Slashdot Mirror

Ben Rothke writes "It has long been rumored that manufacturers of items such as razors and batteries specifically produce their products to an inferior level in order to ensure repeat business. A similar paradox is occurring in the information security space where many are complaining that the PCI Data Security Standard (PCI DSS) is too complex and costly. What is most troubling is that such opinions are being written in periodicals and by people that should know better." Read on for the rest of Ben's review. PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance author Tony Bradley pages 352 publisher Syngress rating 9 reviewer Ben Rothke ISBN 1597491659 summary Great for anyone who has PCI responsibilities or wants to gain a quick understanding of the PCI DSS requirements.

PCI came to life when Visa, MasterCard, American Express, Diner's Club, Discover, and JCB collaborated to create a new set of standards to deal with credit card fraud. PCI requires that all merchants and service providers that handle, transmit, store or process information concerning any of these cards, or related card data, be required to be compliant with the PCI DSS. If they are not compliant, they can face monetary penalties and/or have their card processing privileges terminated by the credit card issuers.

The primary purpose of PCI is to force organizations to embrace common security controls to protect credit card data and reduce fraud and theft. The following are the six primary control areas and 12 specific requirements of the PCI DSS:

Build and maintain a secure network

1. Install and maintain firewall configurations

2. Do not use vendor-supplied or default passwords

Protect cardholder data

3. Protect stored data

4. Encrypt transmissions of cardholder data across public networks

Maintain a vulnerability management program

5. Use and regularly update anti-virus software

6. Develop and maintain secure systems and applications

Implement Strong Access Control Measures

7. Restrict access to need-to-know

8. Assign unique IDs to each person with computer access

9. Restrict physical access to cardholder data

Regularly monitor and test networks

10. Monitor and track all access to network resources and cardholder data

11. Regularly test security systems and processes

Maintain an information security policy

12. Maintain a policy that addresses information security

A quick review of these 12 items shows that PCI is a textbook example of the fundamentals of information security. With that, PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance is an excellent resource that provides the reader with all of the fundamental information needed to understand and implement PCI DSS.

The books 13 chapters provide the reader with a comprehensive overview of all of the details and requirements of PCI. The first three chapters provide an overview of the basics about PCI and the basic requirements of the standard. The following six chapters go into detail about each of the primary control areas.

In particular, chapter 6 provides a good overview of the PCI logging requirements. This requirement can be time-consuming to put into place. The author notes that a commonly overlooked but essential requirement, namely that of accurate and synchronized time on network devices. Enterprise information network and security infrastructure devices are highly dependent on synchronized time and PCI recognizes that correct time is critical for transactions across a network.

In a further discussion about synchronized time in chapter 9, the author unfortunately makes an error when he states that local hardware is considered a stratum 1 time source since it gets its time from its own CMOS. From an NTP perspective, only a device that is directly linked to a stratum-0 device is called a stratum-1. CMOS clocks are notoriously inaccurate and can't be relied upon.

The title of chapter 12 is both amusing and accurate 'Planning to fail your first Audit'. The irony is that so many organizations lack a CISO or formal business security program in place designed to protect corporate information assets. They don't focus on information security as a process, rather as a set of products or regulatory items to be checked-off. Yet, these same organizations are surprised when they fail an audit.

The book concludes in chapter 13 with the well-known observation that security is a process, not an event. The book astutely notes that it is impossible to be PCI compliant without approaching security as a process. Trying to achieve compliance without integrating the various aspects in an integrated fashion is bound to fail.

Overall, PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance is a great book for one of the most sensible security standards ever. Anyone who has PCI responsibilities or wants to gain a quick understanding of the PCI DSS requirements will find the book to be quite valuable.

Ben Rothke is a security consultant with BT INS and the author of Computer Security: 20 Things Every Employee Should Know

You can purchase PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Ben Rothke writes "It has long been rumored that manufacturers of items such as razors and batteries specifically produce their products to an inferior level in order to ensure repeat business. A similar paradox is occurring in the information security space where many are complaining that the PCI Data Security Standard (PCI DSS) is too complex and costly. What is most troubling is that such opinions are being written in periodicals and by people that should know better." Read on for the rest of Ben's review. PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance author Tony Bradley pages 352 publisher Syngress rating 9 reviewer Ben Rothke ISBN 1597491659 summary Great for anyone who has PCI responsibilities or wants to gain a quick understanding of the PCI DSS requirements.

PCI came to life when Visa, MasterCard, American Express, Diner's Club, Discover, and JCB collaborated to create a new set of standards to deal with credit card fraud. PCI requires that all merchants and service providers that handle, transmit, store or process information concerning any of these cards, or related card data, be required to be compliant with the PCI DSS. If they are not compliant, they can face monetary penalties and/or have their card processing privileges terminated by the credit card issuers.

The primary purpose of PCI is to force organizations to embrace common security controls to protect credit card data and reduce fraud and theft. The following are the six primary control areas and 12 specific requirements of the PCI DSS:

Build and maintain a secure network

1. Install and maintain firewall configurations

2. Do not use vendor-supplied or default passwords

Protect cardholder data

3. Protect stored data

4. Encrypt transmissions of cardholder data across public networks

Maintain a vulnerability management program

5. Use and regularly update anti-virus software

6. Develop and maintain secure systems and applications

Implement Strong Access Control Measures

7. Restrict access to need-to-know

8. Assign unique IDs to each person with computer access

9. Restrict physical access to cardholder data

Regularly monitor and test networks

10. Monitor and track all access to network resources and cardholder data

11. Regularly test security systems and processes

Maintain an information security policy

12. Maintain a policy that addresses information security

A quick review of these 12 items shows that PCI is a textbook example of the fundamentals of information security. With that, PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance is an excellent resource that provides the reader with all of the fundamental information needed to understand and implement PCI DSS.

The books 13 chapters provide the reader with a comprehensive overview of all of the details and requirements of PCI. The first three chapters provide an overview of the basics about PCI and the basic requirements of the standard. The following six chapters go into detail about each of the primary control areas.

In particular, chapter 6 provides a good overview of the PCI logging requirements. This requirement can be time-consuming to put into place. The author notes that a commonly overlooked but essential requirement, namely that of accurate and synchronized time on network devices. Enterprise information network and security infrastructure devices are highly dependent on synchronized time and PCI recognizes that correct time is critical for transactions across a network.

In a further discussion about synchronized time in chapter 9, the author unfortunately makes an error when he states that local hardware is considered a stratum 1 time source since it gets its time from its own CMOS. From an NTP perspective, only a device that is directly linked to a stratum-0 device is called a stratum-1. CMOS clocks are notoriously inaccurate and can't be relied upon.

The title of chapter 12 is both amusing and accurate 'Planning to fail your first Audit'. The irony is that so many organizations lack a CISO or formal business security program in place designed to protect corporate information assets. They don't focus on information security as a process, rather as a set of products or regulatory items to be checked-off. Yet, these same organizations are surprised when they fail an audit.

The book concludes in chapter 13 with the well-known observation that security is a process, not an event. The book astutely notes that it is impossible to be PCI compliant without approaching security as a process. Trying to achieve compliance without integrating the various aspects in an integrated fashion is bound to fail.

Overall, PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance is a great book for one of the most sensible security standards ever. Anyone who has PCI responsibilities or wants to gain a quick understanding of the PCI DSS requirements will find the book to be quite valuable.

Ben Rothke is a security consultant with BT INS and the author of Computer Security: 20 Things Every Employee Should Know

You can purchase PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Fatty writes "Entry level certifications such as the Cisco Certified Network Associate (CCNA) have become the source of many jokes to people in the industry, largely because of the seemingly inept people that proudly display their certifications. This is made worse by the volume of books geared only to get people through the exam. Network Warrior bills itself as the exact opposite — if the subtitle is to be believed it contains "Everything You Need to Know That Wasn't on the CCNA Exam". With everything from the architecture of the 6500 to layers 8 and 9 of the OSI model (politics and money), it does a pretty good job." Read below for the rest of Sean's views on this book. Network Warrior: Everything You Need to Know That Wasn't on the CCNA Exam author Gary A. Donahue pages 598 publisher O'Reilly rating 9 reviewer Sean Walberg ISBN 9780596101510 summary A practical look at what you really need to know to run a Cisco network

The CCNA exam is supposed to test a candidate's understanding of networking fundamentals. Over the years it has expanded to include more advanced material, and now covers networking theory, switching (including spanning tree and VLANs), and some of the intermediate routing protocols such as EIGRP and OSPF. Despite the breadth of content the exam doesn't (and can't) cover things that many network folk take for granted, even things like what the "demarc" is (short for demarcation point, the the place where the carrier's responsibility ends and yours begins). While the exam's topic list is broad, the level of detail is shallow in most places. Someone may study spanning tree enough for the exam, but have no clue where to place their root bridge when they get into the real world.

It is for this reason that I found Network Warrior to be helpful. It's goal is to point out both the technical areas in which the CCNA falls short, and to teach the reader the non-Cisco aspects of running a network.

Technically I found this book quite sound. There were a few things one might disagree with but nothing that detracted from the rest of the book. In several spots the author was keen to point out behaviors that deviated from the documents, such as in Quality of Service (QoS) and in upgrading certain modules in the 6500 chassis. He also illustrated where the theoretical concepts on network design fall short in the real world.

Routing and switching takes up the first third of the book. The switching section is largely a review of the CCNA material with some notable exceptions. First and foremost is a chapter exclusively on autonegotiation. The CCNA exam may only discuss how to set a port to a fixed speed, but anyone who has worked with a network for more than a few weeks will have run into a speed or duplex mismatch. This chapter explains some of the history behind Ethernet and its relevance to autonegotiation, explains how it works, how it fails, and how to recognize the problem, and finally offers advice on when and where to use autonegotiation.

The second major deviation from the CCNA switching syllabus is in depth coverage of Etherchannel and spanning tree (STP) Both of these protocols are integral parts of network design and operation, but the exam barely touches Etherchannel and doesn't get into the complexities of spanning tree (though this changes with each iteration of the exam.) Network Warrior provides techniques and a demonstration of finding a layer 2 loop. Surprisingly though, there is only mention of standard 802.1d legacy spanning tree and some Cisco extensions such as Per VLAN STP and backbone fast, and no mention of the newer standardized enhancements of 802.1s/w (rapid spanning tree and multiple spanning tree) which have been in common use and have been put on the latest version of the exam (released after this book went to press)

The third deviation is the inclusion of CatOS commands instead of just IOS like the exam. As the author repeatedly points out, CatOS is in use on many 6500 chassis and is still in active development, so there is no reason not to know it. This theme continues throughout the book whenever the 6500 is used as an example, which is often.

The routing chapters are full of new material. The sections on the routing protocols themselves are short and don't add much beyond what the CCNA certification teaches. Redistribution and route-maps, however, are well explained. These two technologies which can be used separately or together can be found on almost any network and are very complex. I thought these sections were well done, as they gave enough details to be practical without getting down into all the different scenarios. Tunnels make an appearance in these chapters, which themselves aren't very complex, but aren't a part of the CCNA blueprint.

At this point, roughly page 180 of 550, the rest of the material isn't found in the CCNA blueprint.

Part 3 of the book is all about multilayer switching, specifically the 3750 and 6500 platforms. In particular the description of the 6500 architecture is much more succinct that can be found by searching on Cisco.com. There is an in depth explanation of how the various backplanes on the chassis works, which leads to an explanation of how to determine which cards are slowing down your switch.

I think the hidden gem of the book is part 4, though, which is all about telecom. In these chapters are an explanation of how carriers operate and how to speak the lingo of telecom techs. Even though networks are moving to Ethernet based services, traditional DS1, DS3, ATM, and frame-relay networks are still commonplace. The book has a solid explanation of how TDM based circuits actually work, the various options available to you, and how to properly order and troubleshoot them. I think back to when I was getting started in this field, and dealing with carriers was difficult.

Quality of Service, the features that let you guarantee and limit bandwidth to different types of traffic, have a section in this book too. The book largely focuses on the simple weighted-fair queuing (WFQ) and the current class-based WFQ with low latency queuing for voice. Configuration instructions can be found on Cisco's site easily enough, but Network Warrior delves into some of the behavioral aspects the documents shy away from such as when the queuing mechanisms actually get used. There is also a solid look at how to make sure the QoS is working as intended.

In the middle of all of this are chapters on the firewall and load balancing modules for the 6500, the PIX firewall, and IOS based load balancing. For someone with an ecommerce slant these might prove helpful, but given that these topics are books in themselves, it's hard to do them justice in a few chapters.

The last part of the book is on network design, which encompasses not only the steps needed to build a network, but also planning IP address allocations and how to pitch your ideas to management. Again, the book is not trying to be the definitive text on the subject, but it manages to impart a few words of wisdom, especially the so-called "GAD's Maxims", and "How not to be a computer jerk".

Well thought out examples were plentiful, along with anecdotes from the author, usually showing the consequences of doing things wrong. The illustrations did a great job of conveying the point at hand. Even though I've been doing this stuff for a while I learned several time saving techniques that I've already been able to put to use.

This is a great book for people just getting into the industry, with their CCNA or without. It offers practical advice rather than dry textbook like explanations which is a welcome change. Even those with a few years of experience under their belt will be happy reading through Network Warrior.

Sean Walberg is a network engineer and author living in Winnipeg, Canada.

You can purchase Network Warrior from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

tigerhawkvok writes "Recently, new author Stuart Privar provided Professor PZ Meyers of Pharyngula a copy of his book, Lifecode, for review. Over the course of the review itself and a few follow-ups, it became evident that the content was nonsense (including, among other things, ten-legged spiders and other phenomena strongly at odds with developmental biology). However, the common threat of lawsuits finally became a reality, and now Privar is suing Myers for $15 million. Can calling someone a 'classic crackpot' in the face of such incorrect data have any chance at making it to court, or even winning the suit?"

Michael J. Ross writes "One of the most powerful and popular content management systems (CMSs) is Joomla, a superior derivative of Mambo. Out of the box, Joomla makes it relatively easy to build Web sites that allow collaborative editing of content, attractive styling via prebuilt templates, and many more features. A Joomla-based site can be further improved by adding custom modules, components, and other extensions to the CMS, without any modification to the core Joomla code. A resource that explains how to do this, is Learning Joomla! 1.5 Extension Development: Creating Modules, Components, and Plugins with PHP, by Joseph L. LeBlanc." Read on for the rest of Michael's review. Learning Joomla! 1.5 Extension Development author Joseph L. LeBlanc pages 176 publisher Packt Publishing rating 8 reviewer Michael J. Ross ISBN 1847191304 summary A practical tutorial for creating Joomla! 1.5 extensions

The book is put out by Packt Publishing, under the ISBNs 1847191304 and 978-1-847191-30-4. The publisher maintains a page on their site dedicated to the book, where visitors can read summaries of the chapters and the overall book, order the e-book version (in PDF format) at a discount, download the book's sample source code, read and submit errata and feedback, and download a sample chapter, namely, "Chapter 1: Joomla! Extension Development: An Overview" (also in PDF format). Note that, as of this writing, the errata and feedback do not have their own links, but are located on the page accessible via the link "Code download," which should be clarified.

The book's title page bills it as "A practical tutorial for creating your first Joomla! 1.5 extensions with PHP," and that is exactly what the book is. Rather than organizing the information in a cookbook style — which is quite popular in programming books nowadays — this particular one uses a narrative approach, in which the author illustrates the concepts by stepping the reader through an example project. He begins with a clean install of Joomla, without any of the sample data, and shows how to "build extensions to create, find, promote, and cross-link restaurant reviews."

The nine chapters of the book are organized in a logical manner, and in the order that the typical developer would go about extending a Joomla-based site: overview; Joomla's component structure and registration; backend and front-end development; module development; using the model-view-controller design pattern (MVC); creating plug-ins; adding configurability for the extensions that you have created; packaging the extension elements for use by other Joomla developers.

In explaining the key concepts and procedures for building custom extensions to a Joomla site, the author takes a methodical approach, with a healthy balance between exposition, sample code, and illustrative figures. The chapters read quickly, and the code changes from one section to the next are helpfully bolded. The chapter summaries, as with most programming books, add no value, and could be beneficially dropped, thereby saving space.

The author states in the first chapter that there are three types of extensions within Joomla: components, modules, and plug-ins. This could be confusing to anyone who has read the articles that help introduce Joomla to the new developer, and are contained in the sample data found in Joomla version 1.5. Those articles include one titled "Extensions," which lists two additional extension types — templates and languages — not considered such by LeBlanc. However, that article does not make clear as to why templates and languages should even be considered extensions, which seems counterintuitive at first glance.

The presentation of all of the material in LeBlanc's book is not perfect, but it is certainly more than adequate. It is unfortunate that the book does not have a lay-flat binding, which tends to be more of a problem with slender volumes such as this one (176 pages), since much thicker books have more weight to keep both sides down on the table at the same time when the book is open. All of the screenshots have a bit too much pixelation, which makes the smallest text within the screenshots more difficult to read. However, none of that text is unreadable. The book's text outside of the screenshots is quite easy to read, with a generously-sized font and a logical layout of each page's material. Almost every page has two horizontal lines, one at the top, and one at the bottom; they serve no purpose, and could be eliminated to save ink and space, as could the brackets around every page number. The same is true for the much larger and thicker brackets used to delineate warnings, notes, tips, and tricks. There were a few other very minor flaws in the book. For instance, in the information about the reviewer, "MySQL" is misspelled. In the Table of Contents, the "Available Toolbar Buttons" line appears to be one font size too small, and thus inconsistent with the other subsection heads. All of these weaknesses are of little consequence and could be fixed in the next edition.

Even if a reader initially had no interest in developing their own extensions to Joomla, this book could easily spark their interest, given that the book shows just how powerful those extensions can be, as well as how doable they are, by any competent programmer familiar with PHP and MySQL. In fact, even if the reader were to later decide that they had no interest in creating any extensions, they could still benefit from the book's discussion of how components are structured within Joomla — a more clear explanation than anything I have seen in the official Joomla documentation. Joomla may be an excellent CMS, but the documentation quality does not come close to the value of Joomla itself. That is why there is such a great need for books such as this one.

Although Learning Joomla! 1.5 Extension Development: Creating Modules, Components, and Plugins with PHP has some weaknesses — as do most if not all technical books nowadays — for any developer interested in getting the most out of Joomla by building custom extensions, LeBlanc's contribution should prove especially informative and useful.

Michael J. Ross is a Web developer, freelance writer, and the editor of PristinePlanet.com's free newsletter.

You can purchase Learning Joomla! 1.5 Extension Development from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Martin Ecker writes "The OpenGL SuperBible, in its vastly expanded fourth edition, is the latest addition to the Addison-Wesley Professional OpenGL series. According to the authors it 'strives to provide the world's best introduction to not only OpenGL, but 3D graphics programming in general.' A tough goal to achieve." Read the rest of Martin's review to see if the book keeps its promise. OpenGL SuperBible (Fourth Edition) author Richard S. Wright, Jr., Benjamin Lipchak, Nicholas Haemel pages 1205 publisher Addison-Wesley rating 9/10 reviewer Martin Ecker ISBN 0321498828 summary A solid introduction to OpenGL programming that focuses on both the old-style fixed-function pipeline and new-style shaders.

The OpenGL SuperBible, is split into three parts, appropriately called the old testament, the new testament, and the apocrypha. Arguably, appendix C, an OpenGL API reference with more than 350 pages, could be considered a fourth part even though it isn't listed as such in the table of contents.

The old testament provides an introduction to both OpenGL programming with the fixed-function pipeline and to the basics of 3D graphics programming. The new testament then moves on to describe how shaders, small programs that run on the GPU (Graphics Processing Unit), allow us to use the programmable features of today's powerful graphics cards. It also contains information on recent advancements of the OpenGL API, such as floating-point textures, pixel buffer objects and framebuffer objects. The apocrypha closes the book with a discussion of how to interface OpenGL with the underlying operating system.

The first part of the book — the old testament — consists of 14 chapters with around 500 pages total. The first chapter gives a general overview of 3D graphics and the various effects that the remaining chapters in this part of the book are going to show how to implement with OpenGL. The writing style is very casual and easy to follow. Especially in these first chapters, the book is very light on mathematics, but does explain some of the basics, such as coordinate systems, some simple vector algebra, and matrices. The second chapter introduces OpenGL and immediately presents a few simple sample programs to wet the reader's appetite. The programs are analyzed in detail with explanations to nearly all lines of code. It should be easy for a beginner to follow and understand the code.

The next few chapters gradually introduce more and more OpenGL API functions intermixed with new 3D graphics concepts, such as rendering points, lines, and polygons in various ways, how to use geometric transformations and projections, and how to use the fixed-function pipeline to render lit objects with simple projective shadows. Eventually, texture mapping is introduced with pretty much everything you need to know about the topic. In particular, multitexturing, the various filtering modes — even anisotropic filtering, texture compression, and using textures with point sprites are discussed. The book continues with an overview of curves and surfaces as supported by the OpenGL Utility library (GLU, for short). The book dates itself a bit here, since this is a software-only, and thus fairly low-performance feature that is rarely ever used in professional software. The same applies to the discussion of feedback and selection, which are not implemented on current graphics hardware and therefore not widely used. After this short excursion down the OpenGL memory lane the book moves on to the fairly recent addition of occlusion queries. Occlusion queries are used to detect complex, occluded objects in the rendered scene, so that they need not be rendered. Most modern-day graphics software that renders dense scenes with a lot of overdraw, such as video games, uses this feature. The old testament closes with a chapter on depth textures, which are prominently applied to render real-time shadow effects.

After laying a solid foundation for 3D graphics programming with OpenGL in the first part, the second part of the book — the new testament — deals with the new era of graphics programming that started a few years ago when the first programmable graphics card came into the market. This part consists of 4 chapters with about 100 pages. The first chapter provides an overview of the programmable pipeline and explains which features of the fixed-function were replaced by shaders. This introduction is followed by a sample program that gives a first glimpse of GLSL, the OpenGL shading language, in which shaders are written. The next chapter is all about vertex shaders and how to implement simple lighting models, fog, and vertex transformations using them. The third chapter is about fragment shading with some interesting post-processing and procedural texture mapping shaders. The final chapter of this part of the book discusses advanced buffers, such as floating-point textures and color buffers, and pixel buffer and framebuffer objects — all recent additions to OpenGL that allow to achieve various effects, such as rendering directly to a texture or creating vertex data on the GPU.

The final part of the book — the apocrypha — consists of 4 chapters explaining how to integrate OpenGL with the underlying operating system, in particular with Windows, Mac OS X, and Linux plus various other Unix flavors. The last chapter of this part of the book is about OpenGL ES, which is a version of OpenGL designed to be used especially on embedded system devices, in particular mobile phones and PDAs, to render real-time, interactive 3D graphics.

The book has a lot of images and diagrams throughout, though unfortunately not all of them are in color. There are however 32 color plates of the most interesting images in the middle of the book. The complete source code of the book, and even precompiled binaries for Windows and Mac OS X, can be downloaded from the book's webpage.

If you are new to both 3D graphics programming and OpenGL with a bit of C/C++ programming experience and you are eager to learn how to develop interactive programs with OpenGL, then this book is exactly right for you. The book is written in an easy to understand style without skimming the details. It is the most comprehensive introduction to OpenGL that doesn't require a lot of previous knowledge I have seen to date. If you already have experience with another graphics API or are well-versed in 3D graphics in general, but want to familiarize yourself with OpenGL, you might also want to consider the OpenGL Programming Guide, also known as the Red Book.

All in all, the OpenGL SuperBible succeeds fairly well in keeping its promise to be the best introduction to OpenGL and 3D graphics programming. Even after you're done working your way through the main parts of the book you will always come back to the handy OpenGL API reference in the appendix of the book.

I have been involved in real-time graphics programming for more than 10 years and work as a professional game developer for High Moon Studios in sunny California.

You can purchase OpenGL SuperBible Fourth Edition from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Joe Kauzlarich writes "The 'pattern' book has become a familiar genre for frequent readers of technical manuals. The idea is to sift through mountains of architectural or design schemes and then to categorize and catalogue the most frequent ideas and present their strengths and weaknesses. This type of book has been a success in software engineering, but can it translate to website design, where designers have everyday and frequent access to other designs? At worst, these books provide a common industry vocabulary (assuming it was read by everyone in the industry). How many people knew what a factory method referred to before Erich Gamma's Design Patterns was released? At best, as in the case of that 'original' software design patterns book, mountains of complex ideas are archived into a single reference and will sit within arm's reach for the rest of your life. So, is the web design discipline full of patterns that evade common sense?" Read below for the rest of Joe's review. The Design of Sites, Second Edition author Douglas K. Van Duyne; James A. Landay; Jason I. Hong pages 982 Pages publisher Prentice Hall rating 6/10 reviewer Joe Kauzlarich ISBN 0131345559 summary Catalogue of Website Design Patterns

Initially, I was amazed by the sheer scope and the amount of work that must've been put into this book. Almost 1000 pages — and not just a bunch of screenshots either. Most of the book is well-organized text. The screenshots are full-color, as is everything else in the book. Each section has a different-colored bleed, making it easy to locate the chapter you're looking for. Furthermore, the patterns are extensively cross-referenced throughout the book, and references appear in colored marginal bullets. Even the table of contents has descriptive section headings and a small summary of each section. The design of the book itself gets an eleven out of ten. The book itself is a living catalogue of technical reference design patterns. Kudos to the book's designer on this one.

As far as content, the book describes 117 distinct patterns in 13 categories. This includes patterns related to marginal topics such as mobile devices, accessibility and content creation (i.e. copywriting 101). Like most pattern books, it's a good idea to initially browse the book before using it as a reference so that you'll know what to look for when you need to pick it up again. On my initial browsing, it seemed to contain nothing particularly surprising — this has been the case with many great pattern books such as Martin Fowler's Refactoring or another of his books, Patterns of Enterprise Application Architecture, so I was not going to discredit it on this basis alone: a pattern book's true value shows itself when you're stuck on a problem and turn to it for a moment of shining clarity. Let's see if The Design of Sites lives up to this promise...

Trial #1: a business website that is not e-commerce, but a 'glorified yellow pages' type of site. I have a lot of information that needs to be accessed not only in its hierarchical organization, which can go to three levels deep, but should also guide the reader on what should be read next: a separate 'linked-list' that 'jumps' branches in the original hierarchy.

Given this amount of content and this double-organization, we wanted each page to present access to the site's information without overwhelming the reader. I open up the book to Part A, 'Site Genres', to locate the particular genre of website I'm working on. I find it: 'Valuable Company Sites.' I read some good information on layout. I see a paragraph titled 'other patterns to consider,' which points me to pattern B1, 'Multiple Ways to Navigate.' A-ha! The book's exceptional design allows me to locate pattern B1 in 3 seconds flat. It is hear I realize the true value of the book: there are no 'right' answers in design, only guidelines:

" ...we have identified two things that drive customers to action: intention and impulse (these can be thought of as goal and trigger, or need and desire). Neither intentional nor impulsive behavior is inherently good or bad, but a site that omits intention-based navigation might feel shallow and quirky, and one that omits impulse-based navigation might seem boring."

Good advice. Though I already have a hierarchical organization (intentional browsing) and recommended organization (impulse browsing), which gives users options on what to read next, I now have an idea of what sort of balance I want in the areas of navigation.

This was not exactly a mind-blowing discovery, but it did give me some confidence in the choices I eventually made and, furthermore, gave me valid reasons for making those choices, in case the client or a team-member were to question those choices later on.

