Journal articles on the topic 'Web vulnerability scanner'

Modern society is far more dependent on web applications than the previous generations. Even though our dependence is increasing rapidly, the security level is far lower than required. To guarantee the security of the data system in the industry and our daily life, it is especially crucial to find out web application security vulnerabilities quickly and accurately. A vulnerability is a state of being unprotected from the prospect of an attack. It permits an attacker to gain a certain level of command of the site, and possibly the hosting server. One such vulnerability is the cross-site scripting vulnerability. In this exposition, a generic vulnerability scanner is proposed which can be customized to find any number of vulnerabilities. The scanner maps out the website and gives a report of all the vulnerabilities. For the purpose of evaluation, it has been customized to find XSS vulnerability in web applications.

The vulnerability scanner designed in this paper completed the collection of information and scanning of vulnerability, including six parts: input assets, asset collection, vulnerability profile, plug-in upload, single case detection and report display. The framework of vue realized the front end that included six pages, and the framework of gin realized the back end. The interface completed the separation of the front and back end. The database using MySQL designed seven tables. This scanner can avoid tedious and repetitive work, it can realize automatic scanning and testing of network vulnerabilities.

The article discusses the main provisions for constructing a vulnerability scanner for a web resource based on the «black box» technique. The definitions of the Mealy automaton are introduced, applicable to the web application. An example of the use of the Mealy automaton for constructing transition graphs on the links of a web resource is given. An algorithm for constructing a graph based on sent requests and received answers is proposed. Describe the alleged problems that arise in the scanner. There are proposed ways of solving the problems obtained with the use of additional mechanisms and work algorithms. When the algorithm is running and transitions are added, the new vertex is colored with one of the colors, if a repeated state is detected. As a result, we have a colored graph, which may collapse in the same colors. The user in the browser moving inside the web application performs sequential actions, the scanning technique is as close as possible to the real actions of the average user and provides a top-down view of the content, as well as the probability of clicking on the link. Thus determined group of sequential requests that change the state of the scanner.

Keamanan merupakan suatu usaha yang dilakukan untuk melindungi informasi yang terdapat didalamnya yang mengacu pada kerahasiaan. Sebuah sistem yang terhubung dengan jaringan internet, akan memiliki tingkat kerawanan tinggi akan menjadi sebuah polemik bagi pemilik layanan sebuah informasi. Metode yang dilakukan adalah mengaudit webserver Open Jurnal System (O.J.S). Kegiatan ini bertujuan untuk mengidentifikasi dan mengekploitasi kerentanan pada webserver Open Jurnal Sistem (O.J.S). Pada penelitian ini menggunakan tool Open Web Aplication Security Project (OWASP). Pengujian ini bertujuan mencari vulnerability pada webserver Open Jurnal Sistem (OJS) adapun tingkatan vulnerability yang dideteksi dalam pengujian ini antara lain high risk, medium risk, low risk. tujuan mengamankan dari serangan SQL Injection maupun Cross Site Scripting XSS, karena akan membawa dampak kegagalan sistem. Manfaat dari pengujian ini sebagai alert atau peringatan. adanya serangan SQl Injection maupun serangan Cross Site Scripting XSS, oleh tool OWASP dalam mengaudit secara mandiri pada webserver Open Jurnal System sendiri.

<p><em>Aspek keamanan sering dilupakan dalam penerapan Teknologi Informasi. Kerentanan biasanya disebabkan oleh kelalaian pengembang yang menyebabkan kerusakan pada sistem yang digunakan. Serangan SQL Injection, Cross Site Scripting dan tidak ada penggunaan saluran terenkripsi menyebabkan pemaparan pengguna data sensitif. Tujuan dari penelitian ini adalah untuk melakukan audit dan analisis aspek keamanan terhadap Aplikasi Web Prodi Teknik Informatika UIKA. Audit dan analisis keamanan adalah langkah pencegahan sehingga kerentanan yang ditemukan tidak menjadi pintu masuk bagi peretas sistem. Hasil dari penelitian ini dalam bentuk laporan audit keamanan yang memuat tentang kerentanan Aplikasi Web Prodi Teknik Informatika UIKA. Laporan tersebut akan digunakan sebagai referensi bagi pengembang aplikasi online, Analisis Keamanan Aplikasi Web Prodi Teknik Informatika UIKA untuk meningkatkan system di keamanan pada Aplikasi Web .Metode yang dilakukan pada pengujian ini akan menggunakan tool berupa perangkat lunak dan cara-cara tertentu yang digunakan untuk menguji keamanan sebuah AplikasiWeb. Untuk melakukan analisis keamanan Aplikasi Web, software yang digunakan adalah Acunetix Web Vulnerability scanner.</em></p><p><em> Hasil dari pengujian dapat ditemukan berbagai level kerentanan dari level kerentanan Low pada domain ti.ft.uika-bogor.ac.id sampai level kerentanan High pada sub domain lainnya yang berupa sub domain fakultas. Dari hasil analisis yang diperoleh dan dapat dilihat berbagai web alerts yang terdapat pada sebuah Aplikasi web tersebut. Adapun berbagai web alerts yang berhasil ditemukan berupa SQL Injection, Cross Site Scripting dan berbagai web alerts lainnya.</em></p>

Today, web application security is most significant battlefield between victim, attacker and resource of web service. The owner of web applications can’t see security vulnerability in web application which develops in ASP.NET. This paper explain one algorithm which aim to identify broken authentication and session management vulnerability. The given method of this paper scan the web application files. The created scanner generator relies on studying the source character of the application limited ASP.NET files and the code be beholden files. A program develop for this motive is to bring about a report which describes vulnerabilities types by mentioning the indict name, disclose description and its location. The aim of the paper is to discover the broken authentication and session management vulnerabilities. The indicated algorithm will uphold organization and developer to repair the vulnerabilities and recover from one end to the other security.

Security is an effort that can be done to protect the information contained in it which refers to confidentiality. Information systems that are centrally prone to various types of attacks such as DoS, SQL Injections, Cross Site Scripting (XSS), Clickjacking, CSRF / Cross-site request forgery and so on. This will be a polemic for the information service owner and manager. The method to be carried out in this study is to do penetration testing to audit the security of the campus information system webserver. This activity aims to identify and exploit vulnerabilities in the web server. In this study, several tools will be used as a tool, including WHOIS, NMAP and Acunetix Web Vulnerability Scanner. Tests carried out are to look for vulnerabilities on the web server while the level of vulnerability that will be detected in this test sawill be inter alia higt risk, Medium risk and low risk. The aim is to find out the weaknesses in the web server so that in the future it can avoid DoS attacks, CSRF / Cross-site request forgery, Cross Site Scripting (XSS) and clickjacking. The results of this test are expected to be an input for the management of campus information systems for the future can be made improvements to existing weaknesses.

We analyzed the urgency of the task of creating a more efficient (compared to analogues) means of automated vulnerability search based on modern technologies. We have shown the similarity of the vulnerabilities identifying process with the Markov decision-making process and justified the feasibility of using reinforcement learning technology for solving this problem. Since the analysis of the web application security is currently the highest priority and in demand, within the framework of this work, the application of the mathematical apparatus of reinforcement learning with to this subject area is considered. The mathematical model is presented, the specifics of the training and testing processes for the problem of automated vulnerability search in web applications are described. Based on an analysis of the OWASP Testing Guide, an action space and a set of environment states are identified. The characteristics of the software implementation of the proposed model are described: Q-learning is implemented in the Python programming language; a neural network was created to implement the learning policy using the tensorflow library. We demonstrated the results of the Reinforcement Learning agent on a real web application, as well as their comparison with the report of the Acunetix Vulnerability Scanner. The findings indicate that the proposed solution is promising.

