Slashdot Mirror

droopus writes "Most of you have heard about the Microsoft researchers' Darknet paper a couple of years back, which shoveled dirt onto the coffin of DRM as a business model. Well, now along comes a tech journalist to marshall the arguments in that paper as the basis for a new book. I wasn't sure what to expect from a book titled Darknet (a riff on the shortcomings of digital rights management? an ode to encrypted networks?), but the subtitle was a good tipoff: 'Hollywood's war against the digital generation.'" Read on for droopus' review. Darknet: Hollywood's War Against the Digital Generation author J.D Lasica pages 301 publisher John Wiley and Sons rating 8 reviewer Droopus ISBN 0471683345 summary A well written treatise on DRM and Hollywoods war against digital media

War ain't pretty, and this book delivers the goods as a primer on how digital technologies and "personal media" (podcasts, videoblogs, digital stories, Internet television, video games) are "throwing the old rules into disarray" and "shifting the balance of power begween big media and regular people." I would have liked to have seen more about Linux and open-source software, but the author is clearly aiming for a mainstream audience.

Darknet sounds at times like it could have been written by a team of Slashdotters, ripping to shreds the entertainment cartel's claims that the locks they're putting into our digital devices are for our own good, their claims that this is a fight about theft and piracy, and other distortions that the author exposes to devastating effect. (Larry Lessig, Ian Clarke, the president of Sony's Columbia TriStar studios, DVD inventor Warren Lieberfarb and a number of digital lawbreakers are just a few of the interesting characters parading through the book.)

While big thinkers like Lessig, Doc Searls and Howard Rheingold (who wrote the foreword) have constructed the intellectual scaffolding that alerted us to Hollywood's goals of fencing in the Internet and keeping the public domain from expanding, it is left to reporters like Lasica to uncover the depressing specifics of the copyright cartel's actions.

Fascinating stories abound, like the cross-industry meetings between Hollywood lawyers, gutless wonders from the consumer electronics industry, and reps from the tech sector discussing how to divide the world into region codes like the powers at Potsdam. (one studio went so far as to propose that GPS chips be placed in all computers with a DVD player so that Hollywood could enforce region coding from the sky. It's reported here for the first time.)

Or the story of what Hollywood was after in its litigation against Sonicblue's ReplayTV. According to former CTO Andy Wolfe, the studioswere intent on decreeing how long viewers could keep a program after it was recorded on a digital video recorder. They wanted to limit how many episodes of the same show viewers could record. They wanted to ban 30-sec skip buttons and to prevent fast forward from reaching a certain speed. They wanted to cap how much programming anyone could record -- a level that Wolfe's personal laptop already exceeds.

The tech industry comes in for some bruising too, as the author demonstrates how Microsoft, HP, and a raft of other tech companies are more than willing to sell out their customers (as long as all the other big boys in the club do it too) in return for allaying the fears of paranoid Hollywood studio chieftains whose nightmares consist of piracy, piracy, piracy. Lasica says it's too early to tell whether the "trusted computing" initiative is merely a Trojan horse foisted on PC manufacturers and chip makers by the silver tongue of Jack Valenti.

Anyone with an interest in how our digital freedoms are being whittled away, how the music, movie and television landscapes are about to change forever, or how a new, empowered generation of users (mostly young people) see media differently than the older crowd, would benefit from marking up their copy of Darknet (bring two yellow markers). As the author Media will change more in the next five years than it has in the past 50 years."

Lasica has been writing about citizens' media for years, and he recently founded the grassroots media site Ourmedia.org with the help of the Internet Archive. (Remember when Slashdot brought down the site on its first day?) Last weekend I heard him interviewed on NPR's On the Media, talking about why the RIAA and MPAA don't have a clue in hell about remix culture.

But don't believe me. Decide for yourselves. Check out Darknet.com, where the author has been blogging for a couple of years. (His blog readers provided the book's subtitle and they helped edit the book.) Lots of goodies on the site: a free mini-book, including new material and chapters from the book. (Especially noteworthy are The teenage filmmakers for a look at copyright law's absurdities and The Prince of Darknet for a fascinating glimpse inside the movie underground.) Also, you'll find a backgrounder on what the hell darknetshave to do with all this (I don't know, Darknet seems like a book publisher's idea of a sexy title) ... and something I've never seen from a mainstream journalist before: tons of links to sites like doom9.net, SmartRipper, Region-Free Guide, Total Recorder, Daemon Tools, isoheaven and more.

Some of this turf is no doubt familiar to Slashdotters. And, as I said, the book could have benefited from a deeper look at the history of open source software. But it's good to see these ideas getting some serious play -- finally -- in the mainstream media, and Hollywood getting some much-needed pushback.

You can purchase Darknet: Hollywood's War Against the Digital Generation from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

nazarijo writes "I think by now we're all familiar with viruses and worms. It may have been a term paper diskette chewed up by a virus back in college, a family member's computer infected with the latest worm, or your email inbox clogged with a mass mailer of the week. But how do AV researchers dissect such malware, especially when virus writers have devoted so much time to avoiding detection and perfecting their craft with self-decrypting viruses, polymorphic shellcode, and obfuscated loops. Haven't you wanted a peek into how that's done, and how you would analyze such a monster that landed in your computer? Well, Peter Szor's book The Art of Computer Virus Research and Defense (TAOCVRD) has been gaining lots of critical acclaim lately for filling that gap, and rightfully so. (Before we begin, however, I should make one thing perfectly clear: I was a technical reviewer of this book. I enjoyed it when I read it originally, and I'm even more pleased with the final result. And now on to your regularly scheduled review.)" Read on for the rest. The Art of Computer Virus Research and Defense author Peter Szor pages 713 publisher Addison Wesley Longman and Symantec Press rating 9 reviewer Jose Nazario ISBN 0321304543 summary Clear, sweeping coverage of virus history and technical details

TAOCVRD opens with Part 1: Strategies of the attacker. Here we get to start to think about malicious code from the original ideas and viewpoints of its makers. Chapter 1 opens up with various games of the classic computer science world, including Conway's Game of Life and Core Wars, which is still fun after all of these years. From this we can start to think about computer viruses as a natural extension of other self-replicating computer structures. What's great about this chapter is that you can actually understand, and share in, the fascination of replicating code. It's as if you can understand the pure world that some virus writers live in.

Chapter 2 starts off the virus-analysis section, including some of the basics (like the types of malicious programs and their key features), as well as the naming scheme. Chapter 3, "Malicious Code Environments," serves as a lengthy and complete description of how various viruses work. The dependencies that you would expect to see, including OS, CPU, file formats, and filesystems, are all described. Then Szor goes on to describe how viruses work with various languages, from REXX and DCL to Python and even Office macros. Not all of the descriptions are lengthy, but you get to see how flexible the world of writing a virus can be. What I most enjoyed about the book overall is represented in this chapter, namely Szor's command of the history of the virus as well as his technical prowess, which he drops in as appropriate.

Chapter 4 gets a bit more technical and now focuses on infection strategies. Again, Szor isn't afraid to delve into history or technical meat, including a lengthy and valuable section "An In-Depth Look at Win32 Viruses." If you don't feel armed to start dissecting viruses by this point, you're in luck: there's so much more to read. Chapter 5 covers in-memory strategies used by viruses to locate files, processes, and sometimes evade detection. Szor has a list of interrupts and their utility to the virus writer, providing a comprehensive resource to the virus analyst.

Chapters 6 and 7 cover basic and advanced self protection schemes, respectively, used by viruses. TAOCVRD's completeness of information in a usable space, together with very functional examples and descriptions, is again evident. Szor walks you through a basic decryptor routine, for example, showing you how a self-contained virus can be both evasive and functional at the same time. Sadly little attention is given to various virus construction kits at the end of chapter 7, though.

Chapters 8 and 9 get a little less technical and somewhat more historical. These chapters cover virus payloads and their classification (ie benevolent viruses, destructive viruses, etc) and computer worms, respectively. The overview of payloads is almost entirely historical, giving a great overview of how virus writers have used their techniques to cause havoc or just have "fun" from time to time. Chapter 9 gives a concise and valuable overview of computer worms, almost boiling about half of my worms book down into just one chapter in a clear and easy to use fashion.

Part 1 concludes with chapter 10, which covers exploits and attack techniques used by worms and viruses. Again, Szor's clarity of explanation shines as he artfully gives a concise overview of how a buffer overflow attack works (including stack layout and address manipulation), heap-based attacks, format string attacks, and related methods. He then discusses these techniques in light of various historical examples, clearly explaining how they operated and were successful. If you've been yearning for a short overview of attack techniques and how malware has used them, this chapter is for you.

Part 2 covers the defender's strategies. Chapter 11 serves as a nice introduction to this section by describing many of the current and advanced defense techniques such as some of the first and second generation scanners, code and system emulation, and metamorphic virus detection. This is all covered in nice technical detail, always at a reasonable level to not leave everyone in the dust. Through it all small examples are constantly given, which reinforce the text nicely. Chapter 12 is very similar, this time focusing on in-memory scanning and analysis techniques.

Chapter 13 covers worm blocking techniques, focusing on host-based methods which can prevent the buffer overflow from being successful or the code from arbitrarily gaining network access again. Chapter 14 complements this with network specific defenses, including ACLs and firewalls, IDS systems, honeypots, and even counterattacks. These two chapters are a lot less technical than the previous two, but still quite valuable.

By this point I'm sure you're ready to try your hand at virus analysis, and Szor is eager to help you out. In chapter 15 he gives you a great setup for virus analysis, including various tools and examples of how they work and what kind of information they give you. Finally, in chapter 16 you have the obligatory (and valuable) resource roundup which complements the references given in every chapter, as well.

Overall I find Szor's book to be amazing, both in terms of its technical prowess over so many specifics in the field but also for its presentation. Without dumbing it down, Szor's able to communicate to most readers with clarity in a manner they'll understand, learn from, and be able to use. I think that many of us, especially those of us who get plundered in our email inboxes with malware, are curious to spend some time dissecting these beasts using techniques AV professionals use, and Szor's book does an exemplary job of introducing that world to us all. I consider this to be one of the most important computer security books I own due to it's clarity and completeness of coverage.

You can purchase The Art of Computer Virus Research and Defense from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Vern Ceder writes "I really expected to love Data Crunching. The Pragmatic Bookshelf has come up with some very good and, well, "pragmatic" texts in the past so I was looking for more of the same. Even better, the subject of the book was the routine data extraction, massaging and formatting that I (and a lot of other coders) spend so much time on. I was really looking forward to adding a couple more pragmatic tools to my coding toolbox. Unfortunately (as you may have guessed), I really can't say I love Data Crunching. It's a good book, but there are several minor points that keep if from being a truly great book." Read on for the rest of Ceder's review. Data Crunching: Solve Everyday Problems Using Java, Python, and more. author Greg Wilson pages 176 publisher Pragmatic Bookshelf rating 7 reviewer Vern Ceder ISBN 0974514071 summary A good introduction to data crunching, but watch the examples.

On the positive side, there is a lot of good stuff in this book. I would even go so far as to recommend it to everyone who writes code to extract or manipulate data, particularly those less experienced. Greg Wilson should be praised for taking the idea of data crunching seriously and for systematically dealing with its patterns and pitfalls. A lot of important work gets done every day with one-off programs and behind the scenes scripts and Wilson is right that the techniques that go into this sort of coding are different, but just as important, as those that go into full-blown application development.

The strength of this book is that it offers useful approaches and patterns for dealing with a variety of common programming situations and types of data, while also pointing out their common traps and pitfalls. Wilson starts with techniques for crunching text data, moves on to the use of regular expressions, XML, binary data, and SQL databases before concluding with a special section on "horseshoe nails," various little techniques which just might save help save the day. Quite often he uses examples in both Python, which he calls an "agile" language and Java, a "sturdy" language. The basic advice offered is sound, if not shocking -- keep things simple, test as you develop, don't duplicate code, use existing scripts and utilities when possible, and so on. The combination of such sound advice with a wealth of practical examples is makes for a very effective handbook, particularly for someone new to data crunching.

So is Data Crunching a good book? Definitely. Should you read it if you regularly do routine data manipulation and extraction? Absolutely. And yet...

And yet there are number of things that just aren't quite right. The text and binary sections are the best, while I would say that the XML and SQL sections are the weakest, partly because those topics are too broad to cover in a single slim chapter. If you already have an idea of how you might want to use XML or how to extract data from a SQL database, you're likely find something handy in those chapters. On the other hand, if you're unfamiliar with them, this book probably doesn't have enough detail to get you writing useful code. I should say it doesn't have enough detail to get you writing useful code knowing what you're doing. And data crunching without knowing what you're doing is a bad idea. Trust me on that one.

I have another problem with the section on SQL. Several of the slicker SQL recipes rely on nested queries (page 147-151). MySQL, clearly a very popular SQL database, has nested queries only in its latest versions, so many, if not the majority, of MySQL installations do not yet have that capability. Yet the text carries on as if nested queries were universal, without so much as parenthetical mention that some things might not work on all SQL implementations. It seems to me that this is exactly the sort of pitfall a book like this should inform the reader of.

There are also several coding examples that bother me. Since I tend to both learn and teach by paying close attention to examples, I get uncomfortable with examples that seem to suggest something other than what they should.

For instance, the very first pieces of sample code (pages 9-10) in the text chapter are Python and Java programs to reverse the order of lines in a text file. I don't have a problem with the exercise itself, I've often assigned it to beginning programmers. However, this book is about quick and reliable solutions to common data handling problems, not leading people through basic programming exercises. Ironically, the very same chapter discusses the advantages of using the Unix command-line and its wealth of little tools. So wouldn't it be reasonable to expect at least a brief note or example showing that the REALLY easy way to solve the problem is with a single line: $ tac filename > filename2? Yet tac is not even in the list of "Useful Commands" on page 24. If reversing lines is just a programming example, it shouldn't be the lead example in a book like this, and if it is important, then you should mention that the problem has already been solved.

In the same vein, Wilson spends a fair amount of time in the text chapter illustrating code to parse command-line parameters, before admitting that libraries for the task abound in most languages. Granted, being able to snag a parameter or two off of the command-line without using a library can sometimes be handy; but implementing a more involved command-line parser is a problem that has already been abundantly solved.

Similarly, one of the examples in the chapter on regular expressions uses a regular expression to check to see if a string contains a valid IP address (pages 65-66). After showing how to use a regular expression to scan a dotted quad of digits, the text then admits that using a regular expression alone would lead to too much complexity, since it's hard to use a regular expression to check to see if a 1 to 3 digit number is less than 255 (or 127, which is what he uses in his code). So the example on page 66 ends up compiling and matching a regular expression like this:

pat = re.compile("(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\ .(\\d{1,3})")
. . .
m = pat.match(text)
for g in m.groups():
. . .
when a Python coder would more naturally just use:

quads = text.split('.')
for number in quads:

Sure, it's a good example of how to extract matched items, but the implication is that using a regular expression is the best way to extract extract numbers separated by dots, when in fact the Python has a simpler, easier and more reliable way to deal with it. Again a quick mention of the "easy" way to solve the problem would have been appropriate.

These kinds of issues are what keeps Data Crunching from being a great book. In spite of them, it is still a very good and useful book and Mark Wilson has done a good job with a topic all too often ignored. The general idea is great, and the principles, problems and solutions are well-explained and relevant. If data crunching is something you do, I would certainly recommend that you read this book, but with a somewhat critical eye.

You can purchase Data Crunching: Solve Everyday Problems Using Java, Python, and more. from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

ijones writes "Codex, by Lev Grossman, is a novel about the advancement of basic, every-day technology. It reflects upon computer game technologies of the present day and upon the book-production technologies of previous centuries. Grossman links them together with obvious affection and in interesting and mysterious ways." Read on for the rest of Jones' review. Codex author Lev Grossman pages 348 publisher Harcourt rating 6 reviewer Isaac Jones ISBN 0151010668 summary A novel, "Part thriller, part literary history"

Codex is a fun book, compelling enough to keep me reading even when I was occasionally sick of the characters. The book can be especially fun for a Slashdot reader when it refers to open-source software, but I didn't find Grossman's breadth and depth of nerd knowledge to be particularly satisfying.

The story and style of this book may remind you of The Da Vinci Code, by Dan Brown, because it's also about a search for an old thing through a maze of clues. The writing style is similar too, clearly aimed straight at the popular market, but lacking in the chapter-ending cliff-hangers of The Da Vinci Code. If you enjoyed that book, I recommend picking up Codex, though it's not as powerful a page-turner. I enjoyed The Da Vinci Code, even though the snobbish part of me thought it was pretty silly. Snobbery has rarely kept me from enjoying something, though, and I liked Codex as well.

Codex is interesting and fun to read, but has a lot of weak points. I liked the female supporting character in many ways, but hardly liked the main character at all. I very much enjoyed the stories-within-the-story, and the low-tech and high-tech elements weaving back and forth. Read on if you don't mind minor SPOILERS.

Codex takes place in present day New York. Edward, the main character, is a guy with a great job who finds himself compelled to deeply change his lifestyle and behavior for reasons he cannot himself understand. In fact, Grossman doesn't ever quite manage to endow his characters with believable motivations, one of the major faults of this book. The reader knows what Edward's motivations are, since Grossman tells us, but I never found them very convincing. Edward is often inexplicably compelled to do things that he doesn't want to do, and gets drawn into situations that most people could easily walk away from.

Edward is also a very unlikable character. Even the other characters in the story dislike him, and point it out frequently. It's easy to see their point; the reader is left with the feeling that there's not much to like. This makes it a bit hard to get into his character, and though Edward makes some progress throughout the book, it isn't nearly enough.

Open-source software, and in particular an inexplicably compelling game called MOMUS, is featured throughout the plot, but it is not actually central to the story. The central story is about the search for a codex, which can perhaps be found in a family library that Edward has been manipulated into organizing.

The sense of immersion in new things is part the charm of Codex. I may not really believe that a man like Edward would get drawn into a computer game and a library with such complete abandon, but I'm glad that he did. Codex itself can draw the reader in at times, and I took several train rides where I didn't want to reach my destination because I wanted to keep reading.

While Grossman writes about nerds and open-source software, he doesn't write like someone who has ever been a part of it. He doesn't write about software the way Neal Stephenson does. Grossman writes about software as though he had some good ideas, and a friend or editor who knows about computers to keep him from getting it too badly wrong. That said, there are a few very annoying bits for us nerds. A scene where the main character enters the wild and strange world of a LAN party would have been almost bearable if it weren't for the secret handshake. At another point, a hacker tells Edward that he needs to get in touch with a super-hacker, but "He won't accept [your e-mail]. Your crypto isn't good enough." As if cryptography were an 31337 skill that some possess and some do not. Edward already knows how to use software, and he is a reasonably intelligent guy. I'm sure he could learn to encrypt an email.

Despite these weaknesses, Codex is a good read. It's creative, interesting, and occasionally suspenseful. It's the kind of book that you can get through pretty quickly, and though you may not be completely satisfied at the end, you will probably spend some time thinking about some of the Grossman's ideas.

You can purchase Codex from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

norburym writes " Essential Mac OS X Server Administration, written by Michael Bartosh and Ryan Faas, has been eagerly anticipated by the OS X Panther Server community. The wait is finally over and the authors have satisfied their audience with a meticulously written and detailed volume on OS X Server administration. This is not a book for the beginner: if you're an IT professional with an OS X Server deployment and want to gain a thorough understanding and appreciation of integrating Panther Server into your particular environment then this book will fully meet your expectations. Bartosh and Fass present a complete exploration of OS X Server software and services and client considerations between the covers of a volume essential to any systems administrator responsible for a cross-platform network." Read on for Norbury-Glaser's detailed review. Essential Mac OS X Server Administration author Michael Bartosh and Ryan Faas pages 848 publisher O'Reilly rating 9 reviewer Mary Norbury-Glaser ISBN 0596006357 summary Essential Mac OS X Panther Server Administration

Michael Bartosh, President of 4am Media, Inc. (formally an Apple Systems Engineer), is a Mac OS X consultant and trainer specializing in cross-platform directory services integration. He is the main author of Mac OS X Server Administration, having written Parts I through VI. Ryan Faas is the Mac columnist for Computerworld and has extensive experience with integrating Macs in cross-platform networks and contributed Part VII, "Client Management," to this volume.

The authors divide the book into seven main parts covering server installation and management, a variety of services (directory, IP, file, security, and Internet) and client management. An appendix offers an extremely concise and clearly written introduction to directory services. Part I discusses planning and designing the server environment, installing and configuring the OS X Server, an overview of the server management tools, system administration and troubleshooting. Hardware (to XServe or not, supported architecture and performance bottleneck consideration), storage technologies (XServe RAID (Redundant Array of Inexpensive Disks), ATA (AT Attachment, IDE (Integrated Drive Electronics), SATA (Serial ATA), fibre channel, SCSI (Small Computer System Interface), FireWire/FireWire 800, various flavors of RAID), volume partitioning (best practices for maintaining different parts of the file system on different volumes) and particularly network infrastructure (performance, infrastructure and services). The latter is a critical consideration for cross-platform efficiency; basically, "playing nice" with existing and predominant OSes and platform-specific settings on network links.

The next chapter on installing and configuring Mac OS X Server walks the reader through the actual installation process for both the GUI and the command-line options. There are plenty of screen shots for the GUI install but the more attractive aspect of this section is for those administrators who are comfortable with the command-line. This is a terrific example of how the command-line provides far more granular control over installation and configuration options in comparison to the GUI process (if you want an excellent step-by-step introductory narration of the GUI installation then you can't do better than Schoun Regan and Kevin White's Mac OS X Server 10.3 Panther: Visual Quick-Pro Guide published by Peachpit). Bartosh and Faas also include descriptions of network install using Apple's NetBoot technology, ASR (Apple Software Restore) and radmind (remote administration daemon).

