Sponsored links

Valid XHTML 1.0!
Valid CSS!

Product: Book - Hardcover
Title: The Unified Software Development Process
Publisher: Addison-Wesley Professional
Authors: Ivar Jacobson, Grady Booch, James Rumbaugh
Rating: 5/5
Customer opinion - 5 stars out of 5
THE Software Development Process book.

For those looking for a comprehensive model for a disciplined software development process, this book is it. In this latest in the series of volumes from the Rational troika, Ivar Jacobson assumes the lead and takes us on a grand tour of the Unified Process. The book is a historical turning point. Far and away the best on the subject, it fills in many of the details missing from the earlier overview volume by Philippe Kruchten. For those familiar with the original object-oriented software engineering process developed by Jacobson at Ericsson and popularized under the Objectory rubric, the ancestry will be apparent, but the Unified Process has been elaborated through experience and the integration of other perspectives into a more comprehensive and universal model.
If the undertaking were to be faulted at all, it would be in the ambitiousness of its premise, and only time and more experience will determine how close to a truly unified approach the authors have come. Although it is at times difficult to get a real overall picture of how all the various models and activities in the process fit together; the information is all there in the book.
I commend this well-written and readable book to all managers and serious professionals who want a deeper understanding of how the sundry steps that lead to good software can be organized into a highly disciplined and manageable process.

Product: Book - Paperback
Title: Starting an Online Business for Dummies, Third Edition
Publisher: For Dummies
Authors: Greg Holden
Rating: 3/5
Customer opinion - 3 stars out of 5
Good summary of...

what you need to get started, but not a great deal of detail. Also there was a lot of promotion for other people in the book, which I did not expect. The book makes it appear anyone can have a successful online business if they have the drive, but this is not realistic since there are many details that must be understood for a successful online business. My advise: Don't be overly optimistic because a stranger said you can be successful.

Product: Book - Paperback
Title: XML Step by Step, Second Edition
Publisher: Microsoft Press
Authors: Michael J. Young
Rating: 3/5
Customer opinion - 3 stars out of 5
Strong base, but very jumpy

I got this book to review my Microsoft XML practices. This book does an extreme number of forward page jumping - one or 2 errors. But it also does a fairly good job of backwards page referencing. The consistency of using one subject and format is awesome as you actually build on a starting foundation. While the author seems to lead you in a good direction, he introduces things that he doesn't give detail on until a few pages later. He seems to mention a lot of things that make what he's currently talking about confusing because he'll "Introduce it later in the chapter" or X amount of pages ahead. Make sure you get another book along with this one. Overall it's not a bad book.

Product: Book - Paperback
Title: Incident Response and Computer Forensics, Second Edition
Publisher: McGraw-Hill Osborne Media
Authors: Chris Prosise, Kevin Mandia, Matt Pepe
Rating: 5/5
Customer opinion - 5 stars out of 5
The best computer forensics book just got better

First, full disclosure: the publisher sent me a free review copy, I used to work for Mandia and now work with Prosise and Pepe, and I contributed material incorporated into chapters 8 and 14. I still think "Incident Response and Computer Forensics, 2nd Edition" (IRCF2E) is the best forensics book on the market. Notice I said "forensics." It's significant that the first edition's title was "Incident Response: Investigating Computer Crime." While IRCF2E contains plenty of IR material, I sense a shift away from computer security and towards the legal world in this second edition. Readers of the first edition will want to know what's new. While reading IRCF2E I thumbed through the first edition and make some notes. The following chapters appear mostly or totally new: 1 (Real-World Incidents), 3 (Preparing for Incident Response), 4 (After Detection of an Incident), 9 (Evidence Handling), 10 (Computer System Storage Fundamentals), 11 (Data Analysis Techniques), 17 (Writing Computer Forensics Reports). Some chapters contain rewrites or new material: 2 (Intro to the IR Process), 5 (Live Data Collection from Windows), 6 (Live Data Collection from UNIX), 7 (Forensic Duplication), 8 (Collecting Network-based Evidence), and 14 (Analyzing Network Traffic). The remainder received minor rewrites. Some chapters from the first edition on IIS and application forensics were integrated elsewhere. The most informative sections for me, as a reader of both editions, appear in chapters 7, 10, and 17. Chapter 7 lays down the law on differences between a "forensic duplication," a "qualified forensic duplication," and a "mirror image." Expert witnesses can turn to IRCF2E as a standard when testifying, thanks to this chapter's clarity and citations of "Daubert" and "Kumho." Chapter 10 nicely explains file systems and storage layers. Chapter 17 gives desperately needed guidance on writing forensics reports -- the part of an engagement the client really wants.
I found a few errata items, such as p. 61's reference to the PPA; it should be "Privacy Protection Act." On pp. 97-98, all of the "ps" tools should list the Sysinternals home page, not Foundstone. Despite my contribution of material to the network-oriented chapters of IRCF2E, don't believe that I advocate using laptops for monitoring duties (p. 179). Laptops and especially their NIC drivers are not built for packet capture in high speed environments.
IRCF2E is one of the few books in print where the word "forensics" deserves to be on the cover. Many prominent "forensics" titles deliver nothing useful to practitioners. As was the case with the first edition, investigators can use IRCF2E in operational environments to do real work. This book lays much of the groundwork for doing cases. Watch for "Real Digital Forensics" to be published next year, which walks readers through case-based evidence to teach how to collect, interpret, and analyze host- and network-based evidence.