The widespread adoption of web vulnerability scanners and the differences in the functionality provided by these tool-based vulnerability detection approaches increase the demand for testing their detection effectiveness. Despite the advantages of dynamic testing approaches, the literature lacks studies that systematically evaluate the performance of open source web vulnerability scanners. The main objectives of this study are to assess the performance of open source scanners from multiple perspectives and to examine their detection capability. This paper presents the results of a comparative evaluation of the security features as well as the performance of four web vulnerability detection tools. We followed this comparative assessment with a case study in which we evaluate the level of agreement between the results reported by two open source web vulnerability scanners. Given that the results of our comparative evaluation did not show significant performance differences among the scanners while the results of the conducted case study revealed high level of disagreement between the reports generated by different scanners, we conclude that the inconsistencies between the reports generated by different scanners might not necessarily correlate with their performance properties. We also present some recommendations for helping developers of web vulnerabilities scanners to improve their tools’ capabilities.

Nowadays, web applications are essential part of our lives. Web applications are used by people for information gathering, communication, e-commerce and variety of other activities. Since they contain valuable and sensitive information, the attacks against them have increased in order to find vulnerabilities and steal information. For this reason, it is essential to check web application vulnerabilities to ensure that it is secure. However, checking the vulnerabilities manually is a tedious and time-consuming job. Therefore, there is an exigent need for web application vulnerability scanners. In this study, we evaluate two open source web application vulnerability scanners Paros and OWASP Zed Attack Proxy (OWASP ZAP) by testing them against two vulnerable web applications buggy web application (bWAPP) and Damn Vulnerable Web Application (DVWA).

Abstract Industrial automation and control systems (IACS) play a key role in modern production facilities. On the one hand, they provide real-time functionality to the connected field devices. On the other hand, they get more and more connected to local networks and the internet in order to facilitate use cases promoted by “Industrie 4.0”. A lot of IACS are equipped with web servers that provide web applications for configuration and management purposes. If an attacker gains access to such a web application operated on an IACS, he can exploit vulnerabilities and possibly interrupt the critical automation process. Cyber security research for web applications is well-known in the office IT. There exist a lot of best practices and tools for testing web applications for different kinds of vulnerabilities. Security testing targets at discovering those vulnerabilities before they can get exploited. In order to enable IACS manufacturers and integrators to perform security tests for their devices, ISuTest was developed, a modular security testing framework for IACS. This paper provides a classification of known types of web application vulnerabilities. Therefore, it makes use of the worst direct impact of a vulnerability. Based on this analysis, a subset of open-source vulnerability scanners to detect such vulnerabilities is selected to be integrated into ISuTest. Subsequently, the integration is evaluated. This evaluation is twofold: At first, willful vulnerable web applications are used. In a second step, seven real IACS, like a programmable logic controller, industrial switches and cloud gateways, are used. Both evaluation steps start with the manual examination of the web applications for vulnerabilities. They conclude with an automated test of the web applications using the vulnerability scanners automated by ISuTest. The results show that the vulnerability scanners detected 53 % of the existing vulnerabilities. In a former study using commercial vulnerability scanners, 54 % of the security flaws could be found. While performing the analysis, 45 new vulnerabilities were detected. Some of them did not only break the web server but crashed the whole IACS, stopping the critical automation process. This shows that security testing is crucial in the industrial domain and needs to cover all services provided by the devices.

Diffusion- and perfusion-weighted magnetic resonance imaging (MRI) was used to study the putative effects of apolipoprotein E (ApoE) polymorphism in stroke. Thirty-one patients with acute stroke, comparative for age and gender were scanned, nine of whom were ApoE allele ***ε4 carriers. Initially, less than 24 hours from the onset of stroke, the ε4 carriers had significantly smaller volumes of hypoperfusion on relative cerebral blood volume map ( P = 0.001), and smaller infarct volumes ( P = 0.008) compared with the noncarriers. By day 8, this difference in the infarct volumes had disappeared, suggesting relatively enhanced infarct growth. On average, the total infarct volume increased 145% of the initial infarct volume in the ε4 carriers, and 84% in the noncarriers. There were strong correlations between the imaging findings and clinical status initially and with the outcome 3 months after the stroke in the ε4 noncarriers, but, with a single exception at acute phase, a lack thereof in the ε4 carriers. These patterns were virtually similar in a subgroup of patients with middle cerebral artery stroke. These data support the hypothesis of increased general vulnerability of the brain in the e4 carriers. Thus, the effects of ApoE polymorphism should be accounted for when interpreting diffusion- and perfusion-weighted MRI studies, particularly if predicting lesion growth.

Automated web application penetration testing has emerged as a trend. The computer was assigned the task of penetrating web application security with penetration testing technique. Relevant computer program reduces time, cost, and resources required for assessing a web application security. At the same time, scaling down tester reliance on human knowledge. Web application security scanner is such kind of program that is designed to assess web application security automatically with penetration testing technique. The downside is that computer is not well-formed as human. Consequently, web application security scanner often found generating the false alarms, especially in a testing environment, which web application source codes are unreachable. Thus, in this paper, the state-of-the-art of black box web application security scanner is systematically reviewed, to investigate the approaches for detecting web application vulnerability in an ambiguous testing environment. This survey is critical in providing insights on how to design efficient algorithms for assessing web application security with penetration testing technique in the ambiguous environment.

Hardly a facet of human life is not influenced by the Internet due to the continuous proliferation in the Internet facilities, usage, speed, user friendly browsing, global access, etc. At flip side, hackers are also attacking this digital world with new tactics and techniques through exploiting the web application vulnerabilities. The analysis of these vulnerabilities is of paramount importance in direction to secure social digital world. It can be carried out in two ways. First, manual analysis which is error prone due to the human nature of forgiveness, dynamic change in technology and fraudulence attack techniques. Second, through the existing web application vulnerability scanners that sometime may suffer from generating false alarm rate. Hence, there is a need to develop a framework that can detect different levels of vulnerabilities, ranging from client side vulnerabilities, communication side vulnerabilities to server side vulnerabilities. This paper has carried out the literature survey in direction of identifying the new attack vectors, vulnerabilities, detection mechanism, research gaps and new working areas in same field. Continuous improvement in framework is easy. Hence, a framework is proposed to overcome the identified research gap

