Sponsored links

Valid XHTML 1.0!
Valid CSS!

Product: Book - Paperback
Title: Writing Secure Code, Second Edition
Publisher: Microsoft Press
Authors: Michael Howard, David C. LeBlanc
Rating: 5/5
Customer opinion - 5 stars out of 5
A Must Read for Todays Developer

I bought this book after the *Bill Gates* email came out about Microsoft being serious about security. I figured that when he sends email like this to the company, it's important. And when **he recommends this book** in the email, it's something worth looking at. It is - Writing Secure Code is great. It's an easy read, full of great design, development and testing principles and ideas.
The first couple of chapters revolve around design, in fact ch2 is over 70pp long, and it's all about how to design secure systems.
The bulk of the book focuses on secure coding, including buffer overruns, sockets, RPC, COM, Crypto, canoniclization issues, least privilege, storing secret data, Web apps - and more!
The last part of the book discusses common .NET coding errors, and how to build security test plans.
What makes this book utterly unique is it really teaches you how to design and test secure applications, as well as how to write them. The design and test stuff I have seen nowhere else.
The book is worth every penny, and I now know why Bill Gates recommends the book to all Microsoft developers.

Product: Book - Hardcover
Title: The Dark Side Sourcebook (Star Wars Roleplaying Game)
Publisher: Wizards of the Coast
Authors: Bill Slavicsek, J.D. Wiker
Rating: 4/5
Customer opinion - 4 stars out of 5
Generally great, but some embarrassing flaws

The Dark Side Sourcebook is largely for a gamemaster who wants to produce serious villains, or for someone who wants to run a Dark Side campaign. It contains all the tools necessary for either of these tasks, including a load of very powerful prestige classes (including the mighty Sith Lord) and jaw-dropping items (including the Sith Talisman and Orbalisk Armor). There is also included the requisite gallery of known baddies, and some monsters that will pose an extreme challenge for even the most powerful heroes.
There are only a few problems with this book. Let's start with the most obvious one: the lack of a sourcebook for the ancient eras where Dark Jedi ran rampant. Most of the prestige classes, items, ships, and individuals mentioned in this book are exclusively available in that time period, so this absence is significant. This can be addressed soon, however, and is not one of the 'embarrassing flaws' I mentioned. The charts for the prestige classes have odd discrepancies in convention that seem to be a halfway point between the original and revised core rulebooks. For example, reputation is either noted as ever-increasing or a series of +1 and +0s, and lightsaber damage is listed as +1d8 +1d8 +1d8 ... +2d8 rather than 'increase lightsaber damage.'
Some other gamemasters might have noticed another interesting problem. The Sith Lord prestige class has 10 levels, but it is impossible to become a 10th level Sith Lord (I'm assuming a 'non-epic' campaign here). The reason for this being that the class requires a reputation of 10, and it is impossible to get that in 10 levels. A more obvious problem is with the Emperor's Hand prestige class, since there can only be one Emperor's Hand. This rather limits the potential of the class, does it not?
Of course, the gamemaster is by no means held to obey the whims of this sourcebook. I simply threw out what I thought was unreasonable and went on with the game. Though I generally found the book to be a worthwhile investment of time and money, it could have been far more satisfying with a bit of improvement in the range of options available. This especially applies to campaigns run in the Rebellion Era which, let's face it, is the only really FUN era to run in!

Product: Book - Paperback
Title: The Humane Interface: New Directions for Designing Interactive Systems
Publisher: Addison-Wesley Professional
Authors: Jef Raskin
Rating: 5/5
Customer opinion - 5 stars out of 5
Great insight and guidance

Raskin's book provides many great insights into human-computer interaction and interface design. Although the book wasn't written specifically for us, Web site designers can learn a lot from Raskin's principles by extrapolating his theories to Web applications.
Raskin is at times extreme in his views, especially concepts such as the zooming interface paradigm, but it's that kind of thinking that can change the tradition of bad interface design today.
Anyone who works with interactive systems should read this book. You might have to extend Raskin's theories to exactly what you do, but it's worth the effort.

Product: Book - Paperback
Title: C: A Reference Manual (5th Edition)
Publisher: Prentice Hall
Authors: Samuel P. Harbison, Guy L. Steele
Rating: 5/5
Customer opinion - 5 stars out of 5
hands down, the best c reference manual

Where I work we use C, Java, and C++... in that order of frequency. Many people have several years of C experience doing real work: cross platform CAD software. So it is a tribute to the quality of this text that other programmers borrow my copy of it often enough to force me to track it down when I want it.
It is concise, accurate, and the examples are useful.
Why only 4 stars? Well, I reserve that for books that help the reader change paradigms of thinking and working, or apprehend new ones to address problems for which they had no solution paradigm.
It's a reference, one that is terse enough to be useful and not so terse as to be opaque.