Trial #2: Working on a website for a freelance graphic designer, I encounter a problem whereby each image in the portfolio can be categorized either by project/campaign or by design-type. For example, a logo, a business card, poster and website are all part of a single campaign, but we also want the ability to list all logos from separate campaigns. Again we have an organizational dilemma, but this time for a different type of site and a fundamentally different type of dilemma.

Again, I turn to the first section 'Site Genres' to locate the type of site I'm working on. It's not exactly a business site, but more of an on-line portfolio. The closest seems to be pattern A9, 'Stimulating Arts and Entertainment.' When I turn to it, I discover I was correct: the authors discuss the 'art gallery' site, though it doesn't exactly cover the aspect that I'm looking for. So I've encountered the book's first notable omission: nothing along the lines of an 'online portfolio' or 'interactive resume' genre of site design, which would encompass all creative freelancer sites as well as the usual rock band websites, etc. They differ from the 'Valuable Company Website' in that personal expression and design creativity take center stage. These sites have a general similarity in aesthetic in that they purposely avoid the business-like design. You won't see many pull-down or left-side navigation menus on a standard band website. The menus are typically integrated into a central graphic of some sort and this puts heavy constraints on the web designer while trying to effectively organize information without sacrificing the expressive purposes of the site.

The book offers no obvious guidelines for dealing with this sort of problem and here's why: it doesn't take into account the various constraints imposed by the client nor does it attempt to offer reconciliations between the design and the underlying organization of the data.

In my trial #2 we had the thumbnail images organized in two ways, either by design-type (poster, logo, business card) or by campaign ("Going Out of Business Sale", "Grand Opening", "Johnson's Automotive Website"), both organization-types having fairly equal weight. How do we allow the user to switch between organization types and keep the site consistent? The book doesn't touch these types of questions in a direct way.

The book offers a comprehensive aggregate of guidelines for user-interface patterns, User-centered, and 'psychological' perspectives. It covers most of the bases: content creation, page layout, organization of component elements, web application design, hints of 'Web 2.0' patterns, and ideas for functional pages such as searching, content submission, 'Marginal' topics like localization and accessibility that you may not want to buy a separate book for but, nonetheless, need to know about. It has a great overall design, easy to use as a reference and easy on the eyes, a long and detailed exposition on the utility of polling and seeking advice from your target audience, including sample forms to present them with. It is overall, very well-written and hardly a sentence wasted.

While 99% of the patterns themselves are common knowledge to most users of the internet and to most decent web designers, it is the expository text that forms the real meat of the book and contains the wealth of insight. This is by far the book's value. Posing as a patterns book is misleading; this book is really just a very good general guide to web design. As a pattern book, it's flawed, because almost every 'pattern' is just a guideline for effectively presenting information, not an elusive insight or 'trick of the trade' in itself, such what as Erich Gamma's (et al) original 'Design Patterns' brought us. There are mountains of outstanding tips and bits of advice throughout the book, but if you've already achieved a decent level of competency in design, then you're not going to be using the book very often and when you do, you might not get the depth of advice you're seeking.

On the other hand, the book gives beginner-to-intermediate-level designers everything they need to get started or fill in the gaps. The Design of Sites would also make an outstanding text book and is likely to be one of the best general guides to web design on the market.

I'll give it a 6 out of 10, judging a book on its utility as a design patterns books (just as you would give The Illiad a possible 2 out of 10 if Homer presented it to me as a historical text and I expected as much). As an introduction to web design, it easily deserves at least 9 points out of 10.

You can purchase The Design of Sites, Second Edition from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Craig Maloney writes "Growing up, I found myself more than once in an arcade, be it in the mall, Meijer, or a free-standing building. The atmosphere was unmistakable: loud, with lots of activity, and people getting fully immersed and "in the zone" between them and their pixellated avatar. While playing an arcade game at home has been possible for many years now, the true arcade experience has been a little more elusive. There's something about having an upright video game cabinet, and playing on arcade hardware that gives the game that extra sense of being right in the arcades of my youth. There are many sites out there that have different plans for building a MAME arcade cabinet from scratch, but most read like a post-mortem for how the author pieced together their particular setup. What if you just want to convert an old (non-working, I hope) cabinet into a MAME arcade cabinet? Lots of information is out there, but where do you start? Project Arcade is an excellent introduction for building your own MAME arcade cabinet from scratch, and compiles lots of material into one comprehensive book." Read below for the rest of Craig's review. Project Arcade author John St. Clair pages 476 publisher Wiley rating 8/10 reviewer Craig Maloney ISBN 0-7645-5616-9 summary An excellent primer for anyone who is looking to create their own MAME arcade cabinet.

Project Arcade is split up in to five parts. The first part describes the planning process, and comprises complete plans for building an arcade cabinet from scratch. The second, third, and fourth parts are a list of parts and design decisions for the hardware for your MAME arcade cabinet, from the control panel and computer, to the speakers and monitor. The fifth part is a summary of various "off-the-shelf" solutions for purchasing a complete MAME-ready arcade cabinet, as well as links to other "inspirational" projects. Obviously, if you're building the MAME arcade cabinet from the wood up, and outfitting it with your own hardware, then most of the book will be applicable to you. I found all sections to be very valuable, and regardless of which direction I take (build or buy) I'll be more informed when I finally devise my plans and make my purchases.

One thing that stood out in Project Arcade was the thoroughness of the book. Unlike some "build your own arcade books", Project Arcade contains complete plans for an arcade cabinet, from start to finish, including lists of all of the materials. I unfortunately didn't build the cabinet, and am not an expert on woodworking, but the plans looked complete and well thought out. At the very least, it left me with the impression that this was something that I could likely handle with some help. The part I am a little more familiar with (the electronics) was quite fascinating. The book catalogs a great deal of hardware available to the arcade-cabinet builder, and there were parts that I didn't know were available, such as screw-terminal keyboard adapters (no more taking apart cheap keyboards for me). The author details many different joysticks, trackballs, and button choices available, with thoughtful discussion on the pros and cons of each choice. I felt through most of the book like I was being guided by someone who was passionate about building excellent MAME arcade cabinets, and had a lot of knowledge to share. Even the section on pre-made cabinets was carefully put together, with the benefits of each cabinet design explained thoroughly. There are also copious amounts of photos, so you'll know exactly what it is you're looking at. Also, where applicable, there are diagrams and charts to aid and assist.

Unfortunately, the strengths of Project Arcade are also part of its weaknesses. There are a LOT of parts described in the book. After a few pages of the same type of part, my mind started to wander. While the descriptions are comprehensive and insightful, I found myself after a while thinking "I get it already". Detailed descriptions of taking apart keyboards and soldering to them to me seemed obvious, but I can see why the author decided to take the time to explain the process more thoroughly for those who may not be as comfortable taking apart something electronic. Also, the book focused mostly on the hardware for building a MAME arcade cabinet. I would have appreciated the same depth of discussion on the software available to complete the project, mostly because I think the author could have brought some very insightful recommendations on what software to use with the MAME arcade cabinet.

When I build my MAME cabinet, be it a conversion of an old (non-working) cabinet, or from scratch, Project Arcade will definitely be the book I use on that project. While the descriptions can be a bit verbose, the book delivers a very thorough and insightful perspective on what I should be looking for when envisioning what my completed MAME cabinet should be. Much like a do-it-yourself book for remodeling your bathroom, the book can only provide you guidance; the finished project is up to your creativity and imagination. Project Arcade is that guide to building yourself the perfect MAME arcade cabinet.

You can purchase Project Arcade from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Ben Rothke writes "It's a fallacy that our elected officials take forever to get things done. Two examples where Washington acted with speed are with the National Do Not Call Registry and the Sarbanes-Oxley Act. The National Do Not Call Registry was slated to take effect on October 1, 2003, but various marketing associations challenged its legitimacy and even if the FTC had the jurisdiction to enforce it. Notwithstanding, President Bush speedily signed the bill authorizing the no-call list to go into effect in September 2003 and the United State Court of Appeals upheld the constitutionality of the registry in February 2004. On June 25, 2002, WorldCom revealed it had overstated its earnings by more than $7 billion by improperly accounting for its operating costs. Senator Paul Sarbanes then introduced Senate Bill 2673 that same day where it passed 97-0 less than three weeks later. The House and Senate formed a Conference Committee to reconcile the differences between Sarbanes's bill and Representative Michael Oxley's bill (HR 3763) and on July 24, 2002, the Sarbanes-Oxley Act of 2002 was passed." Read on for the rest of Ben's review. Stealing Your Life: The Ultimate Identity Theft Prevention Plan author Frank W. Abagnale pages 256 publisher Broadway Books rating 8 reviewer Ben Rothke ISBN 0767925866 summary exposes the tactics of today's identity theft criminals and offers strategies to thwart them

The bottom line is that when politicians really want votes and PR, they can act swiftly. The frustration is exacerbated when politicians choose to do nothing when it comes to identity theft. In Stealing Your Life: The Ultimate Identity Theft Prevention Plan, Frank Abagnale details the frustration that consumers face (and will face in the years to come) when their identities are stolen, the ease at which the criminals carry out such crimes, and the months and often years of effort required to regain ones identity.

Abagnale's tenure on the criminal side long ago gives him the advantage that he knows firsthand how criminals think and such an outlook is pervasive throughout the book. Looking at the current state of identity protection, he states that he is personally horrified at how easy identity theft is. In fact, he calls it "a crook's dream come true". The book details incident after incident where criminals and criminal gangs obtained credit in someone else's name with ease.

What makes this worse is that the book shows how we haven't even scratched the surface of the identity theft problem. Everyone, including the FTC agrees that current identity theft figures are quite low, due to the fact that so many cases go unreported or undetected.

The book notes that lenders often miscategorize a good deal of identity theft because it looks like delinquent bills, as opposed to a crime. Only later does the victim realize what has been going on and complains, at which time it becomes apparent that fraud was involved. But by that time, the money has been written off as a credit loss and then appears as negative information on the victim's credit report.

Like many other books on the subject of identity theft, Stealing Your Life: The Ultimate Identity Theft Prevention Plan covers the main issues, and makes numerous suggestions on how to control your identity. What is interesting about the book is that Abagnale also focuses on why identity theft is so popular for today's criminals. One of the main reasons it that the person committing the crime has the odds significantly stacked in their favor. The book quotes a Gartner study that found that identity thieves have roughly a 1 in 700 chance of getting caught by law enforcement, which is a figure any criminal would jump at.

The books 13 chapters are written in an easy to read and compelling style. The early chapters detail the prime causes of what makes identity theft such a problem and astutely notes that a large part of the problem is that financial services companies are conducting business today by doling out credit like candy and do almost nothing to ascertain that people really are who they say they are when applying for credit. In addition, issuers of credit in their haste to rack up more business frequently accept a social security number from an applicant at face value, without demanding proof. The book lists many examples of where children and dead people have been given credit.

In chapter 6, the book lists 20 steps one can take in the hope of preventing identify theft. The author notes that since the punishment for identity theft, and the recovery of stolen goods from identity theft are so low, the only viable source of action is prevention by the individual. All 20 steps are fundamental, from protecting your social security number and examining your financial statements, to using a shredder and more.

Chapter 8 lists one of the more important points of the book, in which Abagnale writes that all credit and personal information should be opt-in based, as opposed to the prevalent opt-out requirement. Such an approach is what one would hope Congress would mandate, but does not have the tenacity to do. The problem is that if a consumer does not opt-out, they are giving the financial institution permission to share their personal information with the hundreds and often thousands of affiliates they share data with.

Companies obviously prefer opt-out, which shifts the burden to the consumer to take action to keep their information from being shared. With opt-in, the burden shifts and the financial services company has to prove that consumers granted their consent to have their personal information shared. National opt-in requirements would significant stem the flow of personal information, which is in part why identity theft is so easy to carry out.

Aside from a glaring error in chapter 12 where Abagnale erroneously writes that true authentication is impossible on the Internet and occasionally hawking companies he has financial dealings with, Stealing Your Life: The Ultimate Identity Theft Prevention Plan is an interesting and entertaining book on a subject of the fasting growing crime in the USA.

The book details what happens when an apathetic Congress and financial services industry do almost nothing to protect their constituents, and the thieves who have never had it easier. These identity thieves are able to acquire gigabytes of personal information without ever having to leave their workstations. When you factor in that the odds are in their favor of never being prosecuted, it leaves nearly every individual at risk for identity theft.

With Congress dropping the ball and doing nothing, Abagnale shows that it is up to each individual to take responsibility for protecting their own personal information. Stealing Your Life: The Ultimate Identity Theft Prevention Plan is indeed a great place to start such an approach.

Ben Rothke is a security consultant with BT INS and the author of Computer Security: 20 Things Every Employee Should Know

You can purchase Stealing Your Life: The Ultimate Identity Theft Prevention Plan from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Ben Rothke writes "It's a fallacy that our elected officials take forever to get things done. Two examples where Washington acted with speed are with the National Do Not Call Registry and the Sarbanes-Oxley Act. The National Do Not Call Registry was slated to take effect on October 1, 2003, but various marketing associations challenged its legitimacy and even if the FTC had the jurisdiction to enforce it. Notwithstanding, President Bush speedily signed the bill authorizing the no-call list to go into effect in September 2003 and the United State Court of Appeals upheld the constitutionality of the registry in February 2004. On June 25, 2002, WorldCom revealed it had overstated its earnings by more than $7 billion by improperly accounting for its operating costs. Senator Paul Sarbanes then introduced Senate Bill 2673 that same day where it passed 97-0 less than three weeks later. The House and Senate formed a Conference Committee to reconcile the differences between Sarbanes's bill and Representative Michael Oxley's bill (HR 3763) and on July 24, 2002, the Sarbanes-Oxley Act of 2002 was passed." Read on for the rest of Ben's review. Stealing Your Life: The Ultimate Identity Theft Prevention Plan author Frank W. Abagnale pages 256 publisher Broadway Books rating 8 reviewer Ben Rothke ISBN 0767925866 summary exposes the tactics of today's identity theft criminals and offers strategies to thwart them

The bottom line is that when politicians really want votes and PR, they can act swiftly. The frustration is exacerbated when politicians choose to do nothing when it comes to identity theft. In Stealing Your Life: The Ultimate Identity Theft Prevention Plan, Frank Abagnale details the frustration that consumers face (and will face in the years to come) when their identities are stolen, the ease at which the criminals carry out such crimes, and the months and often years of effort required to regain ones identity.

Abagnale's tenure on the criminal side long ago gives him the advantage that he knows firsthand how criminals think and such an outlook is pervasive throughout the book. Looking at the current state of identity protection, he states that he is personally horrified at how easy identity theft is. In fact, he calls it "a crook's dream come true". The book details incident after incident where criminals and criminal gangs obtained credit in someone else's name with ease.

What makes this worse is that the book shows how we haven't even scratched the surface of the identity theft problem. Everyone, including the FTC agrees that current identity theft figures are quite low, due to the fact that so many cases go unreported or undetected.

The book notes that lenders often miscategorize a good deal of identity theft because it looks like delinquent bills, as opposed to a crime. Only later does the victim realize what has been going on and complains, at which time it becomes apparent that fraud was involved. But by that time, the money has been written off as a credit loss and then appears as negative information on the victim's credit report.

Like many other books on the subject of identity theft, Stealing Your Life: The Ultimate Identity Theft Prevention Plan covers the main issues, and makes numerous suggestions on how to control your identity. What is interesting about the book is that Abagnale also focuses on why identity theft is so popular for today's criminals. One of the main reasons it that the person committing the crime has the odds significantly stacked in their favor. The book quotes a Gartner study that found that identity thieves have roughly a 1 in 700 chance of getting caught by law enforcement, which is a figure any criminal would jump at.

The books 13 chapters are written in an easy to read and compelling style. The early chapters detail the prime causes of what makes identity theft such a problem and astutely notes that a large part of the problem is that financial services companies are conducting business today by doling out credit like candy and do almost nothing to ascertain that people really are who they say they are when applying for credit. In addition, issuers of credit in their haste to rack up more business frequently accept a social security number from an applicant at face value, without demanding proof. The book lists many examples of where children and dead people have been given credit.

In chapter 6, the book lists 20 steps one can take in the hope of preventing identify theft. The author notes that since the punishment for identity theft, and the recovery of stolen goods from identity theft are so low, the only viable source of action is prevention by the individual. All 20 steps are fundamental, from protecting your social security number and examining your financial statements, to using a shredder and more.

Chapter 8 lists one of the more important points of the book, in which Abagnale writes that all credit and personal information should be opt-in based, as opposed to the prevalent opt-out requirement. Such an approach is what one would hope Congress would mandate, but does not have the tenacity to do. The problem is that if a consumer does not opt-out, they are giving the financial institution permission to share their personal information with the hundreds and often thousands of affiliates they share data with.

Companies obviously prefer opt-out, which shifts the burden to the consumer to take action to keep their information from being shared. With opt-in, the burden shifts and the financial services company has to prove that consumers granted their consent to have their personal information shared. National opt-in requirements would significant stem the flow of personal information, which is in part why identity theft is so easy to carry out.

Aside from a glaring error in chapter 12 where Abagnale erroneously writes that true authentication is impossible on the Internet and occasionally hawking companies he has financial dealings with, Stealing Your Life: The Ultimate Identity Theft Prevention Plan is an interesting and entertaining book on a subject of the fasting growing crime in the USA.

The book details what happens when an apathetic Congress and financial services industry do almost nothing to protect their constituents, and the thieves who have never had it easier. These identity thieves are able to acquire gigabytes of personal information without ever having to leave their workstations. When you factor in that the odds are in their favor of never being prosecuted, it leaves nearly every individual at risk for identity theft.

With Congress dropping the ball and doing nothing, Abagnale shows that it is up to each individual to take responsibility for protecting their own personal information. Stealing Your Life: The Ultimate Identity Theft Prevention Plan is indeed a great place to start such an approach.

Ben Rothke is a security consultant with BT INS and the author of Computer Security: 20 Things Every Employee Should Know

You can purchase Stealing Your Life: The Ultimate Identity Theft Prevention Plan from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael Grady writes "Computer graphics has become an indispensable part of mainstream computing and the undergraduate course in computer graphics programming is often one of the most popular courses in the curriculum. In the early days, such courses dealt with low level implementation details and algorithms such as converting lines to pixels, filling rectangles, view clipping and anti-aliasing. When OpenGL arrived on the scene, it was welcomed as an efficient and powerful, procedure-oriented library that kept many of the low level details out of sight. The sort of projects that could be tackled in an introductory course became much more impressive. That was back in the 90's. Is there a way to build a course covering the basic computer graphics concepts and techniques which takes advantage of object orientation and higher levels of abstraction? I believe the authors of Computer Graphics using Java have found a way." Read below for Michael's review Computer Graphics Using Java 2D and 3D author Hong Zhang and Y. Daniel Liang pages 462 publisher Pearson Prentice Hall rating 8 reviewer Michael Grady ISBN 0-13-035118-0 summary Introduction to computer graphics concepts and techniques using Java 2D and 3D

Their strategy is to teach by example using the comprehensive, high level interfaces provided by Java 2D and Java 3D. Their examples are often well chosen and fun. The programming exercises are entertaining and appropriate.

About one third of the book is devoted to 2D graphics and covers the usual topics: coordinate systems, modeling, constructive area geometry, color models, affine transformations, compositing, splines, clipping, fonts, raster images, animation and image processing. As anyone who has worked in this area knows, Java 2D provides a beautifully designed set of classes for high quality 2D graphics and imaging. This part of the book could also serve as an excellent introduction for any programmer who wants to begin exploring its functionality.

Where the book really shines is in the examples. My favorite 2D examples include:An interactive demo of the RGB Color model which also illustrates constructive area geometry. An efficient rendering of the Mandelbrot set as a raster image. An elegant analog clock that shows how to use the Timer class in animation. An interactive demo of the common 2D affine transformations.

Surprisingly, none of the code uses anti-aliasing, even though Java 2D does a great job smoothing rough edges. In computer graphics circles, this is a faux pas — a violation of accepted, although unwritten, social rules, and points must be deducted for this omission. But if you add the required one line of code, most of the examples look pretty good.

The last two thirds of the book are devoted to 3D graphics programming, which reflects a common emphasis in the course at the undergraduate level. Coverage includes scene graphs, the rendering pipeline, 3D modeling, affine and projective transformations, illumination and reflection models, texture mapping, adaptive rendering, animation and interactivity, as well as object oriented graphics concepts such as behavior dynamics.

Java 3D provides a high level, object oriented framework for 3D graphics programming, with about 360 classes. For those who are used to programming with OpenGL, the Java 3D mindset may require a bit of indoctrination. It's based on the concept of a scene graph, and makes a lot of sense from an object oriented programming viewpoint.

Basically, a scene graph is a data structure for organizing the objects of a scene. We mean objects in the object oriented sense. Java 3D objects may be responsible for geometric, transformation, illumination, shading or behavioral data. The nodes of the scene graph represent objects and the edges represent a necessary connection. For example, a transformation node may be connected to a node representing a cube. The corresponding transformation object defines how the cube should be rotated, scaled, etc. In traversing the graph from its root, the Java 3D rendering engine finds all the information required to render the scene. It's a cool way to do computer graphics at a higher level of abstraction than programming directly with OpenGL.

Once again, many of the examples are excellent for an introductory text. My favorite 3D examples include: The classic spinning dodecahedron. This example shows that setting up the scene geometry is pleasantly intuitive in Java 3D. The ease of computing the normal vectors of all plane surfaces using the NormalGenerator class is a good illustration of the power of object oriented programming. Transformations, lighting and material properties are handled by dedicated classes. An interactive illustration of the common 3D affine transformations showing the effect of modifying transformation matrices. The mirror image of rotating 3D text that demonstrates the effect of composing transformations. How to generate a torus mesh. The canonical Utah Teapot.

Once again,the code does not use anti-aliasing, even where it is badly needed.

One of the benefits of using the Java platform is the extensive support for networking, multithreading, multimedia, database access and web services. For the most part, none of these benefits are exploited in the text. But that is probably the subject for a second course in computer graphics using Java.

All in all, it's clear that the authors are excellent teachers. This shows in their effective use of the teaching-by-example style. As stated in the preface, the authors intended their book for students and computer professionals who want to learn basic computer graphics concepts and techniques and who want to get started in programming with the Java 2D and 3D APIs. I believe they have succeeded in this goal, and if you are in this group of readers, I can confidently recommend their book.

You can purchase Computer Graphics Using Java 2D and 3D from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

theodp writes "If your startup is counting on a copycat service to emerge for Amazon S3 disaster recovery, you might want to start thinking about a Plan C. On Thursday, the USPTO disclosed that Amazon wants a patent for its Distributed storage system with web services client interface invention, aka Amazon Simple Storage Service."

nateklaiber writes "The Art and Science of CSS was a quick read (208 pages) and packed full of valuable code examples. Unlike other CSS books that teach you the specifics of CSS with vague examples (not vague in a bad way), this book teaches you specific examples and gives you extra resources. This book is somewhat of a cookbook of commonly used CSS methods. Each author brings their unique writing style to the table, and each chapter focuses on a specific aspect of design and its CSS and styling methods." Read below for the rest of Nate's review. The Art and Science of CSS author Jonathan Snooks, Steve Smith, Jina Bolton, Cameron Adams, David Johnson pages 208 publisher Sitepoint rating 5/5 reviewer Nate Klaiber ISBN 0975841971 summary This book is a cookbook of commonly used CSS methods. Chapter 1 starts with Headings. The author of this chapter gives a brief introduction to hierarchy and branding, and how you can achieve more control with your look and typography. As typography is discussed, he moves on to talk about image replacement and the many techniques available to us today. There is no perfect solution when it comes to image replacement, but the author does a great job of showing current methods, their advantages, and their disadvantages (including an in-depth section on sIFR).

Chapter 2 is all about Images. The author starts by showing you how to create a basic but aesthetically pleasing image gallery. The task at hand is to create the enlarged version, the thumbnail page, and the galleries page while keeping the markup lean and semantic. Each of these are put together very nicely with flair not usually seen in off the shelf image galleries. The author also discusses how to create images (in context) with captions, including a nice use of transparent PNGs. The authors creative use of captions give you options outside of the box (both semantically and philosophically) of normal captions that are seen all around the web.

Chapter 3 shows us that backgrounds don't have to be boring. This is a very simple chapter that discusses backgrounds of the past (repeating pictures, large pictures, etc), and then looks forward to the present in getting creative with your backgrounds. He uses a case study as an example, and it shows specifics of positioning and layering.

Chapter 4 jumps into Navigation. Different types of navigations are discussed (vertical, horizontal, tabbed, variable width, etc) and shown with specific examples. The author shows how to take from each of those to create advanced navigation systems using images and your semantic markup. I think that from this chapter a user could create an advanced navigation simply because the foundation is set pretty solid before he gets to the advanced section. This chapter goes hand-in-hand with chapter 1 when talking about image replacement.

Chapter 5 discusses the dreaded (sometimes feared) Forms. Forms come in all shapes and sizes and it is up to us to build them accordingly with the user in mind. The styling in this chapter spruces up what is a rather mundane form while giving you great flexibility and hooks to extend yourself. The author discusses the several different layout types (top aligned label, left aligned label, right aligned label) and shows how to enhance each. If you work with forms often, this chapter will help you whip up a clean interface for the task.

Chapter 6 is everybodys favorite chapter Rounded Corners. The author gives you an arsenal of tools (and knowledge) to attack the task of adding rounded corners. He discusses the different methods (horizontal stretching, vertical stretching, and full flexibility) and shows you how to achieve each keeping in mind the task of keeping the markup minimal and meaningful. We also get a brief glimpse into what CSS3 will have to offer us with multiple backgrounds per element.

Chapter 7 closes out the book with Tables. Tables still have a strong place in web development and the author shows you how to use tables properly (with semantic markup) and then how to give them a little visual jump-start and interaction. The markup presented here helps you give clear meaning to your tables as well as building with accessibility in mind (which is always important with tables, specifically). We round off the chapter looking at some interaction enhancements via Javascript that we can use with our tables (sorting, striping, and hovering).

Overall I found this book to be an excellent read. It was short and to the point, and gives the reader a great starting point (as well as inspiration). The book itself is well designed. My only qualms with the book is that the code examples are listed in full in many places, which gives less room for content related to the chapters. As I said in the beginning, this was a fairly quick read but well worth it. I would say that this is for an intermediate CSS developer, as specific CSS is not discussed in great detail but given to you as a way to achieve a specific design task. If you are familiar with CSS and need a quick way to achieve the tasks listed above, then this book is perfect for you.

You can purchase The Art and Science of CSS from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

In the world of Massively Multiplayer Online Games, guilds live and die like generations of fruit flies. In the time it takes you to read this review, another group of friends will probably have decided to go their separate ways. Due to what is commonly referred to as 'drama', and the nature of the currently most popular online game, the modern MMOG guild tends to be a short-lived affair. A book published about a single guild, then, has to be discussing a singular organization. And indeed, The Syndicate has lasted for over a decade. Well known in both Ultima Online and EverQuest, and going strong into the days of World of Warcraft, they've had numerous public successes and some notorious failures. Their tale is a strange, and utterly personal view of the history of Massive games. It's also highly self-aggrandizing and probably contentious, but that's to be expected. Legend of the Syndicate is a publication worth reading by anyone interested in the history of the Massive genre, or the future of social networks online. Legend of the Syndicate author Sean Stalzer pages 224 publisher Avari Press rating 6/10 reviewer Zonk ISBN 978-1-933770-02-4 summary A concise history of one of the longest-lived guilds in gaming. To hear Sean Stalzer tell it, The Syndicate is the noblest, most amazing online community ever formed. Guildleader of the organization, founder, and head of the guild's social network via a 'benevolent dictatorship', Stalzer is also the author of this title. The book primarily consists of written descriptions of the guild's history interspersed with fictionalized accounts of in-game events. On the page, guild actions become larger than life; at over 500 members, the guild itself seems the same way.