Introduction Figure 1 The counter-Terrorism advertising campaign of London’s Metropolitan Police commodifies some everyday items such as mobile phones, computers, passports and credit cards as having the potential to sustain terrorist activities. The process of ascribing cultural values and symbolic meanings to some everyday technical gadgets objectifies and situates Terrorism into the everyday life. The police, in urging people to look out for ‘the unusual’ in their normal day-to-day lives, juxtapose the everyday with the unusual, where day-to-day consumption, routines and flows of human activity can seemingly house insidious and atavistic elements. This again is reiterated in the Met police press release: Terrorists live within our communities making their plans whilst doing everything they can to blend in, and trying not to raise suspicions about their activities. (MPA Website) The commodification of Terrorism through uncommon and everyday objects situates Terrorism as a phenomenon which occupies a liminal space within the everyday. It resides, breathes and co-exists within the taken-for-granted routines and objects of ‘the everyday’ where it has the potential to explode and disrupt without warning. Since 9/11 and the 7/7 bombings Terrorism has been narrated through the disruption of mobility, whether in mid-air or in the deep recesses of the Underground. The resonant thread of disruption to human mobility evokes a powerful meta-narrative where acts of Terrorism can halt human agency amidst the backdrop of the metropolis, which is often a metaphor for speed and accelerated activities. If globalisation and the interconnected nature of the world are understood through discourses of risk, Terrorism bears the same footprint in urban spaces of modernity, narrating the vulnerability of the human condition in an inter-linked world where ideological struggles and resistance are manifested through inexplicable violence and destruction of lives, where the everyday is suspended to embrace the unexpected. As a consequence ambient fear “saturates the social spaces of everyday life” (Hubbard 2). The commodification of Terrorism through everyday items of consumption inevitably creates an intertextuality with real and media events, which constantly corrode the security of the metropolis. Paddy Scannell alludes to a doubling of place in our mediated world where “public events now occur simultaneously in two different places; the place of the event itself and that in which it is watched and heard. The media then vacillates between the two sites and creates experiences of simultaneity, liveness and immediacy” (qtd. in Moores 22). The doubling of place through media constructs a pervasive environment of risk and fear. Mark Danner (qtd. in Bauman 106) points out that the most powerful weapon of the 9/11 terrorists was that innocuous and “most American of technological creations: the television set” which provided a global platform to constantly replay and remember the dreadful scenes of the day, enabling the terrorist to appear invincible and to narrate fear as ubiquitous and omnipresent. Philip Abrams argues that ‘big events’ (such as 9/11 and 7/7) do make a difference in the social world for such events function as a transformative device between the past and future, forcing society to alter or transform its perspectives. David Altheide points out that since September 11 and the ensuing war on terror, a new discourse of Terrorism has emerged as a way of expressing how the world has changed and defining a state of constant alert through a media logic and format that shapes the nature of discourse itself. Consequently, the intensity and centralisation of surveillance in Western countries increased dramatically, placing the emphasis on expanding the forms of the already existing range of surveillance processes and practices that circumscribe and help shape our social existence (Lyon, Terrorism 2). Normalisation of Surveillance The role of technologies, particularly information and communication technologies (ICTs), and other infrastructures to unevenly distribute access to the goods and services necessary for modern life, while facilitating data collection on and control of the public, are significant characteristics of modernity (Reiman; Graham and Marvin; Monahan). The embedding of technological surveillance into spaces and infrastructures not only augment social control but also redefine data as a form of capital which can be shared between public and private sectors (Gandy, Data Mining; O’Harrow; Monahan). The scale, complexity and limitations of omnipresent and omnipotent surveillance, nevertheless, offer room for both subversion as well as new forms of domination and oppression (Marx). In surveillance studies, Foucault’s analysis is often heavily employed to explain lines of continuity and change between earlier forms of surveillance and data assemblage and contemporary forms in the shape of closed-circuit television (CCTV) and other surveillance modes (Dee). It establishes the need to discern patterns of power and normalisation and the subliminal or obvious cultural codes and categories that emerge through these arrangements (Fopp; Lyon, Electronic; Norris and Armstrong). In their study of CCTV surveillance, Norris and Armstrong (cf. in Dee) point out that when added to the daily minutiae of surveillance, CCTV cameras in public spaces, along with other camera surveillance in work places, capture human beings on a database constantly. The normalisation of surveillance, particularly with reference to CCTV, the popularisation of surveillance through television formats such as ‘Big Brother’ (Dee), and the expansion of online platforms to publish private images, has created a contradictory, complex and contested nature of spatial and power relationships in society. The UK, for example, has the most developed system of both urban and public space cameras in the world and this growth of camera surveillance and, as Lyon (Surveillance) points out, this has been achieved with very little, if any, public debate as to their benefits or otherwise. There may now be as many as 4.2 million CCTV cameras in Britain (cf. Lyon, Surveillance). That is one for every fourteen people and a person can be captured on over 300 cameras every day. An estimated £500m of public money has been invested in CCTV infrastructure over the last decade but, according to a Home Office study, CCTV schemes that have been assessed had little overall effect on crime levels (Wood and Ball). In spatial terms, these statistics reiterate Foucault’s emphasis on the power economy of the unseen gaze. Michel Foucault in analysing the links between power, information and surveillance inspired by Bentham’s idea of the Panopticon, indicated that it is possible to sanction or reward an individual through the act of surveillance without their knowledge (155). It is this unseen and unknown gaze of surveillance that is fundamental to the exercise of power. The design and arrangement of buildings can be engineered so that the “surveillance is permanent in its effects, even if it is discontinuous in its action” (Foucault 201). Lyon (Terrorism), in tracing the trajectory of surveillance studies, points out that much of surveillance literature has focused on understanding it as a centralised bureaucratic relationship between the powerful and the governed. Invisible forms of surveillance have also been viewed as a class weapon in some societies. With the advancements in and proliferation of surveillance technologies as well as convergence with other technologies, Lyon argues that it is no longer feasible to view surveillance as a linear or centralised process. In our contemporary globalised world, there is a need to reconcile the dialectical strands that mediate surveillance as a process. In acknowledging this, Giles Deleuze and Felix Guattari have constructed surveillance as a rhizome that defies linearity to appropriate a more convoluted and malleable form where the coding of bodies and data can be enmeshed to produce intricate power relationships and hierarchies within societies. Latour draws on the notion of assemblage by propounding that data is amalgamated from scattered centres of calculation where these can range from state and commercial institutions to scientific laboratories which scrutinise data to conceive governance and control strategies. Both the Latourian and Deleuzian ideas of surveillance highlight the disparate arrays of people, technologies and organisations that become connected to make “surveillance assemblages” in contrast to the static, unidirectional Panopticon metaphor (Ball, “Organization” 93). In a similar vein, Gandy (Panoptic) infers that it is misleading to assume that surveillance in practice is as complete and totalising as the Panoptic ideal type would have us believe. Co-optation of Millions The Metropolitan Police’s counter-Terrorism strategy seeks to co-opt millions where the corporeal body can complement the landscape of technological surveillance that already co-exists within modernity. In its press release, the role of civilian bodies in ensuring security of the city is stressed; Keeping Londoners safe from Terrorism is not a job solely for governments, security services or police. If we are to make London the safest major city in the world, we must mobilise against Terrorism not only the resources of the state, but also the active support of the millions of people who live and work in the capita. (MPA Website). Surveillance is increasingly simulated through the millions of corporeal entities where seeing in advance is the goal even before technology records and codes these images (William). Bodies understand and code risk and images through the cultural narratives which circulate in society. Compared to CCTV technology images, which require cultural and political interpretations and interventions, bodies as surveillance organisms implicitly code other bodies and activities. The travel bag in the Metropolitan Police poster reinforces the images of the 7/7 bombers and the renewed attempts to bomb the London Underground on the 21st of July. It reiterates the CCTV footage revealing images of the bombers wearing rucksacks. The