Chapter 3 continues with another well-documented section on server management tools: Workgroup Manager (creating users, groups and computer lists, managing the same, managing share points and the oft-ignored...because it's hidden in the application's preferences pane...Inspector), Server Admin (service managing, monitoring and configuration app) and Server Monitor (XServe specific hardware-monitoring app). Again, the best part of this chapter is the inclusion of both graphical and command-line equivalent tools: serveradmin; nicl (used to read data in NetInfo where the share record is stored); sshd, servermgrdhwmon (server management daemons); and a very brief nod to the directoryservice daemon (manages Open Directory) which is covered is more depth in the excellent Appendix.

Chapter 4 is titled, "System Administration" and is a very interesting aside that acts as a forum for author Bartosh's particular philosophies on the approaches and practices that make good bedfellows in a non-homogeneous network environment. Do not read "peculiar" here; Michael Bartosh takes an extremely sensible and ostensibly efficient approach to a difficult and sensitive topic. As Bartosh notes, "The Macintosh is...still a minority platform, and it makes little sense when working to gain acceptance somewhere to ask that organization to make fundamental infrastructure changes in order to support the Mac." His main points include: minimize intrusion into existing infrastructures; focus on the needs and business of your organization; default policy of denial (minimize access points); and minimize change, maximize stability. He also holds forth on software update methods, backup strategies, account management, failover, the diskspacemonitor daemon and watchdog for service monitoring. At the end of the day, this chapter provides an enlightening approach to combining a realistic set of principles with an appreciation of the compromises that must be made to ensure cooperation and success.

The final chapter of Part I involves strategies in troubleshooting Panther Server on a higher plane than merely going through the simple first step of repairing permissions. Again, Bartosh uses this chapter to introduce a more rigorous approach to analyzing and solving problems that often occur during the course of system administration. Bartosh details a structured approach to name resolution: lookupd with query and debug modes, fundamentals of LDAP and OS X directory services, forensic tools (strings, fs_usage, otool, ps, lsof, ktrace, kdump), network tools (netstat, tcpdump) and joiners/filters (grep, | (pipe symbol), awk).

Part II, "Directory Services," requires a thorough read of the Appendix ("Introduction to Directory Services"). Part II is composed of several chapters covering Open Directory Server: identification and authorization, and authentication and replication. This is a complicated topic but Bartosh explains the concepts with skill. He begins with management of Open Directory Server using Server Admin and quickly follows with an overview of roles (standalone, connected to a directory system, open directory replica or open directory master), best practices for creating administrator accounts and a detailed account of how to access an open directory domain.

Chapter 7 consists of an examination of LDAP (lightweight directory access protocol) basics and terminology; Apple's OpenLDAP including the use of Server Admin to manage OpenLDAP settings; a summary of the OpenLDAP server daemon, slapd, and the configuration file, slapd.conf; slapd troubleshooting, OpenLDAP utilities and tools (ldapadd/ldapmodify, ldapsearch and slapcat among others); a breakdown of LDAP data (identification data, authorization data and configuration data) in an Open Directory Master; an explanation of Apple's LDAP Schema and how to query LDAP services using ldapsearch at the command-line or LDaper from the GUI. Bartosh has a knack for taking a conversational tone in his approach to complex subjects: he is able to import the salient points of his extensive knowledge in a casual yet nontrivial manner.

Password Server and Kerberos are both handled in the next chapter. Bartosh provides a detailed treatment of PasswordService (SASL or Simple Authentication and Security Layer), a breakdown of the Password Server architecture (Password Server daemon, config file, main database, etc.), Password Server policies and new policies in Panther Server, use of public key cryptography and Password Server tools including pwpolicy, mkpassdb and NeST (NetInfo Setup Tool). Kerberos basics are fully explained with principal terms defined (realm, KDC, service ticket, TGT, encryption type, etc.) and a stepwise description of the Kerberos exchange mechanism. Also included is a general review of securing Kerberos using preauthentication. Following this is a specific treatment of MIT's Kerberos distribution within Mac OS X Server. Bartosh walks the reader through Kerberos configuration and Kerberizing Mac OS X Server services. He rounds out this chapter by bringing together the Kerberos and Password Server concepts (synchronization of Kerberos and Password Server authentication databases).

The final chapter in Part II involves replication architecture in Open Directory Server, design choices and best practices for deployment. The author uses both a GUI method (Server Admin's Open Directory Settings interface) and the command-line technique (slapconfig) in creating an Open Directory Replica and includes a detailed sequence of events that occur during the replication process. LDAP replication, Password Server replication and Kerberos replication are all discussed in-depth. Not surprisingly, client-side replica discovery is also dissected, including LDAP replica discovery, Password Server replica discovery and Kerberos replica discovery.

Part III is devoted to IP services and examines xinetd and Apple's DNS, DHCP and NAT services. Chapter 10, on xinetd, is very well written with a short history of the evolution of xinetd; configuration using the shell-script service; a description of xinetd architecture; and lists of general options for use with xinetd (id, passenv, port, redirect, groups, etc.), OS X specific options (mdns, session_create) and security-related options (log_on_failure, no_access, access_times, etc.).

DNS (Domain Name System) and the BIND (Berkeley Internet Name Domain) package are the topics of Chapter 11. Obviously an important but difficult concept to grasp but Bartosh does an exceptional job here. New to Panther is the ability to access DNS via a GUI tool and again it's done through the Server Admin interface. The author guides the reader through the process including looking at the DNS logs, the Activity pane and some minimal option settings (zones and logging). A thorough approach is also taken in analyzing the BIND package, the named daemon, the named.conf file, the tools available for troubleshooting (nslookup, dig and particularly host), and advanced configuration options (running named as an underprivileged user, establishing a domain-specific forwarder, change rooting, limiting zone transfers, and providing different host data using views).

The next chapter covers DHCP (Dynamic Host Configuration Protocol) and Apple's bootpd service. The author again provides GUI access instructions to the DHCP service, including screenshots of the various tabs (Overview, Log, Clients, Settings) and an explanation of available options. Troubleshooting, using the bootpd daemon and advanced command-line tools at one's disposal are also included: creating bootpd static bindings and using bootpd to supply other DHCP options (IP address of the NetInfo parent, the default URL to present in a Web browser, local POP3 server, local newsgroup servers, etc.).

Chapter 13, NAT (Network Address Translation), is the final chapter in Part III and follows the established format of providing screenshots of the Server Admin access point for this service, along with architecture (including the natd daemon and the OS X packet filter, ipfw) and advanced configuration options (editing the natd.plist).

Files Services comprise Part IV and includes an overview of creating and managing share points, automounts and home directories; AFP (Apple file protocol) management; Windows file services via SMB (Server Message Block); FTP (File Transfer Protocol), network file system and print services. The services are familiarly managed through Server Admin and Bartosh provides details on each service: accessing each of the GUI tabs (Overview, Logs, Connections, Graphs and Settings) and options within as well as using the command-line equivalents. He consistently provides comprehensive information about each choice, their consequences and alternatives. He also offers interesting asides on the historical evolution of various options (default permissions behavior pre-10.2, for instance) that make the reader appreciate the complexity involved in the development of an innovative system such as OS X Server.

The permissions mapping section in Chapter 15 ("Apple Filing Protocol") has some very well-done representational examples of permissions mapping. Integration of AFP Services in Mac OS X into different shared directory domains is referenced to http://www.4am-media.com/sso/ (which was not available at the time of this writing). The recommended troubleshooting technique is AFP client logging and the author gives stepwise instructions on how to enable AFP client logging through the command-line.

Chapter 16, "Windows File Services" will, no doubt, be a focal point for many administrators. Over the long haul, successful integration of Mac OS X Server into a Windows environment will make or break the OS X Server platform. Apple included Samba in Mac OS X to smooth the way toward assimilating platforms in such a way that it's a fairly seamless experience for diverse clients. Configuration, logging, connections, etc., are viewed and configured through Server Admin with per-share options are managed using Workgroup Manager (share this item using SMB, allow SMB access, custom SMB name, default permissions, etc.). Password Server integration, useful command-line utilities (testparm and smbutil) are also described.

FTP (File Transfer Protocol) is covered in the next chapter in the same format as the other services: both GUI and command-line options; managing FTP using Workgroup Manager; architecture (xftpd, ftpaccess.default); securing FTP (using Kerberos, FTP tunneled over SSH and sftp). An added bonus is an extended section on advanced options when manually editing ftpaccess, ftpconversions, and ftphosts/ftpgroups/ftpusers.

Chapter 18 deals with NFS (Network File System) with some caveats as to the relative insecurity of the service model and UniqueID mismatch issues. NFS File locking, /etc/exports and NFS daemons (mountd, nfsd, rpc.lockd and rpc.statd) are introduced in due course.

Print services is the final topic of Part IV and Bartosh is fairly blunt about the inadequacies found here. Nevertheless, he presses on and covers the subject in much detail. In all honesty, Tiger Server provides vast improvements in this realm and while this Panther section is worthwhile for those interested in how it's peripherally handled in Panther, if you are relying on OS X Server as your primary print server...well, it may be time to upgrade to Tiger.

Part V consists of two chapters revolving around Security Services: Mac OS X Server Firewall and Virtual Private Networks. The firewall chapter begins with a general discourse on how network communications function, a comparison between packet-switched vs. circuit-switched networks, redefining "firewall" in terms of packet filters (ipfw) and a look at ipfw packet filter rules. Bartosh follows this up with a point-by-point, server-specific initialization of Apple's Firewall service. The GUI through Server Admin is set out along with using the Advanced pane to "deny" rules and using the command-line to configure ipfw in order to bypass issues involved with extreme sluggishness experienced when reloading rules. The chapter concludes with specifying rule order, configuration examples in scenario/action format, reporting and monitoring (using ipfw list, serveradmin status, sysctl and /var/log/system.log), and managing the firewall service.

Chapter 21 is a methodical explanation of VPN (Virtual Private Network) vs. other varieties of encrypted connections: SSL (Secure Socket Layer) and SSH (Secure SHell); VPN protocols: PPTP (Point to Point Tunneling Protocol), and L2TP over IPSec (based on the Internet Protocol Security suite). Configuring L2TP/IPSec (via the IPSec daemon, raccoon, and vpnd) and PPTP are more than adequately covered. Logging, client information, Internet Connect, Rendezvous (now known as Bonjour), subnets, and authentication are also included. There is a dearth of OS X VPN instruction/discussion in the wild so it's nice to see it finally included in some detail within the context of OS X Server.

"Internet Services" (Part VI) is dedicated to Mail and Web services and Application servers (Tomcat and JBoss). The section begins with an overview of mail protocols: SMTP (Simple Mail Transfer Protocol); POP (Post Office Protocol); and IMAP (Internet Mail Access Protocol) followed by global graphical management options in Server Admin. Also included here are WebMail via SquirrelMail (open source IMAP client), Workgroup Manager to manage per-user Mail Service options, Postfix (default Mail Transport Agent) as a replacement to Sendmail, and Cyrus (default Mail Delivery Agent). Several valuable additions to this section include: a discussion of migration from legacy or existing mail systems (amsmailtool), backup strategies (BRU by the Tolis group) and content filtering (ClamAV, SpamAssassin).

Apache is bundled into Mac OS X and OS X Server and, with the latter, is integrated with the server tools. All the usual settings are accessed through Server Admin: Overview, Logs, Graphs and Settings. General and site configuration are handled through the Settings tab: setting MIME (Multipurpose Internet Mail Extension) types, configuring the proxy server, adding and removing modules are all available here.

In Chapter 24, Application Servers, Bartosh walks the reader through a comprehensive setup of the Application Server and the configuration of JBoss and Tomcat. He gives a simple introduction to creating a simple JSP page as well as illustrating more complex application scenarios.

The final part of this book, "Client Management," was contributed by co-author Ryan Faas and stands on its own as an excellent accompaniment to Michael Bartosh's coverage of OS X Server in the previous sections. The reader enjoys a complete scope of managing preferences on OS X clients (for users, groups and computer lists), managing both Classic Mac OS X workstations and Windows clients, workstation deployment and using ARD (Apple Remote Desktop). Of outstanding value are: understanding how varying preferences interact, using the Home directory for preference management, mobile accounts preferences, using Mac Manager to manage Classic Mac OS Workstations (Mac Manager share points and folders, creating workgroups, defining workgroup printers, disabling login for a computer list, security options for computer lists and global settings), hosting a Windows domain (configuring Mac OS X Server as a Windows Domain Controller), home directory access from Windows clients, setting up user profiles for Windows users, using login scripts, and configuring member and standalone servers.

Chapter 28 covers "Workstation Deployment and Maintenance" and discusses types of disk images, NetBoot (share points and image folders, shadow files) and network issues with NetBoot (load balancing, NetBoot across subnets), creating Mac OS X NetBoot images using the Network Image Utility, configuring the NetBoot service from both the GUI and the command-line, NetInstall and Apple Software Restore (creating Classic ASR images using Disk Utility, applying ASR images using Disk Utility, the command-line and other tools (Carbon Copy Cloner). A real-world scenario that is covered here is the time consuming and deadly annoying task of maintaining software updates across networked client machines. Faas proffers a variety of server-based options: Apple Software Update, creating and using NetInstall images that contain package files, using application share points, putting application installers on the network, and using third-party software management tools such as NetOctopus (http://www.netopia.com) and Filewave (http://www.filewave.com) or, my personal favorite, the Open Source tool, Radmind (http://rsug.itd.umich.edu/software/radmind/).

The final chapter of "Essential Mac OS X Server Administration" describes an application not included with Panther Server: ARD (Apple Remote Desktop). A desktop management system integrated with VNC (Virtual Network Computing), ARD provides a full set of administrative tools that include custom software package installation, data reporting options (hardware, OS, installed software, etc.), workstation broadcasting, etc.

The book includes one appendix, "Introduction to Directory Services" (did I mention it was quite excellent?!).

As always, O'Reilly has published a well-designed book: despite the 800 plus pages, the book is perfectly balanced with a comfortable weight-to-size ratio, clean typography, appropriate and pithy asides, and a supple binding that allows the book to stay open when you want to follow along while at your keyboard.

Yes, Tiger Server (Mac OS X 10.4) has been released and no doubt authors Bartosh and Faas have already been hard at work on the second edition of this book. This in no way minimizes the impact this book should have on its intended audience. The evolution of any particular server product should be of vast interest to the professional systems administrator. Panther Server (Mac OS X 10.3), which is the focus of this book, will continue to be a presence in the Apple server-specific market for quite some time. Frankly, not every deployment site (from small businesses to vast educational institutions) will be able to upgrade to Tiger immediately nor will they all be eager to expend the time and additional dollars needed to invest in software, training and potentially new hardware. With the exception of Schoun Regan's Mac OS X Server 10.3 Panther: Visual Quick-Pro Guide (Peachpit, 2005), there is no other comprehensive documentation on OS X Server (Apple's documentation is clumsy and self-promoting). Essential Mac OS X Server Administration is an indispensable contribution to the education of the IT professional.

Mary Norbury-Glaser is IT Director at a University of Colorado Denver affiliate center. She has over 15 years experience in cross-platform systems administration. You can purchase Essential Mac OS X Panther Server Administration from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Simon P. Chappell writes "One of the perks of regular book reviewing is that, periodically, you'll check your mail box and discover a book waiting for you. A serendipitous surprise! I don't review all such books that I receive, but this one, Spring Into HTML and CSS by Molly E. Holzschlag, stood out from the crowd and I felt that I should share my thoughts on it with you." Read on for Chappell's brief review. Spring into HTML and CSS author Molly E. Holzschlag pages 316 (18 page index) publisher Addison Wesley rating 9.5 out of 10 reviewer Simon P. Chappell ISBN 0131855867 summary A great book for learning or upgrading your current skills.

Who's it for?

This seems a very clearly targeted book. It's directed towards professionals that need to work with websites, but do not necessarily have a software development background.

The Good Stuff

The approach of the book reflects the targeted audience very well. The book starts by introducing a basic HTML page and then building upon it by showing how to add text and graphic content. The next couple of chapters then show a few more advanced subjects like forms and tables. The second half of the book then moves into explaining CSS, starting with some of the basic ground rules and then moving into applying colours, styles and borders to the HTML document. The last chapter is a cookbook of classic layouts, explained clearly and with code.

Even though I'm not a typical member of the intended audience, I found the organisation of the book very well thought-out and with a good sense of flow. Each chapter builds on the preceding one, with a small set of examples that are built up through the course of the book. Each chapter is broken into one or two page "chunks," as the book itself describes them. These chunks are small discrete explanations of aspects that the chapter covers. For example, in the chapter on images, the chunks cover topics like adding alternative text to an image, specifying its height and width and using an image in a hyperlink.

For me, the combination of the chunk organisation and Molly's writing makes the book. The chunked approach fits the needs of both learning a new subject without being overwhelmed and those that want more of a reference capability. This book is not written to be a reference work, but with everything being so well partitioned, it comes close enough to meet my need for a good reference work as well. Some authors tell you about their subject, but Molly really does seem to explain it to you. A subtle difference, but one that gives this book the edge.

As a book that aims to be practical, the examples were very well chosen. There are plenty of pieces of example markup and images of the resulting rendering. The markup is nicely laid out and the images are large enough to show the effect, but not so large as to interrupt the flow of the explanation. The other nice thing about the examples, especially in the CSS section of the book, is that the examples are consistent. The same portion of text, from The Black Cat by Edgar Allen Poe, is used throughout. I found that this helped clearly show the difference between the effects being taught. The text stayed the same, only the layout changed with the new style being shown. Very effective.

Groan!

My first inclination when I saw that the book was part of a new series called "Spring into ..." was to groan and wonder when they were planning to fire the marketing non-genius that dreamt up such a bad title! Thankfully the contents more than make up for the corny name. The only other thing that bugged me was the inclusion of two appendixes with HTML and CSS reference information in them. The references are annotated very well with practical considerations, so I'm only going to knock off half a point from what would otherwise have been a perfect ten.

You can purchase Spring into HTML and CSS from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Cory R writes "Neil Gershenfeld is an MIT professor and the director of MIT's Center for Bits and Atoms where he teaches a course called "How to Make (almost) Anything." In his book FAB: The Coming Revolution on Your Desktop--From Personal Computers to Personal Fabrication, Gershenfeld describes the current state of personal fabrication tools and the surprising impact that these tools have when made available to everybody from MIT students to villagers in India in the form of Fab Labs. Lots of fabrication techniques and some technologies are discussed including those that are still only in development today. The pace of development seems to be accelerating and as the capabilities of the tools advance, Gershenfeld predicts one day he will be able to drop the word "almost" from the title of his course." Read on for the rest of Cory R's review. FAB: The Coming Revolution on Your Desktop--From Personal Computers to Personal Fabrication author Neil Gershenfeld pages 278 publisher Basic Books rating 8/10 reviewer Cory R ISBN 0465027458 summary Personal fabrication may do for the real world what personal computers have done for the virtual world- let you have what you want when you want it.

I first heard of Gershenfeld and this book after listening to a podcast of a discussion he participated in at the O'Reilly Emerging Technology Conference. I'm a programmer by day but in my pre-parenthood days, I played with a bunch of microcontrollers and simple robotics-related hardware (mostly motors and sensors). The idea of being able to fabricate anything I could think of appealed to me instantly.

Gershenfeld asserts that personal fabrication tools are developing along a path very similar to the one taken by computers. Computers were once large, expensive, complicated machines accessible only to skilled operators. Now they are much more accessible and have evolved to the point that most people can make use of them to some degree. Machine tools, at best, are still at the mainframe-stage of evolution but that is changing rapidly. What happens when machine-building machines, which can manipulate atoms and molecules, are as accessible as computers are today?

Well, it turns out that machines already on the market can give you a pretty good sense of what's in store. While not quite at the level of Star Trek replicators or Nutri-Matic dispensers from the Hitchhiker's Guide to the Galaxy (both, oddly enough, seem to be mostly used to make tea or something almost, but not entirely, unlike tea), fabrication machines are getting smaller, and cheaper. Some of the tools discussed in the book include:

• desktop milling machines : affordable
• sign cutters : novel uses including cutting copper sheets into traces for circuit boards
• laser cutters : very expensive
• waterjet cutters : very expensive but extremely useful
• 3D printers : expensive and slow, but very cool
• functional material printers : print resistors and capacitors into circuits a layer at a time
• microcontrollers : powerful and cheap
• CAD software : difficult to use
• CNC machines : expensive, difficult to use

All of these tools are available to some degree but most are very expensive and all are quite complicated to use.

The longest section of the book is called "The Present". The section is about the current state-of-the-art and it alternates between a chapter of anecdotes and project descriptions and a chapter on some aspect of fabrication (e.g. cutting tools, CAD software, electronics, etc...). By keeping the practical or social discussion next to the technical discussion, Gershenfeld makes what could be dry technical details accessible and engaging. It makes the book and the central ideas accessible even to (or perhaps especially to) non-technical readers.

In fact, the author has been very careful to not include too much technical detail in the text of the book. There are notes at the end with slightly more info, and a pointer to a website with some of the actual schematics and Python source code, but it is still very frustrating for a technically inclined reader who immediately wants to dial in on some of the details. The book will age better because of this, but it will send many Slashdotters running to their favorite search engine looking for more information.

The book includes a lot of illustrations and diagrams. They are all in black and white but have an inconsistent presentation. Sometimes the photos are presented on a weird background that looks like a network of circles and squares while others have no background. There are several photographs of circuits that do not add anything other than to show you how simple the circuit is (often just a microcontroller and a couple of other components). You usually cannot even make out what the individual components are or how anything is wired up. There are many photos of the people at the center of the stories and those pictures do manage to convey a sense of the awesome impact the tools have.