At first blush, it's hard not to see the whole thing as a little silly. Massive games are an incredibly important part of the future of gaming. Outside of guilds who compete in pro gaming events, though, I think most gamers see guilds as a convenient way to make friends and play the game. Organizations to be taken seriously, for sure, but not something you really consider being a part of your life ten years from now.

The Syndicate, just the same, is a very different outfit. What Stalzer has set up, and what the book is 'selling', is a group hundreds strong that operates under the slogan "In Friendship We Conquer." Over the years the organization has trademarked its name and logo, has beta tested over a dozen Massively Multiplayer games, and consults with a game guide publisher. The Syndicate now seems as much a business arrangement, or fraternal organization, as a gaming guild. They have a yearly conference that regularly draws more than hundred people, with game company representatives attending to brief them on in-development titles.

As a history of the guild, it actually works very well as a reflection of the Massively Multiplayer genre. The group moves with the trials and tribulations of Ultima Online, through to EverQuest, and then on to World of Warcraft, as I imagine many other individual players and guilds have done. By examining and discussing the guild's successes as an organization, Seltzer does a surprisingly insightful job of highlighting their good points. Though they've been decried as elitist and single-minded, The Syndicate can honestly make many claims to success.

What marrs the good story (the fictional one) and the inspiring tale (of real-life camaraderie) is the propagandist tone of the work. It is to be expected that Seltzer would feel pride at what he's put together, but likely as a result of this being a first published offering the book sometimes reads a lot like a recruiting pamphlet. Another 'first effort' sign is the lack of polish in phrasing and (unfortunately), spelling. The list of games that they've tested is riddled with errors. Further runs of the book, one would hope, will correct these fundamental errors.

Ultimately the audience for this book is somewhat narrow; folks interested in the history of the Massive genre will find this interesting, and avid players of EverQuest or UO have probably at least heard of the guild. Certainly, for members of The Syndicate, they now have something guaranteed to wig out their family members. "There's a book about your little club?" Outside of novelty value, I'm not sure there's a lot of other people who might find this text enlightening. For those few, though, a peak behind the curtain at The Syndicate will be fascinating. Propaganda aside, you have to hand it to a group that's kept it together for over a decade. The chance to see how that worked out is a unique one, and well worth taking.

If you're in any way interested in the book, Gamasutra has a full chapter of the book available online. The offered text, Chapter One in the book, takes a look at the guild's formation.

You can purchase Legend of the Syndicate from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross and Dan Sisson write "In our increasingly mechanized world, we repeatedly hear promises that every new digital product, computerized service, or other form of technology, will make our lives easier — bestowing greater leisure, health, and happiness. Yet are any of those promises being fulfilled? Are we not instead becoming slaves to the very "conveniences" that we struggle to master? These weighty questions are addressed by Steve Talbott in his book Devices of the Soul: Battling for Our Selves in an Age of Machines." Read below for the rest of Michael and Dan's review. Devices of the Soul author Steve Talbott pages 281 publisher O'Reilly Media rating 7 reviewer Michael J. Ross and Dan Sisson ISBN 0596526806 summary A passionate warning against technology overtaking our lives Published by O'Reilly Media in April 2007, under ISBNs 0596526806 and 978-0596526801, Devices of the Soul argues that we are now blindly accepting technology with little or no countervailing efforts or even awareness, and we are paying a terrible toll, both individually and as a society.

From the day a child of the 21st century begins his education, he is confronted with mind-numbing statistics, numbers, and facts via the computer — which he must accept. Perhaps even more important, he must master its "techniques" as the sine qua non tool to be successful in life. This is not a voyage of self-discovery; it is a demand by "the system" that the individual accept a way of viewing the world that invades, conquers, and ultimately controls his life. The child will learn most of what he knows with it, play with it, talk with it, and allow his thinking to be ruled by it — all because it is the magical machine that gives him access to the world's knowledge, e.g., the Internet.

By the time this child makes the transition from high school to college, he will be required to accept a curriculum that too often lacks meaning and content, that fails to allow him to satisfy his own curiosity about the challenges facing humanity, and is, moreover, expensive and will likely lead to indebtedness. There are few alternatives to this gauntlet, especially if one wishes to belong to the 'credentialed society', which determines modern man's measure of success.

Education is only the first stage in the numbing of our consciousness. What follows is built upon this edifice. Our acceptance of machines — ubiquitous in our everyday lives — provides our food, transportation, entertainment, information, and prestige — in sum, everything we need to function in modern society.

Talbott shows how the machines we use create a grand illusion, namely, that by having every technological gadget, we will save time and money, and be able to spend more time with our family and loved ones. However, that leisure time never materializes. The technology costs more, not less. Consequently, we find ourselves in a perpetual struggle to preserve a bare minimum of human emotions and instincts.

The next stage in the individual's life is integration into the mature world of the computerized economy, i.e., when he becomes a "stakeholder." He accepts a world that does away with human values and subordinates him to "market values." Furthermore, he is bound to lose his sense of privacy.

It follows that almost everyone willingly accepts that advancement in life and career increasingly requires having electronic conversations with machines — and eventually robots — that will never ask us what our personal assumptions and/or values are, and have no intentions of doing so. In short, our resistance to the machine fades. It is "far easier to assign the intelligence solely to the machine than to seek out those tortured pathways" to the human urges within us. Society itself, not just the individual, says Talbott, "is unsurprisingly assuming the character of our technology."

The outcome is grim: "Historically, there appears to be an element of tragedy in all this. We stumble along in ignorance and, by the time we realize the subtle ways our actions have caught up with us, the damage and loss are already irrevocable."

Technology expresses itself in numbers and computations divorced from human values. Efficiency is nearly the sole criterion by which modern corporations make decisions, and it is no accident that these two ideas, human values versus efficiency, are mutually exclusive. In objecting to the mess we humans have created, Talbott notes: "If you want human values, if you want qualitative distinctions, then your theoretical constructs must retain those values and distinctions every step of the way. The minute you allow them to collapse into number alone, you have no way to get back from there to the qualitative world."

Despite these tragic overtones, he argues that we can and must return to that qualitative world where we can realize our deepest human qualities. We can retain our humanity in connection to the natural world, despite using tools skillfully, as exemplified by the wily trickster Odysseus, as well as Tomo, a member of the Waorani Indians in the Amazon jungles of Ecuador who demonstrated phenomenal knowledge of his world.

His prescription for humanity's emergence from this present Dark Age also includes developing a strong sense of history. We must realize how other humans expressed their individuality, and realized their hopes and dreams. Despite the fact that Americans generally have little appreciation for or cognizance of history, there may come a time when reading history may be the only place to find models of human behavior that went against the technophilic grain.

Interspersed throughout his analysis, Talbott offers suggestions to arrest this headlong rush into a mechanized future. They tend to be general in nature, such as urging us to seek a sense of "place," and to engage in conversations with our fellow men (and even our machines) to remind them of our human needs. Echoing Edward Abbey, who attempted to alert us to the environmental disasters of the 1960's with books like The Monkey Wrench Gang, Talbott writes, "This may at times require us to throw a wrench into the machinery in order to serve the worthy human intentions behind it."

Despite Talbott's skills as a writer, the book, sadly, has some substantial flaws. Two of the most obvious are the overly long digressions into the stories of Jacques Lusseyran and Martha Beck, which admittedly are fascinating, but delay the presentation of more topical material. Furthermore, they suggest that Talbott is misidentifying the emotional power of those stories as proof of his arguments, and thus committing the common error of anecdotal evidence. Even worse, they border on romanticizing blindness and Down syndrome, respectively.

He also fails to address a major factor in our growing discontent with the Information Age: the nonstop ratcheting up of our expectations, driven largely by marketing on the seller side, and a lack of philosophic questioning on the consumer side.

A common pattern in the book is a deep criticism of any given aspect or consequence of technology, to the extent that Talbott appears to be arguing that we should do away with it completely. But he often then wraps up his analysis by briefly contradicting the earlier implication, and stating that he does not believe the phenomenon at issue should be eradicated. This schizophrenic reasoning mixes bold, blanket criticisms with assurances to the contrary. Yet one may argue that, with so much of current social discourse failing to question technology, its critics must never err with overly cautious warnings.

There are other problems in his analysis: He invests much hope in what he terms "conversation," "meaning," and "value" — not clearly specified, and yet spoken of highly. He fears machine intelligence (and perhaps rightly so), and doubts its viability, but fails to understand its potential for emergence. Even though a former computer programmer, he does not seem to understand the value of abstraction, and the possibility that it can be used beneficially, without being considered the only source of important knowledge. Lastly, it is odd that he does not cite the pioneering work of a well-known predecessor, Jacques Ellul, in The Technological Society.

Nonetheless, the issues that Talbott raises are of critical importance — so much so that they make his lapses of logic that much more maddening. Because so much is at stake, our efforts at analyzing, understanding, and solving these problems, must be proportionally energetic and effective. Technophiles may dismiss his entire effort based upon the book's weaknesses, and consequently miss out on the valuable gist of his viewpoint. Similarly, impatient readers in our age of limited attention spans, might not make it through the aforesaid tangents, and likewise miss out.

The issues that he discusses should be raised more often and more loudly, with broader acceptance and expansion of the debate and its importance. Otherwise, we will continue our robotic march deeper into a future that is controlled more by soulless devices, and less by skeptical humans. If we fail completely to change course, we may be saddled with a life that is intolerable to the human spirit.

Devices of the Soul is an insightful, disturbing, imperfect, eloquent, and important contribution to what may ultimately become the most critical debate in the intensifying conflict between humans and our technological creations: Humans may survive, but will our humanity?

Michael J. Ross is a Web developer, freelance writer, and the editor of PristinePlanet.com's free newsletter. Dan Sisson is an adjunct professor at Eastern Washington University, where he has taught technology courses for the past eight years; he is an authority on Thomas Jefferson, is author of The American Revolution of 1800, and is currently building and living in a replica of Monticello.

You can purchase Devices of the Soul from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

s1axter writes "Embedded system development is crucial in this day of high tech specialized appliances and devices. However much of the knowledge of embedded development resides in the heads of engineers who have been doing it for years. The hardware aspect of embedded systems is now available to the smaller startup companies, however many specialized, proprietary operating systems are not. This is where Linux and the book Embedded Linux Primer: A Practical Real-World Approach enters. Embedded Linux Primer is written to introduce engineers and designers to using the Linux operating systems for embedded applications." Read on for s1axter's review. Embedded Linux Primer author Christopher Hallinan pages 537 publisher Prentice Hall rating 9 reviewer s1axter ISBN 0-13-167984-8 summary A Practical Real-World Approach to Embedded Linux Prentice Hall's Embedded Linux Primer by Christopher Hallinan was published September 18th, 2006 as part of their Open Source Software Development Series. Very much like a textbook, Embedded Linux Primer is very informative and an excellent source of information for an engineer looking to enter or move to the embedded Linux field. The text is a decent size, with 537 pages spanning 17 chapters and 6 appendices; it retails for around $45 USD.

I had some reservations on reviewing a detailed technical book since most of the ones I have are dry and have a very segmented structure. However after taking a look at the sample chapter, chapter 7 "Bootloaders", available on the Prentice Hall website along with the table of contents for the text I figured I would give it a look and I am very glad I did.

Many technical books focus on a specific demographic in the technology world, mostly beginners or professionals expanding their knowledge base. I was quite pleased to see this text is written for both professional developers and emerging embedded engineers.

Professional engineers will find the text informative on the Linux operating system and how flexible it is to implement on even the most custom hardware. The author understands that a large number of embedded system engineers work with proprietary systems and explains items that might be new and different than these systems. For example Chapters 4-6 detail the Linux boot sequence and describe common pitfalls engineers new to the embedded Linux methodology might make. Chapters 8-11 dive further into the operating system and explain device driver creation, the important file system and how Linux handles volatile and non-volatile memory systems using the MTD subsystem.

Engineers starting in the field of embedded systems will find information on what an embedded system is in Chapter 1, processor and board comparisons in Chapter 2 and setting up an embedded environment for development in Chapter 12.

It is quite obvious throughout the text the author has an extensive in depth understanding of embedded systems and the inner workings of the Linux operating system. With such a deep understanding of the material an author many times explains items in such detail it clouds the mind of the reader. The first line in Chapter 2 says (paraphrasing) that the best way understand something is to understand the 'big picture' . This is exactly the approach the author takes through out the text, first explaining the theory and high level aspect of the system, then diving into the detail of how it is done on the low level. Also, rather than get sidetracked in chapters by explaining every processor attribute or software package, the author suggests external sources mid-text and in the "Suggestions for Additional Reading" at the end of each chapter.

For the first edition of a book, Embedded Linux Primer is rather complete, with the only exception being chapter 8, Device Driver Basics, which is...well, rather basic. I started the chapter expecting to finish with a detailed understanding of how the Linux kernel processes driver requests and a look into some common drivers. This is not the case; for a second edition of this text I would suggest beefing up this chapter to provide more of an insight into kernel-driver interaction.

Overall Embedded Linux Primer is an excellent source of information for both the seasoned professional and aspiring embedded engineer. I know that when I dive fully into the world of embedded Linux this book will have a permanent place on the bench right next to the spec sheets.

s1axter is the main poster for Geeksinside.com, which is a hardware hacking, technology blog that showcases projects, reviews and technical links.

You can purchase Embedded Linux Primer from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

TimHunter writes "I was skeptical when I first saw the title of David Berube's new book, Practical Ruby Gems, from Apress. Do Ruby programmers really need a book devoted entirely to add-on libraries? Most Ruby programmers already know about the RubyGems package management system, and most already have their set of favorite gems. About a third of the way through the book I grudgingly admitted that Rubyists might be able to use this book. After all, even long-time Ruby programmers are unlikely to know about all the gems covered in this book. So then I had a new question. Would I find something in this book that made me say 'I didn't know you can do that with Ruby!'" Read on for the rest of Tim's review. Practical Ruby Gems author David Berube pages 271 publisher Apress rating 8 reviewer Tim Hunter ISBN 1-59059-811-3 summary A survey of useful and interesting Ruby libraries Ruby is an object-oriented programming language in the same family as Perl and Python. The programming language used by Ruby on Rails, Ruby is very popular for writing web applications but also widely used for general-purpose programming tasks. Ruby is open source with a commercially friendly license, and is available for Linux, Mac OS X, and Microsoft Windows. RubyGems is Ruby's system for managing, delivering, and installing third-party libraries and applications. It is similar to Perl's CPAN or the Python Package Manager.

Libraries distributed by RubyGems are called "gems." RubyForge is the central Ruby software repository and the primary distributor of gems. According to sysadmin Tom Copeland, RubyForge currently hosts about 1400 different gems. Of that number, Berube selected 29 useful and interesting libraries for his survey of "practical" gems. All of the gems described in this book work the same on Linux, OS X, and Windows.

Practical Ruby Gems is divided into three parts. Part 1 describes the RubyGems system itself. This part explains how to install the RubyGems software and then use RubyGems to install and manage individual gems. (RubyGems is not part of Ruby's standard distribution, except in the "one-click installer" for Microsoft Windows.) The section entitled "What is require_gem?" in Chapter 3 demonstrates one of the problems with writing technical documentation for a moving target like RubyGems. Practical Ruby Gems describes RubyGems 0.9.0. After the book went to press the RubyGems team released a new version that replaced the 'require_gem' method with a method called simply 'gem'. Currently all uses of 'require_gem' generate a warning message. (The remedy for this mistake is simple: attach a yellow sticky with the words "s/require_gem/gem/g" to page 20.) This is really a nitpick, though. Generally the text and examples in the book work as well for the new release as they did for 0.9.0.

Part 2 is by far the largest and has a chapter devoted to each of the 29 gems. The chapters in this part share a common structure. After a short introduction to the gem, there is a section entitled "How Does It Work?" which explains the purpose of the gem and how it's used. Frequently this section includes a small example. "How Does It Work?" is followed by a complete example script. Then, "Dissecting the Example" steps through each part of the example, explaining how it works and pointing out important classes and methods. The examples frequently combine two or more gems, such as the example for pdf-writer, which also uses the net-sftp gem, and the example for the mongrel web server gem, which also uses the Camping web micro-framework gem.

The examples — always practical, frequently interesting, at least to a geek like me — are the heart of the book. Berube said that "no one wants to pay to read a chapter that regurgitates [the gem's built-in documentation]....I wanted to write a book that you could take the examples and actually be interested in what they accomplished." For instance, Chapter 6 describes the BlueCloth text-to-HTML conversion gem. The example in this chapter is a script that converts lightly marked-up text to PDF by combining BlueCloth with html2ps and ghostscript. Chapter 12 describes the yahoofinance gem, a library for retrieving stock quotes using the Yahoo! Finance API. The example for this library combines yahoofinance with the fxruby GUI library to produce a rudimentary stock ticker in less than 100 lines of code. (The source code for all of the examples in the book can be downloaded from the Apress web site.)

But not every example is perfect. Several of the examples rely on MySQL, which I found a chore to install. I wish Berube had chosen a simpler data base for these examples. I never did get the Camping example to run successfully. I suspect the problem was caused by some change to a gem introduced after the book went to press.

In Chapter 22 I got my "you can do that with Ruby?" moment. This chapter explains runt, a Ruby library for creating "temporal expressions," objects that describe dates that reoccur, such as "every Thursday" or "the last Thursday of every month." The example combines runt with linguistics, a small gem that extends some of the Ruby core classes with methods that support such things as pluralization and conversion from numbers to words. The result is a program that lists a set of dates expressed as "the 3rd Mondays of 2026." I was impressed by both gems, not only for the functionality they provide but by their natural and elegant interfaces as expressed in the example script. I not only learned about two very practical Ruby gems, but something about Ruby programming itself. This particular example may not strike everybody the way it did me, but I believe that most readers will find an equally pleasant surprise.

Part 3 is a tiny, advanced topics section which describes how to create and distribute your own Ruby gems and how to run a private gem server on a local network.

Practical Ruby Gems is not for the novice. Berube assumes that his reader is familiar with programming in general and Ruby specifically, and is also familiar with the operating system in which Ruby is running. This is an appropriate assumption because Practical Ruby Gems will be most useful to readers who are serious about programming Ruby, such as professionals or serious amateurs, or those would like to become professionals or serious amateurs.

Practical Ruby Gems is available in PDF format from the Apress web site at about half the price of the paper book.

I have been programming Ruby as a hobby for over 5 years. I am the maintainer of RMagick, one of the gems reviewed in this book. Apress gave me a review copy of Practical Ruby Gems, but otherwise I have no connection to the author or publisher.

You can purchase Practical Ruby Gems from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Ravi writes "What does it take to start writing programs for Linux? Most people will guess a text editor, knowledge of a programming language, the compiler and libraries of that language. Ask a professional programmer and he will differ with you. Insisting that while those things can help get you started, other things come into play in writing efficient programs such as, a debugger, memory profiler tools and above all a good understanding of the inner working of the Linux kernel and its processes." Read below for the rest of Ravi's review. Linux Programmer's Toolbox author John Fusco pages 622 publisher Prentice Hall rating 9 reviewer Ravi ISBN 0132198576 summary Teaches you the use of tools which help you become a better Linux programmer

The book The Linux Programmer's Toolbox by John Fusco is a storehouse of knowledge, which aims to make the average Linux/Windows programmer aware of the tools at his disposal, that can help him write better programs for Linux. The book is divided into 10 distinct chapters with the first 4 chapters describing various ways of boosting ones productivity while writing code.

In the very first chapter titled "Downloading and Installing Opensource tools", he talks about the different archive formats commonly used in Linux, various package managers such as Debian's own apt-get, Red Hat's Yum and how to properly authenticate the packages you download to ensure that they are not tampered with.

The second chapter deals with building tools from source. Here apart from describing the actual steps involved in compiling the sources, the author also delves into explaining the concept behind the MakeFile, the common variables used in implicit rules and so on. In this chapter one also gets to acquire an understanding of the tools used to create projects as well as examine how these tools work together in the build process.

The book has a chapter exclusively devoted to explaining ways of ambulating through the myriad of documents; tools such as man, info, as well as some of the not so obvious ones. One thing I like about this particular chapter is how the author has provided tables which list a number of recommended manual pages with a short description of each of them.

Linux doesn't have a comprehensive IDE on the lines of Microsoft Visual Studio to develop programs — at least not yet. Most Linux programming gurus are perfectly at home with coding using their favorite text editor. Any book of this stature would be incomplete without a mention of the different editors available for coding in Linux and their pros and cons. The 4th chapter of this book introduces the different editors including Vim and Emacs. There are numerous tips in this chapter to make writing code more efficient, productive and a pleasant experience for the average Linux programmer. As a Vi enthusiast, I couldn't help but admire how one can convert Vim editor to work as a code browser with the help of Ctags which is explained in detail.

The fifth chapter titled "What every developer should know about the kernel" is a turning point in the book and gives a comprehensive understanding of the working of the Linux kernel. It is by far the largest chapter — with nearly 100 pages devoted to this topic. In this chapter the author talks in lucid detail about the different modes in Linux, the process scheduler, device drivers, the I/O scheduler and the memory management in user space, understanding all of which is instrumental in writing better programs for Linux.

The next two chapters deal with Linux processes and the communication between processes. Here one gets to know more about the technical vagaries related to processes such as forking, cloning, process synchronization and the basics of inter process communication. The author has introduced several APIs and basic examples of each.

In the 8th chapter, the author introduces many tools that are installed by default in most Linux distributions which aid in debugging communication between processes. The tools include (but are not limited to) lsof, fuser, stat, hexdump, strace and so on. Each tool is accompanied by its usage and its output with a short discussion of the output.

In the 9th chapter titled "Performance Tuning", one gets to know more about fine tuning a Linux program. Here the author explains the factors affecting system performance as well as the tools for finding system performance issues.

Finally, the last chapter of the book explores some of the most common debugging tools and techniques for Linux. More specifically, I found the discussion on the use of GNU debugger quite informative.

At the end of each of the 10 chapters in the book, the author has provided a short synopsis of the tools that are used. Also many additional online resources have been listed where one can acquire more knowledge about the topic being covered. Throughout the book, noteworthy sections have been highlighted in dark background which makes it quite eye catching and also easy for quick reference.

The book is written with a slant towards the C language especially when depicting the examples in the latter half of the book, which can be understood considering that the bulk of the Linux kernel has been written using C.

Most programmers with a Windows background will be forced to make a paradigm shift while embarking to program for Linux. While the Windows programmers are used to taking deceptive comfort within the cozy confines of a Visual IDE, when they make the shift to write Linux programs, they are suddenly faced with the hard facts of programming as it really is. This book could be an ideal companion for this set of programmers who wish to lessen their learning curve and make programming for Linux a much more pleasurable experience.

I found this book to be an excellent resource for programmers (not necessarily only those with a Windows background) who wish to develop programs for Linux.

Ravi Kumar is a Linux enthusiast who maintains a blog related to Linux, Open Source and Free Software at linuxhelp.blogspot.com.

You can purchase Linux Programmer's Toolbox from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

A long time ago, in a galaxy far, far away, a ... company called Wizards of the Coast abandoned Star Wars fans who enjoyed their tabletop roleplaying game to an awful fate: product death. The Star Wars d20 product line, which saw print from 2000 to late 2004, attempted to capture the epic adventure that is the Star Wars setting within a simple quantifiable ruleset. Unfortunately, the d20 rules (circa 2000) were far too clumsy to make the RPG 'feel' like Star Wars. Even a 2002 Revised Core Rules book did little to create an intuitive play experience. Now, in time for the setting's 30th anniversary, Wizards has released a brand new edition of the rules, marking a relaunch of the product line. Dubbed the 'Saga Edition', it has completely revamped the d20 rules to meet with demands for Star Warsyness. Read on for a review of the changes, which may finally bring the fun to the galaxy far, far away. Star Wars Roleplaying Game Core Rulebook, Saga Edition author Christopher Perkins, Owen K.C. Stephens, Rodney Thompson pages 286 publisher Wizards of the Coast rating 9/10 reviewer Zonk ISBN 0786943564 summary The newest edition of the Star Wars tabletop roleplaying game. The first notable thing about the Saga edition of Star Wars d20? It is small. Instead of the normal 9 x 11 footprint of almost every other gaming book, Saga Edition looks more like a coffee table book, measuring a petite 9 x 9 inches. It's over 100 pages thinner than 2002's Revised Core Rules book, too. A few pages in, and it's obvious that the loss in size and thickness has not come at the price of production quality. The entire tome is full color glossy paper throughout. While there is quite a bit of art reused from previous products, there are also a number of notable original works peppering the pages. What's not there, to my relief, are the needlessly huge quotes from the movies. There are quotes, to be sure, but they're used sparingly. It is laid out to provide the maximum amount of information in the minimum space; a significant improvement over previous main books.The Revised Core Rules seemed to have a half-page-sized quote every three pages, turning most of its 400ish pages into wasted white space. Saga Edition is a tight, well crafted book.

That attention to detail extends to the rules as well, which may be the most refined version of the d20 mechanic yet released in an official Wizards product. Gone are the cumbersome concepts of Armor Class, Defense, Vitality points, and Saving Throws used by other products. The game takes a simple approach: every Star Wars character is a hero. As such, it's possible for every character to take part in every scene, to one degree or another. Character Level, then, becomes the tie that binds every other mechanic. Almost every d20 roll you'll be making is modified by your character's level; neurotically min/maxing every aspect of your character is no longer a requirement.

The difference, of course, is that your choice of class determines your character's specialties. Everyone can participate in the scene where the party flees from the Imperial Star Destroyer in a cargo ship. The star of the show, though, is the Scoundrel at the helm. Classes have been revamped to allow for several 'builds'. Seemingly taking a cue from Blizzard videogame titles, every class has a trio of talent trees. Talents accumulate from these trees as characters gain levels, allowing for my Scoundrel to be completely different from your Scoundrel. Further customization is encouraged by allowing free multi-classing. Prestige classes further this idea of customization by allowing access to novel talent trees, as well as mixing and matching talent trees from multiple base classes. The Officer, for example, allows access to trees from the Soldier and Noble classes.

The best part is, as far as I can tell, none of these classes are completely useless. The Noble, which had a poorly-understood role in previous editions, has become something of a social hacker/bard character. Smooth talking abilities and talents that improve the capabilities of her fellow characters combine into a highly effective support class. The designers have as much as admitted that these changes were prompted by the Jedi. Instead of tuning everything so that the Jedi beat everything else, the Jedi is the baseline all other classes were tuned to. Every character made under Saga Edition rules is going to be some kinda badass.

Badassery in combat is the focus of many class abilities, of course, and it's going to be easier than ever to convey that to players. Combat is dirt simple. There are very few ways to modify in-combat die rolls. The endless hunting for a +1 to hit here or a +2 to hit there will not longer be required. Even better, every character only gets a single attack per combat round, regardless of their level. High level D&D games are marked by endless dice rolling, as characters make a ludicrous number of attacks in a frighteningly short amount of time. And if you really want to attack more than once a round in Saga Edition, you can; you just take penalties for it, penalties more easily compensated for at higher levels.

