Sponsored links

Valid XHTML 1.0!
Valid CSS!

Product: Book - Hardcover
Title: IT Systems Management: Designing, Implementing, and Managing World-Class Infrastructures
Publisher: Prentice Hall PTR
Authors: Rich Schiesser
Rating: 4/5
Customer opinion - 4 stars out of 5
Great ITIL based overview of Systems Management

IT Systems Management is a valuable reference for the whole IT community.It is written in a clear style, with a lot of useful lists and worksheets.I definitely recommend it.

Product: Book - Paperback
Title: Guide to LaTeX (4th Edition)
Publisher: Addison-Wesley Professional
Authors: Helmut Kopka, Patrick W. Daly
Rating: 4/5
Customer opinion - 4 stars out of 5
Great reference for Latex

I think that this book is a great reference for those that have already some familiarity with Latex. It covers pretty much any aspect that one needs to be effective in Latex. One of the best parts about this book is that there is an appendix which has the syntax of most commands in Latex. I do not own the third edition but I have done a side by side comparison of it with the fourth edition. In general the material all the same minus some formatting differences. I noticed that one chapter did not make it from the third edition to the fourth which was on class writing. Instead a chpater on modifying pre-existing classes was included.
If you already own the third edition, then this may not be as substantial revision to warrant the purchase of this edition, but I do like the new layout of this edition compared to the third.

BEWARE. I do not think that this is best book for those begining Latex. Instead, I recommend "Learning Latex" by D. F. Griffiths and D. J. Higham. This book has the Latex code written right next to how it would appear.

Product: Book - Hardcover
Title: The Qualcomm Equation: How a Fledgling Telecom Company Forged a New Path to Big Profits and Market
Publisher: American Management Association
Authors: Dave Mock
Rating: 4/5
Customer opinion - 4 stars out of 5
Story of how the Telecom Industry was Revolutionized

Dave Mock did an excellent job of giving a good, accurate telling story of how a small start-up company in San Diego revolutionized the telecom industry. The book does not talk so much about the company, the technology, or the business model that made it successful, but rather describes in more narrative manner of the story behind the scenes, its history dating back from decades ago. The book describes in details the numerous technical and business challenges that Qualcomm encountered during the early stages of the endeavor and how the company managed to overcome these obstacles.

Although Qualcomm's story is about how CDMA came about, the book is suitable for both the technical and non-technical audiences as it circumspect more about the entrepreneurship side and what made it work for a group of renowned academic individuals in becoming businessmen. The book is suitable for readers in the wireless industry as well as entrepreneurs trying to look for key ingredients in starting a successful company.

Product: Book - Paperback
Title: Exploiting Software : How to Break Code
Publisher: Addison-Wesley Professional
Authors: Greg Hoglund, Gary McGraw
Rating: 4/5
Customer opinion - 4 stars out of 5
The Root of All Vulnerabilties

Chapter 1 - Software - The Root of the Problem
Software is indeed the root of the problem and this chapter makes that case and point. This chapter is a good introduction to software vulnerabilities (which make up all CERT advisories) and why this book is relevant.

Chapter 2 - Attack Patterns
This chapter provides and overview of types of attacks. It includes history of vulnerability types and predictions of future vulnerabilities.

Chapter 3 - Reverse Engineering and Program Understanding
This chapter begins with a good introduction to reverse engineering tools and techniquies. It then zooms into writing plugins for the IDA disassembler along with batch analysis with IDA disassembler. It also discusses writing your own cracking tools.

Chapter 4 - Exploiting Server Software
This chapter provides and over view of techniques for exploiting any server software. It is filled with real examples and loads of fun. Many attack patterns are covered in various levels of detail. Numerous tools are highlighted for finding injection points.

Chapter 5 - Exploiting Client Software
The logic of exploiting client software is different than exploiting server software, so there's and extra chapter. Again the focus is on techniques to look for exploitable bugs.

Chapter 6 - Crafting (Malicious) Input
This chapter discusses many different methods for crafing input to locate bugs. Many tools and professional techniques are highlighted. I didn't know a lot of this stuff was out there.

Chapter 7 - Buffer Overflows
It starts with a high level overview of traditional buffer overflows, then some non tradiditional buffer overflows are discussed. This chapter also covers format strings. One of the longer chapters in the book, it highlighes a lot of problem areas.

Chapter 8 - Rootkits
One of the authors is the creator of the first rootkit for windows, and he details some of his techniques here. Not only does he discuss root kit techniques, but he also discusses techniques that apply to malware in general.

On the positive side: The writing is enjoyable, and the technical concepts are explained clearly. This is a good book for anyone interested in vulnerability research. I found chapters 4-6 to be the best. This book has a decent index. I've used it for reference a couple of times since I finished reading it which is always a measure of a worthwhile book.

On the downside, I have a few minor complaints: Some of the tools mentioned in the book were no where to be found. Many were named without references, and Google searches revealed little about them or how to find them. Another tool was supposed to be available at one of the authors website, but I couldn't find it. The authors cover some material at a high level while other material is covered in depth without any apparent reason for the disparity.

A good book for those interested in vulnerabiltiy research and software security. I also suggest the sister book "Building Secure Software" to compliment this one.