image of the rucksack both embodies the everyday as well as the potential for evil in everyday objects. It also inevitably reproduces the cultural biases and prejudices where the rucksack is subliminally associated with a specific type of body. The rucksack in these terms is a laden image which symbolically captures the context and culture of risk discourses in society. The co-optation of the population as a surveillance entity also recasts new forms of social responsibility within the democratic polity, where privacy is increasingly mediated by the greater need to monitor, trace and record the activities of one another. Nikolas Rose, in discussing the increasing ‘responsibilisation’ of individuals in modern societies, describes the process in which the individual accepts responsibility for personal actions across a wide range of fields of social and economic activity as in the choice of diet, savings and pension arrangements, health care decisions and choices, home security measures and personal investment choices (qtd. in Dee). While surveillance in individualistic terms is often viewed as a threat to privacy, Rose argues that the state of ‘advanced liberalism’ within modernity and post-modernity requires considerable degrees of self-governance, regulation and surveillance whereby the individual is constructed both as a ‘new citizen’ and a key site of self management. By co-opting and recasting the role of the citizen in the age of Terrorism, the citizen to a degree accepts responsibility for both surveillance and security. In our sociological imagination the body is constructed both as lived as well as a social object. Erving Goffman uses the word ‘umwelt’ to stress that human embodiment is central to the constitution of the social world. Goffman defines ‘umwelt’ as “the region around an individual from which signs of alarm can come” and employs it to capture how people as social actors perceive and manage their settings when interacting in public places (252). Goffman’s ‘umwelt’ can be traced to Immanuel Kant’s idea that it is the a priori categories of space and time that make it possible for a subject to perceive a world (Umiker-Sebeok; qtd. in Ball, “Organization”). Anthony Giddens adapted the term Umwelt to refer to “a phenomenal world with which the individual is routinely ‘in touch’ in respect of potential dangers and alarms which then formed a core of (accomplished) normalcy with which individuals and groups surround themselves” (244). Benjamin Smith, in considering the body as an integral component of the link between our consciousness and our material world, observes that the body is continuously inscribed by culture. These inscriptions, he argues, encompass a wide range of cultural practices and will imply knowledge of a variety of social constructs. The inscribing of the body will produce cultural meanings as well as create forms of subjectivity while locating and situating the body within a cultural matrix (Smith). Drawing on Derrida’s work, Pugliese employs the term ‘Somatechnics’ to conceptualise the body as a culturally intelligible construct and to address the techniques in and through which the body is formed and transformed (qtd. in Osuri). These techniques can encompass signification systems such as race and gender and equally technologies which mediate our sense of reality. These technologies of thinking, seeing, hearing, signifying, visualising and positioning produce the very conditions for the cultural intelligibility of the body (Osuri). The body is then continuously inscribed and interpreted through mediated signifying systems. Similarly, Hayles, while not intending to impose a Cartesian dichotomy between the physical body and its cognitive presence, contends that the use and interactions with technology incorporate the body as a material entity but it also equally inscribes it by marking, recording and tracing its actions in various terrains. According to Gayatri Spivak (qtd. in Ball, “Organization”) new habits and experiences are embedded into the corporeal entity which then mediates its reactions and responses to the social world. This means one’s body is not completely one’s own and the presence of ideological forces or influences then inscribe the body with meanings, codes and cultural values. In our modern condition, the body and data are intimately and intricately bound. Outside the home, it is difficult for the body to avoid entering into relationships that produce electronic personal data (Stalder). According to Felix Stalder our physical bodies are shadowed by a ‘data body’ which follows the physical body of the consuming citizen and sometimes precedes it by constructing the individual through data (12). Before we arrive somewhere, we have already been measured and classified. Thus, upon arrival, the citizen will be treated according to the criteria ‘connected with the profile that represents us’ (Gandy, Panoptic; William). Following September 11, Lyon (Terrorism) reveals that surveillance data from a myriad of sources, such as supermarkets, motels, traffic control points, credit card transactions records and so on, was used to trace the activities of terrorists in the days and hours before their attacks, confirming that the body leaves data traces and trails. Surveillance works by abstracting bodies from places and splitting them into flows to be reassembled as virtual data-doubles, and in the process can replicate hierarchies and centralise power (Lyon, Terrorism). Mike Dee points out that the nature of surveillance taking place in modern societies is complex and far-reaching and in many ways insidious as surveillance needs to be situated within the broadest context of everyday human acts whether it is shopping with loyalty cards or paying utility bills. Physical vulnerability of the body becomes more complex in the time-space distanciated surveillance systems to which the body has become increasingly exposed. As such, each transaction – whether it be a phone call, credit card transaction, or Internet search – leaves a ‘data trail’ linkable to an individual person or place. Haggerty and Ericson, drawing from Deleuze and Guattari’s concept of the assemblage, describe the convergence and spread of data-gathering systems between different social domains and multiple levels (qtd. in Hier). They argue that the target of the generic ‘surveillance assemblage’ is the human body, which is broken into a series of data flows on which surveillance process is based. The thrust of the focus is the data individuals can yield and the categories to which they can contribute. These are then reapplied to the body. In this sense, surveillance is rhizomatic for it is diverse and connected to an underlying, invisible infrastructure which concerns interconnected technologies in multiple contexts (Ball, “Elements”). The co-opted body in the schema of counter-Terrorism enters a power arrangement where it constitutes both the unseen gaze as well as the data that will be implicated and captured in this arrangement. It is capable of producing surveillance data for those in power while creating new data through its transactions and movements in its everyday life. The body is unequivocally constructed through this data and is also entrapped by it in terms of representation and categorisation. The corporeal body is therefore part of the machinery of surveillance while being vulnerable to its discriminatory powers of categorisation and victimisation. As Hannah Arendt (qtd. in Bauman 91) had warned, “we terrestrial creatures bidding for cosmic significance will shortly be unable to comprehend and articulate the things we are capable of doing” Arendt’s caution conveys the complexity, vulnerability as well as the complicity of the human condition in the surveillance society. Equally it exemplifies how the corporeal body can be co-opted as a surveillance entity sustaining a new ‘banality’ (Arendt) in the machinery of surveillance. Social Consequences of Surveillance Lyon (Terrorism) observed that the events of 9/11 and 7/7 in the UK have inevitably become a prism through which aspects of social structure and processes may be viewed. This prism helps to illuminate the already existing vast range of surveillance practices and processes that touch everyday life in so-called information societies. As Lyon (Terrorism) points out surveillance is always ambiguous and can encompass genuine benefits and plausible rationales as well as palpable disadvantages. There are elements of representation to consider in terms of how surveillance technologies can re-present data that are collected at source or gathered from another technological medium, and these representations bring different meanings and enable different interpretations of life and surveillance (Ball, “Elements”). As such surveillance needs to be viewed in a number of ways: practice, knowledge and protection from threat. As data can be manipulated and interpreted according to cultural values and norms it reflects the inevitability of power relations to forge its identity in a surveillance society. In this sense, Ball (“Elements”) concludes surveillance practices capture and create different versions of life as lived by surveilled subjects. She refers to actors within the surveilled domain as ‘intermediaries’, where meaning is inscribed, where technologies re-present information, where power/resistance operates, and where networks are bound together to sometimes distort as well as reiterate patterns of hegemony (“Elements” 93). While surveillance is often connected with technology, it does not however determine nor decide how we code or employ our data. New technologies rarely enter passive environments of total inequality for they become enmeshed in complex pre-existing power and value systems (Marx). With surveillance there is an emphasis on the classificatory powers in our contemporary world “as persons and groups are often risk-profiled in the commercial sphere which rates their social contributions and sorts them into systems” (Lyon, Terrorism 2). Lyon (Terrorism) contends that the surveillance society is one that is organised and structured using surveillance-based techniques recorded by technologies, on behalf of the organisations