An additional decrease in the fiddly-factor comes from skills. Instead of requiring you to track skill points, which must be slotted into a dizzying array of strangely over-specific disciplines, skills in Saga Edition are a binary state. Either you're trained or untrained in a skill. Thus, a skill roll looks like this: d20 + half your character's level + relevant ability score (strength for climbing, etc.) + 5 if you are trained. That's it. This mechanic, then, allows even the Princess Leia to fly the Falcon for a short while, or a merciless bounty hunter to sweet talk a taciturn guard; or, at least, it allows for the possibility of such a thing happening. There are far fewer skills as well, with specific uses outlined in the book. The skills Spot, Listen, and Search have all been combined into Perception, for example. This one skill also allows a character to ascertain an object's wealth (Appraise) and see through duplicity from another character (Sense Motive). Thus, with fewer skills to keep track of, players and GMs are encouraged to make heavier use of the few that still remain. Fun without the fuss is the order of the day.

The rules section that benefits most from these rule revamps is the vehicle combat section. Formerly an arcane labyrinth of edge cases and complex maneuvers, simple skill checks and combat tests now allow dogfights and space-based combat to drop neatly into the middle of a Saga Edition campaign. For example, ships are now functionally creatures; characters inside the ships alter die modifiers, and can act independently, but there is no longer a need to keep elaborate track of ship statistics as opposed to crew statistics. The two are now one and the same.

Though I've yet to have the chance to roll dice in a Saga Edition campaign, it's hard not to be impressed by the rule changes this book represents. Essentially the cutting edge of tabletop RPG rules, Saga Edition has the benefit of more than seven years of modern roleplaying design and dozens of gaming books to prove out ideas. The book was helmed by Chris Perkins, a Dungeons and Dragons R&D veteran, and it really shows. It's been a long time since I read through an RPG manual with such enthusiasm; the clarity and precision with which the designers have conveyed their ideas does nothing less than inspire excitement. Based on a tried and true mechanic, eschewing complexity for approachability, and integrating tightly with the miniatures game for even more simplicity, this may be the best product WotC has put out in years. While I'm not eager for a D&D 4th Edition, more products like this make such a concept seem much less repugnant. Highly recommended for tabletop playing Star Wars fans, and anyone interested in the future of d20 game design.

You can purchase Star Wars Roleplaying Game Core Rulebook, Saga Edition from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Bob Uhl writes "I've just finished reading a review copy of O'Reilly's latest GNU/Linux title, Linux System Administration. It's a handy introduction for the beginner GNU/Linux sysadmin, and a useful addition to an experienced sysadmin's bookshelf. The book is essentially a survey of various Linux system-administration tasks: installing Debian; setting up LAMP; configuring a load-balancing, high-availability environment; working with virtualization. None of the chapters are in-depth examinations of their subjects; rather, they're enough to get you started and familiar with the concepts involved, and headed in the right direction." Read below for the rest of Bob's review. Linux System Administration author Tom Adelstein & Bill Lubanovic pages 279 publisher O'Reilly rating 3 out of 4 stars reviewer Bob Uhl ISBN 0-596-00952-6 summary Good survey of various Linux software and technologies

I like this approach, as it increases the likelihood that any particular admin will be able to use the material presented. I've been working with Apache for almost a decade now, but I've not done any virtualization; some other fellow may have played with Linux for supercomputing, but never done any web serving with it; we both can use the chapters which cover subjects new to us.

I really like some of the choices the authors made. A lot of GNU/Linux 'administration' books focus on GUI tools — I've seen some which don't even bother addressing the command line! I've long said that if one isn't intimately familiar with the shell — if one cannot get one's job done with it — then one isn't really a sysadmin. Linux System Administration approaches nearly everything from the CLI, right from the get-go.

The authors also deserve praise for showing, early on, how to replace Sendmail with Postfix. In 2007, there's very, very little reason to use Sendmail: unless you know why you need it, you almost certainly don't. Postfix is more stable and far more secure.

Another nice thing is how many alternatives are showcased: Xen & VMware; Debian, Fedora & Xandros; CIFS/SMB & NFS; shell, Perl, PHP & Python and so forth. One really great advantage of Unix in general and GNU/Linux in particular is choice — it's good to see a reference work which implicitly acknowledges that.

The authors are also pretty good about calling out common pitfalls — several got me, once upon a time. It'd have been nice to have had a book like this when I was cutting my teeth...

Lastly, I liked that the authors & their editor weren't afraid to refer readers to books from other publishers, in addition to O'Reilly's (uniformly excellent) offerings. Not all publishers would be so forthright; O'Reilly merits recognition for their openness.

The book's not quite perfect, though. I wish that PostgreSQL had at least been mentioned as a more powerful, more stable (and often faster in practice) alternative to MySQL, and one doesn't actually need to register a domain in order to set up static IP addressing. Still, these are pretty minor quibbles.

I'd say that the ideal audience for this book is a small-to-medium business admin who'd like to start using Linux, or who already is but doesn't really feel confident yet. It covers enough categories that at least a few are likely to be relevant. Even an experienced admin will probably find some useful stuff in here.

You can purchase Linux System Administration from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "If a Web site needs to be developed as quickly as possible, or it needs to support collaborative content, then usually the best approach is to use a content management system (CMS). There are many CMSs from which a Web developer could choose, including Drupal, which is considered by many to be the most powerful, extensible, and logically organized of them all. Installing Drupal and using it to create a simple site, is fairly straightforward, in part due to its relatively excellent documentation. For much of its existence, there has been far less information available on how to extend a Drupal site with one's own modules, themes, blocks, etc. That need is now met by a new book, Pro Drupal Development." Read on for the rest of Michael's review. Pro Drupal Development author John K. VanDyk and Matt Westgate pages 428 publisher Apress rating 9 reviewer Michael J. Ross ISBN 1590597559 summary A detailed guide to customizing a Drupal-based Web site

The book was written by John K. VanDyk and Matt Westgate, both of whom are experienced computer programmers, who years earlier had created their own CMS. In their book's Introduction, they confess to discovering Drupal and its many advantages, switching over to it, and presumably abandoning further development of their own CMS. This speaks volumes about their regard for Drupal, because an individual programmer or programming team can give no greater vote of confidence for a technological product than to voluntarily end primary allegiance to a competing product that they themselves birthed and nurtured.

Pro Drupal Development was published by Apress, on 16 April 2007, under the ISBNs 1590597559 and 978-1590597552. The publisher offers a Web page on their site dedicated to the book, where the visitor will find all of the book's source code, as well as the table of contents and a sample chapter (Chapter 8 — The Theme System), in PDF format. In addition, there is a link for errata, which leads to the authors' own book site. At the time of this writing, there are three dozen entries, contributed by the authors and their readers. The authors' site also has links for downloading the source code by individual chapter, and a blog that focuses on the book.

The book's material, spanning 428 pages, is organized into 23 chapters and two appendices. Unlike the majority of technical books nowadays, this one does not have the chapters organized into labeled parts. Nonetheless, the chapters and appendices roughly fall into three categories: how Drupal works (Chapters 1, 19, and 23, and Appendix A), how to customize it (Chapters 2-18 and 22), and how to optimize your Drupal development efforts (Chapters 20-21, and Appendix B). The customization chapters cover a wide range of topics: modules, menus, databases, users, nodes, themes, blocks, forms, filtering, searching, indexing, files, taxonomy, caching, sessions, jQuery, localization, and optimization.

Each one of these topics is explored in laudable detail, with plenty of sample code and figures to illustrate the key concepts. The greatest strength of this book is the depth of its coverage, and the methodical way that the authors go about presenting the material. They are clearly quite serious about Drupal itself, and about conveying to the reader all of the knowledge that they believe is important for the reader to master. In fact, anyone attempting to read the book cover to cover might find the presentation quite dry, with no evidence of humor or even a sense of fun, unlike so many other recent programming books. On the other hand, one can argue that the value of this information alone to the reader who is equally serious about mastering Drupal, should be sufficient. Regardless, be warned that this is definitely not a book that one can read through at a fast pace, absorbing the bulk of the information. The innards of Drupal alone make it a challenging subject for dissection; learning how to modify Drupal's behavior, is even more so.

Yet if anyone is interested in mastering the inner workings of Drupal, and how to customize them, this is the book of choice. It may be a bit dry, but it is quite meaty, and the material is clearly presented. Moreover, the publisher, Apress, has done an admirable job with this title. The layout is clear; the index is substantial; and, as with their other titles, they offer two different versions of the table of contents — high-level, listing the chapter titles only, and detailed, listing the sections and subsections within those chapters.

Another aspect of this book that I applaud is the efficient use of page space, through the use of top and bottom margins that are noticeably smaller than those found in the typical computer programming book. This is especially true of the bottom margins. For instance, on page 117, the text comes within one centimeter of the bottom edges the page — something I've never seen before in a professionally printed book. At first it might strike one as sloppy, but actually should be appreciated by anyone who is tired of technical books using excessive margins for padding out a much more limited amount of information into an even greater number of pages. This is a practice that I would recommend to all other publishers, technical or otherwise.

However, the book does have some weaknesses, which is probably to be expected in any first edition. The sample source code in many cases could benefit from more use of whitespace — particularly for the PHP code. But with any code found in a book, there is always the possibility that such instances of compressed code result from a conscious decision given the limited width of the printed page. But in most such cases in this book, that reason would not be applicable.

The authors do not warn the reader that a solid understanding of PHP is needed for using the book's ideas and sample code. Near the end of the Introduction, they suggest that if the reader is new to Drupal, then he or she should read the chapters in sequence. The authors should also note that if the reader is new to PHP, then it would be better to first get up to speed on PHP before trying to digest and make use of this book. Such points might be obvious to most readers, but they should be clarified up front, perhaps in the Introduction, for the benefit of anyone browsing this title in a bookstore, and wondering if they already possess the technical know-how required by the book.

Similarly, the authors also do not mention that the book is, for the most part, only applicable to Drupal version 5, and not version 4 or earlier versions, since there have been some dramatic changes with the release of version 5. In fact, given the extent of the changes and how that would impact the utility of the book depending upon what version of Drupal the reader is using, it should be noted on the book's cover, as an increasing number of publishers are doing.

A couple of minor problems were in evidence in the first dozen pages. On page 3, the authors refer to "user 1," which is likely to confuse most readers, because it looks like a username, and would be unfamiliar to someone who has installed Drupal and created a Web site, without extensive reading of the Drupal documentation. On page 11, the authors discuss core modules, and where they can be seen listed in the administration area of Drupal. But the path that they provide, "sites/all/modules," is incorrect, because that is where user-added modules are placed, of which there are none in a default installation. (The second mention of that path, in the fourth paragraph, is correct.)

Lastly, when the book is opened up to any of the pages not near the center, the book immediately flops closed. The use of lay-flat binding is strongly urged, for future editions of this book and all others that Apress offers.

Despite these weaknesses — all of which are fixable — Pro Drupal Development is strongly recommended for any PHP programmer who wants a truly in-depth look at how Drupal works and how to make the most of it.

Michael J. Ross is a Web developer, freelance writer, and the editor of PristinePlanet.com's free newsletter.

You can purchase Pro Drupal Development from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

"In It's Not News, It's Fark, Drew Curtis takes a critical look at the mass media. He promises to examine why the news is often not news at all, to look at the fear mongering, the cyclical nature of the news and the fluff that is passed off as important. Drew breaks down these not-news stories into 8 separate categories and gives examples, along with user comments from Fark. Unfortunately, 230 of the books 278 pages (including the index) are used for these examples. What time is spent talking about the media and the advertisement model it is built on, is insightful a bit cynical and very brief." Read below for the rest of the review. It's Not News, It's Fark How Mass Media Tries to Pass Off Crap as News author Drew Curtis pages 278 publisher Gotham Books rating 6 reviewer Robert Rozeboom ISBN 978-1-592-40291-5 summary A look at why the mass media puts out so many stories that aren't really news. The book starts off with a brief Fark history lesson. What Drew did before Fark. Its first incarnation and how it got to be what it is today. The author then gives us an outline of the different types of news stories that he considers not newsworthy. Drew points out that since most news is brought to you by an entity that makes its money selling ads, the more eyes watching those ads the better. History has shown that nothing attracts eyes like fluff, fear and stretching the truth. There is a reason why there are so many tabloids in the checkout lane.

The first type of news story Drew covers is what he calls, 'Media Fearmongering'. Everything from finding bacteria on your keyboard, terrorists in your home town to animal attacks. This is the most easily recognized type of non-story.

We then move on to, 'Unpaid Placement Masquerading as Actual Article'. This includes most surveys, new words in the dictionary and all things publicity stunt related. Everything you'd read in the 'Lifestyles' section of the newspaper.

Next is, 'Headline Contradicted by Actual Article'. Misleading headlines to outright lies are addressed. Drew makes the point here that the people who run these stories often realize that they are misleading at best but know that they will generate traffic.

'Equal Time for Nutjobs' covers Noah's ark being discovered, conspiracy theories and a guy who thinks the garden of Eden and Atlantis are in Florida. The crazier the claim the better.

Then we have 'The Out-of-context Celebrity Comment'. Why do we care what someone who pretends to be someone else for a living, has to say about Nuclear proliferation? Who knows but we sure do.

Drew next looks at 'Seasonal Articles' . The amount of money lost due to a fall in productivity because of the Super Bowl, inspecting your Halloween candy, and traffic spikes during holiday weekends. All of these stories should look familiar.

The next chapter is, 'Media Fatigue'. How do you know when a big story has just about run its course? Wait for the stories about whether or not the media has given it enough attention or if they've gone too far.

'Lesser Media Space Fillers' covers everything that couldn't fit into one of the other categories as well as some of Drew's personal observations of what type of stories tend to get the most coverage.

Each one of the chapters has a collection of Fark comments after every example story. The comments seem to be chosen at random and are frankly extraneous. The only reason I can think of to include them is that someone in marketing wanted to tie the book more closely to Fark.

The final chapter of the book is by far the most interesting to read and only 14 pages long. This is the wrap up of the problem as Drew sees it and what he thinks the mass media should be doing instead. His ideas are well reasoned and in my opinion spot on. As long as the media is driven by advertising they will walk the line of responsible, informative journalism and outrageousness as close to outrageousness as they can and still be taken seriously by a majority of consumers.

My criticism of this book is that almost the whole thing is just a list of Fark stories. If you've read Fark you've read 90% of this book. It would have been more interesting if the book was an actual discussion of the shortcomings of the mass media, why it is in the place it's in and what could be done to change it. Those topics are covered but in such a brief way that they almost seem like an afterthought.

If you like reading Fark and for some reason you want to read a collection of Fark stories and a few comments in a non-computer screen format you will love this book. If you want to read about how the mass media works and some thoughts on how it could be better you'll love 50 pages of this book.

You can purchase It's Not News, It's Fark: How Mass Media Tries to Pass Off Crap as News from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

cgjherr writes "Ah, the technology history book, normally I'm not a fan. The writing is aloof and dry. The topics are vague, the history misinterpreted, and the lessons presented too vague to be applicable. And don't get me started on the illustrations, which are all too often pyramids with the authors perched at the top looking down on the lowly reader at the base. Thankfully, this book, "the myths of innovation" breaks all of these rules. It's an engaging, fun and quick read. The history is interesting, and the lessons presented are practical. I particularly like the author's tone. It's witty and light. Which makes this a very fast read, one that leaves you wanting even more by the end." Read below for the rest of Jack's review. The Myths of Innovation author Scott Berkun pages 176 publisher O'Reilly rating Excellent reviewer Jack Herrington ISBN 0596527055 summary The history of innovation with lessons learned The myths of innovation is about how innovation happens in the real world in companies, universities and garages around the company. The first two chapters really draw the reader in by showing the twin fallacies of the epiphany moment and the historically clean line of innovation. Learning that innovation doesn't just come as a flash, and that lots of successes have come out of copious failure encourages us to try to innovate, and to keep trying even when we believe we have failed.

This short book (147 pages of content) is presented in ten short chapters. The first two show you how anyone can be an innovator. You can think of those as the debunking chapters. The third chapter is where the author starts helping you to build some techniques to innovate. He presents how there are some reasonable methods to spur innovation and shows examples from Apple, Google, Edison, Craiglist and more.

In chapter four he shows how to overcome peoples fears of innovation and overcome the common problems with the adoption of new technologies. Chapter five, "the lone innovator", debunks the legend of, well, the lone innovator. It sounds good, and plays into our noble story of the hero, but it's not common in reality. Chapter six talks about ideas and surveys where innovators have found the ideas that they start out with. Of course, where you start is often not where you end but that's ok, since innovation is a lot more about failure than it is about success.

Chapter seven covers something I think most of us can relate to, which is that managers aren't often the innovators. Chapter eight talks about how we believe that the "best ideas always win" but that's least often the case. This sounds pessimistic, but it's actually an interesting study in how the biggest product with the most feature isn't always the best for the customer. Chapter nine, "problems and solutions", talks about framing problems to constrain the creativity and innovation. The final chapter, "innovation is always good", is at the same time the most amusing and disturbing. It covers innovations from the automobile to DDT and presents that innovation, no matter what, is always good. Agree or disagree the points are well presented.

As I say I really enjoyed this book. It's an easy read that is hard to put down. What's more it's really motivating. After reading this book you will want to dig right back into those crazy ideas lurking around in the back of your mind and give them another shot. With this book, you will have a few more tools at your disposal to turn your ideas into reality.

You can purchase The Myths of Innovation from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Ben Rothke writes "The goal of security metrics is to replace fear, uncertainty, and doubt (FUD) with a more formalized and meaningful system of measurement. The FUD factor is the very foundation upon which much of information security is built, and the outcome is decades of meaningless statistics and racks of snake oil products. Let's hope that Andrew Jaquith succeeds, but in doing so, he is getting in the way of many security hardware and software vendors whose revenue streams are built on FUD." Read below for the rest of Ben's review. Security Metrics: Replacing Fear, Uncertainty, and Doubt author Andrew Jaquith pages 336 publisher Addison-Wesley rating 10 reviewer Ben Rothke ISBN 0321349989 summary Authoritative text on information security metrics

One could write a book on how FUD sells security products. One of the most memorable incidents was in 1992 when John McAfee created widespread panic about the impending Michelangelo virus. The media was all over him as he was selling solutions for the five million PCs worldwide he said would be affected. The end result is that the Michelangelo virus was a non-event. Nonetheless, it was far from the last time that FUD was used to sell security.

The allure of FUD is that companies can spend huge amounts of money fighting nebulous digital adversaries and feel good about it. They can then put all of that fancy hardware in dedicated racks in their data center, impressing the auditors with the flashing lights giving off an aroma of security and compliance.

And that is the chaos that security metrics comes to solve. Security metrics, if done right, can help transform a company from a nebulous perspective on security to an effective one based on formal security risk metrics.

Security Metrics is a fabulous book that should be in the hands of every security professional. The book demonstrates that companies must establish metrics based on their unique requirements, as opposed to simply basing their requirements on imprecise industry polls, best-practices and other ill-defined methods.

So why don't companies do that in the first place? If security metrics can provide even a quarter of the benefits that Jaquith states, companies should run to implement them. Real security metrics require an organization to open up their security hood and dig deep into the engine that runs their security infrastructure. It necessitates understanding the internal requirements, unique organizational risks, myriad strengths and weaknesses, and much more. Very few companies are willing to dedicate the time and resources for that, and would rather build their security infrastructure on thick layers of FUD. History has shown that the security appliance of the month almost always beats a formal risk and needs assessment.

Chapter 1 lays out the problem with approaches that most companies take to risk management. The main problem is that traditional risk management is far too dependant on identification and fixing, as opposed to quantification and triage based on value. Quantifying and valuing risk is much more difficult than simply identifying, since the software tools used do not have an organization context or knowledge of the specific business domain.

Chapter 2 sets out the foundation of security metrics. The goal of these metrics are to provide a framework in which organizations can quantify the likelihood of danger, estimate the extent of possible damage, understand the performance of their security organizations and weigh the costs of security safeguards against their expected effectiveness.

The time has come for security metrics since information security is one of the few management disciplines that have yet to submit itself to serious analytical scrutiny. The various chapters provide many different metrics that can be immediately used in most organizations to address that.

The author defines various criteria for what makes a good metric. One of his pet peeves is the use of the traffic light as a metaphor for compliance. Jaquith feels that traffic lights are not metrics at all, since they don't contain a unit of measure or are a numerical scale. He suggests using traffic lights colors sparingly, and only to supplement numerical data or draw attention to outliers. He astutely notes that if your data contains more precision than three simple gradations, why dilute their value by obscuring them with a traffic light.

The chapter concludes on what makes a bad metric, defined as any metric that relies too much on the judgment of a person. These metrics can't be relied on since the results can't be guaranteed to be the same from person to person. Also, security frameworks such as ISO-17799 should not be used for metrics. The book also tackles the sacred cow of risk management, namely ALE (annualized loss expectancy), and how it is significantly misused and misunderstood in the industry.

The book states that in developing metrics, there must be formal collaboration between the business units and the security staff. This collaboration serves to increase awareness and acceptance of security. In addition, it ensures that security requirements are incorporated into the lifecycle early on. This is needed as business units generally have no clue as to what the needed security requirements are.

Chapter 5 is a short course on analysis techniques and statistics. The author quotes George Colony who stated that "any idiot can tell you what something is. It is much harder to say what that thing means". With that, the book details a number of techniques for analyzing security data (average, median, time series, etc.) and how each one should be used.

Chapter 6 is about visualization and notes that most information security professionals have no real idea how to show security, both literally and figuratively. Part of the problem is that security is proliferated with esoteric terminology and concepts, and the lack of understanding risk management amongst the masses. Part of the reason for this difficulty in sharing the security message with management is that many security practitioners lack simple metaphors for communicating priorities. This is compounded by the fact that the message is often focused exclusively on technical security issues, as opposed to the underlying business issues, which is was management is concerned with. The chapter is invaluable as it weans one off the malevolent pie chart and traffic light PowerPoint presentation.

Marcus Ranum notes that people seem to want to treat computer security like its rocket science or black magic. In fact, computer security is nothing but attention to detail and good design. FUD is all about emphasizing the black magic aspect of hackers and other rogue threats. Metrics are all about the attention to detail that FUD lives to obfuscate.

Security Metrics: Replacing Fear, Uncertainty, and Doubt is one of the more important security books of the last few years. Jaquith turns much of the common security wisdom on its head, and the world will be a better place for it. Security metrics are a necessity whose time has come and this invaluable book shows how it can be done.

Ben Rothke, CISSP is a security consultant with BT INS and the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Security Metrics: Replacing Fear, Uncertainty, and Doubt from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Ben Rothke writes "The goal of security metrics is to replace fear, uncertainty, and doubt (FUD) with a more formalized and meaningful system of measurement. The FUD factor is the very foundation upon which much of information security is built, and the outcome is decades of meaningless statistics and racks of snake oil products. Let's hope that Andrew Jaquith succeeds, but in doing so, he is getting in the way of many security hardware and software vendors whose revenue streams are built on FUD." Read below for the rest of Ben's review. Security Metrics: Replacing Fear, Uncertainty, and Doubt author Andrew Jaquith pages 336 publisher Addison-Wesley rating 10 reviewer Ben Rothke ISBN 0321349989 summary Authoritative text on information security metrics

One could write a book on how FUD sells security products. One of the most memorable incidents was in 1992 when John McAfee created widespread panic about the impending Michelangelo virus. The media was all over him as he was selling solutions for the five million PCs worldwide he said would be affected. The end result is that the Michelangelo virus was a non-event. Nonetheless, it was far from the last time that FUD was used to sell security.

The allure of FUD is that companies can spend huge amounts of money fighting nebulous digital adversaries and feel good about it. They can then put all of that fancy hardware in dedicated racks in their data center, impressing the auditors with the flashing lights giving off an aroma of security and compliance.

And that is the chaos that security metrics comes to solve. Security metrics, if done right, can help transform a company from a nebulous perspective on security to an effective one based on formal security risk metrics.

Security Metrics is a fabulous book that should be in the hands of every security professional. The book demonstrates that companies must establish metrics based on their unique requirements, as opposed to simply basing their requirements on imprecise industry polls, best-practices and other ill-defined methods.

So why don't companies do that in the first place? If security metrics can provide even a quarter of the benefits that Jaquith states, companies should run to implement them. Real security metrics require an organization to open up their security hood and dig deep into the engine that runs their security infrastructure. It necessitates understanding the internal requirements, unique organizational risks, myriad strengths and weaknesses, and much more. Very few companies are willing to dedicate the time and resources for that, and would rather build their security infrastructure on thick layers of FUD. History has shown that the security appliance of the month almost always beats a formal risk and needs assessment.

Chapter 1 lays out the problem with approaches that most companies take to risk management. The main problem is that traditional risk management is far too dependant on identification and fixing, as opposed to quantification and triage based on value. Quantifying and valuing risk is much more difficult than simply identifying, since the software tools used do not have an organization context or knowledge of the specific business domain.

Chapter 2 sets out the foundation of security metrics. The goal of these metrics are to provide a framework in which organizations can quantify the likelihood of danger, estimate the extent of possible damage, understand the performance of their security organizations and weigh the costs of security safeguards against their expected effectiveness.

The time has come for security metrics since information security is one of the few management disciplines that have yet to submit itself to serious analytical scrutiny. The various chapters provide many different metrics that can be immediately used in most organizations to address that.

The author defines various criteria for what makes a good metric. One of his pet peeves is the use of the traffic light as a metaphor for compliance. Jaquith feels that traffic lights are not metrics at all, since they don't contain a unit of measure or are a numerical scale. He suggests using traffic lights colors sparingly, and only to supplement numerical data or draw attention to outliers. He astutely notes that if your data contains more precision than three simple gradations, why dilute their value by obscuring them with a traffic light.

The chapter concludes on what makes a bad metric, defined as any metric that relies too much on the judgment of a person. These metrics can't be relied on since the results can't be guaranteed to be the same from person to person. Also, security frameworks such as ISO-17799 should not be used for metrics. The book also tackles the sacred cow of risk management, namely ALE (annualized loss expectancy), and how it is significantly misused and misunderstood in the industry.

The book states that in developing metrics, there must be formal collaboration between the business units and the security staff. This collaboration serves to increase awareness and acceptance of security. In addition, it ensures that security requirements are incorporated into the lifecycle early on. This is needed as business units generally have no clue as to what the needed security requirements are.

Chapter 5 is a short course on analysis techniques and statistics. The author quotes George Colony who stated that "any idiot can tell you what something is. It is much harder to say what that thing means". With that, the book details a number of techniques for analyzing security data (average, median, time series, etc.) and how each one should be used.

Chapter 6 is about visualization and notes that most information security professionals have no real idea how to show security, both literally and figuratively. Part of the problem is that security is proliferated with esoteric terminology and concepts, and the lack of understanding risk management amongst the masses. Part of the reason for this difficulty in sharing the security message with management is that many security practitioners lack simple metaphors for communicating priorities. This is compounded by the fact that the message is often focused exclusively on technical security issues, as opposed to the underlying business issues, which is was management is concerned with. The chapter is invaluable as it weans one off the malevolent pie chart and traffic light PowerPoint presentation.

Marcus Ranum notes that people seem to want to treat computer security like its rocket science or black magic. In fact, computer security is nothing but attention to detail and good design. FUD is all about emphasizing the black magic aspect of hackers and other rogue threats. Metrics are all about the attention to detail that FUD lives to obfuscate.

Security Metrics: Replacing Fear, Uncertainty, and Doubt is one of the more important security books of the last few years. Jaquith turns much of the common security wisdom on its head, and the world will be a better place for it. Security metrics are a necessity whose time has come and this invaluable book shows how it can be done.