So, what's missing from the book? Personally I would have liked to see the technical appendix greatly expanded. I understand that this information doesn't age well and I'm guessing the author (or wise editor) didn't want to elaborate on the technical details for that reason. Fab is written for a very general and broad audience. Enough technical details are presented to keep the geeks reading, but it mostly wouldn't discourage a non-technical reader with the possible exception of the chapter on electronics. For a lot of Slashdot readers, the book definitely leaves you wanting more.

The chapters are generally under 20 pages each and the writing is fluid and simple. The book has a table of contents and a comprehensive index and even though Gershenfeld doesn't cite other publications in the text, I would have loved to see a bibliography or other list of materials that expand on the topic of personal fabrication. A few pointers from the author to complementary material would have been appreciated. The book definitely piqued my interest and fortunately, a little research has shown this to be a very active subject.

The book ends with a rather defensive look forward. There are many who feel self-reproducing machines could basically take over the planet. Gershenfeld acknowledges this and answers with his belief that any negative technologies that emerge will be fought with countermeasures, like the virus-antivirus battle on modern PC's. It's pretty much inevitable that evildoers will acquire this technology, but Gershenfeld is optimistic that fab labs can help address the root causes for conflict, largely assuaging any threat.

In summary, if the idea of having your own replicator is appealing (hello tea lovers!) or if you are interested in a new approach to giving people around the globe the tools they need to help themselves, then you will enjoy and likely be inspired by this book. Just be prepared to look elsewhere for the minutiae. I rate this book an 8/10.

You can purchase FAB: The Coming Revolution on Your Desktop--From Personal Computers to Personal Fabrication from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "As Windows users hear more about Linux, they may be intrigued to give it a try, if only to learn what the buzz is about. But a major hurdle, possibly the most daunting, is how to obtain and install Linux on their PCs without disrupting their Windows installation. To the average PC user (not a techie), the required steps are intimidating; to a computer newbie, they appear impossible. But with the introduction of Linux in the form of 'live CDs,' trying out Linux is as easy as popping a CD into one's computer and rebooting. The entire operating system is stored on the CD, thus avoiding having to install it on the hard drive. Test Driving Linux: From Windows to Linux in 60 Seconds , by David Brickner, includes a live CD and explains how to use it." Read on for the rest of Ross's review. Test Driving Linux: From Windows to Linux in 60 Seconds author David Brickner pages 341 publisher O'Reilly Media rating 8 reviewer Michael J. Ross ISBN 059600754X summary A guide for trying Linux on a bootable CD included with the book

This title is another in the growing list of books published by O'Reilly Media, whose user group representative kindly gave me a copy of the book to review. The book comprises 341 pages, and has plenty of screenshots, an appendix of solutions, and a Linux CD secured in an envelope within the back cover.

The particular Linux distribution ("distro") provided on the book's CD is Move, which is based upon Mandriva Linux, which was formerly known as Mandrake. While most Linux aficionados have their favorite distro, and can argue vehemently in favor of one against all others, there is widespread agreement in the Linux community that Mandrake established itself as a solid choice years ago.

Brickner begins this manuscript with an enthusiastic first chapter in which he introduces the computer neophyte to Linux, using cars and test driving as analogies. He briefly mentions how Linux got started, how it fits into GNU/Linux, and what the terms "free software" and "open source" mean. He then describes how to get started with Move by booting off of the CD -- assuming that one's computer has the minimum system requirements (detailed in the book's preface). Non-confident readers will likely appreciate the author's reassuring explanation that Move will not affect their computer's current setup. The chapter continues with an explanation of the KDE desktop, its "kicker" panel, the look and feel of a typical KDE application, window control, desktop background customization, KDE programs that replace Windows applications, and finally how to log out properly.

The next nine chapters of the book cover major application areas, and how to perform common tasks using the corresponding KDE applications of those areas: Web surfing (using Konqueror or Mozilla), file management (Konqueror again), music and videos, games, communication (e-mail and instant messaging), digital image editing (using the GIMP), desktop customization (using the KDE Control Center), office suite (OpenOffice.org), and money management. The final three chapters explore the Linux command line (Konsole), popular programs that are not included on the CD, and advice to those users who decide to switch over to Linux long-term.

In all of the chapters devoted to the major KDE applications, Brickner does a competent job of explaining the basics to the beginner, including handy summaries for more proficient users (such as keyboard shortcuts), and plenty of screenshots that help the reader to verify that they are running the correct application under discussion, and that they are looking in the right places within the application windows. However, all of the figures are in black and white, which makes distinguishing text extremely difficult in those cases where adjacent colors, that are typically well contrasting, merge into shades of dark gray. In addition, I spotted one erratum, on page 84, in which the first letter of "Booting advice for Move" is in a strangely different font, for no apparent reason. This is not representative of the book as a whole, which is well-made, neatly laid out, and uses a flexible layout-flat binding.

Brickner helpfully warns the user of potential pitfalls, such as showstopper dialog boxes being hidden by other Windows. He should be commended for advising the user to set their browser identification to alternatives other than Internet Explorer, if only to encourage Web site owners to not limit the browsers that will work with their sites. One minor error in the browser chapter is, when referring to the Gecko rendering engine used by Mozilla, the author incorrectly identifies it as "gecko," though that may have been an error on the part of the publisher.

For those users who enjoy trying out Linux enough to consider abandoning Windows completely, the final chapter of the book will be most welcome. Brickner identifies which distros are capable of resizing an NTFS-formatted partition; this determines whether or not a user can install that distro on a hard drive already containing Windows, and thus have a dual-boot system. He also distinguishes between those distros that are Windows-like, in that the Linux characteristics are hidden as much as possible, versus those which make no such effort. One potential weakness in his discussion, is that he mentions the ability or inability of particular editions of various distros to authenticate against Windows servers, and yet he does not explain to the reader what that means. On the other hand, any reader who does not understand the idea, probably does not need to.

Overall, I found this book to be worthy of recommendation to anyone who would like to learn more about how to use a robust Linux distro on a live CD. The coverage of topics appears complete, at least for those tasks that the typical computer user needs to perform on a daily basis. There are few errors in the text, and the author has done an admirable job of warning the reader as to potential problems, as well as noting when certain features will not work when running off of the CD, and why. These explanations go a long way to assuaging the reader, who might otherwise become frustrated and conclude that either Move is not operating properly, or that they are doing something wrong. The publisher's choice to use only black and white images, no doubt has the advantage of keeping the book's cost reasonable (a list price of U.S. $24.95), but it has the disadvantages of reducing the utility of those illustrations -- especially when discussing color customization -- in addition to the aforesaid problem of adjacent grayscale regions merging into dark blobs that are difficult to distinguish from one another.

Test Driving Linux is clearly of value in better introducing the public to the power and promise of Linux. It is undoubtedly one of the most user-friendly tools that could assist Linux advocates in spreading the word, and encouraging computer users to break away from operating systems that are expensive, buggy, and non-secure. As Brickner notes in his preface, when people unfamiliar with Linux give it a test drive, by simply booting off of the CD provided with the book, they just might want to stay with Linux long-term.

Michael J. Ross is a freelance writer, computer consultant, and the editor of PristinePlanet.com's free newsletter. You can purchase Test Driving Linux: From Windows to Linux in 60 Seconds from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

nellardo writes "If you've been programming C++ for any length of time, you probably have the book, Effective C++, by Scott Meyers on your shelves. Well, this book has just hit its third edition, and it's a major re-write and re-org. Do you need this book? If you program C++, yes, you probably do, even if you have a previous edition. Don't let the "Third Edition" faze you, because it has lots of new insights into the vagaries of the C++ language. And if you're new to C++, this is pretty much a must-own book." Read on for the rest of Nellardo's review. Effective C++, Third Edition author Scott Meyers pages 297 publisher Addison Wesley rating 9/10 for C++ programmers; not worth it otherwise reviewer nellardo ISBN 0321334876 summary Re-write of standard second book on C++

C++ is a large and complex language, and always has been. That's what made the first edition of Effective C++ so useful. What began as a simple concept of "C with Classes" grew as time went by, developing quirks and foibles that made sense only once you understood a great deal about what was going on. The first edition provided short, digestible synopses of the best practices of quality C++ programming. Even people that had been programming C++ for years could read the book and pick up something new.

That was 1991. A lot has changed in C++ since then. For instance, templates were only just being developed as an addition to the language, and most C++ compilers simply generated C code. Now, in 2005, C++ has gotten a great deal more complicated, and C++ templates have turned out to be a programming language in their own right. Exceptions, the Standard Template Library, threading libraries, and a wealth of truly inventive programming have turned C++ into an amalgam of concepts and mechanisms from essentially every programming language under the sun (ahem). C++ isn't quite as complex as Ada, but that's a much tougher case to make today than in 1992.

In addition, the understanding of what the best practices actually were has changed. Indeed, common tricks from 1991 are now generally frowned upon. In 1991, a friend function was common in code examples. For instance, operators were routinely declared as friend functions. Now, in 2005, friend is seen as creating the tightest coupling possible between components, and is often avoided. What happened?

This is where the book's background starts to shine. Item 1 is "View C++ as a federation of languages." Meyers does a clear and cogent job of decoding broad swathes of C++, explaining C++ as a multi-paradigm tool, and placing language features in different paradigms. Change paradigms and the guideline for what makes for effective C++ changes. This is a hard case to make, but he manages to do it in accessible language even a newbie to the language should be able to follow. Experience from 1991, 1997 (the second edition, mostly a spruce-up job of the first), and now add up to explain the boundaries.

Like earlier versions of the book, the final items provide a good hint on how to keep current. Item 54 is "Familiarize yourself with the standard library, including TR1", and Item 55 (the last) is "Familiarize yourself with Boost." Both of these point to the two places C++ is most likely to grow in the near future, TR1 being essentially done, and Boost being an active source of new things likely to make it into future language extensions.

While 55 items isn't as neat as 50 items, the items in the middle still provide a good place to start for a new C++ programmer. The experienced C++ programmer (the kind who's running around their department suggesting simply using Sutter and Alexandrescu's C++ Coding Standards as the department's new coding standards as is) may not get as much from the book, but it isn't really looking for that programmer. It is advertised as a "second book" on C++, and that's exactly what it is. Buy your textbook to learn from, then buy this book.

Can the experienced C++ programmer get something from the book? Sure, but it's more along the lines of having a handy way to explain to the new guy in the next cube why you want to make sure exceptions never leave a destructor (Item 8) rather than having to figure out a clear way to say it yourself. If nothing else, the more experienced programmer may want to read it just to know what the new guy is likely to ask about.

As a book per se, it's nicely done. It uses color judiciously, mainly to point out the most important parts of the code examples. It also includes lists of items from More Effective C++ and Effective STL, which are handy, albeit blatant plugs. More interestingly, it includes a map from the items in the first edition and the second edition to the items in the third edition (in both directions). This makes it clear that this book truly is a substantial re-write. I would have liked to see a list of all the items, along with the two or three bullets that summarize them as a separate table (maybe on the front inside cover for easy access), but that's a minor point.

All in all, Effective C++, Third Edition is exactly what it claims to be. A significant re-write of the best second book out there. Learning C++? Then pick it up. Using C++ actively with a bunch of other programmers? Pick it up. Not using C++? Don't bother.

You can purchase Effective C++, Third Edition from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "For veterans of the information technology (IT) industry, the late 1990s was a remarkable time. The "dot-com bubble" expanded, the venture capital flowed, and the NASDAQ stocks soared. But now that the bubble has deflated and the e-commerce party has wound down, U.S. IT managers are struggling with reduced budgets. Yet apparently many believe that the sector will regain its past glory and blistering growth rates. According to experienced IT consultant Erik Keller, it's not going to happen. He presents his case in Technology Paradise Lost, published by Manning Publications, whose user group representative kindly provided me with a copy of the book for review." Read on for the rest of Ross's review. Technology Paradise Lost author Erik Keller pages 243 publisher Manning Publications rating 4 reviewer Michael J. Ross ISBN 1932394133 summary American programmers and IT departments must do more despite shrinking IT budgets

The dust cover blurb summarizes Keller's position: "...American corporations let IT grow until it reached one half of all corporate capital spending by the year 2000. Now, chastened by their spending failures, IT managers are converging on a new consensus: to exploit IT competitively they must use their smarts over big money. ... Counterintuitively, companies that spend less in order to get more from information technology will likely be the big winners." That's quite a claim, and a thorough reading of the book finds that Keller only supports half of that thesis.

The thought is reiterated early in the book: "...companies can move ahead over the next few years without large increases in their IT budgets. The only thing a company needs is a different perspective." (page xii). That prescription sounds suspiciously similar to the oversimplistic advice found in positive thinking self-help books. Keller does not yet make explicit what the different perspective will do for business. Perhaps it should be taken at face value, in that it will allow companies to move ahead without increasing their IT budgets. But is continued progress without budget increases such a massive gain? More significantly, how does that address the larger issues of failed IT projects, to which he alludes earlier? In my opinion, that issue is of much greater consequence.

Keller correctly points to some of the reasons why the heady e-commerce binges are not about to return: increasing scrutiny of IT budgets, greater demand for return on investment (ROI), cheaper and simpler solutions, offshoring of software development, lower wages to American programmers, abandonment of failing projects, Internet-based architecture, and adoption of open source software (OSS), such as Linux. Addressing these changes at a more strategic level, Keller notes that, "After years of questionable returns, cost overruns, and increased complexity, companies are pushing financial rigor to IT groups." (page 6).

The book's first seven chapters discuss the primary factors in leading to reduced IT expenditures, at least within the U.S. business community. But the last four chapters go over previous ground, with more variations on the theme of reduced IT spending, interspersed with several examples from various corporations. The reader may get the sense that not much new information or recommendations are being offered, but instead that these four chapters are serving as filler, to beef up the size of the book. Otherwise, it would be more obvious that the book's usable contents could be boiled down into one meaty article.

Keller's primary thesis, that American IT could in the future produce more returns for less investment, has two primary components. The near-term and likely long-term trend for declining corporate spending on IT, is well established in his book. In fact, one could argue that reduced IT spending is not something that American companies will adopt by choice, but instead will be forced upon them due to deflationary pressures, increased costs for natural resources, and declining ability to pass along cost increases to U.S. consumers falling further behind financially. But the flip side of his thesis, that companies will get even more results despite spending less money, is not nearly as well substantiated. Not a single one of the chapters in the book is devoted to demonstrating that this is happening, or will happen. Companies may be able to maintain current levels of service despite reduced funding; but greater results per dollar invested (i.e., efficiency) does not imply greater results on an absolute basis. As such, Keller's big claim noted earlier, is only half fulfilled.

The critical questions -- concerning the proper role and funding of IT -- are presented in the book couched in the language used by high-level business managers, who speak in vague terms about "technology" and "infrastructure," and yet have little or no real understanding of how it truly works, having spent their earlier years pursuing MBAs rather than programming computers. It could be argued that such general terminology must necessarily be used when discussing information technology among business managers. That may be true, but it does not lessen the dangers of fuzzy thinking and overly broad conclusions found in Keller's book and in the typical articles discussing IT purpose, strategy, and utilization. In particular, such excessively broad strokes, in my experience, not only mask the ignorance of the IT manager demanding miracles from their staff, but invariably increases the odds that upper management will be seduced by the handwaving consulting firms -- and thus fall prey to the mistakes delineated by Keller.

Of all the inapt analogies in the book, its title is perhaps the most egregious. Alluding to John Milton's famous narrative poem, "technology paradise lost" implies that there was a time when IT resource usage was idyllic, if not perfect. Yet by Keller's own account, the misspending and failed projects, followed by financial discipline imposed by the outside world, are anything but heaven-sent. One cannot lose what has never been found.

Weighing in at 243 pages, Technology Paradise Lost is a quicker read than many other business books. Part of that is due to the unfortunate repetition of a few core ideas. Fortunately, the book has just enough tables, charts, and breakouts, to add some visual variety to the text.

The book benefits from the author's clear writing style, no doubt honed from over two decades of creating articles, documents, and presentations intended for business managers. Keller does a solid job of utilizing real world statistics and examples to back up his assessments.

Despite the repetition, sloppy analogies, and business-speak generality, Technology Paradise Lost offers a valid discussion of changes currently being experienced by the American IT industry as it grudgingly recovers from the Internet boom and bust. The book may be of value to IT managers who, for whatever reason, are ignorant of the obvious transformations that are taking place. Yet, any IT industry participant who devotes even a modicum of time to monitoring the latest developments and trends, should be well aware of IT budget trimming, offshoring, open source software, and other cost-saving methods. Otherwise, to be so out of touch with reality would be inexcusable. On the other hand, that was one of the primary symptoms before and during the widespread dot-com insanity, and could easily account for any beliefs in its imminent return.

Michael J. Ross is a freelance writer, computer consultant, and the editor of PristinePlanet.com's free newsletter." You can purchase Technology Paradise Lost from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

rednuhter writes "LPIC 1 Exam Cram 2 is the authoritative tree-based text to aid and abet interested parties accomplishing a LPI LPIC level 1 certification, Which (roughly translated) is the first (not quite open source) Linux exam for junior (intermediate) sysadmins; more information is available at Linux Professional Institute. It is (currently) the only (up to date) printed guide for the Linux Professional Institute Certification (LPIC) Level 1 exam." Read on for the rest of rednuhter's review. LPIC 1 Exam Cram 2 author Ross Brunson pages 590 publisher QUE rating 8 reviewer rednuhter ISBN 0789731274 summary Exam cram for Linux LPIC level 1 The LPI is a non-profit organization bringing high-quality Linux certification to the masses, including multilingual exams across continents. LPIC Level 1 is designed to certify a junior sysadmin in Linux and is composed of two exams. This first level (101) has an optional (minor) 'branch' of either RPM or DEB package management, with RPM being used on predominately Red Hat-based systems and DEB being the preferred method for Debian based systems. The second level (102) is much more 'on the job' administration duties (see LPIC objectives).

I purchased the book last year after deciding I had no reason to try and keep my windows 95 MCP up to date and wishing to (formally) extend my Linux knowledge. I hit a wrong turn after spending quality time with Que's "General Linux 1" [ISBN]0-78972292-5] to find (as I went to book the exam) the format and topics had changed a fair amount in four years (LPI is constantly evolving...).

It was fine book with some good Lab sections, however it was not preparing me for the onslaught that is the seriously tough LPIC Level 1 exam. After a quick rant in the LPI mailing lists, a friendly poster [ross@brunson.org] noted that a book did exist (recently printed) that accumulated one of the premier LPI Linux trainers knowledge and experience, and by no coincidence he was the author.

My previous guide had been only 340 pages long so I was concerned to find this was closer to 600! Luckily the author wastes nothing, with a considerably helpful introduction, followed by details of the LPIC 101 (both flavors) and the 102 exam culminating in the full LPIC Level 1.

The first half of the book is dedicated to the 101 exam, which is the first part of the LPIC level 1 certifications. This included a lot of trouble-shooting steps for basic booting of Linux with hardware configuration and included vi usage (key strokes, buffers, regular expressions), XFree86 (config and understanding) to text processing with tee, tac, sed etc. The detail involved also dipped into modems, CHAP scripts, hardware identification, jobs, processes, chmod, grep, exit statuses and much much more. This also where the RPM/DEB specifics some in; although I have used Debian for many years I opted to take the RPM exam simply because I believe RPM is more widely commercially used, not that I think it is a better packaging system. These skills are an excellent grounding for basic Linux use and understanding, giving rounded knowledge of all the key areas a Linux user should be aware of.

Each chapter has an example exam and the author often makes use of these to introduce new ideas and concepts to encourage the user to research further. These answers are accompanied by explanations of not only why the right answers were correct, but why the wrong answers were incorrect.

The second half of the book (after a quick 66-question 101 test exam) is much more geared to a junior sysadmin and I found it quite hard going. Topics range from runlevels, daemons, users/groups, kernel compilation, modules, shells, scripting, networking, services, printing and security. As you may imagine, some of these topics are quite extensive and I personally found this half much more difficult to absorb. Note there is only one 102 LPIC exam, there is no RPM/DEB choice. This list does not really do the subject matter justice, as it goes into such things as custom subnet masks, network time utilities, Apache, sendmail, crontabs and even more.

This was followed by a set of 77 test 102 questions with both a quick answer key and a complete set of explanations.

The book includes a pull-out Cram Sheet which can help you memorize things such as the IRQ/IO address for serial ports, the different man page sections and common printer commands.

The author also notes how best to prepare for taking and even resitting the exam (the LPI has a concise retake policy).

The actual exam questions and areas are weighted, and you should ensure you review for the heavily weighted sections at least as much if not more that the lower-weighted ones.

The key 'trick' to passing the exams is to have tried the commands yourself and seen the results, I cannot emphasize this enough! The LPI 'seems' to favor (currently) 2.4.x kernels in the FHS File Hierarchy Standard RPM and DEB varieties, I did most of my investigation either with Knoppix via qemu(in windows) or Debian sid running the 2.6.x kernel. (However, most topics are vendor/distribution neutral and kernel and other obvious differences are noted.)

Although this book contains a lot of examples, it is not for beginners, unless you want to base your Linux learning on it. Sysadmins will find it too simple in places, but should not be complacent as they will find some knowledge nuggets buried that will ultimately help them pass the exams.

The book is easy to read, with some real-world examples that are ideal to reinforce the information presented. (It has been noted that practice lab sections could have been included; see author reply here)

Unfortunately, there are a fair number of misprints, technical inaccuracies and spelling mistakes current errata but a quick session with man will set you straight and very few directly spoil the otherwise accuracy of the book (the author notes that a second reprint is addressing these).