and governments that structure our society. This information is then sorted, sifted and categorised and used as a basis for decisions which affect our life chances (Wood and Ball). The emergence of pervasive, automated and discriminatory mechanisms for risk profiling and social categorising constitute a significant mechanism for reproducing and reinforcing social, economic and cultural divisions in information societies. Such automated categorisation, Lyon (Terrorism) warns, has consequences for everyone especially in face of the new anti-terror measures enacted after September 11. In tandem with this, Bauman points out that a few suicidal murderers on the loose will be quite enough to recycle thousands of innocents into the “usual suspects”. In no time, a few iniquitous individual choices will be reprocessed into the attributes of a “category”; a category easily recognisable by, for instance, a suspiciously dark skin or a suspiciously bulky rucksack* *the kind of object which CCTV cameras are designed to note and passers-by are told to be vigilant about. And passers-by are keen to oblige. Since the terrorist atrocities on the London Underground, the volume of incidents classified as “racist attacks” rose sharply around the country. (122; emphasis added) Bauman, drawing on Lyon, asserts that the understandable desire for security combined with the pressure to adopt different kind of systems “will create a culture of control that will colonise more areas of life with or without the consent of the citizen” (123). This means that the inhabitants of the urban space whether a citizen, worker or consumer who has no terrorist ambitions whatsoever will discover that their opportunities are more circumscribed by the subject positions or categories which are imposed on them. Bauman cautions that for some these categories may be extremely prejudicial, restricting them from consumer choices because of credit ratings, or more insidiously, relegating them to second-class status because of their colour or ethnic background (124). Joseph Pugliese, in linking visual regimes of racial profiling and the shooting of Jean Charles de Menezes in the aftermath of 7/7 bombings in London, suggests that the discursive relations of power and visuality are inextricably bound. Pugliese argues that racial profiling creates a regime of visuality which fundamentally inscribes our physiology of perceptions with stereotypical images. He applies this analogy to Menzes running down the platform in which the retina transforms him into the “hallucinogenic figure of an Asian Terrorist” (Pugliese 8). With globalisation and the proliferation of ICTs, borders and boundaries are no longer sacrosanct and as such risks are managed by enacting ‘smart borders’ through new technologies, with huge databases behind the scenes processing information about individuals and their journeys through the profiling of body parts with, for example, iris scans (Wood and Ball 31). Such body profiling technologies are used to create watch lists of dangerous passengers or identity groups who might be of greater ‘risk’. The body in a surveillance society can be dissected into parts and profiled and coded through technology. These disparate codings of body parts can be assembled (or selectively omitted) to construct and represent whole bodies in our information society to ascertain risk. The selection and circulation of knowledge will also determine who gets slotted into the various categories that a surveillance society creates. Conclusion When the corporeal body is subsumed into a web of surveillance it often raises questions about the deterministic nature of technology. The question is a long-standing one in our modern consciousness. We are apprehensive about according technology too much power and yet it is implicated in the contemporary power relationships where it is suspended amidst human motive, agency and anxiety. The emergence of surveillance societies, the co-optation of bodies in surveillance schemas, as well as the construction of the body through data in everyday transactions, conveys both the vulnerabilities of the human condition as well as its complicity in maintaining the power arrangements in society. Bauman, in citing Jacques Ellul and Hannah Arendt, points out that we suffer a ‘moral lag’ in so far as technology and society are concerned, for often we ruminate on the consequences of our actions and motives only as afterthoughts without realising at this point of existence that the “actions we take are most commonly prompted by the resources (including technology) at our disposal” (91). References Abrams, Philip. Historical Sociology. Shepton Mallet, UK: Open Books, 1982. Altheide, David. “Consuming Terrorism.” Symbolic Interaction 27.3 (2004): 289-308. Arendt, Hannah. Eichmann in Jerusalem: A Report on the Banality of Evil. London: Faber & Faber, 1963. Bauman, Zygmunt. Liquid Fear. Cambridge, UK: Polity, 2006. Ball, Kristie. “Elements of Surveillance: A New Framework and Future Research Direction.” Information, Communication and Society 5.4 (2002): 573-90 ———. “Organization, Surveillance and the Body: Towards a Politics of Resistance.” Organization 12 (2005): 89-108. Dee, Mike. “The New Citizenship of the Risk and Surveillance Society – From a Citizenship of Hope to a Citizenship of Fear?” Paper Presented to the Social Change in the 21st Century Conference, Queensland University of Technology, Queensland, Australia, 22 Nov. 2002. 14 April 2007 http://eprints.qut.edu.au/archive/00005508/02/5508.pdf>. Deleuze, Gilles, and Felix Guattari. A Thousand Plateaus. Minneapolis: U of Minnesota P, 1987. Fopp, Rodney. “Increasing the Potential for Gaze, Surveillance and Normalization: The Transformation of an Australian Policy for People and Homeless.” Surveillance and Society 1.1 (2002): 48-65. Foucault, Michel. Discipline and Punish: The Birth of the Prison. London: Allen Lane, 1977. Giddens, Anthony. Modernity and Self-Identity. Self and Society in the Late Modern Age. Stanford: Stanford UP, 1991. Gandy, Oscar. The Panoptic Sort: A Political Economy of Personal Information. Boulder, CO: Westview, 1997. ———. “Data Mining and Surveillance in the Post 9/11 Environment.” The Intensification of Surveillance: Crime, Terrorism and War in the Information Age. Eds. Kristie Ball and Frank Webster. Sterling, VA: Pluto Press, 2003. Goffman, Erving. Relations in Public. Harmondsworth: Penguin, 1971. Graham, Stephen, and Simon Marvin. Splintering Urbanism: Networked Infrastructures, Technological Mobilities and the Urban Condition. New York: Routledge, 2001. Hier, Sean. “Probing Surveillance Assemblage: On the Dialectics of Surveillance Practices as Process of Social Control.” Surveillance and Society 1.3 (2003): 399-411. Hayles, Katherine. How We Became Posthuman: Virtual Bodies in Cybernetics, Literature and Informatics. Chicago: U of Chicago P, 1999. Hubbard, Phil. “Fear and Loathing at the Multiplex: Everyday Anxiety in the Post-Industrial City.” Capital & Class 80 (2003). Latour, Bruno. Science in Action. Cambridge, Mass: Harvard UP, 1987 Lyon, David. The Electronic Eye – The Rise of Surveillance Society. Oxford: Polity Press, 1994. ———. “Terrorism and Surveillance: Security, Freedom and Justice after September 11 2001.” Privacy Lecture Series, Queens University, 12 Nov 2001. 16 April 2007 http://privacy.openflows.org/lyon_paper.html>. ———. “Surveillance Studies: Understanding Visibility, Mobility and the Phonetic Fix.” Surveillance and Society 1.1 (2002): 1-7. Metropolitan Police Authority (MPA). “Counter Terrorism: The London Debate.” Press Release. 21 June 2006. 18 April 2007 http://www.mpa.gov.uk.access/issues/comeng/Terrorism.htm>. Pugliese, Joseph. “Asymmetries of Terror: Visual Regimes of Racial Profiling and the Shooting of Jean Charles de Menezes in the Context of the War in Iraq.” Borderlands 5.1 (2006). 30 May 2007 http://www.borderlandsejournal.adelaide.edu.au/vol15no1_2006/ pugliese.htm>. Marx, Gary. “A Tack in the Shoe: Neutralizing and Resisting the New Surveillance.” Journal of Social Issues 59.2 (2003). 18 April 2007 http://web.mit.edu/gtmarx/www/tack.html>. Moores, Shaun. “Doubling of Place.” Mediaspace: Place Scale and Culture in a Media Age. Eds. Nick Couldry and Anna McCarthy. Routledge, London, 2004. Monahan, Teri, ed. Surveillance and Security: Technological Politics and Power in Everyday Life. Routledge: London, 2006. Norris, Clive, and Gary Armstrong. The Maximum Surveillance Society: The Rise of CCTV. Oxford: Berg, 1999. O’Harrow, Robert. No Place to Hide. New York: Free Press, 2005. Osuri, Goldie. “Media Necropower: Australian Media Reception and the Somatechnics of Mamdouh Habib.” Borderlands 5.1 (2006). 30 May 2007 http://www.borderlandsejournal.adelaide.edu.au/vol5no1_2006 osuri_necropower.htm>. Rose, Nikolas. “Government and Control.” British Journal of Criminology 40 (2000): 321–399. Scannell, Paddy. Radio, Television and Modern Life. Oxford: Blackwell, 1996. Smith, Benjamin. “In What Ways, and for What Reasons, Do We Inscribe Our Bodies?” 15 Nov. 1998. 30 May 2007 http:www.bmezine.com/ritual/981115/Whatways.html>. Stalder, Felix. “Privacy Is Not the Antidote to Surveillance.” Surveillance and Society 1.1 (2002): 120-124. Umiker-Sebeok, Jean. “Power and the Construction of Gendered Spaces.” Indiana University-Bloomington. 14 April 2007 http://www.slis.indiana.edu/faculty/umikerse/papers/power.html>. William, Bogard. The Simulation of Surveillance: Hypercontrol in Telematic Societies. Cambridge: Cambridge UP, 1996. Wood, Kristie, and David M. Ball, eds. “A Report on the Surveillance Society.” Surveillance Studies Network, UK, Sep. 2006. 14 April 2007 http://www.ico.gov.uk/upload/documents/library/data_protection/ practical_application/surveillance_society_full_report_2006.pdf>. Citation reference for this article MLA Style Ibrahim, Yasmin. "Commodifying Terrorism: Body, Surveillance and the Everyday." M/C Journal 10.3 (2007). echo date('d M. Y'); ?> <http://journal.media-culture.org.au/0706/05-ibrahim.php>. APA Style Ibrahim, Y. (Jun. 2007) "Commodifying Terrorism: Body, Surveillance and the Everyday," M/C Journal, 10(3). Retrieved echo date('d M. Y'); ?> from <http://journal.media-culture.org.au/0706/05-ibrahim.php>.