Ben Rothke, CISSP is a security consultant with BT INS and the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Security Metrics: Replacing Fear, Uncertainty, and Doubt from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

jlcopeland writes "For two decades I've hated the command prompt in DOS and Windows. Inconsistencies abound and everything is a special case. The fallback on a Microsoft box has been running a Unix shell under Cygwin or installing Microsoft's own Services for Unix (or its predecessor, Softway's Interix), or by scripting in Perl, but those only get you so far. Having co-written nine years worth of trade rag columns using mostly Perl as the implementation language for the samples, and thinking of every problem that comes across my desk as an excuse to write a little bit of scripting code, I've got some well-formed views about scripting languages and what works and what doesn't. That means I've been eagerly watching the development of PowerShell since it was called Monad. It's got the advantage of being a unified command-line interface and scripting language for Windows, even if it does have a dorky name." Read the rest of Jeffrey's review. Windows PowerShell in Action author Bruce Payette pages 576 publisher Manning rating 9 reviewer Jeffrey Copeland ISBN 1932394907 summary Guide to PowerShell, the new Windows scripting language

Bruce Payette's Windows PowerShell in Action is a great overview of PowerShell, aimed at an audience that's got some experience with other scripting languages. Bruce's book is a big improvement over Andy Oakley's earlier book, Monad, which I had been using: it's more complete and it's up-to-date for the first release of PowerShell. It's got great (and sometimes amusing) examples, and feels like the Perl Camel book in flow. When I was reading it in the gym or someplace else away from the keyboard, I kept wanting to run back to the office to try something out. There are also useful "why it works this way" digressions, which provide a lot of context. Since Bruce was on the original development team, wrote most of the commandlets, and was responsible for much of the language design, those digressions are more authoratitive than the directors' commentary tracks on most DVDs.

In outline, the nine chapters in the first part of the book build up as you'd expect: overview and concepts, to data types, to operators, to regular expressions, to syntax, to functions, to interpreting errors. It covers that ground better than many language books that now litter my shelves. The explanations are clear, and the examples are almost all exactly on point. It took me a second reading to realize that my complaints about the regular expression sub-chapter wasn't about the chapter itself, but about some of the implementation decisions; that's an argument about style more than substance, and an observation about me, not about Bruce's writing or PowerShell. The first part of the book is the "mandatory reading," if you will, to get the language down and begin exploring on your own.

The second part is where the real applications are covered. That's the part that you especially want to read sitting next to the keyboard. As you'd expect, the example code is available from the publisher's web site to start you off — look for "Example Code" under "Resources." There's a very good discussion of text processing and how-to-handle XML, complete with some not-obvious warnings about traps to avoid. I've been working very carefully through the really good chapter on using GUIs with PowerShell, "Getting Fancy — .NET and WinForms," and my own proof of concept for that has been rebuilding an old C++ data entry application into a much simpler PowerShell script. As a nice side effect, Bruce's book (and the WinForms chapter in particular) provide a gentle overview to some concepts in the .NET framework, which I hadn't had an opportunity to delve into. The appendix on using PowerShell as a management application will be especially useful to system managers; that was one of the original PoweShell target audiences, and the language achieved that goal very well. The appendix on the language's grammar is really useful, and I keep flipping back to it to check on things.

After Oakley's Monad appeared, there was a long gap before the next PowerShell book appeared. Bruce's book looks to be the first of the post-release wave. If all it had going for it was the authoratative pedigree of the writer, it might be worth it, but it's also well-written, well-organized, and thorough, which I think makes it invaluable as both a learning tool and a reference.

You can purchase Windows PowerShell in Action from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

s1axter writes "A week and a half ago I received Linux Appliance Design by Bob Smith, John Hardin, Graham Phillips and Bill Pierce, published by No Starch Press. This is one of No Starch's latest titles and was released in the beginning of April. As a hardware/embedded systems guy I was really eager to get my hands on the book. For those who don't know what the book is about, it's about making an application specific utility, an electronic tool or "appliance" that can be used for a specific task. The book defines an appliance as "A device designed to primarily perform a single function" and that's exactly what they do." Read on for the rest of S1axter's review. Linux Appliance Design author Bob Smith, John Hardin, Graham Phillips and Bill Pierce pages 344 publisher No Starch Press rating 9 reviewer s1axter ISBN 1-59327-140-9 summary A text on developing an application specific device, very informative

The book revolves around Laddie, an example alarm system for a building. The book includes a complete explanation of the system, what design features it uses, and a LiveCD with the final application for your hacking pleasure.

I have to say, Linux Appliance Design is well written and very, very thorough. This is not a beginner text, the authors focus on Linux programmers who understand C and Linux systems and want to take it a step further than conventional software. If you think this is a book for you, you should be a C/Linux guru, or dust off those old textbooks and brush up on your stuff before you pick it up.

When a friend asked me what was in the book I gave him the response, "Everything you need to make a sweet daemon with any interface you want". This is exactly what Linux Appliance Design is, a library in a book. Nostarch.com has a chapter list for the text, so you can see what I mean.

The layout for the text is well organized and starts where every project should, architecture and design. Personally I felt the authors were beating the dead horse after a couple of pages when everything kept coming back to separating interface from implementation, but hey, it's an important point that a lot of people seem to miss.

An interesting chapter is the explanation of the Run-time-access library the authors developed. Modeled from PostgreSQL, the RTA lib is an impressive solution that allows for daemon communication and configuration from any language that can talk to a database. This library is released under the GPL and can be downloaded from the companion site of the book The RTA is also used for the rest of the book, so don't skip it or you'll have no idea what they are talking about.

The text is not only an explanation of the Laddie system using the RTA, it is an all encompassing design text, which I really like. There are chapters dedicated to building different frontend UIs for the system and communication protocol discussion. This is what transforms the text from book into library. Each chapter can almost stand on its own as an application of that language or program. I was quite impressed with the web interface chapter and how the authors compared web servers and designed a system, and also with the framebuffer chapter on how to make a cool graphical interface.

A common theme for all the chapters is the structure. The authors discuss and design each element they use in the system before looking at one program or daemon. For anyone who has written or read development reports the format is very similar; explain what you designed, why you chose those components, why you passed on others, how the systems works and finally what you would do different next time. This format kind of reminded me lab reports in school, cover all question you think your professor audience might ask.

Overall Linux Appliance Design is a well written, detailed and thorough book with a lot of information. I would recommend this title mainly to someone who is interested in daemon development or server design however it can be read by anyone who wants to see a full project develop cycle.

s1axter is the main poster for Geeksinside.com. Geeksinside.com is a DIY, hardware hacking, technology blog that showcases links, reviews and project

You can purchase Linux Appliance Design from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Ravi writes "In recent times, blogs have empowered numerous individuals and groups by allowing them a platform to air their thoughts. This has been made possible because of the development of numerous blogging tools. One which has gained mass appeal in the blogging community is Wordpress. What is exciting about this tool or blog engine is that even a lay person can easily master its use and get his or her blog up and running in no time." Wordpress Complete author Hasin Hayder pages 290 publisher Packt Publishing rating 8 reviewer Ravi ISBN 1904811892 summary A very good book to learn to use Wordpress to ones advantage

Wordpress Complete authored by Hasin Hayder and published by Packt Publishing is a book ideal for any beginning blogger who intends to set up his/her own Wordpress blog. The book is divided into 10 distinct chapters with each chapter describing a particular feature of the Wordpress blog.

I found the book unique in that instead of jumping right into installing and configuring Wordpress, the author takes time to explain the concept of a blog and the different ways in which you can blog. All the blogs irrespective of the blogging engine being used share some common terminology. This is explained in the very first chapter. In the same chapter, the readers are given a bird's eye view of the different blogging engines — both the free ones and those which cost money. The readers are made aware of the pros and cons of each of them.

Installing Wordpress is easy. It is a two step install process. However when you intend to host a Wordpress blog on a remote host, a few factors come into play depending upon what is offered by your web hosting provider. There is more than one way of installing a Wordpress blog on a remote host. This is dealt with clearly in the second chapter.

The third chapter covers choosing and installing themes, the different types of themes and their file composition.

The fourth chapter titled "Blogging your heart out", embarks on an extensive trip explaining the concept of posts and different ways of adding posts in Wordpress such as posting via email. Apart from that, this chapter contains an exhaustive introduction to the rich text editing interface which is the default editor. One also gets to know more about the features common to all blogs such as trackbacks, pinging as well as some Wordpress specific features.

You might wonder why you should buy a Wordpress book when the bulk of the documentation is freely available online. You will find this book to be a very good asset for beginner Wordpress bloggers because the author introduces a wealth of information which will require a lot of digging online to find. For example, the author explains how to put together an image gallery in Wordpress which I was not aware of before I read the book.

Chapter 6 deals with the all important topic of Feeds and Podcasts. There are four different feed formats and Wordpress supports all of them. Feeds are an easy way for the visitors of a site to keep track of the most recent changes in the content of a website.

While the first 6 chapters are targeted at Wordpress users, the remaining 4 chapters are more useful for Wordpress developers. On that note, developing themes form the basis of the 7th chapter. Here the author demonstrates how to build a theme by starting from scratch. Wordpress is essentially an amalgamation of PHP code, CSS and standards compliant HTML and this chapter has a fair sprinkling of code snippets with explanation. After going through the chapter, I was able to get a very good idea of the different files and their content which form the heart of Wordpress.

The next chapter titled "Community Blogging" provides a brief outline of a parallel project of Wordpress which is the Multi-user Wordpress and goes by the name Wordpress MU.

Chapter 9 titled "Developing plug-ins and widgets" is a very interesting chapter with the author explaining the process of creating widgets which are small bits of code incorporating third party functionality.

There is also an exclusive chapter which acts as an administrative reference where a number of problems that Wordpress administrators might face and their possible solutions are listed.

The book takes a reader from the installation to the configuration of every aspect of Wordpress to eventually give some troubleshooting tips. There is no dearth of relevant screenshots. The language used is clear and to the point. The author also provides Web references in many places. In short, I found this book to be an ideal resource for bloggers who wish to host their blog on Wordpress.

Ravi Kumar likes to share his thoughts on all things related to GNU/Linux, Open Source and Free Software on his blog linuxhelp.blogspot.com.

You can purchase Wordpress Complete from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

TimHunter writes "Peter Cooper's Beginning Ruby: From Novice to Professional has two audiences, novices with no programming experience who want to learn Ruby as their first programming language, and veterans who want to add Ruby to their programming toolkit. Cooper's response to this challenge is a solid entry in the limited arena of Ruby tutorials. Even though the early chapters are marred by the occasional reference to an advanced topic, readers will appreciate the plentiful examples and thoughtful description of the Ruby language." Read below for the rest of Tim's review. Beginning Ruby: From Novice to Professional author Peter Cooper pages 631 publisher Apress rating 7 reviewer Tim Hunter ISBN 1590597664 summary An introduction to Ruby programming

Ruby is an object-oriented programming language in the same family as Perl and Python. Ruby is very popular for writing web applications but also widely used for the general-purpose programming tasks. Ruby is available for Linux, Mac OS X, and Microsoft Windows. It is Open Source software with a commercially friendly license.

I agreed to review this book in particular because, even though the Ruby community has a strong tradition of encouraging newcomers, there are actually very few resources for the Ruby beginner. Ruby has gained a repuation for being easy to learn and therefore is attractive to people with limited or no programming experience. Novice programmers post almost daily requests for help and direction to the ruby-lang mailing list.

In addition to serving people with no progamming experience, Beginning Ruby is also aimed at experienced programmers who want to learn Ruby. Progammers coming from languages such as Java or C++ often struggle with Ruby's dynamic typing and (even with the recent explosion of Ruby-related books) the relative scarcity of documentation. Beginning Ruby tries to satisfy this audience by explaining Ruby's design, history and place in the programming world and including an extensive survey of the currently-available Ruby libraries.

Beginning Ruby is divided into 3 parts. The first part is aimed at neophytes. Experienced programmers, especially those experienced with object-oriented programming, will be able to skip chapter 2 and skim chapters 3 and 4.

The book starts simply. Chapter 1 isn't even about programming. This chapter explains how to install Ruby on Windows, OS X, and Linux. The instructions are thorough and aimed squarely at beginners. For example, Cooper explains how to get a command prompt on Windows and how to run Terminal.app on OS X.

Chapters 2 and 3 introduce fundamental concepts such as variables, expressions, control flow, classes, and objects. Cooper emphasizes experimentation. He says that irb, Ruby's interactive programming module, "provides the perfect environment for tweaking and testing the language, as you cannot do any real damage from within irb." Such assurances are helpful, especially to the beginner who may be slightly afraid that he's going to somehow make a mistake that will "break" his computer.

Explaining programming to beginners is hard. I've read a number of books that try to teach object-oriented programming concepts to people with no programming experience whatsoever. None were stunningly successful. This one isn't either. The problem is that books are linear, but there are simply too many things – concepts, keywords, tools – that have to be introduced nearly simultaneously and initially taken on faith. Cooper distracts his readers by peppering his text with too many "don't worry about this yet" disclaimers and assurances that explanations will appear later. His references C and Perl will be meaningless and possibly confusing to the beginning programmer.

Chapter 4, "Developing a Basic Ruby Application," starts by explaining what a text editor is and offering a few recommendations for text editors on Windows, OS X, and Linux. Then it guides the reader through his first real program, a script to read a text file and compute simple statistics such as the number of lines and words. This is a well-chosen example that will, when completed, make the student feel like he's accomplished something.

Chapter 5, "The Ruby Ecosystem," feels out-of-place. This chapter doesn't teach anything about Ruby programming. Instead it explains Ruby's history, introduces Ruby On Rails, and talks about the Open Source movement. Little, if any, of this material will be interesting to a fledgling programmer. The chapter finishes with a list of internet-based Ruby resources such as mailing lists, IRC, and blogs. All of this seems much better suited as an appendix and indeed the list of resources appears again in Appendix C.

Part 2, "The Core of Ruby," has a slower pace. With the very basic material covered, Beginning Ruby gets a better footing. Starting in this part the material is useful to both beginners and veterans.

This is probably as good a place as any to talk about the examples, which are numerous and very likely the best part of the book. Most of the the examples are short and to the point. A few extend over several pages. My overall impression is that they are well-chosen and well-coded. I especially like the way the examples appear on the page, visually distinctive but without interrupting the flow of the text. Source code for all of the examples may be downloaded from the Apress web site. However, even though the files are divided into a directory per chapter, the examples aren't numbered in the text so it's difficult to find the code for the example you're looking at. I ended up using grep to search for keywords in the sources.

Chapter 6 is a slower pass through Ruby, focusing on Ruby's object-orientation. Though fewer than part 1, there are still problems with references to concepts that have not yet been introduced. For example, Cooper uses the require method in the context of namespaces even though require has not been introduced. Indeed, it's not even necessary to mention namespaces at all in this chapter since the entire concept could've been held off until the next chapter, which explains how to create programs from code in multiple files.

The remaining chapters in this part start to address the needs of the serious Ruby programmer. This is a lot of ground to cover, including documentation, debugging, test-driven development, I/O, databases, and how to deploy Ruby programs. I particularly liked Cooper's thorough instructions for installing and creating RubyGems, Ruby's third-part library management system. There are so many topics to cover that each one gets only an introduction, but Cooper uniformly provides links to extended online documentation.

The last chapter in this part works through an even larger example, a Ruby "chat bot." This is an ingenious and entertaining example, the kind of program that, had I read it when I was just starting to learn programming, would have spent many happy hours tweaking. Call me a geek, but I got a chuckle out of the example on page 383 of two very stupid bots conversing.

Part 3 is called "Ruby Online." Of course it starts with the obligatory chapter on Ruby on Rails. I suppose publishers require such a chapter in all Ruby books, even though RoR is more than amply covered by other excellent books. I'm not a RoR programmer so I blew off this chapter.

Chapter 14 describes Ruby's support for the Internet via its HTTP, email, and FTP libraries. Chapter 15 covers other networking support libraries. As usual there are many excellent examples. Chapter 16 is a very good survey of the standard and add-on libraries that the serious Ruby programmer will find useful. Each library is demonstrated with an example, and Cooper provides a link to the complete documentation.

At the start of this review I said that Beginning Ruby is divided into 3 parts, but actually there are four. The last part consists of 3 appendices. Appendix A is a summarization of Part 2. Appendix B is sort of a "semi-reference" to Ruby's core libraries. This is not intended to be a complete reference. Instead, Cooper limits his discussion to the most useful methods of the core classes. As I mentioned earlier, Appendix C is a list of Internet-based Ruby resources such as web pages, mailing lists, IRC channels, and blogs.

I'm giving Beginning Ruby a 7. It's a good book for someone who wants to learn Ruby as his first programming language. It could be better. I liked Cooper's patient and thoughtful explanations about installing Ruby and RubyGems, how to use a command line, and what a text editor is for. Cooper supplies answers to all the typical Ruby-nuby questions, but his explanation of basic concepts is marred by the occasional confusing reference to advanced or even irrelevant topics. For the experienced programmer who learns best by reading and working through examples this book is a good choice. Dave Thomas' Programming Ruby, The Pragmatic Programmer's Guide (a.k.a. the Pickaxe) is a tough competitor, but each book has a considerable amount of material that is not found in the other book. For example the Pickaxe's core library reference is exhaustive but it has only a limited amount of the kind of tutorial explanations that is Beginning Ruby's strength. Beginning Ruby is available in PDF format from Apress' web site at about half the price of the paper book.

I have been programming Ruby as a hobby for over 5 years. Apress gave me a review copy of this book, but otherwise I have no connection to the author or publisher."

You can purchase Beginning Ruby: From Novice to Professional from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "MySQL may be the most popular open source relational database management system (RDBMS) in the world, but during the first decade of its existence, it lacked support for stored programs, i.e., store procedures, functions, and triggers. The major commercial RDBMS vendors — including Oracle, IBM, and Microsoft — could point to this deficiency as reason enough to choose their proprietary systems over MySQL or any other open source system, such as PostgreSQL. But with the release of MySQL version 5.0, in October 2005, the "little database engine that could" dramatically improved its position against the competition. The most comprehensive discussion of these new capabilities is in the book MySQL Stored Procedure Programming." Read below for the rest of Michael's review MySQL Stored Procedure Programming author Guy Harrison and Steven Feuerstein pages 636 publisher O'Reilly Media rating 9 reviewer Michael J. Ross ISBN 0596100892 summary A comprehensive guide to developing MySQL stored procedures, functions, and triggers.

Written by Guy Harrison and Steven Feuerstein, and published by O'Reilly Media in March 2006 under the ISBNs 0596100892 and 978-0596100896, this book is the first one to offer database programmers a full discussion of the syntax, usage, and optimization of MySQL stored procedures, stored functions, and triggers — which the authors wisely refer to collectively as "stored programs," to simplify the manuscript. Even a year after the introduction of these new capabilities in MySQL, they have received remarkably little coverage by book publishers. Admittedly, there are three such chapters in MySQL Administrator's Guide and Language Reference (2nd Edition), written by some of the developers of MySQL, and published by MySQL Press. Yet this latter book — even though published a month after O'Reilly's — devotes fewer than 50 pages to stored programs, and the material is not in the printed book itself, but in the "MySQL Language Reference" part, on the accompanying CD. That material, in conjunction with the online reference documentation, may be sufficient for the more simple stored program development needs. But for any MySQL developer who wishes to understand in-depth how to make the most of this new functionality in version 5.0, they will likely need a much more substantial treatment — and that's exactly what Harrison and Feuerstein have created.

The authors are generous in both the technical information and development advice that they offer. The book's material spans 636 pages, organized into 23 chapters, grouped into four parts, followed by an index. The first part, "Stored Programming Fundamentals," provides an introduction and then a tutorial, both taking a broad view of MySQL stored programs. The remaining four chapters cover language fundamentals; blocks, conditional statements, and iterative programming; SQL; and error handling. The book's second part, "Stored Program Construction," may be considered the heart of the book, because its five chapters present the details of creating stored programs in general, using transaction management, using MySQL's built-in functions, and creating one's own stored functions, as well as triggers. The third part, "Using MySQL Stored Programs and Applications," explains some of the advantages and disadvantages of stored programs, and then illustrates how to call those stored programs from source code written in any one of five different programming languages: PHP, Java, Perl, Python, and Microsoft.NET. In the fourth and final part, "Optimizing Stored Programs," the authors focus on the security and tuning of stored programs, tuning SQL, optimizing the code, and optimizing the development process itself.

This is a substantial book, encompassing a great deal of technical as well as advisory information. Consequently, no review such as this can hope to describe or critically comment upon every section of every chapter of every part. Yet the overall quality and utility of the manuscript can be discerned simply by choosing just one of the aforesaid Web programming languages, and writing some code in that language to call some MySQL stored procedures and functions, to get results from a test database — and developing all of this code while relying solely upon the book under review. Creating some simple stored procedures, and calling them from some PHP and Perl scripts, demonstrated to me that MySQL Stored Procedure Programming contains more than enough coverage of the topics to be an invaluable guide in developing the most common functionality that a programmer would need to implement.

The book appears to have very few aspects or specific sections in need of improvement. The discussion of variable scoping, in Chapter 4, is too cursory (no database pun intended). In terms of the book's sample code, I found countless cases of inconsistency of formatting — specifically, operators such as "||" and "=" being jammed up against their adjacent elements, without any whitespace to improve readability. These minor flaws could be easily remedied in the next edition. Some programming books make similar mistakes, but throughout their text, which is even worse. Fortunately, most of the code in this book is neatly formatted, and the variable and program names are generally descriptive enough.

Some of the book's material could have been left out without great loss — thereby reducing the book's size, weight, and presumably price. The two chapters on basic and advanced SQL tuning contain techniques and recommendations covered with equal skill in other MySQL books, and were not needed in this one. On the other hand, sloppy developers who churn out lamentable code might argue that the last chapter, which focuses on best programming practices, could also be excised; but those are the very individuals who need those recommendations the most.

Fortunately, the few weaknesses in the book are completely overwhelmed by its positive qualities, of which there are many. The coverage of the topics is quite extensive, but without the repetition often seen in many other technical books of this size. The explanations are written with clarity, and provide enough detail for any experienced database programmer to understand the general concepts, as well as the specific details. The sample code effectively illustrates the ideas presented in the narration. The font, layout, organization, and fold-flat binding of this book, all make it a joy to read — as is characteristic of many of O'Reilly's titles.

Moreover, any programming book that manages to lighten the load of the reader by offering a touch of humor here and there, cannot be all bad. Steven Feuerstein is the author of several well-regarded books on Oracle, and it was nice to see him poke some fun at the database heavyweight, in his choice of sample code to demonstrate the my_replace() function: my_replace( 'We love the Oracle server', 'Oracle', 'MySQL').

The prospective reader who would like to learn more about this book, can consult its Web page on O'Reilly's site. There they will find both short and full descriptions, confirmed and unconfirmed errata, a link for writing a reader review, an online table of contents and index, and a sample chapter (number 6, "Error Handling"), in PDF format. In addition, the visitor can download all of the sample code in the book (562 files) and the sample database, as a mysqldump file.

Overall, MySQL Stored Procedure Programming is adeptly written, neatly organized, and exhaustive in its coverage of the topics. It is and likely will remain the premier printed resource for Web and database developers who want to learn how to create and optimize stored procedures, functions, and triggers within MySQL.

Michael J. Ross is a Web programmer, freelance writer, and the editor of PristinePlanet.com's free newsletter. He can be reached at www.ross.ws, hosted by SiteGround.

You can purchase MySQL Stored Procedure Programming from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

andrew cooke writes "Java 6 was recently released, but many programmers are still exploring the features introduced in Java 5 — probably the most significant changes in the language's twelve year history. Amongst those changes (enumerations, auto-boxing, foreach, varargs) generics was the most far-reaching, introducing generic programming in a simpler, safer way than C++ templates and, unlike generics in C#, maintaining backwards (and forwards) compatibility with existing Java code." Read on for the rest of Andrew's review. Java Generics and Collections author Maurice Naftalin, Philip Wadler pages 273 publisher O'Reilly Media, Inc. rating 9/10 reviewer Andrew Cooke ISBN 978-0-596-52775-4 summary Guide to Java generics; also includes interesting discussion of collection classes.

Given the history of Generic Java, Naftalin and Wadler's Java Generics and Collections has a distinguished pedigree. In this review I'll argue that this is a new classic.

If you're a Java programmer you've probably heard of generics, an extension to the type system that was introduced in Java 5. They give you, as a programmer, a way to write code even when you don't know exactly what classes will be used.

The obvious example is collections — the author of a List class has no idea what type of objects will be stored when the code is used.

Before generics, if you wanted to write code that handled unknown classes you had to use make use of inheritance: write the code as if it would get Objects, and then let the caller cast the result as necessary. Since casts happen at runtime any mistakes may cause a runtime error (a ClassCastException).

Generics fix this. They let you write code in which the classes are named (parameters) and the compiler can then check that the use of these class parameters is consistent in your program. So if you have a List of Foo instances you write List<Foo> and the compiler knows that when you read that list you will receive a Foo, not an Object.

I'll get to the book in a moment, but first a little history. If you know any type theory — particularly as used in functional languages like ML and Haskell — then you'll recognize my quick description above as parametric polymorphism. You'll also know that it is incredibly useful, and wonder how Java programmers could ever have managed without it.

Which explains why Philip Wadler, one of the people responsible for Haskell, was part of a team that wrote GJ (Generic Java), one of the experimental Java mutations (others included PolyJ and Pizza) that, back in the day (late 90s) helped explore how parametric polymorphism could be added to Java, and which formed the basis for the generics introduced in Java 5.

So if you want to understand generics, Wadler is your man. Which, in turn, explains why I jumped at the chance to review O'Reilly's Java Generics and Collections, by Maurice Naftalin and Philip Wadler.

This is a moderately slim book (just under 300 pages). It looks like any other O'Reilly work — the animal is an Alligator this time. It's well organized, easy to read, and has a decent index.

There's an odd discrepancy, though: Wadler is the generics Guru; this is going to be `the generics reference'; generics are sexy (in relative terms — we're talking Java here) and collections are not; the title has "Java Generics" in great big letters with "and Collections" in little tiny ones down in a corner. Yet very nearly half this book is dedicated to collections.

Generics is a great, practical read. It starts simply, introducing a range of new features in Java 5, and then builds rapidly.

If you are completely new to generics, you'll want to read slowly. Everything is here, and it's very clear and friendly, but there are not the chapters of simple, repeated examples you might find in a fatter book. Within just 30 pages you meet pretty much all of generics, including wildcards and constraints.

If that makes your head spin, don't worry. Read on. The next hundred or so pages don't introduce any new syntax, but instead discuss a wide range of related issues. The chapters on Comparisons and Bounds and Declarations contain more examples that will help clarify what generics do. And the following chapters on Evolution, Reification, and Reflection will explain exactly why.

So the first seven chapters introduce generics and then justify the implementation — any programmer that takes the time to understand this will have a very solid base in generics.

There are even some interesting ideas on how Java could have evolved differently — section 6.9 Arrays as a Deprecated Type presents a strong case for removing arrays from the language. It's a tribute to the clarity and depth of this book that the reader is able to follow detailed arguments about language design. Fascinating stuff.

The next two chapters, however, were my favorites. Effective Generics and Design Patterns give sensible, practical advice on using generics in your work, including the best explanation of <X extends Foo<X>> I've seen yet (so if you don't know what I am talking about here, read the book).

(A practical word of advice — if at all possible, use Java 6 with generics. Java 5 has a sneaky bug).

