rav information from 2.x to 3.0 is incompatible. Those with early 3.0 draft rav (prior to RC 12) will require that the values be re-calculated using this final attack surface calculation which is available as a spreadsheet calculator at http://www.isecom.org/ravs. Previous OSSTMM security metrics measured risk with degradation however this version does not. Instead, the focus now is on a metric for the attack surface (the exposure) of a target or scope. This allows for a factual metric that has no bias or opinion like risk does. Our intention is to eventually eliminate the use of risk in areas of security which have no set price value of an asset (like with people, personal privacy, and even fluctuating markets) in favor of trust metrics which are based completely on facts. Much of the terminology has changed in this version to provide a professional definition of that which can actually be created or developed. This is most notable in definitions for security and safety which take more specific and concrete meanings for operations within. Since so much has changed from previous versions, as this is a completely re-written methodology, we recommend you read through it once before using it. Further help is available at http://www.isecom.org. Courses to help you make thorough and proper security tests, systems, and processes are available through ISECOM and will help you get the most of the OSSTMM. Creative Commons 3.0 Attribution-Non-Commercial-NoDerivs 2010, ISECOM, www.isecom.org, www.osstmm.org 2 Official OSSTMM Certifications: www.opsa.org, www.opst.org, www.opse.org, www.owse.org, www.trustanalyst.org OSSTMM 3 – The Open Source Security Testing Methodology Manual Version Information The current version of the Open Source Security Testing Methodology Manual (OSSTMM) is 3.02. This version of the OSSTMM ends the 2.x series. All OSSTMM versions prior to 3.0 including 3.0 release candidates (RC versions) are now obsolete. The original version was published on Monday, December 18, 2000. This current version is published on Tuesday, December 14, 2010. About this Project This project is maintained by the Institute for Security and Open Methodologies (ISECOM), developed in an open community, and subjected to peer and cross-disciplinary review. This project, like all ISECOM projects, is free from commercial and political influence. Financing for all ISECOM projects is provided through partnerships, subscriptions, certifications, licensing, and case-study-based research. ISECOM is a registered non-profit organization and established in New York, USA and in Catalonia, Spain. Local Support Regional ISECOM offices may be available in your area for language and business support. Find the ISECOM Partner in your area at http://www.isecom.org/tp. Community Support Reader evaluation of this document, suggestions for improvements, and results of its application for further study are required for further development. Contact us at http://www.isecom.org to offer research support, review, and editing assistance. Print Edition The print edition of this manual is available for purchase at the ISECOM website. Creative Commons 3.0 Attribution-Non-Commercial-NoDerivs 2010, ISECOM, www.isecom.org, www.osstmm.org Official OSSTMM Certifications: www.opsa.org, www.opst.org, www.opse.org, www.owse.org, www.trustanalyst.org 3 OSSTMM 3 – The Open Source Security Testing Methodology Manual Restrictions Any information contained within this document may not be modified or sold without the express consent of ISECOM. Commercial selling of this document or the information within this document, including the methodology applied within a tool, software, or checklist may NOT be provided without explicit permission from ISECOM. This research document is free to read, free to re-distribute non-commercially, and free to quote or apply in academic or commercial research, and free to use or apply in the following commercial engagements: testing, education, consulting, and research. This manual is licensed to ISECOM under Creative Commons 3.0 Attribution-NonCommercial-NoDerivs and the Open Methodology License 3.0. The ISECOM logo is an official Trademark and may not be used or reproduced commercially without consent from ISECOM. The OSSTMM hummingbird graphic is copyright Marta Barceló Jordan, licensed to ISECOM and may not be used or reproduced commercially without permission. As a collaborative, open project, the OSSTMM is not to be distributed by any means for which there is commercial gain either by itself or as part of a collection. As a standard, there may be only one, official version of the OSSTMM at any time and that version is not to be altered or forked in any way which will cause confusion as to the purpose of the original methodology. Therefore, no derivation of the OSSTMM is allowed. As a methodology, the OSSTMM is protected under the Open Methodology License 3.0 which applies the protection as that granted to Trade Secrets. However, where a Trade Secret requires sufficient effort requirements to retain