The CD comes with the obligatory PDF version of the book and a test program, this has caused some problems for some Linux users although fixes are now available. The test program tries to recreate the testing environment, with optional timer and instant result features. I personally found it very useful to identify areas I was weak in and required further investigation.

The book does a good job not to stray off into GPL licensing or any other non (LPIC Level 1) related topic, leaving further investigation up to the reader offering links where relevant.

It took me about 15-20 hours to revise for the 101 RPM exam and I passed with (apx) 96% where as the revision for the 102 exam was over a much longer period (and a more turbulent part of my life) taking about 40-50 hours which gave me a (apx) pass of 86% (remember the questions are weighted, my percentage scores are simply against the number of questions I got right and makes me feel good).

Preparing you for the LPI LPIC level 1 exams (part 1(RPM/DEB) and part 2)

Not only did I find the book easy to get on with and an indispensable asset for passing the exam but it has had pride of place on my desktop and makes an excellent reference tome.

The LPI website does now list Ross's book and there are various other resources available for a quick google, or just wait for the Slashdot crowd to fill up the comments below.

You can purchase LPIC 1 Exam Cram 2 from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

jsuda (John Suda) writes "It seems as if everyone and his brother is writing books supporting standards-compliant Web design with XHTML and CSS. I have read and reviewed a half dozen this year alone. People are obviously trying to tell us something - plain HTML has to go! Web Designers' Reference: An Integrated Approach to Web Design with XHTML and CSS, by Craig Grannell, is the latest of these pronouncements." Read on for the rest of Suda's review. Web Designers' Reference: An Integrated Approach to Web Design with XHTML and CSS author Graig Grannell pages 389 publisher Friends of ED rating 8 reviewer jsuda ISBN 1590594304 summary Comprehensive guide to standards-compliant web design

The reasons are clear and compelling: The World Wide Web Consortium, which promulgates Web design standards, has decreed HTML as obsolete. Newer, more compliant browsers, will in time not support the older tags and code; the new standards facilitate much better use by the disabled of screen readers and non-graphic browsers. Not least, the newer code makes writing and revising code easier and more efficient, as well as more capable.

These are certainly good reasons for Web designers to move to the new code. Nevertheless, surveys show that most Web pages are not compliant and that thousands of designers continue to use deprecated code. I confess that I am one of them -- after a number of years learning and getting used to HTML, the need to learn new and more code is onerous. The inertia of habit is a factor, I'm sure.

For those Web designers like me, Mr. Grannell's book is a welcome addition to the literature because it systematically deals with the topics under discussion. In its coverage of XHTML, CSS, Javascript, and complementary coding (like PHP), it provides a nice framework guiding "old dogs" like me into standards-compliant code. Not only does it provide some historical perspectives on these codes, it compares the old with the new in regard to all of the important elements of Web design.

The author is an experienced Web designer and operates a design and writing agency. He also writes articles for a number of computer magazines.

Grannell's goals are to teach cutting-edge, efficient coding, and how to master standards-compliant XHTML 1.0 and CSS 2.1. There are a dozen chapters. He breaks down the elements of Web design into modular components so that one can focus on each element separately, like page structure, content structure, layout, navigation, text control, user feedback, and multimedia. Relevant technologies are explained in context of producing a typical Website.

If one finally decides to move forward, as many suggest, this is a very good volume by which to get your start. For new designers, this is a nice primer to learn what is expected, in an overall sense, of good, advanced Web design.

This is a well-produced book with clear writing, comprehensive approach, dozens of practical examples, and downloadable files with the code examples used in the book. The author writes in a logical sequence much like an engineer would. It is a heavy textbook-like read, only lightly sprinkled with style and personality. It should appeal primarily to novice designers, but has enough advanced information to satisfy an experienced designer who is looking for that fresh start.

And in fact, the structure of the book facilitates the "fresh-start" idea. It starts with a Web design overview, giving an experienced user's tips on what software to use to write code, what browsers to design for, how to build pages from the very top to the bottom. (XHTML, unlike HTML, requires a preliminary document-type definition (DTD) to validate. Only after the introductory section does the first HTML tag appear.)

Like others writing in this area, Grannell firmly advocates designing for standards compliance, usability, accessibility, and last and least, visual design. Marketing Department people may choke on that priority list, but there is no inherent conflict between function and aesthetics; Grannell simply does not spend a lot of time on the aesthetics.

The middle chapters concentrate on modular construction of pages -- the XHTML introduction, the structural elements like text blocks and images, the logical structure of the links and navigation flow, and finally, the stylizing with CSS. Comparisons between pages styled with HTML vs. CSS compellingly demonstrate the benefits and advantages of CSS. There will be no going back once you've decided to upgrade your technical approach.

Basic CSS concepts are explained and illustrated with code samples and screenshots. Grannell describes how to use CSS for text control, navigation, and layouts. There is a broad section on frames and another on forms and interactive components.

The last chapter covers testing and tweaking including how to create a 7-item browser test suite. Strategies overcoming browser quirks are discussed throughout the book. There is detailed technical information, especially in regard to the XHTML introductory section of the page, which I have not seen elsewhere.

There are three welcome reference appendices at the end covering XHTML tags and attributes, Web color coding, and a very comprehensive entities chart noting currencies, European characters, math symbols and more.

Much of this material is covered elsewhere in the growing set of publications about standards-compliant code. This book has the virtue of having a useful overall perspective on Web design and acts as a framework for new designers and converting designers to renew and upgrade their technical approaches.

You can purchase Web Designers' Reference: An Integrated Approach to Web Design with XHTML and CSS from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Martin Ecker writes "Following up on last year's first installment of the "GPU Gems" book series, NVIDIA has recently finished work on the second book in the series titled GPU Gems 2 - Programming Techniques for High-Performance Graphics and General-Purpose Computation, published by Addison-Wesley. Just like the first book, GPU Gems 2 is a collection of articles by various authors from game development companies, academia, and tool developers on advanced techniques for programming graphics processing units (or GPUs for short). It is aimed at intermediate to advanced graphics developers that are familiar with the most common graphics APIs - in particular OpenGL and Direct3D - and high-level shading languages, such as GLSL, HLSL, or Cg. The reader should also be proficient in C++. As with GPU Gems, GPU Gems 2 is not for beginners. For professional graphics and game developers, however, it is an excellent collection of interesting techniques, tips, and tricks." Read on for Ecker's review. GPU Gems 2: Programming Techniques for High-Performance Graphics and General-Purpose Computation author Matt Pharr, Randima Fernando (Editors) pages 814 publisher Addison-Wesley Publishing rating 9 reviewer Martin Ecker ISBN 0321335597 summary The second installment in NVIDIA's GPU Gems series shines with more "gems" on real-time graphics and general-purpose computation on GPUs.

The book is divided into six parts, each dealing with a different aspect of GPU programming. Compared to the first book, more emphasis is put on the quickly evolving area of general-purpose computation on GPUs, an area that is commonly known as GPGPU (General Purpose GPU; for more information see http://www.gpgpu.org). To my knowledge, this is the first book to contain so much information related to this relatively new field. In particular, three of the six parts of the book are about GPGPU and its applications. The first three parts, however, are about real-time computer graphics.

The first part of the book contains 8 chapters on photo-realistic rendering that mostly deal with how to efficiently render a large number of objects in a scene, which is a necessity for rendering convincing natural effects, such as grass or trees. Two chapters in this part of the book discuss geometry instancing and segment buffering, two techniques to render a large number of instances of the same object, and another chapter focuses on using occlusion queries to implement coherent hierarchical occlusion culling, which is also useful in scenes with high depth complexity.

Other interesting topics in this part of the book include adaptive tessellation of surfaces on the GPU, displacement mapping - an extension to the popular parallax mapping used in some current games - that allows to render realistic bumps on a simple quad, and terrain rendering with geometry clipmaps. Geometry clipmaps can be used to render large terrains almost completely on the GPU. They were first introduced in a SIGGRAPH 2004 paper by Frank Losasso and Hugue Hoppe, and the algorithm is discussed in detail by Arul Asivatham and Hoppe himself in chapter two of this book. This technique will most likely find wide application in next generation games.

Part two of the book consisting of 11 chapters deals with shading and lighting. I found chapter 9 by Oles Shishkovtsov on deferred shading in the soon-to-be-released computer game S.T.A.L.K.E.R. quite interesting. The game features a full deferred shading renderer, which is probably a first for a commercial game. In his chapter Oles describes some of the tricks used and some of the pitfalls encountered while developing that renderer. Also highly interesting is Gary King's chapter on computing irradiance environment maps in real-time on the GPU. These dynamically created irradiance maps can be used to approximate global illumination in dynamic scenes.
Furthermore, this part of the book has chapters on rendering atmospheric scattering, implementing bidirectional texture functions on the GPU, dynamic ambient occlusion culling, water rendering, and using shadow mapping with percentage-closer filtering to achieve soft shadows.

The third part of the book consists of 9 chapters on high-quality rendering. Most chapters in this part deal with implementing high-quality filtering in fragment shaders. For example, there is an interesting chapter on filtered line rendering and another chapter on cubic texture filtering. In chapter 23 NVIDIA also provides interesting insights into the inner workings of their Nalu demo, which was the release demo for the GeForce 6 series that displays an animated mermaid underwater. In particular, the chapter describes the techniques used to implement the mermaid's hair. Finally, Simon Green of NVIDIA presents his GPU-only implementation of improved Perlin Noise.

Whereas the first three parts of the book cover techniques for real-time computer graphics, the three final parts deal exclusively with GPGPU. Since GPUs nowadays offer a high level of programmability and because of their wide-spread use in commodity PCs, GPUs can be used as a cost-efficient processor for general computation in addition and parallel to the CPU.

Efficient usage of the GPU for general computation, so that conventional CPU implementations can be outperformed, requires special care when mapping algorithms to the highly parallel architecture of the GPU pipeline. Part four of the book mostly deals with exactly this and represents an introduction to the fantastic field of GPGPU. The 8 chapters of this part first describe the general streaming architecture of GPUs, with one chapter going into the details of the architecture of the GeForce 6 series in particular, and then move on to show how to map conventional CPU data structures and algorithms to the GPU. For example, textures can be regarded as the GPU equivalent to CPU data arrays. There is also a chapter on how to implement flow-control idioms on the GPU and a chapter on optimizing GPU programs.

The 6 chapters of part five of the book are on image-oriented computing and describe a number of GPGPU algorithms for performing global illumination computations, for example by using radiosity, on the GPU. There is also a chapter on doing computer vision on the GPU, which I found to be quite exciting. Because of its high parallelism, the GPU can be used to do the tedious tasks of edge detection and marker recognition required in computer vision in a very efficient manner, thus elevating the CPU to do other tasks in the meantime. James Fung, the author of this chapter, is also involved in an open source project called OpenVIDIA (see http://openvidia.sourceforge.net) that is all about GPU-accelerated computer vision. he final chapter in this part of the book explains how to perform conservative rasterization, which is important for some GPGPU algorithms to achieve accurate results.

The final part of the book has 6 chapters that present GPGPU techniques to perform a variety of simulation and numerical algorithms on the GPU. One chapter shows how to map linear algebra operations onto the GPU and develops a GPU framework to solve systems of linear equations. In other chapters the GPU is used for protein structure prediction, options pricing, flow simulation, and medical image reconstruction. These chapters show good examples of how the GPU can be used for non-graphics-related tasks. Furthermore, Peter Kipfer and Rüdiger Westermann present algorithms for efficient sorting on the GPU. Since sorting is such an important building block of many higher-level algorithms, it is important to have an efficient implementation for GPGPU algorithms.

The book contains many illustrations and diagrams that visualize the results of certain techniques or explain the presented algorithms in more detail. All images in the book are in color, which is definitely advantageous for a graphics book. In my opinion, the excellent quality and also the quantity of images and illustrations is one of the strongest points of this book compared to other graphics books.

The book also comes with a CD-ROM with supplemental material, videos, and demo applications to some chapters. Most of the applications include the full source code, which makes it easy to experiment with the techniques presented in the book. Note that most of the applications run on Windows only and many of them require a shader model 3.0 graphics card, such as a GeForce 6600 or 6800. The latest ATI cards, such as the X800, are not sufficient for running some demos because they only support shader model 2.0.

I highly recommend this book to any professional working as graphics or game developer. It is a valuable addition to my library of graphics books and I will come back to a number of articles in the near future. The focus on GPGPU in the second half of the book is a welcome addition and we can expect to see more and more non-graphics-related applications make use of the processing power in today's GPUs.

Martin Ecker has been involved in real-time graphics programming for more than 10 years and works as a game developer for arcade games. In his rare spare time he works on a graphics-related open source project called XEngine http://xengine.sourceforge.net.You can purchase GPU Gems 2 - Programming Techniques for High-Performance Graphics and General-Purpose Computation from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

jkauzlar (Joe Kauzlarich) writes "You've had a long, tedious day at work. You have some money in the bank and decide that you need to spend some of it on yourself rather than hand it over to the Man. Therefore, being a nerd, you go straight to the bookstore after work. You don't see anything exciting in the new releases for science fiction; you look at the new pop-science books, but nothing jumps out at you from the shelf- but wait... what's this massive new book by the acclaimed physicist Roger Penrose, The Road to Reality? The subtitle seems a bit presumptuous: 'A Complete Guide to the Laws of the Universe.' You pick up the heavy volume to inspect its contents ..." Read on for the rest of Kauzlarich's review. The Road to Reality: A Complete Guide to the Laws of the Universe author Roger Penrose pages 1136 publisher Knopf rating 10 reviewer Joe Kauzlarich ISBN 0679454438 summary General audience introduction to modern physics

Flipping through the eleven-hundred pages, you notice the gratuitous inclusion of mathematical formulae and the chapter titles on the page headers -- "Quantum algebra, geometry, and spin," "Gravity's role in quantum state reduction," "Calculus on manifolds" -- suggest a far more exclusive audience than yourself, a lowly paper-pusher with a four-year degree. "But then, what's this doing in the popular new releases?" you ask yourself, "Shouldn't it be hidden away in the darkened corner of the store's physics section?" But that's where you're wrong, you realize, glancing through the author's preface; this book is for you: Penrose has, it seems, composed a mathematical physics book for the general audience -- and not merely an introductory one, but one that takes you to the frontiers of modern theory.

The trouble with the common popular-science books that propose to illustrate modern physical theories is in their implicit premise of avoiding mathematical notation and concept in favor of plain English. This works to an extent, but ultimately breaks down when the nature of the subject matter itself is mathematical. Indeed, after reading the wonderful Dancing Wu Li Masters, the reader is no more prepared to plunge into a textbook on modern physics or to comprehend even the titles of the latest mathematical physics papers on Arxiv.org. Physicists know about the fundamental particles or the nature of space only through the mathematics that model the phenomena. Which is not to say that such English language renderings are useless, but they skillfully devise to distance themselves from what physicists actually do, as well as to reenforce readers' natural aversion to numbers and formulae.

Penrose's approach is not to dive head-first into the most strenuous material or to assume a proper background for the comprehension of advanced physics; instead, the first several chapters are devoted to building the necessary mathematical subtext for the remaining bulk of the book. The volume's length is not, as is often the case, a result of lengthy diversions or pedantry (needless complexity); Penrose keeps his eye on the ball throughout, consistently informing the reader how the topic at hand is related to the over-arching theme and infusing the more well-known pedagogy with creative insight, so that even a talented math major may learn from the introductory chapters on number systems or geometry. What's more, the careful organization of the disparate topics permits a fluid drift from one to the next. The effect is a single cohesive book and not a collection of notes or essays.

With 390 illustrations and a generous supply of endnotes and bibliography entries, it's clear that Penrose didn't consider the work completed with the text alone. The inclusion of short problems within the footnotes hints to the reader what concepts are important to understand. The usual footnote-commentary is withheld for the endnotes at the end of each chapter.

It's probable that the name "Roger Penrose" might excite some memories you may have of his previous works, published over a decade ago, both of which explore the mind-brain relationship. At least one of these (Shadows of the Mind -- the other is the more popular The Emperor's New Mind) proposes a quantum theoretical explanation for consciousness which was perhaps too liberal to have been taken seriously by neurologists. Penrose's efforts in quantum theory have, however, been more successful than those in neurology: in 1988 he was awarded the Wolf Prize, one of the very highest honors in mathematics (perhaps second only to the Fields Medal), along with Stephen Hawking, and has made invaluable contributions to quantum physics for the past several decades, proving himself to be one of the finest scientific minds of our day. In consequence to his stature, it's certainly a treat for laypeople that Penrose has donated the time and energy to the creation of a monumental expository work for general consumption.

Whereas the average pop-science journalist reaches upwards to accrue a book's material, Penrose's acknowledged expertise on the subject forces him back towards the ground again. If you think about it, I suppose this is as difficult a task, since much of what Penrose describes he's known for forty or fifty years (he was born in 1931). He apologizes in the final chapter for the necessity of handpicking among the dozen or so "theories of everything," sometimes according to his own professional biases. Today's leading theory, "String Theory" along with the theory of "Loop Quantum Gravity," and the little known "Twister Theory," are all covered in the later chapters; the first portion of the book builds the mathematical foundations for the succeeding chapters, which give an indepth treatment of quantum physics and quantum field theory. These topics are followed by the previously described "theories of everything."

A glance at the table of contents may make or break your purchasing decision; chances are, if you find the mysteries of the terms somehow galvanizing, then you'll enjoy the book. On the other hand, if the eclectic terms frighten you, you should perhaps look at the preface (where Penrose gives solace to anxious readers), or it may be best to avoid the book altogether.

As I mentioned earlier, little has been done for the general audience to explore the wide expanse between physics and mathematics. The Road to Reality is, in this respect, a virtually pioneering effort, and given its size, scope and quality, I would venture to guess it will remain the de facto text in its area for many decades to come, and may safely be placed on your bookshelf next to E.T. Bell's Men of Mathematics, Douglas Hofstadter's Gödel, Escher, Bach, or Benjamin Yandell's recent (*highly* recommended) The Honor's Class: Hilbert's Problem's and Their Solvers.

I am fortunate to have had some mathematics education and so am familiar with the basic principles of complex numbers, calculus, and geometry, making the first several chapters, while still insightful, less toilsome than it might've been. I suspect that the average bright high school graduate would have no trouble with Penrose's quick treatment of these concepts. I would recommend the reader have at least some familiarity with the basic terms of mathematics and physics (i.e. when Penrose mentions "set" you know he's referring to a particular mathematical structure) or the book could overwhelm you quickly. Additionally, readers would be at an advantage having read "English-based" modern physics books such as The Dancing Wu Li Masters, Michio Kaku's Hyperspace, Brian Greene's The Elegant Universe or a similar book about 20th century quantum physics. Either way, it's safe to say that despite the virtuosic readability of the text, it's still going to take an intellectual commitment on the part of the reader to reap all of the available knowledge."

You can purchase The Road to Reality: A Complete Guide to the Laws of the Universe from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Craig Maloney writes "Anyone who codes in Perl can relate to working on other people's code. Sometimes the code will thankfully include "use warnings" and be a joy to maintain. More likely, though, the code will have so many warnings that the useful output is long gone in the stratosphere of your scroll buffer. Even good code written for earlier versions of Perl can become aged and decrepit, requiring elderly modules that may or may not work with newer versions of Perl. Maintaining this code can be a hassle, but fortunately Perl Medic: Transforming Legacy Code (referred to for the duration of the review as Perl Medic) provides some very useful tips for getting through these migrations, and will help the next person maintaining your code." Read on for the rest of Maloney's review. Perl Medic author Peter J. Scott pages 312 publisher Addison Wesley rating 8 reviewer Craig Maloney ISBN 0201795264 summary A great collection of Perl wisdom and tips for experts and other patient Perl acolytes.

One of the goals of Perl Medic is to transform code from stylistically poor and unmaintainable into stylistically sound, maintainable and testable code. The format of Perl Medic is very similar to books like The Pragmatic Programmer or The Practice of Programming. Perl Medic shows the reader best practices by example. Some of the chapters are checklists of practices that will help improve your ability to manage and wrangle the code, while others are lists of patterns and practices you should avoid, and should replace with the examples provided. This format very readable, and provides an excellent forum for gleaning what ways to improve the code.

Perl Medic is designed with experienced coders in mind. Topics are presented as if the reader may be using these ideas already in their code, whether good or not. While the advice is good, the presentation may be confusing for beginner and intermediate programmers who aren't intimately familiar with the concepts. I found myself re-reading several topics to try and grasp what the author was trying to convey. After several readings of the section on test harnesses, I still needed help, and ran to the Perl documentation to better understand what the author was saying. Certain advice is also presented, only to have it countered in the next section. Most Perl programmers are familiar with the '-w' switch, which turns on warnings in a Perl program. The pragma 'use warnings' is introduced as a way to turn on warnings for just the code being worked on without displaying the warnings of the modules included in the program. In the next section, the author points out that it might be a good idea to put '-w' in there to see if there are any issues in the modules you may be including. While this advice may be intuitive for experienced Perl coders, the beginner may be confused. "Should I use '-w', or should I use 'use warnings'" she may ask herself.

The book also suffers from a case of being too brief in some sections. In section 2.3.1 (Gobbledygook) the reader is directed for help on how to turn a partially obfuscated program into more intelligible code; a very useful skill indeed. The author redirects the reader to section 4.5 where the utility perltidy is discussed with further detail, but before ending the section, the author also introduces the module 'B::Deobfuscate' along with a URL. No mention of how to use it is provided. In section 6.4 (Debugging Strategies) the author gives advice on how to debug a program. His advice: "Divide and Conquer". While there is debugging advice throughout the book, it's a little frustrating to see a section specifically designated "Debugging", with only one subheading under it. The organization of some of the topics feels artificial, and perhaps should be reorganized in future editions.