The Collections part of the book was more along O'Reilly's `Nutshell' lines: the different chapters explore different collection types in detail. I must admit that at first I skipped this — it looked like API docs re-hashed to extend the size of the book.

Then I felt bad, because I was supposed to be reviewing this book (full disclosure: if you review a book for Slashdot you get to keep it). And you know what? It turned out to be pretty interesting. I've programmed in Java for (too many) years, and I guess I've not been quite as dedicated to tracking how the library has changed as I should have been — I learned a lot.

Again, a wide range of readers are welcome. This is more than a summary of the Javadocs, ranging from thumbnail sketches of trees and hashtables to a discussion of containers intended for multi-threaded programming.

The way I see it now, this part is a bonus: the first half, on generics, makes this book one of the standards; the second half is an extra treat I'm glad I stumbled across (I guess if you're some kind of weird collection-fetishist maybe it's even worth buying the book for).

I've used generics since the first beta release of Java 5 and had experience with parametric polymorphism in functional languages before that (in other words, I can tell my co- from my contra-variance). So I guess I'm heading towards the more expert end of the spectrum and I was worried I'd find the book boring. It wasn't. After claiming to be expert I don't want to spoil things with evidence that I'm actually stupid, but reading this book cleared up a few `misunderstandings' I'd had. I wish I had read it earlier.

If you're new to generics, and you don't mind thinking, I recommend this book. If you're a Java programmer who's a bit confused by <? super Foo> then this is the book for you.

The only people who shouldn't read this are people new to Java. You need to go elsewhere first. This is not a book for complete beginners. This is a great book in the classic — practical, concise and intelligent — O'Reilly mould.

You can purchase Java Generics and Collections from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

An anonymous reader writes "It seems that the most recent DVDs released by Sony — specifically Stranger Than Fiction, Casino Royale, and The Pursuit of Happyness — have some kind of 'feature' that makes them unplayable on many DVD players. This doesn't appear to be covered by the major media yet, but this link to a discussion over at Amazon gives a flavor of the problems people are experiencing. A blogger called Sony and was told the problem is with the new copy protection scheme, and they do not intend to fix it. Sony says it's up to the manufacturers to update their hardware."

newtronic clues us to an article in IEEE Spectrum by Jeff Hawkins (founder of Palm Computing), titled Why can't a computer be more like a brain? Hawkins brings us up to date with his latest endeavor, Numenta. He covers progress since his book On Intelligence and gives details on Hierarchical Temporal Memory (HTM), which is a platform for simulating neocortical activity. Programming HTMs is different — you essentially feed them sensory data. Numenta has created a framework and tools, free in a "research release," that allow anyone to build and program HTMs.

David Martinjak writes "Nagios is an open source application for monitoring hosts, services, and conditions over a network. Availability of daemons and services can be tested, and specific statistics can be checked by Nagios to provide system and network administrators with vital information to help sustain uptime and prevent outages. Nagios: System and Network Monitoring is for everyone who has a network to run." Read on for the rest of the review. Nagios: System and Network Monitoring author Wolfgang Barth pages 464 publisher No Starch Press rating 9 reviewer David Martinjak ISBN 1593270704 summary Covers installing, configuring, and deploying Nagios to monitor systems and services on a network.

The book is authored by Wolfgang Barth and published by No Starch Press. The publisher hosts a Web page which contains an online copy of the table of contents, portions of reviews, links to purchase the electronic and print versions of the book, and a sample chapter ("Chapter 7: Testing Local Resources") in PDF format.

An amusing note to begin: this is one of the only books I have read where the introduction was actually worth reading closely. Many books seem to talk about background or history of the subject without providing much pertinent information, if any at all. In Nagios: System and Network Monitoring, Wolfgang Barth begins with a hypothetical anecdote to illustrate the usefulness of Nagios. The most important section in the introduction, however, is the explanation of states in Nagios. While monitoring a resource, Nagios will return of one of four states. OK indicates nominal status, WARNING shows a potentially problematic circumstance, CRITICAL signifies an emergency situation, and UNKNOWN usually means there is an operating error with Nagios or the corresponding plugin. The definitions for each of these states are determined by the person or team who administers Nagios so that relevant thresholds can be set for the WARNING and CRITICAL status levels.

The first chapter walks the reader through installing Nagios to the filesystem. All steps are shown, which proves to be very helpful if you are unfamiliar with unpacking archives or compiling from source. Users who are either new to Linux, or cannot install Nagios through a package manager, will appreciate the verbosity offered here. Fortunately, the level of detail is consistent through the book.

Chapter 2 explains the configuration structure of Nagios to the reader. This chapter may contain the most important material in the book as understanding the layout of Nagios is essential to a successful deployment in any environment. The book moves right into enumerating the uses and purposes of the config files, objects, groupings, and templates. All of this information is valuable and presented in a descriptive manner to help the reader set up a properly configured installation of Nagios. My biggest stumbling block in using Nagios was wrapping my brain around the relationships of the config files and objects. This chapter clears up all of the ambiguities I remember having to work out for myself. If only this book had been around a few years ago!

The sixth chapter dives into the details of plugins that are available for monitoring network services. This chapter explains using the check_icmp plugin to ping both a host and a specific service for verifying reachability. Additional examples include monitoring mail servers, LDAP, web servers, and DNS among others. There is even a section for testing TCP and UDP ports.

Next, the book covers checking the status of local resources on systems. At work, we have a system in production that could have been partitioned better. Unfortunately, /var is a bit smaller than it should be, and tends to fill up relatively frequently. Thankfully, Nagios can trigger a warning when there is a low amount of free space left on the partition. From there, we have Nagios execute a script that cleans out certain items in /var so we don't have to bother with it. We can also receive notification if the situation does not improve, and requires further attention. In addition to monitoring hard drive usage, the book includes examples for checking swap utilization, system load, number of logged-in users, and even Nagios itself.

Chapter 12 discusses the notification system in Nagios. You provide who, what, when, where, and how in the configs, and Nagios does the rest. The book does a fantastic job of explaining what exactly triggers a notification, and how to efficiently configure Nagios to ensure the proper parties are being informed of relevant issues at reasonable intervals. For example, the server team might be interested to know that /var is 90% full on one of the LDAP servers; however they don't need to be notified of this every thirty seconds. This chapter also covers an important aspect of Nagios known as flapping. Flapping occurs when a monitored resource quickly alternates between states. Nagios can be configured for a certain tolerance against rapid alternating changes in states. This means Nagios won't sound the alarm if the problem will resolve itself in a short period of time. Usually flapping is caused by an external factor temporarily influencing the results of the test from Nagios; and therefore has no long-term impact.

The last major chapter to mention here deals with essentially anything and everything about the Nagios Web interface. The main point of interaction between the administrator and Nagios is the fully featured Web interface. This chapter covers recognizing and working on problems, planning downtimes, making configuration changes, and more. I especially like that the book gives an overview of each of the individual CGI programs that the Web interface is composed of; as these files are important for UI customization.

The only aspect of this book that I did not care for was that the book reads like a reference manual at times. The first several chapters start out more conversational in tone with great explanations of the procedures and files; but later it sometimes feels like I am repeatedly reading an iterated piece-by-piece structure, filled in with the content for that chapter. That is not necessarily bad all together as it does provide consistency in the presentation of the information. Additionally, the level of detail is outstanding throughout the book. The explanations are never too short or too long. This is definitely a valuable book for administrators at all levels with fantastic breadth and depth of material. Administrators who are interested in proactive management of their systems and networks should be pleased with Nagios: System and Network Monitoring.

Nagios is licensed under the GNU General Public License Version 2, and can be downloaded from http://nagios.org.

David Martinjak is a programmer, GNU/Linux addict, and the director of 2600 in Cincinnati, Ohio. He can be reached at david.martinjak@gmail.com.

You can purchase Nagios: System and Network Monitoring from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "MySQL database administrators and developers have several options for MySQL reference sources, though naturally none of them are ideal in all situations. The online MySQL documentation is extensive, but the most commonly needed nuggets are buried in its necessarily exhaustive contents. Third-party MySQL reference books can winnow out some of the rarely-used minutia, but they still encompass hundreds of pages, reflecting the complexity of the subject. For quickly looking up the most frequently used command syntax and other details, a MySQL user would usually be best served by a much more compact book, such as MySQL Pocket Reference." Read below for the rest of Michael's review. MySQL Pocket Reference author George Reese pages 96 publisher O'Reilly rating 9 reviewer Michael J. Ross ISBN 059600446X summary Great for quickly looking up the most frequently used command syntax and other details of MySQL

Written by George Reese, this book was published by O'Reilly Media, in February 2003. It may span only 96 pages, and weigh only 3.2 ounces, but it packs a substantial amount of useful information into a diminutive form. The book's material is organized into several sections, covering MySQL installation, command-line tools, data types, SQL, operators, functions, and table types.

After presenting a quick introduction and some other housekeeping topics, the author briefly explains how to install, configure, and start up MySQL, as well as how to set the root password. This RDBMS includes a dozen command-line tools, and the author next provides the briefest of summaries for each one, and more details on the most commonly used one, mysql.

The next four sections compose the meat of the book, as they cover the MySQL data types, SQL query language, operators, and functions. Of all the aspects of any programming language or RDBMS, the one that frequently causes the most confusion — and for which a handy reference guide would be most appreciated — is the proper use of data types. In MySQL Pocket Reference, the author presents all of the MySQL data types, grouped into numerics, strings, dates, and complex types. For each data type, the author shows the declaration syntax, the storage space required, and the purpose of the data type.

MySQL version 4.0 supports ANSI SQL 92, as well as some proprietary extensions, which is true for most if not all substantial RDBMSs. Reese explains the case sensitivity of MySQL for various contexts; the use of literals, including escape sequences; the rules concerning identifier naming and aliasing; and how to insert comments in your code. Much more space is devoted to all of the MySQL commands, ranging from ALTER TABLE to USE. For each command, the reader is shown the syntax, including optional keywords, clauses, and other elements, as well as a generous number of illustrative examples.

The last three sections of the book cover operators (arithmetic, comparison, and logical), functions (aggregate and otherwise), and table types. The section on functions will likely get a lot of use from the average reader, as it is relatively easy to forget the name and parameter list of any function — particularly if it has not been used by the developer for some time, and is not present in the surrounding code.

Like any pocket reference book, this one is not intended to serve as a full reference source or as a MySQL tutorial — of which O'Reilly offers several. Rather, it is best used for quickly answering questions concerning command syntax, operator precedence, function parameter order, or any of the other MySQL language details that are not listed automatically by programming editors, nor otherwise immediately obvious. Yet despite its small size, this book contains information that may be unknown to even some of the most experienced MySQL administrators and programmers. For instance, I had no idea that 2007-04-00 is considered a valid date. (I only wish that my taxes were due on that day.)

O'Reilly Media has a Web page on their site that provides some additional resources related to this book. These include links for reading the reviews offered by other readers, submitting your own review, and checking the errata for the book, of which there are 20, as of this writing — 19 of which have been confirmed.

There appear to be only two flaws in this book. It lacks a list of MySQL reserved words, which is odd for a reference book. Also, the text on every page is set too close to the binding, thus compelling the reader to force open the book more than should be necessary, just to comfortably read the inmost ends of the lines of text. This could be easily fixed in a subsequent edition, by moving the text outwards approximately half a centimeter, since the outer margins are much wider than necessary.

Speaking of editions, because this first edition of the book appeared in early 2003, it covers up to version 4.0 of MySQL. One can only hope that a second edition will be made available at some point in the future, so that it can be brought up to date with all of the new additions to MySQL 5, which are substantial. These include cursors, stored procedures, triggers, and views.

Nonetheless, this first edition would be of value to anyone using MySQL. In essence, MySQL Pocket Reference is neatly organized, extremely portable, and packs much valuable information into a succinct format.

Michael J. Ross is a Web programmer, freelance writer, and the editor of PristinePlanet.com's free newsletter. He can be reached at www.ross.ws, hosted by SiteGround."

You can purchase MySQL Pocket Reference from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael Flynn writes "The DV Rebel's Guide is broken down into chapters that follow the basic timeline of a film's production. The first chapter covering the overall philosophy of the authors approach and the rest focused on the making of your film: Pre-production, Production and Post production. A great deal of the book is focused, to very good effect, on post production." Read on for the rest of Michael's review The DV Rebel's Guide author Stu Maschwitz pages 320 publisher Peachpit Press rating 9 reviewer Michael Flynn ISBN 0321413644 summary A` step by step guide to making your own film Stu Maschwitz is one of the founders of The Orphanage. A visual effects house with credits in such films as Sin City, The Day After Tomorrow, and Harry Potter and the Goblet of Fire. Prior to founding The Orphanage, Stu had a stint at ILM.

Stu's writing style is very easygoing and at times irreverent. Regarding his short film that he includes on the DVD, he points out "The Last Birthday Card was made on an Apple G3 and took over two days to render. I chose to take these enforced breaks from working on my film as opportunities to strike up a new hobby, one that I still practice today: staring at my After Effects progress bar".

In each chapter, a number of Hollywood action films is referenced. At the end of each chapter, the films that are mentioned are listed so that the reader can put them onto their NetFlix list or run over to the local video store and rent them to see first hand, the techniques that are referenced.

His pragmatic approach to getting the job done and using whatever tools are at hand or that you can build is highly effective. My only complaint is that there are a number of specifics regarding After Effects that are not covered in Stu's book. To his defense, this is not an After Effects tutorial. You are expected to know how to use AE before your dive into Stu's methods.

His suggestions for examining the area around you to utilize as much of what you have at hand is unique and effective. Suggesting the use of glass elevators for simulating crane master shots as well as people movers in airports for dolly shots is exemplary of the approach. Additionally, for the wood working inclined filmmaker, a very nice design is included for building a hand-holding rig for your DV camera (Stu eschews hand holding a DV camera due to the light weight that generally translates to a very shaky image).

The book details adding effects that Stu used in his short film "The Last Birthday Card". The film illustrates a number of useful techniques such as compositing a helicopter into a scene, practical bullet hits and squib simulations. He also includes high quality squib footage on the DVD for the rebel filmmaker to use in his/her own projects.

The last section of the book covers color correction in great detail. It provides techniques for using the color correction tools in After Effects as well as using a layered approach to this process. To illustrate the approaches that he suggests, he provides a number of After Effects projects on the DVD that the reader can use to follow along with the examples.

Stu also, wisely, includes one of the chapters of the book on the DVD in PDF format. This is the camera chapter. With DV cameras changing at such a rapid pace, this allowed him to provide very up to date information on DV cameras that might have been obsolete by the time the book had come back from the printer.

He provides a number of very nice scripts and presets on the DVD for a variety of effects as well as tools for color correcting. The film strip script that allows you to compare a number of shots at once for color/look management is particularly nice.

Finally,Stu maintains a lively message board devoted to the book where folks can ask questions and Stu is very prompt about providing answers. Having read over 200 books on film making, this book is the only one that will end up on the set of my next film.

You can purchase The DV Rebel's Guide: An All-Digital Approach to Making Killer Action Movies on the Cheap from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Simon P. Chappell writes "These days, Brazil is no longer just on the map for its fine coffee and martial arts. They have a few other reasons and one of them is called Lua. Lua is an open-source scripting language that was originally designed for small size and excellent portability to support its use in embedded systems. Like anything good, it didn't take long for it to be discovered by others looking for a small and efficient scripting language." Beginning Lua Programming author Kurt Jung, Aaron Brown pages 400 publisher Wiley rating 9 reviewer Simon P. Chappell ISBN 0470069171 summary A great introduction to Lua with solid writing and explanations of the concepts

This is definitely a book targeted at those new to Lua. While it begins gently, it picks up speed quite quickly and takes its reader through a full range of Lua usage. This book is unusual, for the more mass-market beginner books, in that it does not treat the reader like an idiot. I found the tone to be very respectful of the reader's intelligence. This aspect alone, makes the book stand out in a crowded beginners market.

This book is also a very good introduction to Lua for programmers experienced with one or more other programming languages. I found it very easy to pick up the concepts with my previous programming experience.

The first chapter of most books like this, will typically cover getting setup with the language. This book delivers well, with not only explaining how to install the binary version, but also covers compilation under Unix-styled operating systems and a number of development environments for Microsoft Windows. Guidelines are given for building Lua on Windows using Visual C++, Tiny C and MinGW.

Chapter two is called "First Steps" and is a walkthrough of all of the core language. This is well done and there are plenty of examples where a Lua command is typed and the resulting display from the Lua environment is shown. Chapter three is dedicated to the art of the Lua function. Functions are first class values and have enough power and complexity that they deserve their own chapter. Did you know that Lua automatically recognises tail recursion and handles it appropriately? It does. So if your looking to experiment with some of the trendy functional techniques that tend to swamp Reddit these days, Lua would be a good place to try it.

Chapter four explores Lua's only data structure, the table. What's a table, you ask? My best description, as far as I've managed to get my head around it, would be that it's a Swiss-Army Knife style Hash Table with multiple personalities, alternatively thinking that it's an array, a list, an Erlang-style tuple or a tree structure. However you decide to use it, this chapter explains it and provides lots of examples. Chapter five brings us that ultimate datatype, the string. As with tables, Lua can do many things with the humble string and this chapter will make sure that you can work with substrings, handle user input, read and write files and use the built-in pattern matching available in the language.

Chapter six covers "Handling and Avoiding Errors". I know, I know, we don't have errors anymore, now that we've all discovered the benefits of agile development using scripting languages. Except that we do and circumstances external to our programs can still bring pain to our code. Users type the wrong things, network connections die, power can go out suddenly and, of course, sometimes there are parts of our programs that aren't as imperfect as we'd like to think they are. Chapter seven is about "Using Modules" and explains Lua's interfaces and implementations together with guidelines on modularising scripts and calling those modules.

Any agile language worth its electrons is going to have meta-programming facilities within it. Lua has them and chapter eight is where we learn about "Extending Lua's Behaviour with Metamethods". Chapter nine examines Lua's ability to handle events using coroutines. This is a powerful feature and enables Lua applications to manage concurrent tasks with ease.

Chapter ten explores the fascinating world of Lua internals. While Lua is a scripting language, it does use a virtual machine, this chapter shows how scripts can be pre-compiled to the appropriate bytecode. It also covers memory management and implementation details for tables and strings. Chapter eleven is somewhat reference-like, covering the standard libraries supplied with Lua. Chapter twelve is a good compliment, describing some of the available libraries from the Lua community.

Chapter thirteen addresses the matter of interfacing Lua with other languages. If your language can handle C-style calling conventions, then it can be used by your Lua programs. Chapter fourteen is for everyone that wishes to store information in a database now and then. Lua has bindings for connecting to a number of popular database systems and this chapter will help you use them.

My favourite chapter is number fifteen, where using Lua for web applications is explained. There are several alternatives for the budding Lua web application programmer, ranging from that humble and faithful technique, the CGI script, to the Kepler web server environment with the convenience of LuaPages. In this highly-connected world, it is important to be able to communicate over a network and if chapter fifteen didn't tip you off, then chapter sixteen will make you absolutely certain that Lua is ready for networks. Chapter sixteen explores networking from LuaSockets to email and webpages.

Lua is very popular among video games designers. While not generally used to write the frameworks, it is often used for in-game scripting. Chapter seventeen recounts many of the ways that Lua can be used within video games. Chapter eighteen will appeal to the Palm carrying geeks in the house. If you've been looking for a programming language for your Palm PDA, then Plua may be just what you were looking for. Plua (actually Plua2, but they call it Plua) is an implementation of Lua 5.0 for the Palm OS. It gives full access to both data and graphics and is programmable on the Palm; no need to be tethered. Finally, chapter nineteen addresses the subject of "Fitting into the Lua Community".

That's a long list of chapters. Phew! After all of that, let's see what was worth noting along the way.

The writing style is good. Light without being flippant and respectful of the readers intelligence. I like that. I liked the fact that the topics were broken down into appropriately sized chapters. It meant that this book has more chapters than usual, but each one is nicely partitioned, so it doesn't feel over-whelming. I also like the fact that this book seems like it will continue to be useful in the medium term as well. Some beginners books stop being useful quite quickly after you've learned the basics from them, but this one covers quite a number of topics that will useful at the mid-level of Lua skills.

I have very little negative to say about the book. While I normally don't care for books much larger than 300 pages, this one doesn't feel like it has any gratuitous stuffing in it. There is an appendix with answers to the programming questions asked here and there in the chapters, but other than that, everything feels like it should be there.

As a typography and layout nut, I did feel that the layout was a little cramped and the primary type size was a little small. The program listings were generally well done, although I'm not sure that every single one needed a gray background to help separate it from the body text.

The title of chapter nineteen, "Fitting into the Lua Community" seemed a little patronizing to me. I understand the need for maintaining community values, but most communities do that fairly well without the aid of authors playing the heavy. Apparently the community lasted this long without the book. Let's hope they make it a little longer, now that the masses know about it.

All in all, this is a great introduction to Lua. It has solid writing and explanations of the concepts, with plenty of examples. Recommended.

You can purchase Beginning Lua Programming from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

simon_kehler writes "The Google Web Toolkit (GWT) is a Java AJAX framework that provides an easy to use programming paradigm for web developers using the Java programming language. It is one of the more recent entrants into this field, but has been gaining a lot of traction and popularity. GWT Java AJAX Programming authored by Prabhakar Chaganti and published by Packt Publishing addresses the use of GWT to build ajaxified user interfaces. The author gently introduces the reader to GWT and then leads the reader through a series of tasks, each of which shows how to perform an useful action with GWT." Read below for Simon's review. GWT Java AJAX Programming author Prabhakar pages 240 publisher Packt Publishing rating 8 reviewer simon Kehle ISBN 1847191002 summary A great book for learning the different facets and features of GWT

I am a software architect working for a startup that is evaluating the use of GWT for a new project. I lead a team of experienced Java developers that are comfortable working with Swing and have reasonable familiarity with Struts. We have looked on with envy at all the nice things you could do with the AJAX integration built into web frameworks in languages such as PHP and Ruby. When I came across GWT we decided to take it for a spin and see if your team would be comfortable using it. The documentation that comes with the GWT download is a bit sparse. I was looking for a more in depth intro to the framework and came across this book. this seems to be the first print book on the GWT framework.

The book is divided into ten chapters. An introduction to GWT and its download and setup is provided in the first chapter. The author then shows how to create random quote GWT application in chapter 2. This is a nice example that immediately gives you the flavor of what its like to work with GWT. It shows you the steps involved in writing and running a simple GWT app. Chapter 3 details the service interfaces that you need to create as a part of any GWT application. These are the heart of how the AJAX mechanism works in this framework. Chapters 4-6 go through a lot of tasks that show you how to create increasingly complex user interfaces using the GWT framework. Chapter 7 deals with creating custom widgets that can be shared across applications. Unit testing for GWT applications is covered in chapter 8 (Yes, you can unit test your AJAX apps!). I18N and client XML support are dealt with in chapter 9 and finally chapter 10 shows how to deploy your applications.

This book moves along at a fairly rapid pace and is a quick read. The examples chosen for the tasks are well thought out and show different features in GWT. There are several really cool and innovative examples in this book: Password strength checker, uses colored check boxes to visually show the strength of a password. A very different way of using a check box. Dynamic Lists, change list entries as selections change. Flickr label, recreates the cool label widget that was made famous by Flickr. Sticky Notes, you create post it notes in your browser and drag them around to place them as you want (uses GWT drag support.) Mona Lisa jigsaw puzzle, rearrange Mona Lisa (uses GWT drag support.) Moo.fx, uses moo.fx javascript library for effects (uses JSNI.) Color Selector, integrates Rico Javascript library into GWT (uses JSNI.) Calendar, a very cool mac os x like calendar widget (Creates a compound widget.) Weather, another widget (creates a compound widget.) I18N, displays the country flag based on the locale (uses i18n support.)

I had played around a bit with GWT before. So some of the things in the book were not new to me, but there were several things that I found very useful. GWT provides a way to integrate Java and Javascript (you can call into Java from JS or from JS to Java) called JSNI (Javascript Native interface). The JSNI examples in this book showed how to integrate with moo.fx, Rico and scriptaculous libraries. This was great as we have some homegrown Javascript libs that we would like to continue to use even when we move to GWT. If we can try to hook those in and call them from GWT, that would be sweet! The ability to create widgets that can be shared across applications is very important to our project. The author creates two widgets in chapter 7 — calendar and weather. Both of these were very cool and reminded me of my mac desktop widgets! The weather widget uses Yahoo's weather service to retrieve the information that is displayed. Again, very nicely done. The ability to unit test is another thing that is crucial for us. GWT leverages and extends JUnit to provide this support. However, this is one of the parts of GWT that people do not seem to be using much. Searching on the GWT forums reveals as much confusion about this topic. This book contains a chapter that shows how to unit test a GWT application. The examples are quite simple, but the creation of test suites was a good one, as I had struggled with that before. I really liked the author's coverage of deployment. He first shows how to manually deploy a GWT application. this gives you a feel for whats involved and what's going where. Then he automates that using ant and finally shows how to deploy from within eclipse. This is very useful as I have tripped over deployment before.

Overall, this is a well written book that was very useful to our team. There were a few examples that we had implemented differently than the author — table sorting, paging and in place editing of the tree nodes. I18N is a big topic and the author covers only one way to use it. It would have been nice to have a complete chapter devoted to that topic, as this is a topic of particular interest to us as we work with a multitude of languages. This is a very developer oriented book and assumes that you know Java, HTML, some Javascript and some CSS. Of course if you did not know those topics, you probably wouldn't be too interested in GWT! This is not a book that dives into the internals of how GWT works or tries to impress you with all the nitty gritty of the GWT architecture. The author provides you with ways in which you can accomplish most common tasks that require GWT. They may not be the only way to do things using GWT but it gets you comfortable using GWT and thinking about how you would actually apply it for your problem. I really enjoyed reading this book and its focus on the practical side of using GWT.

You can purchase GWT Java AJAX Programming from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Several readers have written in about the death threats and threats of sexual harm that have been directed at tech blogger Kathy Sierra. She is the author of a number of books about Java and a popular speaker at conferences. She has now stopped blogging and cancelled her appearance at eTech. She names the names of four prominent bloggers who are backers of two sites on which the threats were posted. Others in the blogosphere like Robert Scoble and Tim Bray have posted publicly in support of Sierra. Scoble in particular emphasizes the streak of misogyny that is still all too evident in the tech world. The Washington Post is also grappling with the issue of vile comment posts that flirt with illegality. One commenter on Bray's post summed it up: "The Internet used to be a university. Then it became a shopping mall. But now, it's a war zone."

OSXCPA writes "TextMate is a closed-source, GUI-based, extensible text editor that looks and behaves like a mashup of GNU Emacs ("Emacs") and NetBeans. This book is a primer and reference for TextMate. The blurb on the back of the book identifies the target audience as 'Programmers, web designers and anyone else who regularly needs to work with text files on Mac OSX.' After working with TextMate and reading through the book, the target audience is spot on. For example, the book briefly covers basic text editing, but provides in-depth information about basic operations (keyboard shortcuts, customizations, etc.) more advanced users will want to know and beginning users should know." Read below for the rest of OSXCPA's review. TextMate: Power Editing for the Mac author James Edward Gray II pages 193 publisher Pragmatic Programmers rating 8 reviewer OSXCPA ISBN 097873923X summary Excellent for the more complex scripting features of TextMate

I am reviewing TextMate: Power Editing for the Mac ("TPEFTM") by James Edward Gray II, published by The Pragmatic Programmers LLC, which I received from O'Reilly Media because I am the organizer of the Forest Park Ruby Meetup group. I received no compensation other than a copy of the book. I am relatively new to Ruby and Rails, but studied C and Java at University using Emacs and NetBeans. I am not a professional developer by any means, so if I can make sense of a tool and follow a book or manual, newbies should have no trouble.