a secret, the OML requires that the user make sufficient effort to be as transparent as possible about the application of the methodology. Therefore, use and application of the OSSTMM is considered as acceptance of the responsibility of the user to meet the requirements in the OML. There are no commercial restrictions on the use or application of the methodology within the OSSTMM. The OML is available at the end of this manual and at http://www.isecom.org/oml. Any and all licensing questions or requests should be directed to ISECOM. Creative Commons 3.0 Attribution-Non-Commercial-NoDerivs 2010, ISECOM, www.isecom.org, www.osstmm.org 4 Official OSSTMM Certifications: www.opsa.org, www.opst.org, www.opse.org, www.owse.org, www.trustanalyst.org OSSTMM 3 – The Open Source Security Testing Methodology Manual Primary Developers • ISECOM ◦ Marta Barceló, Director, ISECOM Board Member ◦ Pete Herzog, Director, OSSTMM Project Lead, ISECOM Board Member Primary Contributors The following people are listed alphabetically by company. Each has been a substantial influence to the development of this OSSTMM. @Mediaservice.net, Italy ISECOM, USA Raoul Chiesa, ISECOM Board Member Robert E. Lee, ISECOM Board Member Marco Ivaldi Fabio Guasconi GCP Global, Mexico Fabrizio Sensibile Francisco Puente adMERITia GmbH, Germany KCT Data, Inc., USA Heiko Rudolph, ISECOM Board Member Kim Truett, ISECOM Board Member Aaron Brown La Salle URL, Spain Bell Canada, Canada Jaume Abella, ISECOM Board Member Rick Mitchell Lab106 & Outpost24,
Recommended publications
  • Projects on the Move
    :FDDLE@KP Free Software Projects 8elg$kf$[Xk\fm\im`\nf]]i\\jf]knXi\Xe[`kjdXb\ij GIFA<:KJFEK?<DFM< Finally there’s a free alternative to the proprietary Flash on the web. Unfortunately, it implements Microsoft technology whose software patents might render the free Moonlight license useless. BY CARSTEN SCHNOBER Microsoft and Novell formed an alliance Flash format as a global standard for problems to newcomers because you can with the aim of establishing a Flash al- complex, interactive web content. The download a prebuilt version of the pl- ternative for Linux. After one year of co- proprietary browser plugin by Adobe is ugin from the project website and click operation between developers from both like a red flag to a bull for many Linux to install (Figure 1). Thus far, Moonlight companies, a beta version of the Silve- users. Because the source code is not supports only Linux systems using Fire- light free implementation, Moonlight, is available, developers and users of the fox, although the makers claim that it now available. Many members of the free operating system have been forced will support OpenSolaris and the Kon- Linux community suspect that the to rely on Adobe providing updates. In queror and Opera browsers in the near Moonlight Linux implementation [1] is the past, Adobe has been reticent with future. being used to establish Microsoft's Sil- respect to timeliness and completeness. For licensing reasons, the binary pack- verlight [2] technology on a cross-plat- age leaves out all multimedia codecs, form basis, thereby infiltrating the soft- ;Xe^\ijXe[9\e\]`kj thus seriously limiting its own function- ware freedom fighters’ fortress.
    [Show full text]
  • Rich Internet Applications
    Rich Internet Applications (RIAs) A Comparison Between Adobe Flex, JavaFX and Microsoft Silverlight Master of Science Thesis in the Programme Software Engineering and Technology CARL-DAVID GRANBÄCK Department of Computer Science and Engineering CHALMERS UNIVERSITY OF TECHNOLOGY UNIVERSITY OF GOTHENBURG Göteborg, Sweden, October 2009 The Author grants to Chalmers University of Technology and University of Gothenburg the non-exclusive right to publish the Work electronically and in a non-commercial purpose make it accessible on the Internet. The Author warrants that he/she is the author to the Work, and warrants that the Work does not contain text, pictures or other material that violates copyright law. The Author shall, when transferring the rights of the Work to a third party (for example a publisher or a company), acknowledge the third party about this agreement. If the Author has signed a copyright agreement with a third party regarding the Work, the Author warrants hereby that he/she has obtained any necessary permission from this third party to let Chalmers University of Technology and University of Gothenburg store the Work electronically and make it accessible on the Internet. Rich Internet Applications (RIAs) A Comparison Between Adobe Flex, JavaFX and Microsoft Silverlight CARL-DAVID GRANBÄCK © CARL-DAVID GRANBÄCK, October 2009. Examiner: BJÖRN VON SYDOW Department of Computer Science and Engineering Chalmers University of Technology SE-412 96 Göteborg Sweden Telephone + 46 (0)31-772 1000 Department of Computer Science and Engineering Göteborg, Sweden, October 2009 Abstract This Master's thesis report describes and compares the three Rich Internet Application !RIA" frameworks Adobe Flex, JavaFX and Microsoft Silverlight.