IntroductionThis article addresses the experience of designing and conducting life-writing workshops for a group of clients with severe mental illness; the aim of this pilot study was to begin to determine whether such writing about the self can aid in individual ‘recovery’, as that term is understood by contemporary health professionals. A considerable amount has been written about the potential of creative writing in mental health therapy; the authors of this article provide a brief summary of that literature, then of the concept of ‘recovery’ in a psychology and arts therapy context. There follows a first-hand account by one of the authors of being an arts therapy workshop facilitator in the role of a creative practitioner. This occurred in consultation with, and monitored by, experienced mental health professionals. Life-Writing as ‘Therapeutic’ Life-story or life-writing can be understood in this context as involving more than disclosure or oral expression of a subject’s ‘story’ as in psycho-therapy – life-story is understood as a written, structured narrative. In 2001, Wright and Chung published a review of the literature in which they claimed that writing therapy had been “restimulated by the development of narrative approaches” (278). Pennebaker argues that “catharsis or the venting of emotions” without “cognitive processing” has little therapeutic value and people need to “build a coherent narrative that explains some past experience” in order to benefit from writing” (Pennebaker, Telling Stories 10–11). It is claimed in the Clinical Psychology Review that life-writing has the therapeutic benefits of, for example, “striking physical health and behaviour change” (Esterling et al. 84). The reasons are still unclear, but it is possible that the cognitive and linguistic processing of problematic life-events through narrative writing may help the subject assimilate such problems (Alschuler 113–17). As Pennebaker and Seagal argue in the Journal of Clinical Psychology, the life-writing processallows one to organise and remember events in a coherent fashion while integrating thoughts and feelings ... This gives individuals a sense of predictability and control over their lives. Once an experience has structure and meaning, it would follow that the emotional effects of that experience are more manageable. (1243)It would seem reasonable to suggest that life-writing which constructs a positive recovery narrative can have a positive therapeutic effect, providing a sense of agency, connectedness and creativity, in a similar, integrating manner. Humans typically see their lives as stories. Paul Eakin stresses the link between narrative and identity in both this internal life-story and in outwardly constructed autobiography:narrative is not merely a literary form but a mode of phenomenological and cognitive self-experience, while self – the self of autobiographical discourse - does not necessarily precede its constitution in narrative. (Making Selves 100)So both a self-in-time and a socially viable identity may depend on such narrative. The term ‘dysnarrativia’ has been coined to describe the documented inability to construct self-narrative by those suffering amnesia, autism, severe child abuse or brain damage. The lack of ability to achieve narrative construction seems to be correlated with identity disorders (Eakin, Fictions in Autobiography 124). (For an overview of the current literature on creative and life-writing as therapy see Murphy & Neilsen). What is of particular relevance to university creative writing practitioners/teachers is that there is evidence, for example from Harvard psychiatrist Judith Herman and creative writing academic Vicki Linder, that life-narratives are more therapeutically effective if guided to be written according to fundamental ‘effective writing’ aesthetic conventions – such as having a regard to coherent structure in the narrative, the avoidance of cliché, practising the ‘demonstrate don’t state’ dictum, and writing in one’s own voice, for example. Defining ‘Recovery’There remains debate as to the meaning of recovery in the context of mental health service delivery, but there is agreement that recovery entails significantly more than symptom remission or functional improvement (Liberman & Kopelowicz). In a National Consensus Statement, the Substance Abuse and Mental Health Services Administration (SAMHSA) unit of the US Department of Health and Human Services in 2005 described recovery (in general terms) as being achieved by the enabling of a person with a mental illness to live meaningfully in a chosen community, while also attempting to realize individual potential. ‘Recovery’ as a central concept behind rehabilitation can be understood both as objective recovery – that is, in terms of noting a reduction in objective indicators of illness and disability (such as rates of hospital usage or unemployment) and a greater degree of social functioning – and also as subjective recovery. Subjective recovery can be ascertained by listening closely to what clients themselves have said about their own experiences. It has been pointed out (King, Lloyd & Meehan 2) that there is not always a correspondence between objective indicators of recovery and the subjective, lived experience of recovery. The experience of mental illness is not just one of symptoms and disability but equally importantly one of major challenge to sense of self. Equally, recovery from mental illness is experienced not just in terms of symptoms and disability but also as a recovery of sense of self … Recovery of sense of self and recovery with respect to symptoms and disability may not correspond. (King, Lloyd & Meehan; see also Davidson & Strauss)Symptoms of disability can persist, but a person can have a much stronger sense of self or empowerment – that is still recovery. Illness dislocates the sense of self as part of a community and of a self with skills and abilities. Restoring this sense of empowerment is an aim of arts therapy. To put it another way, recovery is a complex process by which a client with a mental illness develops a sense of identity and agency as a citizen, as distinct from identification with illness and disability and passivity as a ‘patient’. The creative arts have gone well beyond being seen as a diversion for the mentally ill. In a comprehensive UK study of creative arts projects for clients with mental illness, Helen Spandler et al. discovered strong evidence that participation in creative activity promoted a sense of purpose and meaning, and assisted in “rediscovering or rebuilding an identity within and beyond that of someone with mental health difficulties” (795). Recovery is aided by people being motivated to achieve self-confidence through mastery and competence; by learning and achieving goals. Clearly this is where arts therapy could be expected or hoped to be effective. The aim of the pilot study was not to measure ‘creativity’, but whether involvement in what is commonly understood as a creative process (life-writing) can have flow-on benefits in terms of the illness of the workshop participant. The psychologists involved, though more familiar with visual arts therapy (reasonably well-established in Australia – in 2006, the ANZAT began publishing the Australian and New Zealand Journal of Art Therapy), thought creative writing could also be valuable. Preparation for and Delivery of the Workshops I was acutely aware that I had no formal training in delivering a program to clients with mental health illness. I was counselled during several meetings with experienced psychologists and a social worker that the participants in the three workshops over two weeks would largely be people who had degrees of difficulty in living independently, and could well have perceptual problems, could misjudge signals from outside and inside the group, and be on medication that could affect their degree of engagement. Some clients could have impaired concentration and cognition, and a deficit in volition. Participants needed to be free to leave