The book and online manual are targeted at completely different audiences. The online manual clocks in at 97 very terse pages (print-previewed as-is in Internet Explorer) while the book is 193 pages. Despite the 100+ page difference, the online manual is intended for the hardcore geek and covers much more detail with less hand-holding. The book is written in a conversational tone that occasionally borders on distracting (e.g., "The Ruby executor is quite clever...") but no more so than other Pragmatic Programmer books.

Beginners and road warriors will find the book very handy, literally. I am a 'dead tree' book fan, especially regarding 'how-to' style documents. I like my books splayed open on my desktop so I can go from book to book as I work. At 193 pages, 'TPEFTM' does not like to sit open and flat, but it does fit easily into a laptop bag. The book does not come with a CD, but all the code is available on-line. I prefer this delivery system since besides the fact that I hate ripping CD envelopes out of books, TextMate is only available as a download anyway. Links to various third-party automations, commands and code are included throughout the book, and most of these 'ad-ons' are some flavor of open-source.

The book is organized in order of increasing complexity, so it is a good introduction for someone new to IDE-based development in the 'big tool that does many things' school. TextMate consciously mirrors some of the complex functionality of Emacs, albeit in a more accessible form, and the book eases the reader into this world in small, logical steps.

This is not to say the hardcore geeks won't find the book useful. There are many tips and tricks throughout the book that help a reader work faster and more efficiently (lots of keyboard shortcuts and scripting).

I tend to put sticky notes in my books, especially manuals. Find a code recipe you like? Sticky-note the page. The book contains many shortcuts ("Command Line TextMate", "filename matching") that inspired sticky-notes for later tinkering. The ordering of the tools is such that the reader can sit at the keyboard and work the examples straight through, read it start to finish 'offline', or use it as a reference book. I would encourage at least one straight-through read to ensure seeing every passage once. Browsing the index, chapter or page headings will not yield everything on offer.

TextMate is primarily viewed as a Ruby on Rails development tool. The book expressly acknowledges this (the code examples are mostly written in Ruby), but provides detailed instructions for handling syntax highlighting in Java, C and other languages via Automations. I did not try this out, but the instructions seemed fairly straightforward — someone with the passion to write Haskell in TextMate could probably set it up.

When deciding whether to buy this book or not, the key consideration is 'what does the book give me that the online documentation does not?' Textmate has several features that require elaboration, especially for newer users. TextMate supports various 'shortcut' and 'script-like' technologies — code snippets, macros, automations and two different types of commands — plain *NIX shell commands and TextMate 'automation commands'. Chapters five through 12 cover these tools individually and when combined. Purists may say 'well just use Emacs and write LISP' but the TextMate framework is more accessible to someone with less developed skills (and with less time to develop LISP-Fu). It provides a stepping stone for ambitious users, but allows for 'just getting it done'. I found these chapters to be the most compelling in the book both because they cover the most valuable features of the TextMate environment and they introduce skills a newer user should have (*NIX scripting, pipes, etc.) and more experienced users already have, but will want to implement in the TextMate context. While the online manual covers the technologies in detail, the book provides a more structured, user friendly introduction with enough detail to get work done and lay the groundwork for future development.

For $29.95, I do not expect exhaustive coverage of every feature. While 800+ page tomes have a place, it is nice to have a manual that fits in my bag. The coverage is very good for the basics and excellent for the more complex scripting features. I would definitely recommend this book for newer users, anyone who wants a readable, portable guide and those who plan on using the advanced scripting features, especially in conjunction with preexisting NIX system skills.

You can purchase TextMate: Power Editing for the Mac from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Cory Foy writes "Several months ago Vikram Goyal emailed me letting me know he had a new book coming out from Apress, Pro Java ME MMAPI: Mobile Media API for Java Micro Edition. Having done mobile device development using J2ME, I knew how difficult it can be to do, or explain, some of the tricks in device development. So I wanted to see if this book could rise up to the challenge." Read below for the rest of Cory's review. Pro Java ME MMAPI author Vikram Goyal pages 250 publisher Apress rating 8 reviewer Cory Foy ISBN 1590596390 summary A clear guide for implementing J2ME on your phone

I've noticed as of late that the quality of the technical books I've been reading has deteriorated. Misspellings, wrong calculations, grammatical errors, not the thing to inspire confidence in the subject. In addition, the content can be hard to follow, it's hard to grasp where the author is going, etc, etc.

Not this book. I was immediately struck in the first chapter by how clearly written the book is. Yes, you need to have some knowledge of J2ME device development (specifically MIDlets), but Vikram does a great job easing you in to the subject, and providing good, easy to follow examples.

The subjects he is covering, dealing with media on mobile devices (specifically phones) is a particularly tricky subject. The problem? Many device manufacturers implement standards differently. They claim to support things they don't. They ignore features you would expect. Worse, their emulators, the very thing you develop against, don't always match the phone. In fact, very rarely do they match the phone.

Vikram tackles this by testing his code on several different types of devices, and clearly lists out the dangers of relying on just the spec, or the reference implementation, or the emulator. I've seen versions of the same phone work differently based on what the provider had done to the phone. Verizon will always be evil to me based on my experiences of porting code that worked great on Nextel to Verizon phones, but that's another story.


Chapter 2 provides an overview of the basics of the MMAPI. In particular, how to get data from a DataSource to play in a Player. Since the MMAPI is designed to be implemented by device manufacturers, it is a great read to see how an API can remain simple, yet cover a vast array of inputs and outputs. For example, Player instances can read files, streams, web sites, and a variety of other inputs. It can control audio, video, MIDI and tones. All of this using the same underlying API. Pretty good stuff.

Chapter 3 gets us diving into some code. We write a basic multimedia player, and then improve it to add functionality and increase performance by understanding what is involved in caching Players.

Chapter 4 continues on explaining the more about the underlying architecture, specifically the media player lifecycle and events. Since we are dealing with devices that generally have limited resources, the API provide a way to save claiming those resources until as late as possible. In addition, it provides ways to reclaim those resources, and Vikram covers some of those ways in this chapter. He then moves on to discuss the eventing architecture, and how to respond to custom events (he does briefly describe writing your own events but I can attest that getting anything that low level on a device from US providers is usually pretty difficult).

It wouldn't be a good programming book if we didn't talk about threads at some point, and Vikram touches on it in Chapter 5. Specifically, we're diving into accessing files over the network, and we don't want to block the device while we are doing that. Yes, when you are running a MIDlet, the app thread is the main phone thread, so if it is waiting for network traffic, the phone is unresponsive to the user. So very wise use of threads is necessary. In addition, some security considerations start coming into play, and the book covers what to expect.

Now the fun starts. In Chapter 6, the book discusses Tone Control, the first of 2 entertaining chapters on making your device make noise. The chapter starts off with a very concise explanation of basic music theory to give developers an understanding of what they are going to need to do to generate tones of different pitches. It then moves on to the difference between Mono and Polyphonic notes, and how to create sequences of notes. By the end of the chapter, you too can have your phone playing "Happy Birthday".

Chapter 7 continues on with the party, going into one of my favorite subjects, MIDI. Again, we get a good, concise introduction to the fundamentals of MIDI. We then get to see how to send raw messages to a device that understands MIDI, and how to use MIDI in the MMAPI.

Chapter 8 touches on the other aspect of media — Video. To do this, it first discusses sampled audio, and how to capture and control it. It then goes into capturing video, which many devices may not support, and how to capture snapshots for those devices with cameras. It also covers what to do with the file when you've captured it (for example, save it or display it to the user), and closes with a discussion on streaming media.

I was surprised when I got to chapter 9 because chapter 8 ended by saying what we were going to cover in the final chapter, and I hadn't realized that I had read that much already! Chapter 9 is a great way to end the book. Vikram shows us how to implement our own mobile blogging website, complete with implementing uploads for Text, Audio and Video (if our devices support it). He even provides screen shots and full code, walking through it step by step to help us understand what is going on.

All in all I very much enjoyed the book. If you have a phone capable or supporting J2ME, this is definitely worth a read. The writing is very clear, and entertaining. If there is a downside, it is the poor integration of J2ME in a lot of providers devices, and the inconsistencies in the implementations. But thankfully Vikram guides us through all that so we can quickly be up and running singing along to our favorite dance hit with the words on our phone, mobile blogging the whole thing.

You can purchase Pro Java ME MMAPI: Mobile Media API for Java Micro Edition from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

An anonymous reader writes "I have managed a lot of technical people in my career, and one thing I know: managing geeks is hard. Rewarding, interesting, challenging — and hard. Hard to do well. Dealing with all of the complexities of a modern IT environment is extremely difficult. There is precious little time, even less (skilled) help, and many, many "mission-critical" demands. This book is written for that over-worked, tech-savvy (and perhaps business newbie) IT Manager (and IT Manager wannabee.) It discusses both sides of the IT department equation: both the technical, as well as the business issues. It talks about not only how to write a good SLA but also how to avoid burnout in your employees." Read below for the rest of the review. IT Manager's Handbook 2nd Edition author Bill Holtsnider and Brian D. Jaffe pages 589 publisher Morgan Kaufmann rating 8 reviewer anonymous ISBN 012370488X summary discusses both the technical and business side of being an IT manager

This book has 20 chapters that discuss both the concepts and the details about critical IT tasks. The first ten chapters discuss the Business of Being an IT Manager: What is an IT Manager?, Managing Your IT Team, Staffing your IT Team, Project Management, Changing Companies, Budgeting, Vendors and Their Products, IT Compliance and Controls. The second ten chapters discuss The Technology of being an IT Manager: Getting Started with the Technical Environment, Operations, Physical Plant, Networking, Security, Software and Operating Systems, Enterprise Applications, Storage and Backup, User Support Services, Websites, User Equipment, Disaster Recovery.

Back in the day, IT was a relatively well-defined activity. Not a lot of people knew about it, it was complex but pretty isolated, and there was precious little "interaction" (interference) with the business side of an organization. When I started managing, there was the technical side and everything else. Now things are very different. IT Managers not only need to have the latest patches installed on the network but they also need to know the five standards steps in project management. They have to know to write a disaster recovery plan as well as what the relative value of a certification is, what phishing is as well as what not to ask in a job interview.

The concepts discussed in this book are relatively classic; the principles of project management, implementing physical security or estimating costs for a budget are not new areas. The authors discuss these topics with a lot of hands-on detail, specific information that a manager can grab quickly. This book let me read ten pages on "Change Management," for example. I knew what change management was, but I needed more that a buzzword before I met with my boss. This book gave me enough detail to talk about it.

From the preface: "We wrote the book for new IT managers and future IT managers. Much of the material in this book will be familiar to experienced IT managers — those people who have been managing IT departments since the space program in the 1960s. But for many individuals, the late 1990s and early 2000s have brought a radical change in responsibilities with little or no help along with it." While that is not me, that is a lot of people I know and have worked with. They got shoved into management because they knew what a "service pack" was and the previous IT manager had left. One minute they were connecting CAT 5 cables and the next minute they are in a ten-person meeting trying to explain why the department needs two new server racks, and two more servers, and two more service techs and three more fill-in-the-blank.

It can be a challenge to make text about operating systems interesting, but I liked their comparison of the Linux/open source and/or Windows discussion. They point out the strengths and weaknesses of each. There are Pro/Con tables scattered throughout the book that I like a lot. Give me the facts, and I'll make up my own mind.

I don't want to say I could not put the book down, because I could. It's designed to let me. I can jump in, get the data I need ("What does ILM stand for again, and what is it?") and jump out. With a fourteen page, two-column Index, a Glossary and each of the chapters ending with both websites and book citations, I can find the stuff I need quickly.

Most individuals in IT today could benefit from a book like this. No one knows everything, and most people don't even know the range of what they are supposed to know. This is a good book for the current IT manager — there are going to be some topics that they are not familiar with, such as the details of Compliance. It is also a good book for a person that wants to or thinks they want to be an IT Manager. He or she can read through this book and determine, if these are the kinds of issues they want to deal with daily.

You can purchase IT Manager's Handbook 2nd Edition from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Ravi writes "SELinux is a project started and actively maintained by the U.S Department of Defense to provide a Mandatory Access Controls mechanism in Linux. It had been a long standing grouse of Linux power users and system administrators over its lack of fine grained access control over various running processes as well as files in Linux. While Solaris touts its famous RBAC and Microsoft Windows has its own way of providing finer rights to its resources, Linux had to put up with the simple but crude user rights known in tech speak as discretionary access control to control user access of files. With SELinux project making great strides and now being bundled with many major Linux distributions, it is possible to effectively lock down a Linux system through judicious use of SELinux policies. SELinux implements a more flexible form of MAC called type enforcement and an optional form of multilevel security." Read the rest of Ravi's review. SELinux by Example author Frank Mayer, David Caplan, Karl MacMillan pages 425 publisher Prentice Hall rating 8 reviewer Ravi Kumar ISBN 0131963694 summary This book imparts a deep understanding of the features, structure, syntax and working of SELinux

The book SELinux by Example is authored by three people — Frank Mayer, Karl Macmillan and David Caplan and is published by Prentice Hall. There are a total of 14 chapters and 4 appendices spread just over 400 pages. The 14 chapters are in turn broadly divided into three parts with the first part containing chapters which provide an overview of SELinux, its background and the concepts behind it. The second part contains 7 chapters which are most useful for SELinux policy writers and contain detailed explanation of the syntax used in writing the policy files. It is the third part, "Creating and Writing SELinux Security Policies" which could be most put to use by system administrators.

In the second chapter, the authors introduce the concept of type enforcement access control, the understanding of which is imperative to ones knowledge of SELinux. They further discuss the concept of roles and multi level security. True to the title of the book, all these concepts are explained by analyzing the security controls of the ubiquitous passwd program.

In the succeeding chapter the authors explain the underlying architecture of SELinux. More specifically, how SELinux integrates with the Linux kernel via the Linux security module (LSM), the organization of the policy source file and how to build and install policies.

SELinux policies to a large extent are based on object classes. For example, you can create an object class and associate a set of permissions to that class. All objects associated with that class will share the same set of permissions. In the fourth chapter, one get to know about different types of object classes and the permissions that can be assigned to these classes. A total of 40 classes and 48 permissions are discussed in this chapter.

The next chapter titled "Types Enforcement" goes into a detailed analysis of all the types and attributes as well as the rules that could be used. The majority of SELinux policy is a set of statements and rules that collectively define the type enforcement policy. Going through the chapter, I was able to get a fair idea of the syntax used in writing TE policies.

Keeping in mind the complexity of the subject, it helps a great deal that at the end of each chapter there is a summary section where the authors have listed the important points covered. More over, one gets to answer a couple of questions and check one's knowledge about the topic being discussed.

In the 6th chapter, the authors explain in detail the concept of roles and their relationship in SELinux. What I really like about this book is the fact that each concept of SELinux has been dedicated a chapter of its own. For instance, constraints, multilevel security, type enforcement, conditional policies,... all are explained in chapters of their own.

One thing worth noting is that Fedora Core 4 and RHEL 4 and above ship with the targeted policy by default. Where as to completely lock down a Linux machine, you need to embrace the strict SELinux policy. This has the side effect of causing breakages with some of the existing Linux applications which expect looser security controls. In targeted policy, the more confining rules are focused on a subset of likely to be attacked network applications. In most cases, one can manage by using targeted policy. This book mostly deals with the strict policy of SELinux and in chapter 11, the authors dissect the strict example policy maintained and updated via the NSA and Fedora Core mailing lists.

There is another policy called the Reference Policy which is an attempt to water down the strict policy maintained by NSA. In the process making it easier to use, understand, maintain, and more modular. This is covered in the succeeding chapter titled "Reference Policy".

The next chapter titled "Managing an SELinux system" is one which the system administrators will relate to, where the authors throw light on the hierarchy of SELinux configuration files. The purpose of each file is explained in simple terms. Considering that SELinux comes bundled with a rich set of tools meant to be used by system administrators, one gets to know the usage of some of them and also learn about the common problems that are faced by administrators while administering an SELinux system.

In the last chapter of the book, one is introduced to the task of writing policy modules. Here the authors hand hold in the creation of a policy module for the IRC daemon for Fedora Core 4, from the planning stage to writing and applying the policy module, to the final testing.

The book also includes 4 appendices which contain a wealth of knowledge on SELinux. I especially liked appendix C which lists all the object classes and permissions as well as appendix D which has a list of SELinux system tools and third party utilities with explanations.

I found that I was better able to assimilate what the authors explained when I read the 13th chapter of this book first and then went back to read the 4th chapter onwards. Having said that, I find this book to be an excellent resource for people interested in developing SELinux policies and to a slightly lesser extent a resource for system administrators. At the very least, this book imparts a deep understanding of the features, structure, syntax and working of SELinux.

Ravi Kumar maintains a blog at linuxhelp.blogspot.com where he shares his thoughts and experiences on all things related to Linux.

You can purchase SELinux by Example from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Paul S. R. Chisholm writes "Inside the Machine: An Illustrated Introduction to Microprocessors and Computer Architecture, written by Ars Technica's Jon "Hannibal" Stokes, talks about how CPUs work, and how they've evolved and advanced in the past fifteen years. The result is detailed, very up-to-date (including descriptions of Intel's Core 2), generally clear, and covers a lot of fascinating material." Read below for Paul's review. Inside the Machine: An Illustrated Introduction to Microprocessors and Computer Architecture author Jon Stokes pages 320 publisher No Starch Press rating 8 reviewer Paul S. R. Chisholm ISBN 1593271042 summary A detailed look at how CPUs work, and how they've evolved and advanced in the past fifteen years

How on earth have CPUs advanced as fast as they have? How have we gone from 60 MHz Pentiums in 1993 to 3.73 GHz Xeons (with two cores) and 2.66 GHz Core 2 Extremes (with four!) today? Sure, Moore's Law and competition pushed the chip makers, but how did they implement all that extra performance? In Inside the Machine, Jon "Hannibal" Stokes provides a thorough, exhaustive, nearly exhausting look at what's at the heart of your computer. If Stoke's name sounds familiar, he's a founder and long-time contributor to Ars Technica. Anyone who liked his work there, his comprehensive articles and brightly colored diagrams, will probably enjoy this book a lot.

The first two chapters cover the basics of CPU operation and machine language. These are pretty good, though you'll probably need some assembler language experience to really understand everything in these chapters. Even without such experience, you'll pick up enough to get through the rest of the book.

The next two chapters get more advanced, covering pipelined and superscalar execution. CPUs don't execute one instruction at a time. Instead, they break instructions into smaller operations, and work on those smaller operations in parallel. These two chapters begin to tell how CPUs do that. (The book also discusses caching, another huge performance booster. For some reason, Stokes doesn't get to that until chapter 11.)

The rest of the book discusses specific CPUs. From Intel, we see the original Pentium, Pentium Pro, Pentium 4, Pentium M, Core, and Core 2. (Intel didn't release as much information about the Pentium II and III.) From the Apple/IBM/Motorola alliance, we learn about the 601 (the heart of Apple's first "Power Mac"), 603, 604, 750 (G3), 7400 (G4), and 970 (G5). In the middle of all that, there's also an excellent description of 64-bit computing, its advantages, and even its disadvantages.

Every buzzword you've ever heard about CPUs is covered: front end vs. back end, branch prediction, out-of-order execution, pipeline stalls, SIMD, direct-mapped vs. N-way set associative mapping. That sounds intimidating, but Stokes introduces the concepts one at a time, clearly and in detail. The next time an overclocking fanatic tries to tell you why his AMD CPU is so much better than your Intel CPU (or vice versa), you'll not only be able to follow the whole discussion, you'll be able to argue back.

Stokes turns all this into a (highly technical) history of CPU development. One chip's virtue is its successor's vice; one generation's shortcoming is another's opportunity.

This book reinforced something I already knew but don't often enough live by: Portability depends on architecture (for example, x86 vs. PowerPC), but high performance depends on microarchitecture (for example, Pentium M vs. Athlon 64 X2). Today's Core 2 chips have many high performance features missing from the 1993 original Pentiums. A good compiler like gcc can take advantage of those additional features. This is bad news if you're using a binary Linux distribution, compiled to a lowest common denominator. It's good news if you're building and installing Linux from source, with something like Linux From Scratch or Gentoo/Portage. It's also good news for just-in-time compilers (think Java, .NET, and Mono); they're compiling on the "target" machine, so they can generate code tailored for the machine's exact microarchitecture.

The full color diagrams were a big help in understanding Stokes's points. On the other hand, I'm not sure why the book was printed in hardcover. To make it look more like a textbook? Is that a good thing?

The text is packed with jargon, buzzwords, and TLAs (Three Letter Abbreviations). Most of that is unavoidable, but a glossary would have been nice. Each chapter builds on the previous ones, so most readers will want to read all the chapters in order, paying close attention the whole time. Even so, this book had a lot more forward references ("I'll define that shortly" or "We'll get to that later") than most technical books.

Don't expect much non-technical discussion. Exceptions: There is a very good description of the Pentium 4's obsession with higher and higher clock speeds, including marketing pressures, and the resulting performance increases and drawbacks. The occasional "Historical Context" sections are also quite nice. But you'll see nothing on Apple's decision to move from PowerPC to Core, or the competitive battle between AMD and Intel. For that matter, you'll see almost nothing at all about AMD or its products.

Personally, I think Stokes missed an important opportunity to talk in depth about multiprocessing. He spends only four pages on the subject, and that only as part the description of the Core Duo. You'd think there was never a multi-core G5. There's only a couple of paragraphs on the difference between multiple CPUs and multiple CPU cores. ("Dual dual-cores" and the AMD 4x4, anyone?) He declines to discuss how caches interact with multiple CPUs or multiple cores. That's unfortunate, because anyone doing multi-threaded software development really needs to understand cache issues, at just about exactly the level this book covers. But you'll find nothing here about cache coherency, or about what out-of-order execution results might be visible only to multi-threaded software.

Jon Stokes had an incredibly ambitious goal: to write an accessible book that covers much of the same ground as Hennessy and Patterson's Computer Architecture and Computer Organization and Design. I don't think he achieved that, but he came pretty close.

You can visit the book's home page or the author's blog.

Paul S. R. Chisholm has been developing software for 25 years. He's worked at AT&T Bell Laboratories, Ascend Communications / Lucent Technologies, Cisco Systems, and some small startups you've never heard of. His latest article, "'Pure Virtual Function Called': An Explanation," appeared in The C++ Source. He lives and works in New Jersey.

You can purchase Inside the Machine: An Illustrated Introduction to Microprocessors and Computer Architecture from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "Developers of Web sites, whether professional programmers or Web hobbyists, are oftentimes impressed by the more advanced functionality that can be achieved on a Web page using JavaScript. Yet these personal discoveries of JavaScript's power do not always motivate the developers to implement similar functionality on their own sites — partly because most of those custom-built JavaScript functions are cryptic, and make no attempt to show how the developer would customize the code for their own use. The majority of JavaScript books are of limited help in this regard, because they focus on the language details, illustrated only with code snippets. Many readers would benefit more from instruction via working examples, which is the approach used by The Book of JavaScript." Read the rest of Michael's review. The Book of JavaScript author David Thau pages 528 publisher No Starch Press rating 8 reviewer Michael J. Ross ISBN 1886411360 summary A guide for beginners to learn JavaScript via examples

The book was written by David Thau, a.k.a. "thau!," a veteran of the Internet and computer programming — especially JavaScript, which he has taught to countless other programmers, through this book, as well as numerous courses, conference presentations, and the tutorials he has written for Webmonkey.

Published by No Starch Press, the second edition of The Book of JavaScript appeared in December 2006. The publisher maintains a Web page for the book, where visitors can find an online copy of the book's table of contents, excerpts from reader reviews, links for purchasing the paper and electronic versions of the book, a sample chapter ("Chapter 2: Using Variables and Built-In Functions to Update Your Web Pages Automatically") as a PDF file, the errata discovered by the author and readers (several reported so far), and a link to the author's companion site.

Unlike some books' companion sites, this one is worth a visit, and not just to see a working example of the tip box described in chapter 8, which is used to show how to create an array. Thau's site has links for viewing, running, and downloading all of the sample code in the book's figures. In addition, the visitor can obtain copies of the book's JavaScript libraries, for doing cookies, form validation, and plug-in detection. There are links for viewing and downloading the three sample Web sites. However, in his AntWeb site, at least as of this writing, none of the images are showing up on his homepage. Another problem, of much less importance, is the strange behavior of the "Websites" and "Freeware" options on his "Chapters" drop-down list box. Choosing either one takes the visitor to his "Websites" page, but always displays "Freeware" in the drop-down. It is hard to imagine that this behavior is intentional.

The book's material spans 528 pages, most of which is found in 18 chapters, covering a variety of topics: an overview of JavaScript's capabilities, alternatives, and limitations, among other less technical issues; variables and built-in functions; browser detection and simple control flow; rollovers, events, images, and the "document" object; window manipulation and properties; creating your own JavaScript functions; Web forms; arrays and iteration; timing events; frames and image maps; handling form input and strings; cookies; dynamic HTML, CSS, and DOM; AJAX basics; XML; server-side AJAX; a sample application (an online to-do list); and debugging JavaScript and AJAX. The book also offers four appendices: answers to chapter assignments; online resources (tutorials, sample code, AJAX sites, and AJAX frameworks); a complete reference to JavaScript's objects and functions; the code for the book's two longest applications, namely, the Italian translator and the to-do list.

This second edition serves as a follow-up to the well-regarded first edition that came out seven years earlier. Both the book and the language itself have clearly withstood the test of time. There are several reasons for the popularity of that first edition: It taught the language and its capabilities largely through the use of complete JavaScript functions, each of which served as an illustrative example of not just the elements and rules of the language, but also straightforward ways of accomplishing common tasks in JavaScript. After all, looking at sample code is how most programmers prefer to learn or verify how a language works.

The book assumed no prior knowledge of JavaScript or any other computer language, on the part of the reader. This characteristic not only set it apart from the large number of other JavaScript titles published at that time, but it made the book more attractive to people new to programming in general and Web programming in particular. Such readers might also favor this book over others because of the author's approachable writing style, in which he fully explains topics in a leisurely manner, without the terseness seen in most programming language books. This is not to say that brevity in technical works is ever a mistake per se; the busy professional programmer wants to find answers as quickly as possible. But such brevity can quickly prove frustrating to non-techies, who lack the background for understanding terse explanations and for knowing where they can turn for clarification.

All of these laudable attributes of the first edition have been carried over into this latest edition. The primary change found in this second edition, is the coverage of AJAX (asynchronous JavaScript combined with XML). Even though the additional material substantially increases the length of the book, by 124 pages, the end result is still far from unwieldy — mostly due to several factors: The book's table of contents, along with the index, are detailed enough to make it relatively easy to find a particular topic in the book, assuming that it is included. The subsection listings in the table of contents, like good source code, make liberal use of whitespace for readability. In the text itself, coloring the headings and note numbers blue make them stand out.

Aside from the aforesaid problems with the book's companion site, there are a few other areas for improvement: It was noted earlier that the last appendix contains the sample code from chapters 15 and 17. The author states that these code listings were located in an appendix, rather than the chapters themselves, because they are too long. Actually, they comprise only a dozen pages, which would have been better located in the chapters where the reader expects to see them, and where they would be close at hand for referencing. The first listing is only two pages long, and definitely should be located in chapter 15. Even for the second listing, if the author is concerned about readers getting frustrated flipping through the 10 pages to find the continuation of the chapter's discussion, a simple note at the beginning of that code, as to what page the discussion is resumed, would be sufficient.