Underneath these faults, though, Perl Medic is a great book. Chapter 11 (A Case Study) should be required reading for coders inheriting Perl projects. This chapter is a blow-by-blow account of the author's work in transforming a simple LDAP application from Perl 4 into a robust Perl 5.8 application. The author is very candid about what decisions were made in the code transformation, and why certain elements were addressed in the way they were addressed. One particular element is an elderly module used for the LDAP lookups themselves. The author details the process used to determine a better module to replace this module, and guides the reader through each of the steps required to change the code to use this new module. The decisions the author uses to make this code work under the new environment are enlightening for anyone planning a migration of Perl code into a newer environment. Chapter 7 contains the versions of Perl from Perl 4 up until 5.8.3, and elaborates on what changed between the versions (very helpful for those who are planning an upgrade from 5.003 to a more recent version of Perl). Chapter 9 (Analysis) has very useful tips for not only debugging you program, but for using the Perl Debugger and getting the most out of your debugging session.

Perl Medic is recommended for anyone who is tasked with maintaining or writing Perl Code. While the examples are written with experienced coders in mind, beginners will do well to use this book for areas to focus on while they learn the language. Inheriting code can be a daunting task, but with a book like Perl Medic, you'll have the tools at hand to help ease the work ahead into a more manageable task. And you'll make it easier for "the next guy".

You can purchase Perl Medic: Transforming Legacy Code from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Simon P. Chappell writes "This is a hard review to write because I feel that I should be biased in favour of this book. I was one of the original reviewers of the book proposal. I read it and said "Yes, they'll be lining up around the block for a book like this!" Well, maybe those weren't my exact words, but I did offer my endorsement. After all, the Jakarta project of the Apache Software Foundation has an excellent reputation for quality Java code products and the Commons is quite the supply of diamonds in the rough. What could go wrong?" Read on for the rest of Chappell's review to find out. Apache Jakarta Commons - Reusable Java Components author Will Iverson pages 338 (8 page index) publisher Prentice Hall rating 4 reviewer Simon P. Chappell ISBN 0131478303 summary There are other books about the Jakarta Commons; buy one of those instead.

What's To Like

The book takes the reader on a journey through the Jakarta Commons. The Commons is like a massive utility library of Java code. Much of the code has been promoted out of the other Jakarta projects as it became more useful. One of the first such components was the Digester, which is a component to initialise a Java object from the contents of an XML configuration file. Very useful, originally from Struts and now used extensively by other Jakarta projects.

As the subject matter for a book, the Commons seems like a natural winner (I guess I have to say that!). There are so many components in the Commons that a guide to their types and usage does need to be available for developers.

Naturally, the book has a website to accompany it.

What's To Consider

Where to begin? I was actually surprised to find that I did not care for this book. The last review I wrote was for Mr. Iverson's very good Hibernate book. That was well written and structured. Unfortunately, this book feels kind of thrown together. The lack of care shows in the cramped layout and typesetting, the over-abundance of UML diagrams (a few here and there are great, but this felt like padding), code examples that can only be described as under-whelming and an approach that feels like an annotated telephone directory.

Despite the lack of quality of the primary chapters, they only actually account for the first 199 pages of the book. This is actually a very reasonable number of pages for a book, especially when you consider that classics like the first edition of Kernighan and Ritchie's "The C Programming Language" weighed in at about 220 pages. Sadly, the book then goes on for another 125 pages churning out what looks like repackaged JavaDoc for each of the major classes in the commons. You may like this, but it annoys the beans out of me and it'll reduce the score on one of my reviews faster than the Linux community can debunk a SCO IP infringement claim.

Summary

I really wanted to like this book. But it feels like someone was cranking the handle on a cash machine and thought that if they printed stuff about Jakarta, that the geeks would obediently buy it. Not this time. There are other books about the Jakarta Commons; buy one of those."

You could purchase Apache Jakarta Commons - Reusable Java Components from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

norburym (Mary Norbury-Glaser) writes "Firefox and Thunderbird Garage, written by Chris Hofmann, Director of Engineering at the Mozilla Foundation; Marcia Knous, Mozilla Foundation Project Manager; and John Hedtke, president of JVH Communications (and an accomplished technical writer) is published by Prentice Hall PTR. This is the most recent addition to their Garage Series of books, which aims to bring the newest topics in technology to print in an engaging and readable manner. Firefox and Thunderbird Garage does not disappoint: the authors have covered all the bases on these two popular apps with a combined writing style that keeps the subject matter alive and interesting." Read on for the rest of Norbury-Glaser's review. Firefox and Thunderbird Garage author Chris Hofmann, Marcia Knous, John Hedtke pages 384 publisher Prentice Hall PTR rating 8 reviewer Mary Norbury-Glaser ISBN 0131870041 summary Master Firefox and Thunderbird

The book is split into two parts, covering Firefox in the first half and its complementary mail app Thunderbird in the second. The first chapter discusses the open source software development concept, a brief history of Firefox and the unique features of Firefox including popup blocking, tabbed browsing, enhanced security, built-in Google search, live bookmarks, and Web developer support. Included are system requirements and instructions on installing Firefox on Windows, Linux and Mac OS X systems, as well as how to import settings from other browsers. The chapter continues with an overview of the application window and the various options screens, Firefox help and links to help on the Internet.

Chapter 2, "Protecting Your Security and Privacy," gives the authors a well-deserved soapbox to air the best reason to use Firefox. Yes, Firefox is small and fast -- but it was also built for security. In this chapter, there are some nice explanations of what's out there to worry about (viruses, worms, trojan horses, adware, search hijackers and keystroke loggers) and best practices on how to avoid them by using a proactive software application like Firefox: setting security options (history, passwords, cookies and cache), limiting Web access and setting Web features options (allowing software installs, enabling Java and JavaScript).

Popups are the most annoying aspect of surfing the Web, and chapter 3 dedicates itself to dealing with popups and banner ads by setting specific options built into Firefox. If you learn nothing else but how to control these annoyances then you've made your Web browsing experience infinitely more pleasurable.

Chapter 4 is titled "Searching the Web" and highlights Firefox's Google search toolbar, shortcut keys, using other built-in search engines (Yahoo, Amazon, eBay), searching within pages, using smart keywords and creating your own smart keywords. The authors include an amusing "fridge" aside on search games (NetBullseye or Googlewhacking) and a more practical "toolkit" aside, which describe how to use Google's advanced operators and where to get more information on optimizing Google searches. At the end of this chapter is a "blog" on "Websites to Waste Your Time With" and includes a long listing and description of Web sites on a wide variety of subjects: words, news, science and technology, silliness (unavoidable; we all partake), music, films, cartoons and...other. Just plain fun to be reminded of the vast variety out there.

Chapter 5 returns to seriousness with "Bookmarks and History" and illustrates how to: create and modify bookmarks, create live bookmarks using RSS (Really Simple Syndication or Rich Site Summary), use the bookmarks toolbar, organize bookmarks with Firefox's Bookmarks Manager and how to use the sidebar to view all your bookmarks. Manipulating these options gives the user more management control over their bookmarks and can make browsing easier and more productive.

Tabbed browsing is covered in chapter 6 and will be of particular interest to many IE users. If you've never experienced tabbed browsing, now's the time: download Firefox, read this chapter and never go back. Tabbed browsing allows you to open multiple browser screens within one window and simply select whichever one interests you without having to open yet another separate instance of the browser. The authors give nice direction on how to set tabbed browsing options, open links in new tabs, closing and reloading tabs, bookmarking multiple tabs simultaneously, opening live bookmarks in tabs and even using windows and tabs together.

The next chapter, "Customizing Firefox with Third-party Extensions and Themes," begins with a topic that comes as a natural consequence to having a small, powerfully built, open source app like Firefox: extensions. Folks will always want to add more functionality to what they have. Instead of building a bloated app that holds absolutely everything a developer and a user can think of, the Mozilla Foundation team built lean and expandable, which leaves the developer to bring specific functionality to a particular extension and, with the numerous extensions cropping up daily, allows the user to pick and choose only what they need or desire. Here, the authors explain extensions, where to find them, how to install or update them, and what to do about conflicts (disabling and uninstalling), and then give a detailed look at some featured extensions to enhance tabbed browsing, security, bookmarks, toolbars, sidebar, downloading, email (the Gmail Notifier extension is very useful) and searching. The second part of this chapter deals with third-party themes: Firefox includes a theme manager that aids the user in installing themes that customize the look and feel of the browser. There is an official Mozilla repository of themes that the authors use for their instruction in installing, switching, uninstalling and updating themes. The last section of this chapter includes a Garage Series "blog" on "Managing Your Blog With Extensions" and includes references to several popular blog-management extensions that can be installed in Firefox, and advice on how to choose one based on which blogging format you use.

Chapter 8, "Other Interesting Features," concludes the first half of the book with how-to's on using Firefox's Download Manager for downloading files, printing Web pages, customizing the Navigation and the Bookmarks toolbars and tweaking the display to set options for Website font, color and size. The chapter ends with a blog on "Literary Blogs Through the Ages" which is a bit of a rambling discourse on whether great writers like Shakespeare, Sylvia Plath, beatniks like Jack Kerouac and Ginsberg, Voltaire, Mark Twain or even Dr. Seuss would have blogged. The message here seems to be that it might be a bit refreshing to revisit literature and occasionally venture away from experiencing only what the Internet offers us. Having read books of all the authors represented here, I was intrigued and I did wonder whose voice this dialogue belonged to.

Back to the book, and in particular Thunderbird, Firebird's companion email application. Again, the authors cite security as a major reason to choose Thunderbird for email, and their praise is well deserved. Thunderbird doesn't permit scripts to run by default, has options to block images, contains message encryption features, and has support for certificates and digital signing. Thunderbird also sports accurate junk mail management, an integrated spell checker and RSS reader, powerful search capabilities and the ability to manage multiple email accounts. Chapter 9 walks the reader through hardware and OS requirements, download and installation on a variety of platforms, and making Thunderbird the default email client.

Chapter 10 concentrates on configuring Thunderbird for email, RSS and newsgroup. Since email is so critical to most of us, the authors take a cautionary step and provide various scenarios for either setting up Thunderbird with no previous email client used on the machine or migrating from another mail client. They include important considerations for using POP (Post Office Protocol) or IMAP (Internet Messaging Access Protocol) as well as migrating from Outlook and other standard email apps using the Thunderbird wizard or by manually importing. There are step-by-step instructions and accompanying screenshots for setting up email, RSS and newsgroup accounts; using the Global Inbox to view multiple email accounts in one inbox; creating and managing multiple identities (to manipulate your "from" address when sending and replying); basic composing, reading and sending email and adding and removing accounts. The Thunderbird address book is also described (importing and exporting addresses; creating a mailing list and sending an instant message). The end of this chapter includes a "toolkit" aside that discusses backing up the Thunderbird profile in order to move Thunderbird to another computer or to simply create a backup. In particular, they mention MozBackup. This is a Windows-centric approach, though: Mac and Linux users will need to look elsewhere for info.

Chapter 11, "Protecting Your Privacy and Blocking Spam," should be required reading for everyone. Not only does this chapter describe the many ways the user can manipulate Thunderbird options to optimize security and minimize spam but it has some good cautionary lessons on how pervasive and dangerous spam and phishing are and how to be proactive in protecting against the bad guys. They cover how to train Thunderbird's junk mail filter, configuring junk mail controls (white lists, handling, logging, adaptive filter), blocking remote images, using anti-virus programs, signing and encrypting email, using certificates and using the Password Management tool.

Organizing email is the subject of Chapter 12 and looks at ways Thunderbird can help manage mail: creating folders and subfolders, labeling mail (important, work, personal, etc.), marking mail (read, unread, junk, etc.), creating saved searches (which essentially creates virtual directories with shortcuts to the original messages), creating and using filters to sort related messages, and searching mail. An amusing "blog" ends this chapter with an invective against how the masses abuse email. Not just the spammers and the phishers, but the daily drones who forward lame jokes, litter their emails with smiley faces and use Reply To All indiscriminately. Ultimately, what I liked about this section wasn't that it held obvious information but, like the bit above on literary blogs, the authors humanize their subject matter by interjecting some personal reflections.

The final chapter of the book looks at customizing Thunderbird through the use of extensions and themes. Like Firefox, Thunderbird can also be enhanced through the use of their common Extension and Theme Manager. A thorough description follows on how to find extensions on the Internet and how to install and update extensions. There is also a good list of featured extensions and URLs to their download locations: getting and sending messages, productivity, configuration, privacy and security, RSS and companion extensions, among others. The next part of the chapter deals with using themes or skins to alter the Thunderbird look and feel: where to find them, installation, switching themes and updating them. Finally, there is a brief overview of customizing the toolbar and using either the built in icons or extensions that allow third-part icons to be added to the toolbar.

The end of the book is dedicated to the appendices (keyboard and mouse shortcuts for Firefox and Thunderbird; menu commands for each app; hacking configuration files and security, certificates and validation). These are followed by a brief glossary of terms.

Prentice Hall PTR's Garage Series books utilize a two-color layout with casual typography and art. The book reads comfortably with plenty of screenshots and appropriate and interesting asides like the "blogs" and "fridges" described in this review. As an introductory book, Firefox and Thunderbird Garage succeeds in providing valuable instruction on how to get the most out of both programs. There are lots of tweaks, tips and basic information on how to make these two applications powerful additions to any desktop system. I particularly like the FAQ asides as they provide a lot of troubleshooting advice throughout the book that clearly anticipates common problems, queries and gotchas. Obviously, there are choices of browsers and mail apps out there but, in putting together this great manual, the authors have given Mac, Linux and Windows users plenty of reasons to choose well and to ultimately choose Firefox and Thunderbird above the others.

Reader honestpuck (Tony Williams) also reviewed this book, and writes about it:

I currently work on a large campus supporting Macintosh users where I find the most common browser unstable and lacking in features and the most common email client just a little buggy and lacking in good support (neither are the free products provided by Apple). I think that a quick install and a copy of this book would solve a number of my problems. I would recommend this volume to all those who want a good beginner to mid level user volume on two excellent pieces of software. I would prefer to recommend this book to a beginner than any other I have seen on the topic, as it doesn't attempt to cover too much of the learning curve; rather it goes for width, covering both pieces of software and more of each that might be of interest to the early user.

Mary Norbury-Glaser is an IT Director at a University of Colorado Health Sciences affiliate center in Denver. You can purchase Firefox and Thunderbird Garage from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Bjorn writes ""Gaming Hacks" by Simon Carless dives into a spectrum of topics, ranging from emulators to MMORPG lingo to playing LAN-only console games online. If you're looking for something that covers topics like these, but don't want to waste your time searching the Internet for answers, this book is for you." (Simon, formerly Slashdot's Games editor, is now Managing Editor for the online arm of Game Developer Magazine, Gamasutra.com.) Read on for the rest of Bjorn's review. Gaming Hacks author Simon Carless pages 462 publisher O'Reilly Media, Inc. rating 8 reviewer Bjorn Holine ISBN 0596007140 summary Cool things gamers can do to create, modify, and hack videogame hardware and software.

I must start out by thanking Carless and the O'Reilly publishing company for continuing in the effort to protect the real meaning of the words "hacker" and "hacking." The news media constantly sullies the word "hacker" by portraying a young, white male living in his parents' basement, socially inept and overweight. For the technically challenged: the real and original meaning is a person that likes to tinker around with technology and change things (not in a maliciously) to get them to work better or differently.

I normally review games and post news over at 2404 - PC Gaming, LLC, a site created with PC gamers specifically in mind, which is why O'Reilly and company decided to send this book to me. Unknown to O'Reilly, I am also a 2600 subscriber, so I am used to reading about different sorts of hacks and tinkering. Even though I'm not a big programmer, I find it fascinating.

The questions I thought about most when reading the book were: "Who would it be good for?" and "Where might be the best place for it?" The first thing that popped into my head was an internet or gaming café. It will also appeal to hardware gurus, game developers, mod modification developers, home theater buffs who like to play games, and the very hardcore gamers who own every system and console available.

Because so many topics are covered, not everyone will find all of the one hundred "industrial-strength tips & tools" useful. It all depends on what kinds and how many gaming systems you have piled up in your closet, and how much you are willing to tinker with them. It also depends on your knowledge of the platform and genre you enjoy using/playing. For example, say you have always wanted to get into an MMORPG (massively multi-player online role-playing game) but have never had the time to understand the basic concepts of what goes on in this type of game: Gaming Hacks has an MMO dictionary for getting down the basics, and also provides tips and strategies on how to do well in this type of game, something people that are new to the MMORPG world would find very useful as they learn their way around the game.

The book begins with a foreword by Marc Laidlaw, a writer for the Half-Life series, which is very inspiring and would probably make any gamer want to start creating mods for games. After the foreword and the preface, the book is organized into eight chapters: Playing Classic Games, Playing Portably, Playing Well With Others, Playing with Hardware, Playing with Console and Arcade Hardware, Playing Around the Game Engine, Playing Your Own Games, and Playing Everything Else. This isn't the kind of book that you're going to read cover to cover. It is more of a game hacks dictionary. As the cover says, there are one hundred "hacks" total; in the chapters, the hacks are listed by number with thermometer icons next to them (see picture above.) These indicate how difficult the hack is to execute, letting the reader know if he should attempt it or not. Along the way you'll also find thumbtack and screw icons. The thumbtack indicates a tip or a suggestion and the screw signifies a warning.

The book does a good job of targeting a variety of people from different technical backgrounds and gives plenty of warning before you leap into something that will be difficult.

Here are brief descriptions of each of the chapters:

The first chapter, "Playing Classic Games," focuses on emulators and how to play homebrew games on consoles. Again, for the non technical reader, an emulator is a program that runs older games, or "ROMs," on newer consoles or on computers. It's a great way to enjoy the classics without having to dig up that old Atari 2600 or Commodore 64. Plus, you have the ability to hold many games on one storage medium. For example, you could store hundreds of SNES games on a CD that you could pop into your Dreamcast; eliminating the annoyance of hundreds of cartridges.

"Playing Portably" has some very interesting hacks which include playing games on your Ipod, taking and printing photos with your Game Boy, and installing a Playstation 2 in your car. There aren't as many hacks in this chapter but it should appeal to the portable gamers out there.

"Playing Well With Others" will be most useful to gamers who are new to the MMORPG genre, but also to other multiplayer beginners. The major focus is on the MMORPG, perhaps the most confusing game genre around for new players. Besides the dictionary and playing tips previously mentioned, it also discusses online courtesy and etiquette, things which apply to any game you happen to play online. This chapter ends with a section on how to catch Half-Life cheaters red-handed. Yes, that might be a little random, but the book is a collection of tips and "hacks." You have to keep that in mind.

I didn't think the first hack in the chapter "Playing with Hardware," titled "Build a Quiet, Killer Gaming Rig," was correctly named. This hack only focused on how to make your computer quiet, not on building an entire computer. The rest of the chapter details hacks such as how to adapt old video game controllers to a PC, and then goes into things involving home theaters. Most of this chapter is focused on audio, home theater setups, and multimedia gaming.

Half of the hacks in "Playing with Console and Arcade Hardware" are for the Dreamcast console. In general the Dreamcast seems to be a very hackable console, the main reasons being that it's a powerful, cheap system and it has Internet connectivity. A huge community was formed around the system after Sega decided to abandon its customers. Some highlights in this chapter include playing import games on American consoles, hacking the Dreamcast Visual Memory Unit (VMU), playing music and movies on your Dreamcast, and programming music for your Nintendo.

The next two chapters, "Playing Around the Game Engine," and "Playing Your Own Games," are going to appeal to people who want to get their hands dirty with beginning mod and game development. On average, the difficulty level is higher for these chapters and will probably take some more time. Hacks include creating PS2 cheat codes, modifying PC game saves and settings, creating a vehicle model for Unreal Tournament 2004, and writing a game in an afternoon.

The last chapter, titled "Play Everything Else," has seven miscellaneous hacks. The hack that stood out the most to me in this chapter was titled "Play Japanese Games Without Speaking Japanese." The section includes a list of common words that appear in Japanese video games and gives the translations--something that could be very useful to the gamers who enjoy playing imports. Other hacks in this chapter include accessing your console's memory card offline, overclocking your console and tweaking your tactics for FPS (first-person shooter) glory.

The best advice I can give you if you are pondering whether or not to purchase this book is to look through the table of contents. If you like what you see, it will be worth the purchase. Whether it be overclocking a console, emulating an SNES on Dreamcast, writing MMORPG macros, or creating your own simple games, Gaming Hacks has a hack that every gamer can appreciate. True, you could probably find quite a bit of the information covered in "Gaming Hacks" on the internet but it is convenient to have it all in one place.

You can purchase Gaming Hacks from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

gnetwerker writes "John Markoff of the New York Times has written a new book on the pre-history of the PC, and the convergence of that history with the 1960s drug culture and anti-Vietnam War movement in the Bay Area. I was privileged to receive a pre-publication copy." Read on for gnetworker's review of Markoff's What The Dormouse Said: How the 60s Counterculture Shaped the Personal Computer Industry. What The Dormouse Said: How the 60s Counterculture Shaped the Personal Computer Industry author John Markoff pages 353 publisher Viking rating 9 reviewer Gnetwerker ISBN 0670033820 summary Convergence of 1960s Anti-War and Drug Culture with Early PC Develoments

John Markoff, veteran technology reporter for the Times, is the first to comprehensively tell this story of the pre-history of the PC. Markoff, best known for Cyberpunk and Takedown: The Pursuit and Capture of Kevin Mitnick, explodes the conventional notion that the PC replaced the mini-computer in the same way that the mini-computer replaced the mainframe -- by a sort of evolutionary selection within the computer business, by persistently investigating the roots of the PC -- its unsung pioneers, its user interface, and the culture of open-source software in the San Francisco drug and anti-war culture of the late 1950s and 1960s.