    [Show full text]
  • Aplicaciones Enriquecidas Para Internet: Estado Actual Y Tendencias
    Universidad de San Carlos de Guatemala Facultad de Ingeniería Escuela de Ciencias y Sistemas APLICACIONES ENRIQUECIDAS PARA INTERNET: ESTADO ACTUAL Y TENDENCIAS Miguel Alejandro Catalán López Asesorado por la Inga. Erika Yesenia Corado Castellanos de Lima Guatemala, enero de 2012 UNIVERSIDAD DE SAN CARLOS DE GUATEMALA FACULTAD DE INGENIERÍA APLICACIONES ENRIQUECIDAS PARA INTERNET: ESTADO ACTUAL Y TENDENCIAS TRABAJO DE GRADUACIÓN PRESENTADO A JUNTA DIRECTIVA DE LA FACULTAD DE INGENIERÍA POR MIGUEL ALEJANDRO CATALÁN LÓPEZ ASESORADO POR LA INGA. YESENIA CORADO CASTELLANOS DE LIMA AL CONFERÍRSELE EL TÍTULO DE INGENIERO EN CIENCIAS Y SISTEMAS GUATEMALA, ENERO DE 2012 UNIVERSIDAD DE SAN CARLOS DE GUATEMALA FACULTAD DE INGENIERÍA NÓMINA DE JUNTA DIRECTIVA DECANO Ing. Murphy Olympo Paiz Recinos VOCAL I Ing. Enrique Alfredo Beber Aceituno VOCAL II Ing. Pedro Antonio Aguilar Polanco VOCAL III Ing. Miguel Ángel Dávila Calderón VOCAL IV Br. Juan Carlos Molina Jiménez VOCAL V Br. Mario Maldonado Muralles SECRETARIO Ing. Hugo Humberto Rivera Pérez TRIBUNAL QUE PRACTICÓ EL EXAMEN GENERAL PRIVADO DECANO Ing. Murphy Olympo Paiz Recinos EXAMINADOR Ing. Juan Álvaro Díaz Ardavin EXAMINADOR Ing. Edgar Josué González Constanza EXAMINADOR Ing. José Ricardo Morales Prado SECRETARIO Ing. Hugo Humberto Rivera Pérez HONORABLE TRIBUNAL EXAMINADOR En cumplimiento con los preceptos que establece la ley de la Universidad de San Carlos de Guatemala, presento a su consideración mi trabajo de graduación titulado: APLICACIONES ENRIQUECIDAS PARA INTERNET: ESTADO ACTUAL
    [Show full text]
  • Internet Recruiting Power: Opportunities and Effectiveness
    IESE UNIVERSITY OF NAVARRA INTERNET RECRUITING POWER: OPPORTUNITIES AND EFFECTIVENESS José Ramón Pin* Miriam Laorden** Inés Sáenz-Diez*** RESEARCH PAPER No 439 July, 2001 Published by the International Research Centre on Organizations (IRCO) * Professor of Organizational Behaviour, IESE ** Manager at IRCO, IESE *** Research Associate at IRCO, IESE. Research Division IESE University of Navarra Av. Pearson, 21 08034 Barcelona - Spain Copyright © 2001, IESE Do not quote or reproduce without permission INTERNET RECRUITING POWER: OPPORTUNITIES AND EFFECTIVENESS Abstract Recruiting via the Internet, or e-Recruitment, is a phenomenon that has led to the appearance of a new market in which there is an unprecedented level of interaction between employers and potential employees. In this paper we describe the actual and emergent models in the e-Recruitment market, assess the changes this new recruitment tool is bringing about in companies’ practices and strategies, and analyse the risks and opportunities of e-Recruitment for companies and for job candidates. INTERNET RECRUITING POWER: OPPORTUNITIES AND EFFECTIVENESS I. Introduction 1. Research aims The main goal of this research project is to analyse the e-Recruitment tools that use new technologies, and more specifically everything that is done in this area over the Internet. The scope of the analysis is mainly Europe, although we could hardly have done it without comparing the European level with the market in the US, due to its broader experience in using these tools and the fact that it is a more mature market. The study focuses on three main objectives: Objective I. Describe current and emerging models in the European Internet recruitment market and define key actors.