Some fundamental language elements of JavaScript are introduced fairly late in the book. For instance, it is noted above that an explanation as to how to create an array — an essential concept in just about any procedural language — is not found until the eighth chapter, on page 134. This is more than one third of the way into the book's 18 chapters. On the other hand, given that the author has chosen to present these language concepts, for the most part, only when needed and when describing the sample code, this later introduction of some key concepts might not prove much of a problem to most readers. However, this is a case in which the completeness and accuracy of the book's index, are even more critical than usual. In this regard, the book does not fail the reader, as the index appears to provide enough coverage.

The formatting of the code throughout the text is not entirely consistent, as evidenced by some open braces appearing on their own lines, thus wasting space, and in other cases on the same line as the preceding parenthesized expression, though separated by a pointlessly large number of spaces. Code level blocks are indented two or four spaces, seemingly at random. Continuation lines are indented exactly the same; they would be more clear if they had double the number of spaces as code level blocks. Of more importance to the reader attempting to figure out what code is serving what purpose, there are far too many large chunks of code lacking any comments, which are needed, since much of the code is not self-describing. In most of the functions, the only comment lines are those for hiding the JavaScript from outdated browsers — a practice that should have been phased out in this latest edition.

Any experienced programmer who needs a complete JavaScript reference book, or a book that covers all the language's elements in fine detail, would be best served by choosing a different book from this one. On the other hand, once they had secured such a book, they would likely find David Thau's contribution an enjoyable source of ideas on what can be done using JavaScript capabilities. For anyone who wishes to learn JavaScript in a practical and relaxed way, by reading clearly explained sample projects and their code, should be well pleased with The Book of JavaScript.

Michael J. Ross is a Web programmer, freelance writer, and the editor of PristinePlanet.com's free newsletter. He can be reached at www.ross.ws, hosted by SiteGround.

You can purchase The Book of JavaScript from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Aeonite writes "According to the Introduction, Character Design For Mobile Devices is 'the first book on the designs, the technologies, the issues, and the techniques behind character design for mobile devices and games.' Unfortunately, what could have been an interesting and unique coffee table book suffers from an unclear message, poor design, bad editing, and an authorial voice that is rather too present at times, and too oblique at others." Read below for the rest of Aeonite's review. Character Design for Mobile Devices author Nfgman, Lawrence Wright pages 192 publisher Elsevier Science & Technology Books rating 6/10 reviewer Aeonite ISBN 0240808088 summary A book for truly die-hard and extremely nostalgic fans of pixel art

The title of the book can be read in at least two different ways. First, it could refer to character design from the perspective of the fan, as in "I will read ABOUT the design of these characters." Secondly, it could refer to character design from the perspective of a prospective student: "I will learn HOW to design characters." While this book occasionally dips its toe in the latter waters, the technical tidbits are not plentiful enough to warrant the book being sold as a "How To" guide to character design. The ambiguousness of the title might be overlooked if it was not coupled with a misleading back cover blurb, apparently written by someone who didn't read the book. "Learn to design vibrant, identifiable graphics and recognizable characters with only a few pixels at your disposal!" boasts the first line on the back cover. You will not learn any such thing from this book. This is not in any way a guide on how to design pixel art. It is a coffee table book about pixel art, and it must be reviewed in this light.

After briefly covering introductory topics like "What is a pixel?," the book quickly moves into the much meatier Chapter 2, which covers the "History of Portable Devices." Often repetitive (e.g., the same information about Nintendo's Game & Watch appears several times), it is nevertheless a pretty good overview, covering everything from the aforementioned Game and Watch and Microvision to the current generation of portables and everything in between (e.g., NeoGeo pocket, Atari Lynx, Wonder Swan), including a two-page spread about some Lego-like Pixel Toys.

Chapter 3, "Changing Hardware," is not so much about hardware changes (Chapter 2 covered that), but about the impact of changing hardware on what designers are able to achieve. The first few pages cover cellular phone games, and how they differ from consoles (vertical orientation, color and memory sizes), but the discussion seems unnecessarily (and somewhat archaically) tilted in favor of ye olde CRT monitors, only at the very end reversing course and saying that "The little LCD is tried, true, and able to keep up..." Pages 58-59 are probably the crunchiest in the book — covering graphics tools such as Graphics Gale, Corel Paintshop Pro, and Grofx2 — but the information is unfortunately less than clear. The author states that "Photoshop... is inappropriate for pixel art" but then two sentences later points out that "Photoshop is nearly ubiquitous and very popular with pixelers." How can this truly be the case?

The chapter then changes gears to present a series of Artist Foci, which are less focused than one might think. The first piece on Henk Nieborg mentions that 'His next game was Lionheart, which sold well considering its platform...' but we are not told what platform. Later, the author says of another game that '..the final effect is almost reminiscent of Metal Slug.' And what is Metal Slug? We're not told here. Fewer problems appear in the Army of Trolls Focus, aside from the underlying problem that this is a book about mobile devices, and Army of Trolls don't design for mobile devices; they work on "pixel art."

One of the quotes in this section is quite telling when you consider the back cover's claim that this book will help you "Learn to design": 'If I am working on a cityscape, I'll copy and paste buildings into the image and mess around with them in Photoshop layers until I am pleased with the layout.' Somehow this is less than enlightening, although it's still much more so than this Zenlike piece of insight from the Chris Hildebrand Focus that says nothing about anything: 'Chris has a broad range of skills and methods that have allowed him to produce an incredible range of graphics in many styles. He works with whatever speeds his methods require, creating pixel graphics from a number of sources using various techniques.'

Chapter 4, covering "Mobile Developers," mingles the author's own words with quotes from others in the "pixel art industry," and it's often confusing who's saying what until you get to the end of a paragraph and find someone's name in bold. Sometimes there are multiple quotes from the same person (as with Charles Barnard) but rather than being arranged in any particular order — like, say, alphabetically, or by subject matter — they are just dropped into the text seemingly at random. The material here is interesting and often insightful, but even when the book is at its best, it's stumbling; page 98 contains a "How To" from Capybara's Nathan Vella and Anthony Chan, but the name in the chapter title is misspelled numerous times as "Cabybara." Later, in a discussion with Sato Takayoshi, "palette" is misspelled as "pallet" numerous times; forgivable elsewhere, but not in a book about design.

In Chapter 5, titled "Genre/pixel Histories," the book devotes some twenty-five pages to an exploration of RPGs, Fighting Games, and Platformers, and the remainder of the chapter to "Sprite histories" of characters like Mario, Sonic and Bonk. This is all fascinating stuff, and in many ways this is the most interesting part of the book, but the problem is that this is a book called Character Design for Mobile Devices, and nothing in this chapter has anything to do with handheld gaming aside from a few sentences that vaguely hint that it's 'only a matter of time' before a good mobile RPG game is created, and that such a game 'could be impressive indeed.'

Despite the fact that it's interesting and engaging, the content is not without flaw. Page 147 spends an entire paragraph discussing Konami's 'first modern fighting game' but the author fails to mention it by name at any point. This is followed on page 148 by a mention of "Garou: Mark of the Wolves" and its 'visually incredibly evolution,' but there are no pictures of it or further discussion. The next page mentions 'a short-lived fighting game that never disappointed in any category, especially the visuals,' but your guess is as good as mine as to what game that was. A few pages later, the author discusses three characters from SNK fighting games without mentioning what games they're from.

The Sprite histories are often just as confusing. The evolution of Mario contains a cascade of images, some of which are not clearly labeled — page 160 shows six sprites and four captions; page 162 shows eleven sprites and only one vague caption. The histories of Donkey Kong and Castlevania are a little clearer, but confusion returns with the Sonic, Arthur (of Ghouls 'n' Ghosts fame), and Bonk histories, with the latter at one point referencing the image that is 'second last on the column below' on a page with three rows of images, the first two in four columns and the last one in six columns.

It's worth noting that this problem with captioning occurs elsewhere in the book, too:Page 15 has twelve images in six rows but zero captions. Page 23 has three images and two captions. Image 1 is of the TurboGrafx 16 and is so labeled. Image 2 is of the Turbo Express and is unlabeled. Image 3 is a close-up of the TurboGrafx 16 clearly showing the logo of the TurboGrafx 16; it is labeled "Turbo Express". Page 33 has seven images and three captions but two of the images are labeled with the number 1. Page 43 has fifteen images and five captions but only the first five images are labeled. Page 118 has screenshots from two different game platform versions of Sonic the Hedgehog, and two captions both labeled Sonic the Hedgehog, with no indication of which is which.

It is, frankly, a mess.

As with the title of the book, "a mess" can be read in two different ways: as a synonym for "a lot," or as a reference to clutter. In this case, it refers to both, which is to say that this book contains a whole lot of pictures, and they're very messy. Were this a book about HOW to design characters, poor design decisions would be less important than the content, but for this type of book it matters a great deal, as the design and the content go hand in hand: only 25% of each page (on average) contains words.

The nineteen images on the cover seem haphazardly and randomly chosen, including fifteen pieces of random pixel characters, three shots of miscellaneous handheld devices, and one icon which simply reads "Character Design Library." Described in this way it's a bit difficult to get across exactly why this is a bad idea, so perhaps an analogy is in order. Imagine a book about American History, with a front cover consisting of fifteen images of Presidents, three pictures of sailing ships, and a photo of a Stop Sign. Random, much?

Between the covers, the design is also a scattershot affair. The book's chapters are color coded (Pink, Green, Blue, Yellow, Orange, in that order), with color coordinated boxes at the bottom of each page which sporadically mirror the topic. In the second chapter, the chapter title consistently appears in the box on the left hand page, but in the third chapter the title only appears maybe half the time, with the page subtopic sometimes appearing instead, or even the title of the second chapter. In addition, these colorful boxes skitter wildly across the page, sometimes flush left, sometimes centered, but mostly just sprinkled hither and yon.

As one might expect in a book about pixel art, the pages are filled with screenshots and other bits of artwork, but unfortunately many of these are oddly chosen or placed. In places, paragraphs describing a particular product go on and on, but the photos that should accompany them are one or two pages away. For example, on a two-page spread that discusses the Nintendo Gameboy are a large photo of a PlayStation Portable and a Nintendo DS. This occurs again a few pages later, where GameBoy Advance and the PSP are pictured on a two-page spread that covers the GameBoy, GameGear, Genesis and TurboGrafx. Later, more of the same: a discussion of Final Fantasy is graced with images from Dragon Warrior; a paragraph about Karate Champ is accompanied by a shot from Street Fighter; and a page about Super Mario Bros has screencaps from Super Mario World.

Much of the artwork also seems randomly chosen, rather than illustrative of a particular topic, or even indicative of a game's main characters or features. Page 86 contains three images from an unnamed "Military Game," two of which show the same empty warehouse (or possibly the back stockroom at a McDonald's). An artist focus on Chris Hildebrand contains numerous references to his most successful release, Heli Attack 3, yet not one image from this game appears in the six pages devoted to him; instead, two pages show us generic landscapes called "Mangrove Swamp image," "Waterfall image" and "Tropical image." The cream of the crop is page 128, which contains the following note: 'The Super Nintendo Super Ghouls 'n' Ghosts (left) was a visual marvel when it was released, with colors so lush and vibrant they rivaled arcade games at the time.' The stunning "image on the left" is the game's title screen.

Every graphical sin is committed somewhere in the book. Numerous pages (particularly in Chapter 2) suffer from "random cropping," where large images are cropped square with no attention to what's being cropped out; in one instance, a discussion of the Turbo Express contains an unhelpful close-up of the Select and Run buttons. Page 82 and 92 contain duplicate artwork, and the latter also contains a horribly oversized pixelated pirate that serves no purpose but to look ugly and fill space. Page 94 features the infamous "marketing image masquerading as screenshot," notable here because this is a book about pixel art, and this is not a piece of pixel art.

The book ends abruptly, sans conclusion, before diving into a Glossary full of unnecessary editorializing to put Wikipedia to shame. The entry on "2D" refers to them as 'often more vibrant than 3D,' and 'pure and fun,' whereas the entry on "3D" refers to how 3D games 'killed off pixel art,' 'require an incredible increase in computing power,' and how 'many older players blame the rise of 3D games and a new push for realism over style, and accuracy over creativity, for ruining games.' Is this a glossary, or a pulpit? It seems we are to believe that 2D gaming seems to represent elegant perfection, and 3D gaming represents all that is wrong with the world.

The book's introduction opens with a statement that 'this book is a tribute to 2D gaming graphics and portable game graphics.' Why the word "Design" is in the title, and "Tribute" is not, I don't know. There's nothing wrong with publishing a tribute to days gone by. 'There will hopefully always be a place for a simpler style of art on cellphones due to the small screen resolution and limited palettes', says Henrik Pettersson on page 86, before adding 'If you're looking for a lifelong career within visual arts, I wouldn't recommend pixel art as your only skill.' Not that Pettersson's point of view is the only one; Gary Lucken of Army of Trolls insists on page 65 that 'pixel art is a viable career move again for budding artists.'

So which is it? This author seems to imply that the latter is true. 'Looking forward isn't always the best way to advance an art form,' he says, adding that 'the pixel is not seen as primitive, but rather as a way to express a simple artistic elegance rarely seen in today's complex jumbled gaming landscape.' However, it's worth noting that one of the tutorials in the book is Ian McPherson's guide to designing games for the PC Engine system, a defunct console that hasn't seen an official game release in nearly a decade.

In this light, my earlier comparison to American History is worth coming back to. Character Design for Mobile Devices could (and perhaps should) have been an excellent history book, a nostalgic tour of days gone by. Instead, it doesn't quite know which hat to wear, combining tangential discussions on console gaming, conflicting "How-To" advice from pixel artists, and repeated pro-pixel commentary from the author which is akin to wishing for another Boston Tea Party, just because it was kind of cool the first time.

The book is far from a "Jumbled-Up Piece of Crap" (to use a term mentioned on page 88), but it would definitely benefit from a "new and improved" second edition that cleaned up its many problems. With more appropriately chosen art, more consistent captioning, and a clearer message, it would find appeal with a broader audience. As it stands though, the book really only has appeal for truly die-hard (and extremely nostalgic) fans of pixel art, those thirtysomethings who own Atari 2600 T-shirts and have Ms. Pac-Man cabinets in their basements. You know who you are.

You can purchase Character Design for Mobile Devices from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "Of all the technical challenges faced by the typical experienced computer programmer, questions about syntax form a relatively small portion. This is especially true now that current coding editors and IDEs offer statement expansion and syntax checking. Rather, the most common type of technical challenge is understanding how to solve a specific data access or manipulation problem. Hence the growing popularity of programming "cookbooks," which are filled with "recipes," each comprising a concise statement of a focused problem, followed by a solution, with plenty of sample code to show how to implement it. For developers using the MySQL database system, the gold standard of such books is MySQL Cookbook, by Paul DuBois." Read below for the rest of Michael's review MySQL Cookbook author Paul DuBois pages 948 publisher O'Reilly Media rating 8 reviewer Michael J. Ross ISBN 059652708X summary A great book for developers using the MySQL database system

Published by O'Reilly Media, the second edition appeared in November 2006. This new edition has been updated for MySQL version 5.0. The publishers have a Web page devoted to the book, where the visitor can find both brief and full descriptions of the book, an online table of contents and index, a sample chapter (number 5, "Working with Strings") in PDF format, errata (none reported as of this writing), and a way to post your own review on the O'Reilly Web site. There are also links for purchasing the book, or reading an online version, in the Safari Bookshelf program.

The bulk of the book's material is divided among 20 chapters, covering a wide range of topics: Using the mysql Client Program; Writing MySQL-Based Programs; Selecting Data from Tables; Table Management; Working with Strings; Working with Dates and Times; Sorting Query Results; Generating Summaries; Obtaining and Using Metadata; Importing and Exporting Data; Generating and Using Sequences; Using Multiple Tables; Statistical Techniques; Handling Duplicates; Performing Transactions; Using Stored Procedures, Triggers, and Events; Introduction to MySQL on the Web; Incorporating Query Results into Web Pages; Processing Web Input with MySQL; Using MySQL-Based Web Session Management.

Most of these chapters contain a generous number of sections, each serving as a recipe for a specific problem within MySQL. Two of the chapters have only four such recipes, but most have a dozen or more, with a few of them boasting more than three dozen recipes. Each recipe begins with a brief problem statement, and usually an equally brief solution statement, followed by a much more lengthy discussion, which contains the actual explanation of the solution, the sample code, and the expected output of that code. Some of the sections conclude with a mention of related recipes that could also be consulted.

This book, like so many other programming cookbooks, is weakened by the practice of offering a "Solution" subsection that consists of only one or two sentences — so terse and high-level that it provides, for all practical purposes, no solution to the reader. The actual solution is found in the "Discussion" subsection, which follows. This practice makes no sense. Because both subsections address the problem solution, they should be combined into a single subsection, naturally labeled "Solution." It appears that the purpose of the current Solution statements is to provide a terse summary. If so, then it should be labeled as such, yet still included within the new Solution subsection.

Despite this illogical division of each solution into two subsections, the content of the problem solutions found in MySQL Cookbook should be quite valuable, for several reasons: Firstly, the author has chosen the sorts of problems, within each category, that the MySQL programmer would typically encounter. No doubt this is a consequence of Paul DuBois being the author of a number of MySQL books, as well as one of the earliest contributors to the online MySQL Reference Manual. Secondly, the solutions work, and have been demonstrated to do so. Thirdly, the writing style is straightforward, which is characteristic of O'Reilly's titles. Fourthly, all of the problem solutions contain sample code and its output, which not only demonstrate the validity of each solution (as noted in my second point), but also allows the reader to see how the solution works simply by reading the material, and not having to type in the sample code to get the output within their own development environment — assuming one is even at hand, when reading the book.

The bulk of MySQL-related code in use today, was created not just to be accessed within a database client program, such as mysql, but instead from interpreted programming languages — especially those used heavily on Web sites. This is one area where MySQL Cookbook really shines, because it contains a large amount of sample code in Perl, PHP, Python, Java, and even Ruby. That is not to say that every code sample in one language has corresponding samples for all of the other languages; that would undoubtedly make the book much longer than it currently is, and probably unwieldy. But in cases where all of the languages are capable of expressing brief solutions, then they are included.

Regardless of whether the reader chooses the print or online versions, there are roughly two ways to make use of this book. If a programmer wishes to significantly increase their knowledge of what MySQL can do for them, and also increase their comfort level with utilizing those capabilities, then they might elect to read the book from stem to stern. Given that this would involve reading over 900 pages, it would certainly take some time for the average developer, but arguably could be time well spent. At the other end of the spectrum, the reader might elect to peruse individual sections that look interesting — particularly if they are relevant to a current project. This approach is certainly doable, because each of the recipes is self-contained, without the cross-referencing seen in many non-recipe style books. Admittedly, there are some "See Also" sections, but they are relatively few in number, with largely optional information, and tend to simply enrich the book's presentation, rather than frustrating the reader by pointing to other areas of the book.

This new edition of MySQL Cookbook concludes with four appendices, and an index. The first appendix explains where to obtain the software for MySQL, the five API programming languages used in the book, and the Apache Web server. The second appendix shows how to execute programs written in those five interface languages, on the command line. The third appendix is a fairly substantial primer on Java Server Pages (JSP) and Tomcat, providing an overview of servlets and JSP, as well as how to install and set up a Tomcat server, the Tomcat directory structure, the basics of JSP pages, and more. The last appendix lists resources outside the book for MySQL and the five aforementioned languages.

Unlike far too many programming books on the market now, this book's index is generally quite thorough, which is essential for a work of this size (975 pages). The recipe titles in the table of contents, are detailed enough to make it possible for the reader to locate the appropriate recipe in the book for their particular problem — assuming the book addresses that problem — and are grouped by subject, making it easier to find related recipes, which oftentimes can provide insight into other problems that they do not address directly.

Despite the obvious effort that has gone into both editions of this book, there are still some areas for improvement, and most of them are related to the readability of the sample code. Admittedly, there are different schools of thought as to optimal coding style, including use of whitespace, the placement of braces, and other matters. This assessment can only be my own opinion, based upon years of reading other people's code. The sample code in MySQL Cookbook would be more readable if more whitespace were utilized to separate function and variable names from open and close parentheses. This is especially true for the SQL code and MySQL extensions, for which all of the keywords are in all uppercase. The code fragments and full programs written in the API languages — such as Perl and PHP — are more readable, though they sometimes suffer from nondescriptive variable names. One might argue that the aforesaid choices are needed to cut down on the space consumed by the code on the book's pages. But if that were true, then the author likely would not have wasted an entire line for each open brace. Last, and certainly not least for the programmer who would like to try out the author's sample code in their own environment, it is unfortunate and inexplicable as to why the sample code is not offered on the O'Reilly Web site for downloading.

All in all, MySQL Cookbook is a well-organized and neatly written work, which should be of tremendous value to any software developer trying to find proven solutions to common database programming problems.

Michael J. Ross is a Web consultant, freelance writer, and the editor of PristinePlanet.com's free newsletter. He can be reached at www.ross.ws, hosted by SiteGround.

You can purchase MySQL Cookbook from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Oneamp asks: "I'm interested in a '500-in-one' type electronics kit. Amazon lists a few, but I've seen some user reviews that maybe they are not all they're cracked up to be. Most of the complaints seem to be of the 'Manual sucks' variety. Nevertheless, I'm sold on the idea. Can any of you, who have had actual experience with any of these kits, recommend a good one?"

Simon P. Chappell writes "I missed the partying in the 70's and so was not exposed to the full groovy experience that was available. You could say that I was a late developer (pun intended). Thankfully, I am now able to make up for lost time by learning the Groovy scripting language. For those of you not familiar with Groovy, it is a dynamic language designed to run on a Java Virtual Machine and be easy for Java programmers to work with; it looks very similar to Java and will freely inter-operate with Java objects and libraries. I've been tinkering with Groovy on and off for about two years now; learning Groovy in the old days, prior to this year, was a challenge with all of the design changes that were taking place. Groovy in Action (GinA) is the book that I'd wished was available back then. Dierk König, a committer for the Groovy project, has written this definitive guide to Groovy and after what has seemed an eternity to those of us on the Groovy mailing list, it is finally available." Read below for the rest of Simon's review. Groovy in Action author Dierk König, Andrew Glover, Paul King, Guillaume Laforge, Jon Skeet pages 659 publisher Manning rating 9 reviewer Simon P. Chappell ISBN 1932394842 summary A practical how-to book for Groovy

The obvious candidate for this book is the programmer that wants to learn Groovy. What is less obvious, is just who those people are, because programmers who would find Groovy useful are likely to come from quite a wide selection of backgrounds. If you thought that Groovy wasn't for you, read on and consider whether you may have judged in haste.

Current, or former, Java programmers will love Groovy and they will likely make up the greatest proportion of the readership. They will especially appreciate the interoperability of Groovy with Java: your Groovy objects are Java objects, right down to the bytecode level.

As a dynamic language, Groovy attracts a good quantity of the traditional users of scripting languages. Expect to see more than a few system administrators and build managers pick up on Groovy as they realise the benefits it brings. Further sweetening the pot, for build managers, is the ability to use Groovy as a scripting language within Ant. Another group of readers may well come from the dynamic language communities. I think that Ruby and Python programmers may well find this an interesting book to help them understand this new arrival on the scene. With the steady maturing of the Grails project, that uses Groovy as it's implementation and development language, even the Ruby on Rails folks might be curious.

For a book that's setting out to teach you a programming language, the structure is fairly standard. The contents are divided between three parts that theme the Groovy Language, the Groovy Libraries and then wrap up with Everyday Groovy. I like the approach of including guidance for using the language after you've learned it, because it acknowledges that the purpose of learning a programming language is to then use it. This is a very welcome development in programming language books; other publishers and authors please take note!

For the purpose of full disclosure: I had been talking to Manning about writing more of a practical how-to book for Groovy, but with GinA being so good, those conversations stopped almost as soon as they got started.

The first chapter is the standard fare of what Groovy is and why you want to use it. This is important material for those who may be new to the language and it's covered very well. Some book's initial chapters can be a little dry, as if the author was in a hurry to get to the good stuff, but here, Mr. König has recognised that the language is in an early enough phase that explaining why you would want to use it is the good stuff.

I'll save you from a big list of chapter headings and just relate that part one covers the basics, including how to compile and run code and how to run it as an interpreted script. The fundamental Groovy datatypes are introduced and we learn about the joys of optional typing, for those occasions when it's not obvious that the object is a duck. Groovy has all the things you'd expect from a dynamic language: strings, regular expressions, ranges, lists, maps, closures, control structures and finally, to make it in the corporate programming world these days, it has objects.

As we skipped chapter headings for part one, I'll follow precedence and skip them for part two as well. Part one taught us the basics of the language, part two looks to help us now integrate with the Java environment and existing Java code and systems. Builders are an important part of using Groovy to it's full dynamic extent and these are covered extensively. Groovy also brings it's own library extensions for the standard Java libraries, and they are known as the GDK, even though they're technically not a development kit. Groovy works nicely with databases and is able to use any existing JDBC drivers you may have. XML, whether you love it or hate it, is a big part of the life of a corporate programmer these days. Groovy has built in smarts for working with XML and you'll learn about those in this part. There are many useful Java tools, libraries and frameworks available today and Groovy can work with almost all of them. Much good information on integrating with everything from Spring to the new scripting interface defined by JSR-223 is covered.

Part three is the Everyday Groovy part. It starts with Tips and Tricks. Things to remember, useful snippets of code, advice on calling Groovy from a command-line, and writing automation scripts. There's also a full chapter on Unit Testing with Groovy, covering testing of both Groovy and Java code. The last two chapters cover optional stuff for Groovy. Groovy on Windows looks at the use of the Scriptom tool for those who use Windows. (As a Mac user, I admit that I skipped this one.) The last chapter is an introduction to Grails, the web application framework written in Groovy and which can run in any standard J2EE environment.

There are a couple of slim appendixes at the back with installation information, language information and an API Quick Reference for the GDK.

There is much to like about GinA. Mr. König and his co-authors writing is clear and engaging and Manning's layout and typography are up to their usual excellent standards. On it's own, these are good reasons to consider this book if Groovy interests you, but when you mix in the fact that Mr. König is a committer on the Groovy project and has taken an active role in the creation of the language itself, then you have a very compelling reason to choose it.

Groovy in Action is an excellent book, written by one of the designers of the Groovy language. If you have any interest in modern scripting languages at all, I would recommend that you check out this book.

You can purchase Groovy in Action from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

jcatcw writes "Shawn Carpenter was awarded a $4.3 million award — more than twice the amount he sought and money he thinks he'll never see. Carpenter worked for Sandia National Labs as an intrusion detection analyst. He anayzed. He detected. He reported. He was fired — in Janurary 2005 after sharing his results with the FBI and the U.S. Army. Computerworld asked him what he hoped to achieve in that investigation. Answer: 'In late May of 2004, one of my investigations turned up a large cache of stolen sensitive documents hidden on a server in South Korea. In addition to U.S. military information, there were hundreds of pages of detailed schematics and project information marked 'Lockheed Martin Proprietary Information — Export Controlled' that were associated with the Mars Reconnaissance Orbiter. ... It was a case of putting the interests of the corporation over those of the country.' Ira Winkler, author of Spies Among Us , said the verdict was 'incredibly justified. Frankly, I think people [at Sandia] should go to jail' for ignoring some of the security issues that Carpenter was trying to highlight with his investigation."