Most histories of the personal computer begin with Steve Jobs, Steve Wozniak, and Apple in 1976, but while hanging out at SAIL in the mid 1970s, and at the First West Coast Computer Faire in 1977, I heard highly attenuated versions of the folklore that Markoff has only now, after nearly 30 years, run to ground. Conventional histories of the PC make passing reference to the MITS Altair (1974) before going on the talk about the Apple, the IBM PC (1981) and what followed. The more sophisticated would conspiratorially tell the story of how Steve Jobs "stole the idea" for the Macintosh from Xerox's fabled Palo Alto Research Center (PARC) as they were "fumbling the future," and nearly everyone knew that Bill Gates then stole the ideas from Apple.

But the truth of those half-heard folktales from my youth is that nearly every concept in the personal computer predates all of this, in a delightfully picaresque tale that starts in the late 1950s and weaves together computers, LSD, the Berkeley Free Speech Movement, the Vietnam War and dozens of characters.

Markoff has painstakingly researched the men (and a few women) who populated the cutting edge of the computer revolution in 1960s San Francisco, capturing an oral history of the PC never before recorded. Central to Dormouse is the story of Doug Engelbart, the "tragic hero" of computing, and the man who invented -- and demonstrated -- virtually every aspect of modern computing as much as a decade before the PC. Engelbart presided over the ground-breaking 1968 demo of his Augment concept, which included multiple overlapping windows, the original mouse, a screen cursor, video conferencing, hyperlinks and cut-and-paste -- virtually every aspect of the modern PC user interface three decades later. Yet the combination of Engelbart's ego and his poor management skills doomed the project, and his best team members leaked over to Xerox PARC, where they worked on the equally doomed "Alto" workstation, source of Steve Job's inspiration.

In parallel to this central story are those of the Stanford AI Lab (SAIL), the Free University, the People's Computer Company, and the Homebrew Computer Club, all located within a few files of the center of the San Francisco peninsula. SAIL, in its first incarnation under John McCarthy and Les Earnest, may have been the first place where computers (or the powerful access to a time-sharing server) really were "personal," and was almost certainly the birthplace of the first true computer game, SpaceWar. It was the locus of naked hot-tub parties, a porn video, and not a little bit of LSD (taken both as serious experimentation and recreationally) that fueled a cast of characters dodging the Vietnam war at Stanford and at the ARPA-funded Stanford Research Institute and creating a counter-culture. Virtually everyone linked to the genesis of the PC spent some time at SAIL, including Alan Kay, who conceived the first notebook computer, who appears first at SAIL before running into Englebart and his enrapturing demo of Augment, leading him to PARC and eventually Apple.

Dormouse is peppered with odd juxtapositions and combinations of characters including Fred Moore, the anti-war activist and single father who knit the community together with a pile of special punch cards and a knitting needle and helped create the People's Computer Company and the Homebrew Computer Club. Another, Steve Dompier, was widely accused -- falsely, Markoff convincingly reports -- of being the source for the infamous distribution of Gates' early Altair BASIC. (Was this the eThrough the whole story Stewart Brand -- of Whole Earth Catalog fame -- pops up "Zelig-like" at nearly every turn. The list goes on: Larry Tesler, Ken Kesey, Joan Baez, Ted Nelson, Lee Felsenstein, Bill English, Janis Joplin, and Bill Gates.

If the book has a problem, this is it. Markoff neither presents a first-person oral history nor is he able to tease a single central narrative thread out of this creative soup. He tells several interwoven stories, but there is so large a cast of characters that one must be a dedicated reader (or have a previous knowledge of some of the events described) to keep everything straight. Without a single narrative, the book returns several times to the start of a timeline, retracing it from another perspective, and after a while you feel the need for a map.

Markoff's own "Takedown" shows that with a clear narrative arc he is a wonderful writer, and while the complexity of the tale may keep away casual readers, Markoff does the entire technology industry a great service by capturing these tales while most of the primary sources are still alive. The central story of Doug Engelbart deserves a book of its own -- a better book than the nearly unreadable Bootstrapping by Thierry Bardini -- and one can hope that Markoff revisits the trove of original material he located for this story to write that book.

Dormouse is an essential "prequel" to Michael Hiltzik's excellent Dealers of Lightning, the definitive work (so far) on Xerox PARC, and belongs on every bookshelf that includes Katie Hafner's Where Wizards Stay Up Late: The Origins of the Internet.

For anyone who thinks they know anything, or wants to know anything, about the real roots of the PC revolution and the pioneers who never got famous, this book is required reading.

You can purchase What The Dormouse Said from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

A reader writes:"Ever wonder why Michael Faraday, steam engines, Ezra Cornell, the Van de Beurses family and the Edison Effect were so important to today's computer business. Andy Kessler has a free download of a PDF of his new book, How We Got Here: A Slightly Irreverent History of Technology and Markets. It's a James Burke-style connect-the-dots of events and people from 1642 to this morning. Kessler's site takes you through a "poor man's DRM" process to get your very own PDF." Yeah, yeah - DRM. But the PDF/book is worth reading for understanding the history to tech. Speaking of good things to read, I also read this little ditty Not Proud, which was good. It's stuff from NotProud.com collected in dead tree form.

danny writes "I haven't stopped writing book reviews, it's just been a while since I wrote any suitable for Slashdot. Read on for my review of China Mieville's Iron Council." Iron Council author China Mieville pages 471 publisher MacMillan rating 5 reviewer Danny Yee ISBN 0345464028 summary an inventive but disappointing fantasy

The world of the New Crobuzon city-state is loosely based on the European industrial revolution's "steam age", mixed together with an extraordinarily inventive range of fantastic features. People are "remade" into strange forms in punishment factories, there are all kinds of nonhuman sentients -- cactus people, insect-like kephri, and more -- and there are a diverse range of magics. The Mayor and Parliament rule through a brutal Militia, but revolutionary factions abound and a draining war with Tesh is fueling discontent.

Cutter leads a band of insurrectionists from the Caucus, looking for the golem creator Judah. They fight a series of battles as they travel across a war-torn landscape, seeking the semi-mythical Iron Council, a group of railway workers who rebelled and escaped into the wilderness. Meanwhile Ori is involved with the shifting revolutionary factions in New Crobuzon. He joins one of the more violent groups, which eventually launches a plot to assassinate the Mayor.

Much of the "colour" of Iron Council comes from politics, with allusions to historical groups and events, most obviously to various socialist and anarchist movements and to the Paris Commune. It attempts to harness the pathos and power of revolutionary myth and history, but the result is mostly poor pastiche, nowhere approaching the drama of real history. The historical links are weak, often mismatched with the peculiar features of New Crobuzon, and unable to carry the sentiment Mieville tries to invest them with. And there's not enough background for anyone to actually care about the New Crobuzon revolution in its own right: Iron Council has neither actual political philosophy nor social detail nor real people.

Another annoying feature of Iron Council is that everything is subservient to the special effects of the moment. At one point, for example, we read:

"With a thumb of chalk, Spiral Jacobs drew the shape that had given him his name, whispering while he did, and it was of astonishing perfection, a mathematical symbol. And then there were smaller coils coming from its outer skin, and Jacobs ran his hand over it and walked on.

It began to rain as Ori reached the mark Jacobs had made. It did not smear."

But though Ori and Jacobs continue to roam the city, the rain never features again -- it's just a completely ad hoc device to highlight the mysteriousness of the spiral symbols. This is a trivial example, but this kind of thing recurs at different levels throughout Iron Council: strange wondrous monsters are invented, new magics deployed, characters introduced and then disposed of, new words coined -- all to help enhance a single encounter, battle, scene, or piece of dialogue.

Mieville's characterisation is weak. The three central characters manage to get less and less interesting as time goes by, to the point where the deaths of two of them are of no moment. The plot and Mieville's dazzling invention hold Iron Council together and kept me reading to the end, but the overall effect is, apart from a few novel ideas, unmemorable and unlikely to bear rereading. It was no doubt unwise of me to expect more, but the fuss about Mieville and the recommendations of friends had raised my hopes.

Note: I haven't read Mieville's earlier books set in the same world -- Perdido Street Station and The Scar -- but Iron Council is entirely self-contained.

You can purchase Iron Council from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Frank Buss writes "Common Lisp is an ANSI standard, which defines a general purpose language and library, and is implemented by free and commercial compilers and IDEs; see *hyper-cliki* for more general information about Common Lisp. The book Practical Common Lisp explains the language with many practical examples and is available in full text online, too." Read on for the rest of Buss' review. Practical Common Lisp author Peter Seibel, Gary Cornell (Editor) pages 500 publisher Apress rating 8 reviewer Frank Buss ISBN 1590592395 summary A book for learning and using Common Lisp

Unlike other good books about Lisp, which are focused on a specific domain, like AI (such as Paradigms of Artificial Intelligence Programming ) or basic computer science (for example Structure and Interpretation of Computer Programs for the Lisp-like language Scheme), this book focuses on solving real-world problems in Common Lisp, like web programming, testing etc., after introducing the language by examples in the first chapters. I started with Lisp half an year ago, and it has helped me a lot in learning it. But even if you already know Lisp, this book may be useful for you, because it has a fresh view on the language and the examples in the later chapters are usable in your day-to-day work as a programmer.

The first chapter tells you something about the author (he was a good Java programmer before starting with Lisp) and the history of Lisp and Lisp dialects like Scheme. The next chapters are a tour through all Lisp features, written in easy-to-understand steps, beginning with the installation of a Lisp system and an introduction to the interactive REPL. You don't need any experience in other languages to understand it.

The general concept throughout is to explain a feature first, then show an example of how to use it, with detailed discussion of what the example does and possible pitfalls. A nice example is the APPEND function, which does not copy the last argument:

The reason most list functions are written functionally is it allows them to return results that share cons cells with their arguments. To take a concrete example, the function APPEND takes any number of list arguments and returns a new list containing the elements of all its arguments. For instance:(append (list 1 2) (list 3 4)) ==> (1 2 3 4)

From a functional point of view, APPEND's job is to return the list (1 2 3 4) without modifying any of the cons cells in the lists (1 2) and (3 4). One obvious way to achieve that goal is to create a completely new list consisting of four new cons cells. However, that's more work than is necessary. Instead, APPEND actually makes only two new cons cells to hold the values 1 and 2, linking them together and pointing the CDR of the second cons cell at the head of the last argument, the list (3 4). It then returns the cons cell containing the 1. None of the original cons cells has been modified, and the result is indeed the list (1 2 3 4). The only wrinkle is that the list returned by APPEND shares some cons cells with the list (3 4). The resulting structure looks like this:

In general, APPEND must copy all but its last argument, but it can always return a result that shares structure with the last argument.

In chapter 9, the first larger practical example is developed, a unit testing framework (like JUnit), which is easy to use and to enhance.

Certain Lisp implementation behaviors can be confusing, such as those for for building pathnames. The pathname concept in Lisp is very abstract, leading to different choices in different implementations. This is no problem if you use only one implementation, but chapter 15 develops a portable pathname library, which works on many implementations. By doing this, it shows you how to write portable Lisp code, using different code for different implementations with reader macros.

After an introduction to the Common Lisp Object System (CLOS) and a few practical FORMAT recipes (the printf for Lisp, but more powerful), chapter 19, "Beyond Exception Handling: Conditions and Restarts", is really useful. The exception handling in Lisp (called "condition system") is more general than other exeption systems: In Lisp you can define restarts where you generate an exception and the exeption handler can call these restarts to continue the program. After reading this chapter, you'll never again want to use the restricted version of Java or C++ exception handling.

Chapters 23 to 31 show real world examples: a spam filter, parsing binary files, an ID3 parser, Web programming with AllegroServe, an MP3 database, a Shoutcast server, an MP3 browser and an HTML generation library with interpreter and compiler. If you ever thought that Lisp is an old language, only used for AI research, these chapters prove you wrong: Especially the binary files parser shows you, how you can extend the language with macros for implementing binary file readers, which looks nearly as clear and compact as the plain text binary file description itself. I'm using some of the ideas for a Macromedia Flash SWF file reader/writer I'm currently writing. Take a look at my Web page for my currently published Lisp projects.

The Web programming chapters demonstrates how to use a dynamic approach for generating web pages. You just start a Web server in your Lisp environment; then you can publish static Web pages or define functions, which are called when the page is requested by a browser. The author demonstrates how to define dynamic pages with formulars in Lisp and Lisp HTML generators.

After reading Practical Common Lisp, you will know most of Common Lisp and how to write real-world programs with it. Some special features, like set-dispatch-macro-character, or using one of the non-standard GUI libraries, are not explained, but it is easy to learn the rest of Common Lisp and to use other Lisp libraries, with the knowledge gained from this book.

You can purchase Practical Common Lisp from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page

r3lody (Raymond Lodato) writes "Over the years, I've read a number of books on Excel programming. Each one seemed much like the previous one, generally talking about writing macros and creating data-entry forms. Professional Excel Development takes the concept quite a bit farther. Rather than giving you the same old tired lessons, this book goes into detail on exactly how to build professional level applications. It even explains how to make your Excel-based application look as though Excel had nothing to do with it. Suffice it to say, this ain't your daddy's Excel book." Read on for the rest of Lodato's review. Professional Excel Development: The Definitive Guide to Developing Applications Using Microsoft Excel and VBA author Stephen Bullen, Rob Bovey, John Green pages 936 publisher Addison-Wesley Professional rating 10/10 reviewer Raymond Lodato (rlodato AT yahoo DOT com) ISBN 0321262506 summary A remarkably detailed 'how-to' book on creating complete applications using Excel as a base.

The authors, Stephen Bullen, Rob Bovey, and John Green, show a level of sophistication well beyond the norm. They'd rather teach you the proper way to program instead of teaching you how to use Excel. In fact, the first thing they do is distinguish five different levels of usage: Excel users, Excel power users, VBA developers, Excel developers, and professional Excel developers. The book is written for the highest level, so expect a lot of depth.

Rather than simply show how to record a macro and reuse it, they start by talking about coding practices, naming conventions and application structure. That's followed by an entire chapter on worksheet design, including names, styles, validation, formatting and controls. After a chapter on add-ins, they launch into the topic of dictator applications, that is, applications that completely take over the Excel interface and look like a regular, non-Excel program.

The following chapters go into much more detail about wringing every ounce of functionality from Excel, and then turning to the operating system and Visual Basic for more help. After discussing data manipulation with databases, they talk about using XLLs and the C API, VB.NET, and writing Help files to complete the application. The entire structure of the book builds around a time-entry application that is developed from a simple spreadsheet to a full-blown, production quality program. A CD-ROM is also included with all of the source code and multiple examples that are scattered throughout the book.

Reading Professional Excel Development is not something to be taken lightly. The authors have done a fine job putting together a cohesive methodology for using Excel as an application development platform. I know of no other book that covers this platform in such depth. At times I found myself lost in the details, but I suspect a "professional Excel developer" (which I am not) would be delighted in the depth of description and copious examples provided.

I tried to relate a lot of what Stephen, Rob, and John discussed to OpenOffice Calc, to see if it could be ported to an open source environment. I was surprised by how much actually came across. Granted, items in OpenOffice are sometimes in different places, or named differently, than their counterparts in Excel, but most of the same functionality is there. Unfortunately, most of the examples are written in VBA, which doesn't translate cleanly into OpenOffice. Still, with perseverance, you would probably be able to develop most of what is described in the book.

Professional Excel Development is an extremely well-written book that covers the use of Excel to a depth few authors have dared to tread. The text gives you the tools to build applications that are much more than automated spreadsheets. Almost any program your imagination can devise can be created using the techniques given, which is a testimony to the power of Excel. Bash Microsoft if you want, but they do sometimes come up with a winner, and Professional Excel Development allows you to take full advantage of its capabilities.

You can purchase Professional Excel Development: The Definitive Guide to Developing Applications Using Microsoft Excel and VBA from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Alex Moskalyuk writes "For 17 years, a British programmer who calls herself Verity Stob has been entertaining the readers of Dr. Dobbs Journal, EXE and The Register with her witty humor and variety of writing styles, which has now been collected into book form. In the foreword to the book, Danny O'Brien from NTK says that before the days of Dilbert, Futurama, User Friendly and Slashdot, the market for geek humor was dangerously under-served. So Verity attempted to add a little humor." Read on for the rest of Moskalyuk's review. The Best of Verity Stob author Verity Stob pages 316 publisher APress rating 6 reviewer Alex Moskalyuk ISBN 1590594428 summary Highlights Of Verity Stob's Famous Columns From EXE, Dr Dobb's Journal, And The Register

Stob's writing is hard to categorize. It's both humor and satire, sometimes just overwhelmingly funny and sometimes barely causing a chuckle. It's British, so some things passed way over my head. Since she started her writing back in 1998, there are references to mainframes, Unisys systems and the days when you would call tech support and instantly get a human being on the other end. Nevertheless, the book is entertaining, although it's more of a coffee table book, where you can pick it up and start on any page, than book where you'd go chapter-by-chapter.

Her humor is original and versatile. Poems, stories, scripts, hacked diaries, parodies -- the book has them all: after all, it's a collection of the best of her writing. She's an experienced C++ programmer who had been in the Windows world for a while, so frequently the jokes relate to C++ peculiarities. Such as Thirteen ways to loathe VB (written in 2000):

Calling functions and accessing arrays. In most languages you can distinguish between a call to function F with parameter 3 an a reference to an array F with index 3, because one is written F(3) and the other F[3]. In Visual Basic they're both written F(3). Yes.

Her 2001 article for DDJ is actually nothing but a screenshot of a page called Dotdotdot with the subtitle Where nerds go on and on and on and... followed by a paragraph-long article titled Microsoft does something and a bunch of upset comments from the readers including a poster spelling out Look at me! in large letters in the first post.

Or her parody of George Orwell's 1984 which talks about Way After 1984 and describes Winston Smith's typical day:

As he entered the lobby, a breeze stirred the 60-foot banner suspended high above from the roof. The three oh-so-familiar slogans of the Ministry were printed across the banner in large letters: REGISTRATION NOT LEGISLATION MONOPOLISATION IS INNOVATION WHERE DO YOU WANT TO GO TODAY?

See another sample of her writing, which those who've had to go through code reviews will especially appreciate.

The book is organized chronologically, with Verity's early writings listed first, and some of the unpublished material included at the end of the book. Overall, it's a pretty good and entertaining read, although in many cases the chapters made me scratch my head trying to get to the point of the joke. It's especially difficult with parodies, since if you don't quite know what is being parodied, it's hard to get the joke. The Register has another review and those British journalists called it painfully funny.

You can purchase The Best of Verity Stob from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

pankaj_kumar writes "'Tools are an aid to productivity, but you only get the benefits of the tool by using it for the right task; hammers bang in nails and screwdrivers are for screws.' This quote from chapter 9 ("Scripting") from Alan Monnox's Rapid J2EE Development applies not only to the choice of the programming language but to the whole array of software development activities thoroughly and eloquently covered in the book." Read on for the rest of Kumar's review. Rapid J2EE Development: An Adaptive Foundation for Enterprise Applications author Alan Monnox pages 395 publisher Prentice Hall PTR rating 8 reviewer Pankaj Kumar ISBN 0131472208 summary A telescopic view of tools, techniques and processes for boosting Java software development productivity

"Using a Hole-Hawg for the job of a homeowners drill can have deleterious effect on productivity by causing serious harm to the health of the inexperienced operator." Just identifying a tool for a task is not enough. You should also be able to match the demands of the task to the characteristics of the tool and your ability to handle the tool. The good news is that this book passes even this stringent test, suggesting very practical and hands-on approach for choosing the tool with right characteristics for the specific demands of the task.

The ever-growing body of literature on development best practices, the burgeoning ranks of supporting tools and the accompanying debates on their relative merits can easily overwhelm most practitioners. Worst, a large chunk of the developer community may never spend the time and effort and miss the opportunity to take advantage of them altogether. Rapid J2EE Development offers an easy path to such Java developers by bringing together a number development techniques, best practices and description of supporting open source tools in a single book.

Whether you are a confused Java developer, overwhelmed project leader or plain lost manager, this book has something for you. Wondering about how to design complicated class hierarchies to encapsulate the ever-changing business rules? Worry not, follow the advice of Chapter 10, "Working to Rule" and use Jess, an open-source Expert System Shell. Don't have the time or motivation to download and play with it? No problem. The coverage includes not only an overview and discussion on when and where to use it but also presents a sample session and illustrative code snippets.

If you're confused with all the hype around AOP (Aspect Oriented Programming) and uncertain about where to start, start with the chapter "Aspect Oriented Programming," which introduces the notion of crosscutting concerns in any large software project, presents the AOP terminology to nail down these concerns and associated actions, and covers AspectJ and AspectWerkz to apply AOP to your projects. The brief description of these tools may not answer each and every question, but the example- and code-driven approach will certainly make you feel a lot more comfortable and motivate to explore further.

Not able to decide whether to use XP (Extreme Programming) or RUP (Rational Unified Process) for your next project involving four different development teams in three different continents interacting with as many customer groups? The Chapter "Embracing Adaptive Methods" outlines an approach to making such methodology decisions, though it is not very obvious from the chapter title. (Of course, you will have to read the sections that talk about when XP works best and when the rigors of RUP start paying off to make your decision.) And although there is not much discussion around mixing elements of development methodologies or adapting them in the middle of an ongoing project, the author's account of a real case study does exactly this.