and rejoin the workshops during the afternoon sessions. Attendance might well fall as the workshops progressed. Full ethical clearance was attained though the University of Queensland medical faculty (after detailed description of the content and conduct of the proposed workshops) and consent forms prepared for participants. My original workshop ‘kit’ to be distributed to participants underwent some significant changes as I was counselled and prepared for the workshops. The major adjustment to my usual choice of material and approach was made in view of the advice that recounting traumatic events can have a negative effect on some patients – at least in the short term. For the sake of both the individuals and the group as a whole this was to be avoided. I changed my initial emphasis on encouraging participants to recount their traumatic experiences in a cathartic way (as suggested by the narrative psychology literature), to encouraging them to recount positive narratives from their lives – narratives of ‘recovery’ – as I explain in more detail below. I was also counselled that clients with mental health problems might dwell on retelling their story – their case history – rather than reflecting upon it or using their creative and imaginative ability to shape a life-story that was not a catalogue of their medical history. Some participants did demonstrate a desire to retell their medical history or narrative – including a recurring theme of the difficulty in gaining continuity with one trusted medical professional. I gently guided these participants back to fashioning a different and more creative narrative, with elements of scene creation, description and so on, by my first listening intently to and acknowledging their medical narrative for a few minutes and then suggesting we try to move beyond that. This simple strategy was largely successful; several participants commented explicitly that they were tired of having to retell their medical history to each new health professional they encountered in the hospital system, for example. My principal uncertainty was whether I should conduct the workshops at the same level of complexity that I had in the past with groups of university students or community groups. While in both of those cohorts there will often be some participants with mental health issues, for the most part this possibility does not affect the level or kind of content of material discussed in workshops. However, within this pilot group all had been diagnosed with moderate to severe mental illness, mostly schizophrenia, but also bipolar disorder and acute depression and anxiety disorders. The fact that my credentials were only as a published writer and teacher of creative writing, not as a health professional, was also a strong concern to me. But the clients readily accepted me as someone who knew the difficulty of writing well and getting published. I stressed to them that my primary aim was to teach effective creative writing as an end in itself. That it might be beneficial in health terms was secondary. It was a health professional who introduced me and briefly outlined the research aims of the workshop – including some attempt to measure qualitatively any possible benefits. It was my impression that the participants did not have a diminished sense of my usefulness because I was not a health professional. Their focus was on having the opportunity to practice creative writing and/or participate in a creative group activity. As mentioned above, I had prepared a workshop ‘kit’ for the participants of 15 pages. It contained the usual guidelines for effective writing – extracts from professional writers’ published work (including an extract from my own published work – a matter of equity, since they were allowing me to read their work), and a number of writing exercises (using description, concrete and abstract words, narrative point of view, writing in scenes, show don’t tell). The kit contained extracts from memoirs by Hugh Lunn and Bill Bryson, as well as a descriptive passage from Charles Dickens. An extract from Inga Clendinnen’s 2006 account in Agamemnon’s Kiss: selected essays of her positive interaction with fellow cancer patients (a narrative with the underlying theme of recovery) was also valuable for the participants. I stressed to the group that this material was very similar to that used with beginning writers among university students. I described the importance of life-writing as follows: Life-writing is simply telling a story from your life and perhaps musing or commenting on it at the same time. When you write a short account of something chosen from your life, you are making a pattern, using your memory, using your powers of description – you are being creative. You are being a story-teller. And story-telling is one very important thing that makes us humans different from all other animals – and it is a way in which we find a lot of meaning in our lives.My central advice in the kit was: “Just try to be as honest as you can – and to remember as well as you can … being honest and direct is both the best and the easiest way to write memoir”. The only major difference between my approach with these clients and that with a university class was in the selection of possible topics offered. In keeping with the advice of the psychologists who were experts in the theory of ‘recovery’, the topics were predominantly positive, though one or two topics gave the opportunity to recount and/or explore a negative experience if the participant wanted to do so: A time when I was able to help another personA time when I realised what really mattered in lifeA time when I overcame a major difficultyA time when I felt part of a group or teamA time when I knew what I wanted to do with my lifeA time when someone recognised a talent or quality of mineA time I did something that I was proud of A time when I learned something important to meA memorable time when I lived in a certain house or suburbA story that begins: “Looking back, I now understand that …”The group expressed satisfaction with these topics, though they had the usual writing students’ difficulty in choosing the one that best suited them. In the first two workshops we worked our way through the kit; in the third workshop, two weeks later, each participant read their own work to the group and received feedback from their peers and me. The feedback was encouraged to be positive and constructive, and the group spontaneously adopted a positive reinforcement approach, applauding each piece of writing. Workshop DynamicsThe venue for the workshops was a suburban house in the Logan area of Brisbane used as a drop-in centre for those with mental illness, and the majority of the participants would be familiar with it. It had a large, breezy deck on which a round-table configuration of seating was arranged. This veranda-type setting was sheltered enough to enable all to be heard easily and formal enough to emphasise a learning event was taking place; but it was also open enough to encourage a relaxed atmosphere. The week before the first workshop I visited the house to have lunch with a number of the participants. This gave me a sense of some of the participants’ personalities and degree of engagement, the way they related to each other, and in turn enabled them to begin to have some familiarity with me and ask questions. As a novice at working with this kind of client, I found this experience extremely valuable, especially as it suggested that a relatively high degree of communication and cognition would be possible, and it reduced the anxiety I had about pitching the workshops at an appropriate level. In the course of the first workshop, the most initially sceptical workshop participant ended up being the most engaged contributor. A highly intelligent woman, she felt it would be too upsetting to write about negative events, but ultimately wrote a very effective piece about the empowerment she gained from caring for a stray cat and locating the owner. Her narrative also expressed her realisation