    [Show full text]
  • Herbie Hancock Mr. Hands Mp3, Flac, Wma
    Herbie Hancock Mr. Hands mp3, flac, wma DOWNLOAD LINKS (Clickable) Genre: Jazz / Funk / Soul Album: Mr. Hands Country: Europe Released: 1992 Style: Fusion MP3 version RAR size: 1631 mb FLAC version RAR size: 1810 mb WMA version RAR size: 1691 mb Rating: 4.6 Votes: 840 Other Formats: MP3 VOX WMA AHX VQF DTS ASF Tracklist Hide Credits Spiraling Prism 1 6:22 Bass – Byron MillerDrums – Leon Ndugu Chancler 2 Calypso 6:42 Just Around The Corner 3 Bass – Freddie WashingtonDrums – Alphonse MouzonGuitar – Melvin "Wah Wah" 7:34 WatsonPercussion – Sheila Escovedo 4 AM 4 5:21 Bass – Jaco PastoriusDrums – Harvey MasonPercussion – Sheila Escovedo Shiftless Shuffle 5 7:08 Bass – Paul Jackson Drums – Harvey MasonTenor Saxophone – Bennie Maupin 6 Textures 6:38 Companies, etc. Made By – DADC Austria Phonographic Copyright (p) – Sony Music Entertainment Inc. Copyright (c) – Sony Music Entertainment Inc. Distributed By – Sony Music Credits Percussion – Bill Summers (tracks: 1, 4, 5) Producer – David Rubinson, Herbie Hancock Notes Jewel case 8-page booklet Originally released on LP in 1980 Barcode and Other Identifiers Barcode (Text): 5 099747 124020 Barcode (Scanned): 5099747124020 Label Code: LC 0162 Matrix / Runout: 01-471240-10 11 A1 DADC AUSTRIA Price Code: CB 741 Price Code: CDM Other (Sony Code): 01-471240-10 Rights Society: BIEM/STEMRA Other (Mould stamp): * Other versions Category Artist Title (Format) Label Category Country Year JC 36578 Herbie Hancock Mr. Hands (LP, Album) Columbia JC 36578 US 1980 PCT 36578 Herbie Hancock Mr. Hands (Cass, Album) Columbia PCT 36578 US 1980 PC 36578 Herbie Hancock Mr. Hands (LP, Album) Columbia PC 36578 US 1980 JCA 36578 Herbie Hancock Mr.
    [Show full text]
  • Introducing Silverlight From?
    02_0672330148_ch01.qxd 9/25/08 2:23 PM Page 3 Silverlight 2 Unleashed, published by SAMS, Copyright 2009 Pearson Education, Inc. ISBN 0672330148 CHAPTER 1 IN THIS CHAPTER . Where Does Silverlight Come Introducing Silverlight From? . Using Third-Party Plug-Ins . Running on Multiple Platforms . Making the Web Application Secure t all started when Microsoft presented its revolutionary I . Introducing Silverlight.net user interface (UI) framework, Windows Presentation Foundation, to an enthusiastic crowd of graphics designers, . What Do You Need to Run software developers, and businessmen in March 2006 at the Silverlight? new MIX conference in Las Vegas. Microsoft also added . Updating Your Runtime— one session about a lesser-known technology with the Automatically rather barbarian name Windows Presentation Foundation . Trying Silverlight Demos Everywhere, or WPF/E. There was nothing much to see yet, but the abstract was enticing: “With WPF/E you’ll be able . What Do You Need to Develop to build rich, interactive experiences that run in major Web Silverlight? browsers on major platforms as well as on mobile devices.” . Reading the Documentation A little more than a year later, at the second edition of the . Looking into Silverlight’s same MIX conference, Scott Guthrie (general manager at Future Microsoft, responsible for most of the .NET teams) climbed on stage and gave the crowd an amazing software demon- stration. The barbarian WPF/E was gone; in its place was Silverlight (see Figure 1.1). A bright new logo revolved on the screens. Gradients and animations were all over the place. Planes flew over the web browser’s window, connecting US cities while Scott was planning his next trips; a chess application let the browser’s JavaScript engine play against .NET, demonstrat- ing without any doubt the superior power of the compiled .NET application over JavaScript’s interpreted code.