These are just a few examples. Other topics covered include use of UML for modeling, code generators, Model-Driven Architectures, Java-based scripting languages, Object Relational mapping, build and test automation, and use of the right IDE plug-ins for J2EE projects. Among the development tools, all the usual suspects are there: Apache Ant, Eclipse, Jython, JUnit, HttpUnit, JMeter. In fact, I also found description of tools that were somewhat new to me: MyEclipse, AndroMDA, Middlegen and few others.

I found the book to be highly readable, insightful and loaded with the right kind of details. For example, the information on debugging with Eclipse explains how to configure a J2EE program for remote debugging, and how to debug a Web application using JSPs, something that is quite hard to do without the right tools and the right methods. Even the UML primer, with its well-chosen examples, is a good refresher.

It is easy to get superficial when covering a lot of ground: a common pitfall for authors of books on new technologies is that they themselves get caught up in the hype and lose perspective, but Alan somehow manages to keep the extraneous stuff out and deliver what a hands-on professional looks for. He tempers his zeal with practical realities and conveys the same to the reader with anecdotes and discussions with colorful stories such as the Cargo Cult Software trap and Christmas Puppy Syndrome.

The book manages to introduce a number of the very best open source Java tools available to boost productivity in a very natural manner and with the appropriate context, and it succeeds in giving a "feel" for the tool by presenting hands-on sessions. Most other such efforts that I am aware of usually end up being a drab list of tools with descriptions taken from home pages.

Given the number of topics and tools covered, it would be unrealistic to expect in-depth coverage of everything. What this book does is to create the right context, introduce the appropriate topics, and generate sufficient motivation to explore further. Fair enough. In fact, I believe this is the best approach for any book in this "Google era" -- the book should tell what you should look for and let Google do the rest.

So, is there anything not to be liked about the book? Well, I was a little disappointed to not find my favorite BeanShell among various Java scripting alternatives. Another thing I noticed is that the coverage of system manageability issues, especially in a book with J2EE in its title, was quite conspicuous by its absence. Also, some of the points, especially those around use of best practices and development techniques, could be made more emphatically with help of focused and concrete anecdotes.

Of course, no book can cover everything, especially on topics that are open-ended by nature. Overall, I think it does justice to the subject matter and is worth reading by anyone even remotely connected to the business of creating, maintaining or operating Java/J2EE software.

You can purchase Rapid J2EE Development from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

norburym (Mary Norbury-Glaser )writes "Carla Schroder's Linux Cookbook (O'Reilly) is an extremely dense volume packed with valuable information. The author writes with precision and detail and with a conversational style that handles the topic with a wry humor making this book a pleasure to read. The Linux Cookbook is command-line based so some familiarity with a Linux system, the inherent power of using the command-line and the dangers of using root are necessary." Read on for the rest of Norbury-Glaser's review. Linux Cookbook author Carla Schroder pages 700 publisher O'Reilly rating 9 reviewer Mary Norbury-Glaser ISBN 0596006403 summary Practical Advice for Linux Users and SysAdmins

The O'Reilly Cookbook series uses a problem/solution/discussion layout to deliver content in a "recipe" format. Schroder provides a thorough compendium of practical solutions to common problems found in the Debian and RPM-based Linux environments. Intended for the beginner to intermediate user, this book also has lots of good nuggets for the advanced Linux systems administrator. The table of contents generously lists each topic covered with enough detail for the reader to quickly pinpoint specific problems of interest.

The book begins with a logical chapter, "Finding Documentation," which naturally covers man (manual) pages: understanding, finding, reading and printing the documentation that has frightened many a newbie. The author includes references to other documentation (CHANGELOGS, RELEASE NOTES, etc.) and even some graphical viewers like Konqueror, Yelp and Pinfo. This chapter provides a nice overview of man pages and clearly explains how to find documentation quickly and efficiently.

Chapter 2 covers "Installing and Managing Software on RPM-Based Systems" and the introduction, "Source-Built Systems: The Olde Way", made me LOL. Schroder describes how "us old-timers" did it in the days before dependency resolvers; with failed makes and long download times. Having experienced my share of "Dependency Hell" and espousing more than once, "In my day....", I can take a cue and not only laugh at the past but appreciate the present. Schroder brings that to bear with her problems and solutions to "RPM Hell". Ahhh, the more things change, the more they stay the same! Schroder addresses issues with RPM (Red Hat Package Manager) basics and Yum (Yellow Dog Updater, Modified).

A natural transition to this chapter is "Installing and Managing Software on Debian-Based Systems" which introduces the package manager/dependency resolver, apt. A particularly nice addition here is a description of how to build a local Debian package repository for sharing out to client systems. This is a bit of how-to that is useful for sysadmins and is a welcome addition to a book of "solutions". Schroder follows this chapter with "Installing Programs from Source Code" which provides an alternative to using package management. Included here: generating a list of files from a source install, installing programs from source code and using CheckInstall to create packages.

Chapter 5, "Discovering Hardware from Outside the Box," illustrates the problem of detecting hardware. Schroder discusses an assortment of solutions: using Ispci, dmesg and reading /proc. Also included is how to view drive partitions and how to calculate drive capacity with fdisk.

Schroder chooses JOE and Vim as topics for her "Editing Text Files" chapter. This isn't intended to be a tutorial on each editor. Rather, the author provides some quick problem/solution scenarios that guide the reader through customizing the two editors to meet their unique preferences and she lists useful commands and offers recommendations on how to use vimtutor and Joe's online help to get up to speed.

Chapter 7 is titled "Starting and Stopping Linux" and begins by explaining runlevels then discusses how to start and stop X, how to change the default runlevel and how to manage Debian's and Red Hat's runlevels. Also included are command-line solutions to manually configure, start and stop services. The latter is particularly useful since many of us find ourselves needing to manually stop or restart a service when testing configuration changes. Another sysadmin tip found here is disabling or limiting access to Ctrl-Alt-Delete. This is a common "first step" to protecting a machine in an secure environment.

"Managing Users and Groups" is the topic of Chapter 8 and covers system accounts vs. human user accounts, finding UIDs and GIDs, modifying accounts (changing the login or UID, moving a home directory), deleting users and disabling accounts, killing user processes, password and disk quota management and using shell scripts to manage batches of users and passwords. Included in this chapter is the author's cautionary statements on using su and sudo to gain temporary root powers while doing system tasks at the command-line.

In the introduction to the next chapter, "Managing Files and Partitions," Schroder provides a well written primer on understanding filesystem fundamentals: Linux file types, file attributes and definitions, filesystem internals (logical block, logical volume, B+trees, etc.), and journaling filesystems. She uses this basis to tackle the common problem of controlling who has access to what file and uses the chmod (change mode) command to change file permissions. She includes batch operations and setting file and directory permissions with chmod. The next set of problems in this chapter deals with using the chown command to change ownership of files and directories and doing batch operations with chown. Other solutions here: setting up a shared directory with setgid and the sticky bit, using umask to set permissions defaults, configuring file system mounts with /etc/fstab, mounting and unmounting filesystems on hard drives (a common issue with dual or triple boot systems), using dmesg to find device names in order to mount them in conjunction with fdisk to show partition numbers on drives, creating and deleting files and directories using mkdir, touch and rm, using fdisk to create Linux disk partitions and creating a filesystem on a new partition. Pretty much everything one would desire to do bound in one chapter!

Chapter 10 is dedicated to "Patching, Customizing and Upgrading Kernels". Many users have avoided modifying their kernel because of fear of "hosing" the system entirely but Schroder shows that it's not that complicated and can be accomplished without fear of losing one's "old" kernel. She addresses upgrading to the latest stable version of the 2.4 kernel, adding new features to the 2.4 kernel, building the 2.6 kernel and removing a kernel patch (we've all needed to do this at one time or another).

The next chapter on CD and DVD recording will be a well thumbed section for many readers. Schroder points out that the "entire field is evolving rapidly, and CD/DVD standards are in a chaotic state." Schroder introduces some fundamental packages (cdrtools and dvd+rw-tools) and straightforward instructions on how to get the most out of CD/DVD. She begins with a fairly comprehensive Glossary of Formats and Standards which provides a good basis for getting a handle on a number of terms and changing technologies. Some problems she tackles here are common: finding the SCSI address for CD and DVD writers, enabling SCSI emulation for IDE/ATAPI CD and DVD writers, making a Linux and Windows readable data CD, copying a CD or DVD, erasing a CD-RW, recording a multisession data CD, creating a bootable CD using mkisofs (a pre-mastering program) and recording data DVD using growisofs (a front end to mkisofs).

"Managing the Bootloader and Multi-Booting" will also be a popular chapter, especially for LILO users who want to migrate to GRUB and newbies who will learn quite a bit about how bootloaders function and how Linux manages partitions. Many Linux users not only have a Windows partition on their system but other Linux distros happily sharing a drive. Schroder gives a nice step-by-step solution to correctly partitioning a drive for multi-booting various Windows OS versions and other Linux distros with bootloader solutions for both LILO and GRUB users.

We've all done it: hosed our system. Can't get past the errors, can't boot. Schroder turns to the best Linux recovery tool there is: Knoppix, a bootable, live CD with Linux drivers and utilities that automatically detect your existing partitions. This chapter covers all the necessary tools you'll need to get your system back up and your data recovered: booting Knoppix; creating a Knoppix boot diskette; saving your Knoppix config on a USB flash stick; creating a persistent, encrypted Knoppix home directory; copying files to another Linux PC; copying files to a Samba share (Windows PC); copying files to a CD-R/RW; installing software from Knoppix, repairing a lost root password; installing Knoppix to a hard disk and virus-scanning Windows PCs with Knoppix.

Chapter 14, "Printing with CUPS," describes the Common Unix Printing System and how to: find drivers; network printers; install printers on a standalone Linux PC; share a printer without using name resolution; share printers on a mixed LAN with Samba; build a dedicated CUPS printer server; restrict printers to select users and troubleshooting. There's more here than a typical home user will need to learn but it's well documented for a sysadmin.

Chapter 15 deals with "Configuring Video and Managing X Windows" and the author provides detail on the X Window System and X.org, terminology, hardware (video adapters) and drivers. She leads the reader through installing new video adapters and making manual settings by editing XF86Config, configuring a multihead display, configuring startx to start the desktop or window manager and changing the login display manager.

Doing backups using rsync and incorporating Mondo Rescue for creating a bootable system restore disk is the topic of Chapter 16. Rsync is an extremely efficient and elegant solution to synchronized backup. Schroder covers local file transfers and synchronization, using ssh with rsync to authenticate login and encrypt the transport of data, building an rsync backup server, automating rsync over ssh backups, customizing filepaths in rsync and installing rsync on Windows clients. Also in this chapter are problems/solutions for creating a bootable system restore disc using Mondo Rescue. Mondo can also be used to clone Linux systems and for a complete system backup.

The next chapter, "Remote Access," concentrates on the SSH protocol: setting up OpenSSH, generating new host keys, authenticating via public keys, using multiple key pairs, using ssh-agent and keychain for passwordless logins. Schroder takes SSH a bit further with a section on tunneling X over SSH and solves the problem of accessing Linux boxes from Windows clients (using PuTTY and Cygwin).

For programmers or groups of users who are collaborating on a single project, version control is a powerful tool that can simplify and maintain both code and documentation trees. In chapter 18, Schroder shows the reader how to build a simple RCS (Revision Control System) repository then how to compare file versions in RCS; manage system config files with RCS, use CVS (Concurrent Versions System) for a single-user local repository; add and delete files from a CVS repository and how to create a shared CVS repository. She then goes into a good amount of detail working with files in CVS as well as building a public repository with Pserver and customizing the CVS environment.

Chapter 19 is dedicated to ntp (network time protocol) which will interest sysadmins. Schroder walks the reader through building a local time server using ntp and ntpdate, connecting the clients, adding access controls to ntp.conf and using iptables rules, setting up multiple local time servers and using ntp keys for authentication.

The next two chapters cover "Building a Postfix Mail Server" and the related "Managing Spam and Malware". Schroder chooses to pick one mail app for handling email, Postfix, rather than some of the other contenders (Sendmail, Exim or Qmail) and introduces the topic with a glossary of terms. She then helps the reader through a POP3 mail server setup, testing the mail server using telnet and openssl s_client, the basics of sending and receiving mail and installing Cyrus-SASL for SMTP authentication, among other topics. The author doesn't neglect IMAP servers or Squirrelmail and covers issues related to both. Schroder follows this with a comprehensive chapter on adding spam and virus-fighting tools to the Postfix server and includes a basic checklist for the admin who manages a cross-platform environment with Windows clients. She then discusses adding checks to /etc/postfix/main.cf and provides a discussion on UBE (unsolicited bulk email) controls. The chapter continues with creating whitelists for management of wanted addresses, using DNS blackhole lists and setting up Clam Anti-Virus and SpamAssassin.

Schroder takes a simple approach to Apache installation and configuration in Chapter 22: a public web server for a single domain serving up static HTML pages. This is a very basic introduction to Apache and web serving on a Linux box. Her topics include how to start Apache at boot, password protecting individual directories, using robots.txt to control web crawlers, making custom error pages, using favicons and viewing Apache access logs with Webalizer. A bit thin on details in this chapter but adequate to get one up and running.

Sysadmins get another treat with Chapter 23: "File and Printer Sharing, and Domain Authentication with Samba." Schroder begins by building a simple Samba file server on a Windows LAN. She extends that a bit with a Windows/Linux peer-to-peer network then rounds that out with a description of how to add authentication to the Samba server in order to control access to the shares. For admins with a large numbers of users, Schroder helps solve the problem of converting /etc/passwd entries to smbpasswd format and copying them to /etc/samba/smbpasswd using the mksmbpasswd script. She also delves a bit deeper into controlling share access by using ACLs (access control lists). There are always groups of users who need to share files and those users who need a central network directory for their personal files and there are solutions here for creating public shares and home directories. The chapter then moves into building a PDC (primary domain controller) with Samba and connecting various Windows clients (95/98/ME/NT/2000 and XP) to a Samba domain as well as connecting Linux clients both by the command-line and with GUI LAN browsers like smb4k, LinNeighborhood, Konqueror and Nautilus. Password synchronization is briefly covered in one problem before the chapter switches gears to sharing Linux printers with Windows clients and vice versa. Running Windows applications directly on Linux is solved using CrossOver Office and Schroder applies the last section of this chapter to installation and discussion of this tool.

The last chapter of this book is dedicated to "Managing Name Resolution." Schroder offers a discussion of DNS and then provides a glossary of DNS terms before addressing the problems section. The author helps the reader enable name resolution on a LAN with hosts files then shows how to set up a DHCP server to take care of IP addresses. She then discusses configuration of Windows and Linux dhcp clients, adding static hosts to dhcp and running a public DNS server. Schroder looks at installing djbdns (initials of the creator, D. J. Bernstein + dns) as a secure, simple and robust alternative to BIND. Schroder shows how to configure the djbdns tools, tinydns and dnscache before giving a tour through BIND and how to set up a local BIND caching name server, installing both a private and a public BIND DNS server and building a BIND secondary server. The author finishes the book with a section on testing and querying DNS servers using dig and dnstrace.

The appendices offer extended information on how to find Linux documentation, a reference list of online hardware Web and Usenet sites, a list of Microsoft file types and extensions and an init script for CVSD.

O'Reilly is well known for producing high quality books that are beautifully bound and well designed. The layout of this book is simply presented with clear typography with chapter and topic headings easily discernible and command-line sections cleanly delineated. The book opens and stays open to selected pages for ease of use (no "cracking" of bindings allowed or necessary!); most of us like to follow along with a book splayed open next to our keyboard or laptop so it's nice not to have to balance our mug of coffee on one side of the book to prop it open.

The Linux Cookbook by Carla Schroder is extremely easy to navigate and very readable thanks to the author's sensible and practical topic selection, clarity of writing and humor. In providing solutions to common problems, Schroder has also managed to disperse valuable advice along the way. Her common sense approach to Linux systems management and administration shines through. The reader gets the benefit of the author's experience in this clearly written and valuable resource to Linux. A bonus is the author's enthusiasm for her topic. This translates into a pleasurable read. Much of this information is scattered across a large number of Websites but having a single competent resource to have at hand makes this book worth owning.

You can purchase the Linux Cookbook from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

nazarijo (Jose Nazario) writes "Continuing in the new theme of fiction and technical how-to, Aggressive Network Self-Defense brings together several authors to provide a wide range of material. Syngress' niche in this space seems to be breaking new ground -- and for the most part, it works. While you don't get as in-depth a treatment as a typical technical book gives you, there is an added dimension: namely, a more realistic scenario of how these tools fit together in a real, live series of actions." Read on for the rest of Nazario's review. Agressive Network Self-Defense author Neil Archibald, Seth Fogie, Chris Hurley, Dan Kaminsky, Johnny Long, Haroon Meer, Bruce Potter, Roelof Temmingh, Neil R. Wyler, Timothy Mullen pages 416 publisher Syngress rating 8 reviewer Jose Nazario ISBN 193183625 summary take your security into your own hands to identify, target, and nullify your adversaries

Not being a big fan of most fiction (I tend to prefer history), it's hard to say definitively good or bad things about the quality of the writing. What I can say is that it's infinitely less irritating, and far more realistic, than Neal Stephenson's Cryptonomicon or Gibson's Neuromancer. No over-the-top smearing of adjectives to describe the mundane, and no unrealistic sequences of events. Then again, there's no character development and no real story progression, so it's not great fiction.

As a series of hacker vignettes, the book works just fine, and very well for the purposes at hand. Basically, what the authors want you to get from the book is two-fold: First, they want you to debate the issues around "strike back" attack methodologies. Several of the authors are open advocates of what are legal grey areas and open moral questions in the field of network security. Secondly, they want you to see how it's done, what you do when you actually use a tool to achieve a goal. Most books that do this, like Hacking Exposed, cover far more tools, but they usually do so without showing you each tool's use in a real-world scenario.

I won't bore you with a lengthy, detailed overview of the first part of the book. Like I said, it's a series of part fiction, part tutorial series of short stories. In them, you'll see tools like Metasploit, virus creation, some nmap, sniffers, and keystroke loggers, all in action, being used as an operator would use them, and achieving real goals. This is more valuable than a basic manual, and the stories themselves act as a nice setting. While not great fiction writers, the authors are decent enough at the job, and they write the technical material clearly.

The second part of the book is interesting. It makes up about a fifth of the book in volume, but a lot more in technical weight. The book bills this section as "The technologies and concepts behind network strike-back," and that's an accurate summary. It's a series of four unique perspectives and technical chapters that complement the rest of the book quite well.

The first introduces ADAM, the "Active Defense Algorithm and Model," which develops a methodology for network administrators to actively defend their networks against attacks. It's quite interesting, and brings together a number of risk models in an uncommon take. The authors are academic researchers from the University of Idaho, so it's a lot more academic than the previous material in Aggressive Network Self-Defense, but it formalizes a lot of the thinking that was present in the writing of the stories and techniques.

The second is Tim Mullen's classic "Defending your right to defend." This is the original position paper shared by Mullen with the information security community in 2002 or so. Here, Mullen makes a compelling case for actually striking back at worm infected hosts. After all, the position holds, someone should do something about them to help clean up the Internet. While it's a position I disagreed with at the time and still do, Mullen's writing is articulate and an important read. It really helps you understand a lot of the thinking that went into the book itself.

Dan Kaminsky wrote the next chapter, "MD5 to be considered harmful someday." Largely considered to be a follow-on to Joux and Wang's one-way hash function research, what it shows is how practical such an attack can be. Kaminsky never fails to come up with interesting ideas he puts into practice, and he adds another level of depth to this book.

Finally, Aggressive Network Self-Defense ends with an interesting paper, "When the tables turn: Passive strike-back." Like any good paper, it has a clear and thoughtful motivation, and really demonstrates the principles at play, namely building network resources that don't simply lure the attacker in, they trip her up. There are so many ways to do this, the authors show us, and ultimately it's almost fun. A good way to end the book.

An over-arching concern with the book that I have is the question of ethics. Mullen, in the foreword, states that he hopes the book stirs a debate about the ethics of the actions in the book. However, the book itself falls short in this area. Instead, sometimes the characters get busted, and sometimes they don't, but just because they didn't get caught doesn't mean some ethical lines weren't crossed. All too often the authors leave the ethical debate up in the air. While I prefer this to overt preaching or questions, the style leaves me wondering if this goal was achieved.

So, where do I stand on Aggressive Network Self-Defense? In the end, I like it, more so than a book like Hacking Exposed or other "hacking how-to" types. The style of presentation doesn't lend itself all that well to exploring a very wide number of tools, but it does give you a deeper context to see how they assemble into something larger. For many people I expect it will be a page turner, and I think the format has some utility, as shown here.

You can purchase Aggressive Network Self-Defense from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

r3lody (Raymond Lodato) writes "Novice users and power users of *nix will enjoy reading From Bash to Z Shell: Conquering the Command line by Oliver Kiddle, Jerry Peek, and Peter Stephenson. In this moderate-sized book from Apress, the authors delve into both bash (the Bourne Again Shell) and zsh (Z Shell) to enable you to use them to their fullest advantage. Topics range from the simple editing of the command line to redefining key sequences, down into creating functions for editing and command-line completion. Some areas are covered in other books, but this one goes into some little-seen side streets and alleyways to show you the shortcuts to more efficient use of the shell." Read on for the rest of Lodato's review. From Bash to Z Shell: Conquering the Command Line author Oliver Kiddle, Jerry Peek, and Peter Stephenson pages 472 publisher Apress rating 9 reviewer Raymond Lodato (rlodato AT yahoo DOT com) ISBN 1590593766 summary An in-depth look at the functionality of bash and zsh.

