Sponsored links


Valid XHTML 1.0!
Valid CSS!



Product: Book - Paperback
Title: Writing Secure Code, Second Edition
Publisher: Microsoft Press
Authors: Michael Howard, David C. LeBlanc
Rating: 3/5
Customer opinion - 3 stars out of 5
Not writing non-secure code for Windows


The title of the book is misleading to begin with. The book is not about writing secure code. It's about (1) not writing non-secure code and (2) using Windows specific security APIs.
(1) Not writing non-secure code. Covers several issues, some more obvious, like buffer overruns and validating user input, some more complex, like escaping URLs and socket security. I thought the book would teach me best practices about organizing code, as in "do like I do". Instead it goes like "don't do like I'm telling you".
(2) Using Windows security APIs. This is THE BEST part of the book. Gives you a very good overview about several different APIs, including ACLs, protecting sensitive data, securing DCOM and .NET code, excellent tips on installing programs etc. etc.
Keep in mind that this book is said to be used internally within Microsoft with "security pushes", with the audience of 8000 people, including not only developers of all levels, but managers as well, therefore the book is by definition a high level overview.
Sometimes the book feels like MS educational course. Ex. (tip on p.77) "I created the ... diagrams ... using ... Microsoft Visio Professional 2002". That's cool, but what does it have to do with security ?
Some topics should never be there. How about 3 pages of tips for a kernel driver writer ? It's a huge topic in itself and how many readers outside MS do this anyway ? Privacy issues are covered idealistically. Yeah, sure, if you put a specially crafted XML to the special place on your site, the users magically start trusting you... I'd better read about real situation with privacy, not how the government rules it to be. Oh, and how about 40 pages about cryptography ? Please...
The book tries to show you the security process with development and testing. I can easily see they use this process in Microsoft, with 8000 people. For a small team it's completely useless. How about using 4 (!) people for a code review ? Sure, upon reading this book you will know that security code review is a must (if you have enough resources). Didn't you know that before ?
The code samples are ugly. How about this: "... X is cool ... several pages of Perl (!) ... see what I mean ?". Ok, one of the authors admits to be a Perl fan, but how am I supposed to read through all this gibberish ? C(++) samples are not much better. May be they are fully functional and compilable and all, but please, they are huge and inconsistent in themselves.
All in all, 5 stars for Microsoft, 3 stars for the rest of the world.



Product: Book - Hardcover
Title: Classical Electrodynamics
Publisher: Wiley
Authors: John David Jackson
Rating: 4/5
Customer opinion - 4 stars out of 5
A good book on EM, with reservations


Let me state it bluntly: you cannot get a firm grasp of EM with this book. This is not a good book to learn from. This is a book to read AFTER you THINK you know EM. Jackson treats almost every conceivable topic in this monstrous compendium. A reader who wishes to hone his/her EM skills should pick up this book and read the relevant section, then work out the problems at the end of each chapter. This is, in my opinion, the ONE AND ONLY purpose of this book. I think it achieves it rather well - the text, along with the problems, greatly increase the reader's skills, confidence and understanding. The problems are essential.Jackson is NOT a good reference either - to understand what he's saying you have to usually read the entire chapter. What IS a reference anyhow? A book with all EM formulas in it? A book of problems with solutions? There are other books that deal with these issues much better than Jackson.Even worse - his chapters are often interdependent, so you can't just read the chapter on radiation when you want to learn all about radiation. Nope. That's because chapter 14 deals with single particle radiation and chapter 6 introduces retarded solutions - in short, the ideas are scattered throughout the text.So I'll say it again: this book will reward hard, linear study, and reward it greatly, but the reader is expected to show a lot of maturity - meaning assuring himself he understands everything in the text, working out the examples alone, and then doing all the problems he can. If you can't master that maturity - DON'T spend your money on it. Very simple! There are a lot of good books out there on EM that don't intend to make you a master. Try them out - my personal favorite is The EM Field by Albert Shadowitz (great undergraduate text, cheap too!). If it's problems and solutions you're looking for, try "Problems and Solutions on Electromagnetism" by Kim Lau (not sure about the author's name) for a GREAT collection of problems with solutions. But leave Jackson alone if you don't want to invest your time in it. It's way better than getting frustrated and typing angry reviews here at amazon.com. A word about the problems: some are hard, some are not, but if you read the chapter carefully before approaching the problems at the end, chances are most will be doable, even if some require you to meditate upon them for several days. A few stubborn ones defy solution, but they are the exception, not the rule. Besides, it's always good to know there are problems out there to challenge you and help you advance your knowledge.



Product: Book - Hardcover
Title: Computer Organization and Design Second Edition : The Hardware/Software Interface
Publisher: Morgan Kaufmann
Authors: David A. Patterson, John L. Hennessy
Rating: 4/5
Customer opinion - 4 stars out of 5
GOOD REFERENCE


This book is a comprhensive review of what has been done in the area of computer architecture in the past recent years. It is a good reference for computer architects. Regards,



Product: Book - Paperback
Title: Moving to VB .NET: Strategies, Concepts, and Code
Publisher: Apress
Authors: Daniel Appleman, Dan Appleman
Rating: 5/5
Customer opinion - 5 stars out of 5
Finally somebody got it right


Finally a book that tells the experienced programmer exactly what he needs to know to get up to speed with a new technology. Appleman doesn't bog you down with syntax or overly simple tutorials, he gets straight to what you need to know and assumes that you are smart enough to pick up the details. His focus on the overall structure of .NET and why things are designed the way they are is fantastic. This book is not for the beginner learning his first programming language, but it is an excellent roadmap for experienced developers moving to .NET.