    [Show full text]
  • Futurism-Anthology.Pdf
    FUTURISM FUTURISM AN ANTHOLOGY Edited by Lawrence Rainey Christine Poggi Laura Wittman Yale University Press New Haven & London Disclaimer: Some images in the printed version of this book are not available for inclusion in the eBook. Published with assistance from the Kingsley Trust Association Publication Fund established by the Scroll and Key Society of Yale College. Frontispiece on page ii is a detail of fig. 35. Copyright © 2009 by Yale University. All rights reserved. This book may not be reproduced, in whole or in part, including illustrations, in any form (beyond that copying permitted by Sections 107 and 108 of the U.S. Copyright Law and except by reviewers for the public press), without written permission from the publishers. Designed by Nancy Ovedovitz and set in Scala type by Tseng Information Systems, Inc. Printed in the United States of America by Sheridan Books. Library of Congress Cataloging-in-Publication Data Futurism : an anthology / edited by Lawrence Rainey, Christine Poggi, and Laura Wittman. p. cm. Includes bibliographical references and index. ISBN 978-0-300-08875-5 (cloth : alk. paper) 1. Futurism (Art) 2. Futurism (Literary movement) 3. Arts, Modern—20th century. I. Rainey, Lawrence S. II. Poggi, Christine, 1953– III. Wittman, Laura. NX456.5.F8F87 2009 700'.4114—dc22 2009007811 A catalogue record for this book is available from the British Library. This paper meets the requirements of ANSI/NISO Z39.48–1992 (Permanence of Paper). 10 9 8 7 6 5 4 3 2 1 CONTENTS Acknowledgments xiii Introduction: F. T. Marinetti and the Development of Futurism Lawrence Rainey 1 Part One Manifestos and Theoretical Writings Introduction to Part One Lawrence Rainey 43 The Founding and Manifesto of Futurism (1909) F.
    [Show full text]
  • Silverlight Interview Questions
    By OnlineInterviewQuestions.com Silverlight Interview Questions Silverlight is a very powerful development tool that has been used by many organizations in order to create engaging content for effective user experiences for both the web as well as mobile applications. It is a very popular web-based knowledge that was launched by Microsoft for individuals in the design world. It has also been considered as a competition to the famous Adobe’s Flash. Some of the big organization using Silverlight include Yahoo!, NASA, Indian Premier League (IPL), Continental Airlines, etc. These organizations have been using Silverlight to enhance their business manifolds. Thus, many companies have recently started to incorporate Silverlight into their systems for effective and efficient handling of their business. In lieu of which many organizations are looking for candidates that can provide adequate solutions to increase their market presence. Such organizations are looking for candidates with adequate theoretical knowledge in addition to good hands-on-training skills. This field also requires candidates to have excellent communication as well as presentation skills. Therefore, some basic, as well as advanced Silverlight interview questions, have been asked in order to scrutinize the perfect candidate that can make the cut. Read below some of the frequently asked Silverlight interview questions, if you either a fresher or an experienced individual to gain insight on the topic or brush up your past knowledge to land your dream job! Q1. What is the use of Silverlight? Silverlight is an open – source development tool manufactured by Microsoft, which is essentially used to create and deploy interactive user experiences along with media and internet applications for various internet and mobile applications.
    [Show full text]
  • Born in America, Jazz Can Be Seen As a Reflection of the Cultural Diversity and Individualism of This Country
    1 www.onlineeducation.bharatsevaksamaj.net www.bssskillmission.in “Styles in Jazz Music”. In Section 1 of this course you will cover these topics: Introduction What Is Jazz? Appreciating Jazz Improvisation The Origins Of Jazz Topic : Introduction Topic Objective: At the end of this topic student would be able to: Discuss the Birth of Jazz Discuss the concept of Louis Armstrong Discuss the Expansion of Jazz Understand the concepts of Bebop Discuss todays Jazz Definition/Overview: The topic discusses that the style of music known as jazz is largely based on improvisation. It has evolved while balancing traditional forces with the pursuit of new ideas and approaches. Today jazz continues to expand at an exciting rate while following a similar path. Here you will find resources that shed light on the basics of one of the greatest musical developments in modern history.WWW.BSSVE.IN Born in America, jazz can be seen as a reflection of the cultural diversity and individualism of this country. At its core are openness to all influences, and personal expression through improvisation. Throughout its history, jazz has straddled the worlds of popular music and art music, and it has expanded to a point where its styles are so varied that one may sound completely unrelated to another. First performed in bars, jazz can now be heard in clubs, concert halls, universities, and large festivals all over the world. www.bsscommunitycollege.in www.bssnewgeneration.in www.bsslifeskillscollege.in 2 www.onlineeducation.bharatsevaksamaj.net www.bssskillmission.in Key Points: 1. The Birth of Jazz New Orleans, Louisiana around the turn of the 20th century was a melting pot of cultures.