that the pet was partly a replacement for spending time with her son, who lived interstate. Another strong participant previously had written a book-length narrative of her years of misdiagnoses and trauma in the hospital system before coming under the care of her present health professionals. The participant who had the least literacy skills was accepted by the group as an equal and after a while contributed enthusiastically. Though he refused to sign the consent form at the outset, he asked to do so at the close of the first afternoon. The workshop was comprised of clients from two health provider organisations; at first the two groups tended to speak with those they already knew (as in any such situation in the broader community), but by the third workshop a sense of larger group identity was being manifested in their comments, as they spoke of what ‘the group’ would like in the future – such as their work being published in some form. It was clear that, as in a university setting, part of the beneficial effect of the workshops came from group and face to face interaction. It would be more difficult to have this dimension of benefit achieved via a web-based version of the workshops, though a chat room scenario would presumably go some way towards establishing a group feeling. Web-based delivery would certainly suit participants who lacked mobility or who lived in the regions. Clearly the Internet is a vital social networking tool, and an Internet-based version of the workshops could well be attempted in the future. My own previous experience of community digital storytelling workshops (Neilsen, Digital Storytelling as Life-writing) suggests that a high degree of technical proficiency can not be expected across such a cohort; but with adequate technical support, a program (the usual short, self-written script, recorded voice-over and still images scanned from the participants’ photo albums, etc) could make digital storytelling a further dimension of therapeutic life-writing for clients with mental illness. One of the most useful teaching techniques in a class room setting is the judicious use of humour – to create a sense of sharing a perspective, and simply to make material more entertaining. I tested the waters at the outset by referring to the mental health worker sitting in the background, and declaring (with some comic exaggeration) my concern that if I didn’t run the workshop well he would report adversely on me. There was general laughter and this expression of my vulnerability seemed to defuse anxiety on the part of some participants. As the workshop progressed I found I could use both humorous extracts of life-writing and ad hoc comic comments (never at the expense of a participant) as freely as in a university class. Participants made some droll comments in the overall context of encouraging one another in their contributions, both oral and written. Only one participant exhibited some temporary distress during one of the workshops. I was allowing another participant the freedom to digress from the main topic and the participant beside me displayed agitation and sharply demanded we get back to the point. I apologised and acknowledged I had not stayed as focused as I should and returned to the topic. I suspect I had a fortunate first experience of such arts therapy workshops – and that this was largely due to the voluntary nature of the study and that most of the participants brought a prior positive experience of the workshop scenario, and prior interest in creative writing, to the workshops. Outcomes A significantly positive outcome was that only one of the nine participants missed a session (through ill-health) and none left during workshops. The workshops tended to proceed longer than the three hours allotted on each occasion. Post-workshop interviews were conducted by a psychologist with the participants. Detailed data is not available yet – but there was a clear indication by almost all participants that they felt the workshops were beneficial and that they would like to participate in further workshops. All but one agreed to have their life-writing included in a newsletter produced by one of the sponsors of the workshops. The positive reception of the workshops by the participants has encouraged planning to be undertaken for a wide-ranging longitudinal study by means of a significant number of workshops in both life-writing and visual arts in more than one city, conducted by a team of health professionals and creative practitioners – this time with sophisticated measurement instruments to gauge the effectiveness of art therapy in aiding ‘recovery’. Small as the workshop group was, the pilot study seems to validate previous research in the UK and US as we have summarised above. The indications are that significant elements of recovery (in particular, feelings of enhanced agency and creativity), can be achieved by life-writing workshops that are guided by creative practitioners; and that it is the process of narrative construction within life-writing that engages with or enhances a sense of self and identity. NoteWe are indebted, in making the summary of the concept of ‘recovery’ in health science terms, to work in progress by the following research team: Robert King, Tom O'Brien and Claire Edwards (School of Medicine, University of Queensland), Margot Schofield and Patricia Fenner (School of Public Health, Latrobe University). We are also grateful for the generous assistance of both this group and Seiji Humphries from the Richmond Queensland Fellowship, in providing preparation for the workshops. ReferencesAlschuler, Mari. “Lifestories – Biography and Autobiography as Healing Tools for Adults with Mental Illness.” Journal of Poetry Therapy 11.2 (1997): 113–17.Davidson, Larry and John Strauss. “Sense of Self in Recovery from Severe Mental Illness.” British Journal of Medical Psychology 65 (1992): 31–45.Eakin, Paul. Fictions in Autobiography: Studies of the Art of Self-Invention. Princeton: Princeton UP, 1985.———. How Our Lives Become Stories: Making Selves. Ithaca: Cornell UP, 1999.Esterling, B.A., L. L’Abate., E.J. Murray, and J.W. Pennebaker. “Empirical Foundations for Writing in Prevention and Psychotherapy: Mental and Physical Health Outcomes.” Clinical Psychology Review 19.1 (1999): 79–96.Herman, Judith. Trauma and Recovery: The Aftermath of Violence - from Domestic Abuse to Political Terror. New York: Basic Books, 1992.King, Robert, Chris Lloyd, and Tom Meehan. Handbook of Psychosocial Rehabilitation. Oxford: Blackwell Publishing, 2007.Liberman, Robert, and Alex Kopelowicz. “Recovery from Schizophrenia: A Criterion-Based Definition.” In Ralph, R., and P. Corrigan (eds). Recovery in Mental Illness: Broadening Our Understanding of Wellness. Washington, DC: APA, 2005.Linder, Vicki. “The Tale of two Bethanies: Trauma in the Creative Writing Classroom.” New Writing: The International Journal for the Practice and Theory of Creative Writing 1.1 (2004): 6–14Murphy, Ffion, and Philip Neilsen. “Recuperating Writers – and Writing: The Potential of Writing Therapy.” TEXT 12.1 (Apr. 2008). ‹http://www.textjournal.com.au/april08/murphy_neilsen.htm›.Neilsen, Philip. “Digital Storytelling as Life-Writing: Self-Construction, Therapeutic Effect, Textual Analysis Leading to an Enabling ‘Aesthetic’ for the Community Voice.” ‹http://www.speculation2005.qut.edu.au/papers/Neilsen.pdf›.Pennebaker, James W., and Janel D. Seagal. “Forming a Story: The Health Benefits of Narrative.” Journal of Clinical Psychology, 55.10 (1999): 1243–54.Pennebaker, James W. “Telling Stories: The Health Benefits of Narrative.” Literature and Medicine 19.1 (2000): 3–18.Spandler, H., J. Secker, L. Kent, S. Hacking, and J. Shenton. “Catching Life: The Contribution of Arts Initiatives to ‘Recovery’ Approaches in Mental Health.” Journal of Psychiatric and Mental Health Nursing 14.8 (2007): 791–799.Wright, Jeannie, and Man Cheung Chung. “Mastery or Mystery? Therapeutic Writing: A Review of the Literature.” British Journal of Guidance and Counselling, 29.3 (2001): 277–91.