Sponsored links

Valid XHTML 1.0!
Valid CSS!

Product: Book - Paperback
Title: Learning the bash Shell, 3rd Edition (Nutshell Handbooks)
Publisher: O'Reilly
Authors: Cameron Newham
Rating: 5/5
Customer opinion - 5 stars out of 5
Excellent Bash reference

This is a great introduction to the Bash shell.Highly recommended.

Product: Book - Paperback
Title: Gray Hat Hacking : The Ethical Hacker's Handbook
Publisher: McGraw-Hill Osborne Media
Authors: Shon Harris, Allen Harper, Chris Eagle, Jonathan Ness, Michael Lester
Rating: 4/5
Customer opinion - 4 stars out of 5
Great book but don't come empty handed.

This book possessed some unique qualities to it, which is good because unless you're writing a book on something that has little to no publication coverage then you really need something to make it stand out. I personally liked the quick pace of this book but I think it stretched too far by trying to provide the reader with basic programming skills and then going into advanced exploitation techniques a chapter or two later. So if you don't have some decent programming knowledge or experience under your belt then I suggest brushing up prior to reading the exploitation sections.

The first few chapters on Ethics of Ethical Hacking, the legal facet of ethical hacking, and the pen-testing process were solid and differentiated the book from most texts that just contain a note warning you about not trying things on a network without authorization. Though I thought the Pen-Testing Process chapter could have used references to the OSSTMM and/or ISSAF but it achieved its objective of defining and separating commonly fudged terms like vulnerability assessment, pen-test, red team, and system assessment.

I agree with previous reviewers regarding the book's "shoot from the hip" sections on Python, C, and assembly, but I also feel there was room for those if say you came into the book with some knowledge of C and you needed the round-off of common Python syntax and vice versa. One thing that did bug me about the "programming survival skills" section of ASM was that the book tried not to make a choice on whether to use AT&T syntax or Intel so they kind of mixed and matched them throughout the examples, which was a little confusing but the code examples in the book are very well commented.

The advanced exploitation and reverse-engineering chapters were also very well rounded. The book does a good job of giving you just enough information on areas like programming, and reverse-engineering. You won't come out a C programming ninja or an ASM guru but you'll know to apply the techniques when they come into play during a pen-test or vulnerability research.

Product: Book - Paperback
Title: Developing Application Frameworks in .NET
Publisher: Apress
Authors: Xin Chen
Rating: 4/5
Customer opinion - 4 stars out of 5
Like an early Eclipse

You know, I was going through this book for several chapters before it struck me. Xin Chen has provided us with something analogous to Eclipse. But whereas Eclipse is coded in Java, and is meant for Java developers, he has given us a corresponding framework in .NET! Perhaps unwittingly, for the book's index has no entry for Eclipse. I bring this up because more of you should be familiar with Eclipse, even if you are a .NET programmer and have never actually used Eclipse. Whereas Chen's Simplified Application Framework is likely to be totally new to you.
But you should be aware that Eclipse has garnered very favourable mindshare and usage in the Java community. In Java, it provides a real life validation of the entire framework approach. Which is encouraging here. For surely .NET needs a similar framework atop it. So the conceptual basis for this book is secure.
So how is the SAF? From the book's description, it seems not to have as rich a feature set as Eclipse. But IBM spent several $million in its development, before throwing it to open source. Whereupon, many other programmers also built it up. For SAF, it is still early days. SAF seems to be mostly (entirely?) Chen's own effort. Very commendable for one person.

Product: Book - Hardcover
Title: Refactoring to Patterns (Addison-Wesley Signature Series)
Publisher: Addison-Wesley Professional
Authors: Joshua Kerievsky
Rating: 5/5
Customer opinion - 5 stars out of 5
A remarkable work, with genuine wisdom and solid pragmatism

This book goes much further than Martin Fowler's seminal work on refactoring. Indeed, it goes further than the GoF's canonical work on patterns. By combining the two, Kerievsky breaks new ground.

The refactorings are accessible and beautifully presented. As with the GoF book, a lot of the rationale will ring a bell. "Gee, I've seen this before..." The value of these refactorings lie precisely in that corner, where the mechanics of refactoring with a GoF pattern as the goal allow one to improve the readability and maintainability of the code.

Some of the refactorings were less than obvious to me until I read this book. And that's where Kerievsky's mastery shows. He presents fresh ideas (to me, anyway) with solid examples, and thoroughly thought-out steps.

The examples deserve special mention. How many times have you read a "manual" or other technical how-to with toy examples that fail to illustrate the point? Or with examples so narrow that they hardly approach your real-world situation. (I could name names... ;->) OTOH, how many examples are so long and laborious, that gleaning any useful information requires learning the author's example-problem domain before you can get anywhere?

Kerievsky walks the tightrope between toy examples and over-engineered examples with tremendous skill. They're Goldilocks examples: Neither too big, nor too small, his examples are juuust right.

Another area in which some tightrope walking is required is presenting material that's suitable for a tutorial, vs. material that makes for easy access as a reference. Josh somehow manages to balance the two. Reading from begining to end, one is able to appreciate the tutorial nature of the material. However, (like Fowler's Refactoring) easy look-up is made possible by the formal presentation of each refactoring.

I heartily recommend this book to anyone who cares about Software Craftsmanship (my plug for Pete McBreen's book too!)

Disclaimer: This review is based on a prepublication manuscript.