    [Show full text]
  • Head Hunters of the Amazon
    Head Hunters of the Amazon F. W. Up de Graff Head Hunters of the Amazon Table of Contents Head Hunters of the Amazon...................................................................................................................................1 F. W. Up de Graff..........................................................................................................................................1 FOREWORD.................................................................................................................................................2 INTRODUCTION.........................................................................................................................................3 HEAD HUNTERS OF THE AMAZON........................................................................................................4 CHAPTER II..................................................................................................................................................6 CHAPTER III..............................................................................................................................................14 CHAPTER IV..............................................................................................................................................17 CHAPTER V................................................................................................................................................21 CHAPTER VI..............................................................................................................................................28
    [Show full text]
  • “Head Hunters”—Herbie Hancock (1973) Added to the National Registry: 2007 Essay by Bob Gluck (Guest Post) *
    “Head Hunters”—Herbie Hancock (1973) Added to the National Registry: 2007 Essay by Bob Gluck (guest post) * Original album Original label Herbie Hancock Herbie Hancock’s “Head Hunters” charted a new course for a musician who had come to see the entire world as his potential audience. In crafting this recording, Hancock renewed an historic idea while furthering something novel: jazz that audiences could dance to. Not since the big band era had jazz quite so successfully reached out a broad net, merging music for attentive listening with an approach that gave everybody something to hold onto. This had been the goal of late 1950’s and early 60’s “hard bop.” That music, made famous by drummer Art Blakey and pianist Horace Silver, injected widely beloved African American musical styles— gospel and the Blues—into modern jazz. By softening bebop’s blazing fast angularity, hard boppers crafted a more accessible, finger snapping, more populist style. In fact, this was the music Herbie Hancock first played as he began his professional career at the beginning of the 1960s with Donald Byrd’s band and on his own early recordings. In the late 1960s and early 1970s, Hancock’s mentor, Miles Davis, began to update this concept of bridging popular Black music—R&B and funk--with jazz. Yet it was Hancock’s “Head Hunters” that most successfully reached the younger generation with this new synthesis. Hancock first gained the attention of a wider public when his 1962 hard bop tune “Watermelon Man” became, in the hands of Mongo Santamaria, a Latin dance craze.
    [Show full text]
  • Adobe Flex 4.5 Fundamentals Training from the Source
    Adobe® Flex® 4.5 Fundamentals Training from the Source Michael Labriola Jeff Tapper Matthew Boles Foreword by Adam Lehman, Adobe Flash Builder Product Manager Adobe® Flex® 4.5 Fundamentals: Training from the Source Michael Labriola/Jeff Tapper/Matthew Boles This Adobe Press book is published by Peachpit. For information on Adobe Press books, contact: Peachpit 1249 Eighth Street Berkeley, CA 94710 510/524-2178 510/524-2221 (fax) For the latest on Adobe Press books, go to www.adobepress.com To report errors, please send a note to [email protected] Copyright © 2012 by Michael Labriola and Jeffrey Tapper Adobe Press Editor: Victor Gavenda Project Editor: Nancy Peterson Development Editor: Robyn G. Thomas Technical Editor: Steve Lund Production Coordinator: Becky Winter Copy Editor: Jessica Grogan Compositor: Danielle Foster Indexer: Emily Glossbrenner Cover Design: Peachpit Press Notice of Rights All rights reserved. No part of this book may be reproduced or transmitted in any form by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher. For infor- mation on getting permission for reprints and excerpts, contact [email protected]. Notice of Liability The information in this book is distributed on an “As Is” basis, without warranty. While every precaution has been taken in the preparation of the book, neither the authors, Adobe Systems, Inc., nor the publisher shall have any lia- bility to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the instructions contained in this book or by the computer software and hardware products described in it.
    [Show full text]