-
Monday, January 17, 2005
Review: We the media
For many people the run-up to the 2004 presidential election and the way in which we gathered news was completely different than ever before. The advent of free-lance and amateur news sources on the internet provided a new source for information that was faster and more responsive (although not always accurate). The mainstream web news sources rarely reported news I had not seen somewhere else, and print media was sorely behind. For myself, I am still subscribed to numerous politically oriented blogs and news sites via RSS
Dan Gillmor recently departed the San Jose Mercury News to develop new projects, but his experiences as a professional journalist and technology expert shine through in his book. We the media documents the history of how media has changed over the centuries. He concentrating on the emergence of “new media” since 9/11. The changes in how media works that I have experienced are well documented and the potential implications are explored. He talks equally about the potential of the new media to expand the types of information available to every citizen as well as how those same citizens can become participants in the process.
We are seeing a change in progress; a tipping point that will likely change the way in which news is reported for decades to come. If that interests you, We the media will be a good read.
Note: Although Dan Gillmor defiantly would appreciate the purchase of the book, he is embracing the new model by releasing the whole book under a Creative Commons license so you can download the book in its entirety. Download from the book website here (online book, top left).
Book Reviews, Geek | Comments (0)
-
Sunday, July 25, 2004
Review: Version Control with Subversion
As a regular user of CVS, I am well aware of the limitations this classic tool has. As a result, I’ve been looking for tools that are as simple to use as CVS yet have learned from the shortcomings of CVS. Subversion appears to be such a tool. The authors of Version Control with Subversion have produced an informative yet succinct book that will get one started with what they call the "Next Generation Open Source Version Control."
They begin with a general architectural overview of version control systems and of subversion itself. Individual sections are provided for prospective users and administrators of a subversion system. They explain the pros and cons of the two different servers that can be used to provide source control access to remote users. A detailed section is also given to the developer who is interested in the inner workings of subversion. In closing they give a complete reference to using the complete family of subversion tools.
This is a straightforward book and as such there isn’t so much to say about it, but that is a good thing. It covers the topic well, and I look forward to putting the knowledge to work.
Book Reviews | Comments (0)
-
Sunday, July 25, 2004
Review: Java Cookbook
If you are writing something not application specific in Java you are doing something wrong as it is probably already written for you. But finding the correct solution or class that answers the need you have is often hard. Books such as Java in a Nutshell are useful, but you need to know what you want before you look.
Ian Darwin’s book Java Cookbook is a mammoth (829 page) book that provides answers to hundreds of questions. His style is easy to follow. The book is broken down into major topic areas (strings, numbers, OO techniques, networking, etc.). Each section begins with an overview of the capabilities that Java provides in that area followed by a series of Q&A entries that address specific problems a programmer might encounter. He then concludes with a simple application (or two) that demonstrates the techniques he has discussed. Simple, straightforward, useful.
This second edition has expanded to cover new features that are being developed for Java 1.5. As a programmer familiar with working in Java (but by no means an expert) I found these topics to be the most enlightening. Specifically the coverage of the new
foreachconstruct and the templating mechanisms.Overall this is a book useful for everyone who codes in Java. It has basic techniques for the new user, and expands into areas that an expert would need.
Book Reviews | Comments (0)
-
Saturday, July 24, 2004
Review: Security Warrior
"Be afraid. Be very afraid."
If there is one motto to be taken from this book, that is it. Security Warrior takes a new track from most security books, the view of the attacker. How and what they do are explained in detail, from reverse code engineering to methods of avoiding intrusion detection systems. As a systems administrator, part of me wants to just go and unplug all my servers after reading this book.
Far from an introductory book, the authors assume you are familiar with the concepts of securing servers and networks on the internet (achieved, possibly from books like Practical Unix and Internet Security). The first half of the book covers attack methods and then switches to defense methods for the remainder.
The authors provide detailed and up to date information regarding program disassembly for the purpose of patching as well as for determining possibilities for buffer and heap overflows. Methods and tools are discussed for Windows, Linux, and Windows CE. This is heavy stuff; you will need to be at least passing familiar with assembly language and computer architecture to make sense of what they are discussing. They move on to cover network attacks beginning with reconnaissance techniques, firewall and IDS avoidance, and hiding your tracks. I found it very impressive the discussion of some of the most moedrn tools; not only did they discuss TCP stack fingerprinting, they mentioned the latest developments in non-static and passive OS detection tools.
In the last "attacker" section of the book, they discuss specific vulnerabilities in many services, including topics such as Active Directory hacks (extending even into the weaknesses of smart card technology). General web attacks like SQL injection and parameter checking problems are discussed as well as the deficiencies present in most wireless ethernet implementations.
After scaring the daylights out of you in the first part of the book, the authors proceed to the defensive topics of the book. They cover the general topic of logging adequate information and dealing with logs from multiple sources. Alternate syslog implementations are discussed that provide more flexibility than the standard toolsets. For networks in general, intrusion detection systems are discussed using Snort as the example tool. Honeypots are also described in brief. Computer forensics is covered as well as techniques that are used to destroy electronic evidence.
I felt this was an excellent book. It is definitely an advanced book, but is a welcome relief for people who are experienced in computer security and want something that pushes the edge.
Book Reviews | Comments (1)
-
Sunday, April 27, 2003
Review: XML in a Nutshell
As with any skill that you do not use on a daily basis, your knowledge of the details is going to fade. This is especially true of technologies like XML that have lots of syntactical quirks that are easy to forget. This is where XML in a Nutshell comes in. Like all O’Reilly Nutshell books it does an excellent job of cramming all of the little facts needed to work with XML into a concise easy to reference book.Book Reviews | Comments Off