A *nix-style shell is available on a number of platforms, so the authors chose not to limit themselves to just one, such as Linux. The techniques they discuss can be used in Unix, as well as under Windows using cygwin.

In case you're not overly well-versed in shell handling, the first part of the book does a pretty good job covering all of the things a typical user might want to do. Basic command editing, I/O redirection, jobs, processes, and some simple scripting are all covered. For many users, this is also as far as they would like to go. However, reading a little further yields treasure.

The next part delves into bash version 3.0 and zsh version 4.2, both freely available on the Internet. In addition to more sophisticated command line editing techniques, the authors also delve into the misty realms of re-binding keys. A great many users find themselves typing the same sequences over and over again. While sometimes a script makes sense to encapsulate these sequences, sometimes you want to simply enter some text and that's where a key binding makes sense. One example given in the book for zsh is bindkey -s '\C-xt' 'March 2004\eb' . After the binding, typing CTRL-x t puts the string 'March 2004' onto the command line, and moves the cursor under the '2' so you can insert the day of the month. That's a very simple example for a very powerful facility. A good chunk of chapter 4 is spent on showing how to make the most of bindkey (or its bash cousin 'bind').

The next few chapters cover common topics of prompt strings, file/directory globbing, and shell history. Then, significant press is given to the subject of pattern matching. Many people understand basic pattern matching and regular expressions, but From Bash to Z Shell goes into careful detail, with many examples from both bash and zsh, to contrast the (minor) differences between these two powerful shells. The next chapter discusses command line and file/directory name completion, a topic usually glossed over in other texts. Finally, job processing wraps up Part 2.

The third and final part of the book deals with extending the shell using variables, scripts, and functions. Here's where we get into the nitty-gritty. The first two chapters go over familiar territory: shell variables and shell programming. The chapter on programming is easy to follow, and I suggest you try the examples as you go to get the most out of it. The last two chapters focus on topics frequently overlooked: editor functions, and completion functions. Editor functions allow you (with bind[key]) to define new capabilities to use while editing the command line. This is where a true power user can shine, creating a suite of new functions to speed his/her use of zsh or bash. Completion functions work in defining new ways for the shell to complete a command, file name, or directory, based on a user-written function. Honestly, it's not something I would tend to use, but the capability is intriguing.

All in all, From Bash to Z Shell provides a frequent shell user with a plethora of new insights into customizing the bash and zsh shell programs to fit his/her tastes. The authors have filled a void in tackling the subject of customizing the shell rather than just simply using it. I would have liked to see more coverage of some of the more standard uses of the shells, just so the book could be a more complete reference, rather than the specialized one it is. Specialized or not, there is a lot offered here, and you couldn't go wrong getting this book.

You can purchase From Bash to Z Shell: Conquering the Command Line from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

danila (Danila Medvedev) writes "'Gnothi seauton' was the precept inscribed in gold letter upon the temple of the Oracle of Delphi. The authorship of this famous maxim was ascribed to every great Greek philosopher, from Pythagoras to Socrates. According to Juvenal, this precept descended from heaven. It is immensely strange, then, that most people, including you, my dear reader, never really make the effort to 'know thyself.' The number of misconceptions, superstitions and myths that we spread about ourselves is indeed astonishing. Fortunately for you, someone else has already taken the time to understand you and present the results in entertaining, easily digestible, but at the same time scientifically rigorous format. Let me introduce Mapping the Mind by Rita Carter, an illustrated user manual to the software that runs inside our skulls -- the human mind." Read on for the rest of Medvedev's review. Mapping the Mind author Rita Carter, Christopher Frith pages 224 publisher University of California Press rating 10 reviewer Danila Medvedev ISBN 0520224612 summary Extensive illustrations drawing on the lastest in brain imaging techniques, along with expert text, makes this book especially imformative and a wonderful companion to other titles in neuroscience.

Rita Carter is a British medical writer. She was twice awarded the Medical Journalists' Association prize for outstanding contribution to medical journalism. The book gives a comprehensive description of our knowledge about the brain (as of 1998, when the book was written). It covers popular topics, such as the causes for optical illusions, the nature of the Mona Lisa's smile, the differences between the left and the right brain, between males and females, the mechanisms of drug addictions. It also delves into less popular subjects, such as the need for rationalization, the mechanisms of speech and reading, the "programmability" of patients with a lobotomy, the causes of face-blindness and many others. In fact, after finishing the book I can hardly name any aspect of the mind that the book didn't tell me about.

Throughout the book, Carter's descriptions invariably remain strict, rigorous and factual. The book doesn't make any empty claims about our minds, nor does it delve into controversies perpetrated by the uninformed. Everything written is always based on pure hard science, with references aplenty.

This doesn't prevent the book from being easy to read and immensely entertaining. Imagine the weirdness of thousands of clinical histories condensed into 330 pages for our education. The simplest way to understand the function of some part of the brain is to find a person in whom it is damaged. Here you have it all: A man who believed that copulating with the pavement was normal; the famous man who mistook his wife for a hat; Vladimir Nabokov and his account of synaesthesia; people with Fregoli's syndrome (who constantly mistake strangers for people they know, even though they realize they look totally different); chickens excited by Pink Floyd's "The Final Cut"; Nadean Cool, her false memories of baby-eating Satanic cults and her 120 different personalities, including a duck; and people with anosognosia, who refuse to realize their illnesses, such as blindness or paralysis. And what's even better, you will be able to find explanations for your own quirks and deficiencies. There are bugs in every program; your mind is no exception. It is an amazing feeling to be able to realize how your mind works, what makes you tick, what constitutes "you" -- why you feel, think and act the way you do.

The book is a treat for the eyes: the huge number of helpful, pretty illustrations makes it both easier to comprehend it and more pleasant to read. The numerous diagrams and brain scans illustrate every subject, showing which areas become more active when you have depression, which areas cause OCD (caudate), what causes eating disorders (faults in hypothalamus), the pathways activated during face recognition, etc. This helps dispel the illusion of our brain being an incomprehensible black box, letting you get a grip on the physical basis for thoughts. It's like ignoring the EULAs and looking at the source code for your mind for the first time.

The book consists of eight chapters. It begins with an introduction to the brain structure in "The Emerging Landscape," starting with an overview of the misconceptions of phrenology, and ending with a short comment by a neurophysiologist Horace Barlow, who explains the usefulness of a reductionist approach as a first step to studying the brain. The section covers all brain modules, the neural pathways and explains the evolution of the brain.

After we are through the basics, our journey around the brain starts. First, in the "The Great Divide," Carter explains the roles of the left and the right hemispheres and the corpus calossum -- the connection between them. Among other things Carter explains the alien hand phenomena, describes experiments that demonstrate that people whose corpus calossum have been severed exhibit two separate personalities, and touches the puzzle of left-handedness.

After that, we delve deep into the brain, into its more primitive part, the limbic system, which is responsible for our emotions. Then we are shown the nature of perceptions and how they achieve their meanings. After that the author breaks from the confines of the brain and explains the social nature of humans, and how language enables most of our social interactions.

Then Carter describes the nature of our memories. She explains amnesia and Alzheimer's disease, explains the amount of memory we have, and where different memories (such as procedural memory, fearful experiences, or normal memories) are stored. She describes H.M., a patient with most of the hippocampus and amygdala removed. His mind had no continuity at all; H.M. lost the ability to form most types of new memories, but he could form procedural memories and could learn some new music to play on the piano. Another man, after having a minor stroke in the middle of a family dinner, suddenly found that he didn't remember where he was, and no longer recognized the people at the table. He didn't do anything, though, and later told the doctor: "I felt quite happy being with them even though I didn't know who they were," and "they seemed rather an agreeable lot." We are shown why false memories are the norm, rather than an anomaly.

Finally, our most unique and advanced feature -- consciousness -- is explained. Carter describes the "working memory" model developed by Alan Baddeley, where images and speech-based information is held for short time in a cache-like space, while the "central executive" part co-ordinates the information processing. She demonstrates how complex programs can be easily triggered in patients with lobotomy. French neurologist Francois L'Hermitte once invited two of his patients, a man and a woman, to his home. He ushered the man into a bedroom without explanation. In the middle of the day the man saw the ready-to-use bed and immediately undressed, preparing to go to sleep. When a woman was let in and saw the rumpled bed, she immediately started to make it. Carter explains the illusion of the free will and its evolutionary origins.

She ends the book with the optimistic conclusion: "I believe one thing is already clear: there is no ghost in this place, no monsters in the depths, no lands ruled by dragons. What today's mind voyagers are discovering is instead a biological system of awe-inspiring complexity. There is no need for us to satisfy our sense of wonder by conjuring phantoms -- the world within our heads is more marvelous than anything we can dream up."

What does this book leaves the reader afterwards? It left me with the insatiable desire to immediately read it again, this time with a notebook and a pencil at hand, so that I do not miss a single fact, a single lesson, a single bit of truth about who I am. To me the book was perfect -- a unique combination of scientific rigor and entertaining writing. Each amusing medical account was always accompanied with a detailed explanation of the physiological basis for it and a handy illustration. It was complete, well-structured and accessible.

I think it was the best book (fiction or non-fiction) that I read in the past year. The only other book that approached it was another take on the nature of the mind - the amusing Permutation City by Greg Egan, which takes the technologically feasible idea of mind uploading and pushes it to its limits, exploring the philosophical and mathematical consequences along the way.

You can browse the book at Google Print. Please do so and then read it in full. Learning about yourself should be the top thing on your agenda, if you consider yourself an intelligent creature. And for a computer scientist or a programmer there can hardly be a more interesting subject than the most complex software application, written over the millions of years, an amalgamation of legacy features, sloppy code, perfectly optimized routines, special cases and the ever-harmful neural goto operators. "Gnothi seauton," and have fun doing it.

You can purchase Mapping the Mind from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

Corey Nachreiner writes "Until recently, I considered myself a Google power-user; so much so that I often call Google my "second brain." Whenever I stumble upon a computing dilemma I can't solve, I submit an advanced query to my second brain, Google, and let it supply the answers. That's why I was So There when Johnny Long released his recent book, Google Hacking for Penetration Testers . I heard Johnny's lively, light-hearted presentation to a packed house at the BlackHat Briefings last summer in Las Vegas. It was the hit of the show, but in one hour he could only present a few of his startling findings about Google hacking. After reading Johnny's book, I've learned a ton more and realized I wasn't quite as Google-savvy as I thought. As with my real brain, I've only been using about ten percent of my Google-brain's capacity." Read on for the rest of Nachreiner's review. Google Hacking for Penetration Testers author Johnny Long pages 448 publisher Syngress rating 8 reviewer Corey Nachreiner ISBN 1931836361 summary Google's dark and dork sides exposed; despite the title, useful for everyone who'd like to get the most out of google.

According to its cover, Johnny Long's book focuses primarily on revealing the "Dark Side" of Google -- a promise it delivers in spades. But I can also heartily recommend Google Hacking to newbies who simply want to learn how to harness Google's full potential.

The first few chapters of the book walk you through Google's interfaces and features, then introduce you to Google's advanced operators and techniques you can use to refine your Google searches. Instead of submitting basic searches that leave you arduously parsing hundreds of results for your desired answer, you quickly learn to submit powerful queries that almost instantly yield the results you intend. Even as an experienced Google user, I learned a lot from Google Hacking's early chapters. For Google neophytes, this alone makes the book worth its price.

However, we all know Slashdotters really want this book in order to learn how hackers misuse Google. Well, you won't be disappointed. As soon as Long has taught you to submit advanced queries, he wastes no time in showing you the techniques l33t Google hax0rs use to exploit the search engine's power. For example, did you know you can use Google as a free proxy server? By submitting a specially-crafted, English-to-English translation query, you can capitalize on Google's translation service to anonymously submit all your Web requests. This simple hack just scratches the surface of Google's malicious potential.

Most Web surfers don't realize the sheer amount of extremely sensitive information available for the harvesting on the Internet. In that sense, Google Hacking is eye-popping. Do you want to find misconfigured Web servers that publicly list their directory contents? A quick Google search does the trick. Or, suppose you found some new exploit code that only works against a particular version of IIS 5.0. Submit a quick Google query for a helpful list of possible targets. Do you want to harvest user logins, passwords (for example, mySQL passwords in a connect.inc file), credit card numbers, social security numbers or any other potentially damaging tidbit that Web users and administrators accidentally leak onto the Internet? Google Hacking shows you how, with highly refined searches gleaned from the community contributing to the Google Hacking database (GHDB) found on Long's Web site.

While Long's book discloses these and many other potentially malicious Google searching techniques, it does so responsibly, with the goal of prevention in mind. Only the less damaging search strings are fully revealed. Long saves the juicier (read: more dangerous) hacks for your own discovery. Long even obfuscates the sensitive results of the more damaging search strings in order to protect the innocent incompetents he refers to as "googledorks." After showing you how hackers subvert Google to their malicious intent, Long dedicates a chapter to how Web administrators can configure their Web servers securely in order to prevent sensitive data from making it into a Google Hacker's clutches.

Though I've gushed about the book so far, I will quibble with its inconsistent tone. Some of its chapters target readers having different levels of technical understanding. While the book starts out in a voice easy enough for even the most novice user to understand, some of the later chapters, on topics such as document grinding, database digging, and query automation, jump drastically and use language and techniques that only programmers or Unix power-users would understand. In addition, the humor that made Johnny's live presentation so memorable shows up in his book, but in scant supply; frankly, more jokes would be welcome.

But these negatives are mere nits. Whether you're a penetration tester wanting to exploit Google, a Web administrator wanting to protect yourself from information leaks, or even a newbie wanting to harness Google's full potential, Google Hacking for Penetration Testers makes an excellent resource. If you, too, use Google as a second brain, pick up Johnny Long's book and learn how to exploit this powerful search engine to its full capacity.

Corey Nachreiner, Network Security Analyst for WatchGuard's LiveSecurity Service, writes about network security on the free RSS news feed, WatchGuard Wire (browsable version, RSS feed.) You can purchase Google Hacking for Penetration Testers from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Aeonite (Michael Fiegel) writes "The title of Planet Simpson: How a Cartoon Masterpiece Defined a Generation says it all. In its exploration of the first 15 seasons from The Simpsons, the book does much more than relate funny moments, reprint favorite quotes and point out trivia that you might have missed in your first (or fifteenth) watching of any particular episode. To be certain, those things are there, but they're really secondary to the overall 'mission' of the book, which is to relate the rise of the cartoon to the political, social and cultural realities of the 1990s and early 2000s." Read on for the rest of Fiegel's review. Planet Simpson: How a Cartoon Masterpiece Defined a Generation author Chris Turner pages 464 publisher Da Capo Press rating 7 reviewer Michael Fiegel ISBN 0306813416 summary An exploration of The Simpsons and its impact on society (and vice versa)

Perhaps in keeping with the counter-cultural, DIY, anti-authoritarian attitude of The Simpsons itself, the book is decidedly unauthorized, the back cover stating for the record that it was "not prepared, licensed, approved or endorsed by any entity involved in creating or producing The Simpsons." In fact, although episodes are referred to by their official production codes (e.g., 9F11, or "Selma's Choice"), Matt Groening and others associated with the show are quoted only second-hand, through reprinted excerpts of old interviews.

Illustrating clearly that this is his personal take on The Simpsons, Turner opens the book with a moment in time: Thursday, January 21, 1993 at around 8:20 p.m. EST in a campus pub called Alfie's at Queen's University in Kingston, Ontario. There, in a room crowded with people in various stages of inebriation, the author watches Act 3 of Episode 9F11 ("Selma's Choice") of The Simpsons, and relates how the room explodes into laughter after a series of jokes about Duff Beer and its effects (e.g., beer goggles). I don't even remember this episode, but for the author and his friends it was a moment to be remembered. The point is that The Simpsons is full of such "moments," and these, reflective of society and recited ad infinitum by fans, help us see not only the way the series has shaped our world, but the way our world has shaped the series.

Off On a Rant

The book bills itself as "the first trade book to take a look at The Simpsons as a microcosm of the Western culture that it has both influenced and reflected." But author Chris Turner never goes so far as to establish a cause-effect relationship between The Simpsons and our world. In the author's own words: "...this is, in the end, my version of The Simpsons. The show's canvas is far too broad, and the culture it reflects far too diverse and fragmented, for me or anyone else to be able to offer a completely comprehensive or definitive analysis." Rather, he places the two side-by-side and views each through the mirror of the other, usually without taking his theses too far.

There are a few moments, though, where the narrative approaches the point of hyperbole -- for example, when Turner states that The Simpsons "...was the Beatles and the Stones. It was Elvis and Chuck Berry. It was that big, that unprecedented, and that important" or that "If there is a common cultural currency, it's got Homer Simpson's picture on it." Sometimes this hyperbole gets him into a bit of a pickle, as when he refers to episode 1F13 "Deep Space Homer" as "second to none", and on the same page places it second to 9F15 "Last Exit to Springfield." This has naught to do with inaccuracy, however, and everything to do with the fact that sometimes the author's love for the show sometimes clouds his vision in tints of rose. He is, at times, a sort of Anti-Comic Book Guy, chanting "Best. Episode. Ever." as he recalls his favorite moments. Is The Simpsons truly the glue that holds postmodern society together? Or is it just one brand on the shelf (albeit perhaps the best-selling brand)? Perhaps it depends on how big a fan you are; clearly, the author is a big fan.

In other places, Turner's points are a little harder to swallow, particularly in the chapters which focus on specific characters and what they represent. I can easily buy that Homer Simpson can be compared to the nature of mainstream America, with "its hopes and dreams and insatiable appetite," but I have a harder time grasping how Bart Simpson is evocative of the style and ethos of the punk rock movement's mainstreaming. Sometimes a brat is just a brat. And does Lisa Simpson truly represent the re-emergence of progressive activism in the West, or is she just a younger sister who's smarter and nicer than her brother? Later, the author (correctly) attributes the use of the phrase "I, for one, welcome our new [fill-in-the-blank] overlords" to The Simpsons, but also claims that the use of *tumbleweed blows by* on sites like Metafilter and Slashdot can be traced to The Simpsons. This latter I have a little trouble buying at face value, and I think it's overreaching a tad.

The author also has a habit of unapologetically spiralling off into a tangential rant, a la Dennis Miller. The entire book is written in this style, with point A being related to point B suddenly being compared to point Z, and the author is quite aware of it: one of the subheads in Chapter 2 is titled "A Short, Frank Discussion (Actually More Like a Longish Rambling Examination) of Homer's Extraordinary Id." In most places, this style works for the book; in others, it nearly breaks the narrative as we sputter over a side point for a few pages.

For example, in Chapter 2, "Homer's Odyssey," there's a two-page aside where the author talks about Aunty Goethe's Peachy-Mango Love Pain juice, Space Jam, Edward Munch, PBS Documentaries and several other seemingly unrelated matters. Ultimately his point about American society is clear, but it gets a little thick toward the middle, and hard to see the forest for the trees. At another point in the same chapter, a discussion of Springfield's hysterical masses turns into five-and-a-half pages devoted to the Y2K bug, getting back to The Simpsons just in time for the chapter to end. Relevant? Perhaps, but I found myself at one point wanting more Simpsons and less substance.

Similar tangents appear throughout the book, each encompassing between several paragraphs and several pages, and covering topics such as: Kurt Cobain, Quentin Tarantino, Nike, The Onion, Radiohead, William Gibson, Bowling For Columbine, John Lennon, the WELL, Tuvalu, Cyberjaya, a website named "oo," a Portuguese bus ride, Lemonwheel, The Truman Show, and Wilco's song "Misunderstood." And perhaps, viewed all together like that, those references do make a certain sort of sense as a representation of the past 15 years, but individually they occasionally seem jarring.

Mmmmm, Pizza

The book reads, at times, like a collection of essays rather than a continuous narrative. Turner at one point discusses the show's distinctive animation style, which mixes cartoonishness and realism, as follows: "(Homer) falls like a cartoon, but he lands like a real person." This book feels like that, opening in a much more fannish, cartoonish fashion and ending in a way that's a bit more thick and scholarly. The unevenness isn't ruinous, though. Consider a pizza with a few lumps and bubbles in the dough, and maybe all the pepperoni is off to one side and there's way too many mushrooms in the middle. It's still a tasty pizza, and everyone can probably find a slice they'll enjoy.

Chapter 1, "The Life & Times of The Simpsons, serves as an introduction to both the book and the series. It first retells the series' creation myth -- that it was dreamed up in 1987 by then 33-year old Groening in about 15 minutes, so he wouldn't lose the rights to Life is Hell -- before moving on to other key points, such as its April 19, 1987 debut as a sort of Anti-Cosby Show, and its first full episode on Sunday, Dec. 17, 1989 (The Christmas Special). It discusses how the show built up its creative team of writers and voice actors, the rise (and fall) of Bart-Mania in 1989-1990, and its ascent to its "Golden Age" in the mid 1990s before reaching the current "Long Plateau."

The author attributes this rise (and ensuing gentle decline) to the show's shift from typical cartoonishness into a tendency to "riff" on real-world events, reflecting society and culture in a way that audiences could relate to. "Entertain and subvert," said Groening on several occasions about the show's mission, unabashedly showing us cartoon versions of our real world's "corrupt authorities, clueless leaders and rapacious businessmen" that we could not only laugh at, but understand. "It's funny because it's true," goes the saying.

The next five chapters are, at least in name, focused on specific characters. Chapter 2, "Homer's Odyssey," and Chapter 3, "Bart Simpson, Punk Icon," are the most focused on their particular topics, with the others tending to sprawl a bit more, bringing in related minor characters and more tangents.

For example, Chapter 4, "Citizen Burns," touches not only on how Monty Burns represents corporate America (reflected through a parody of Citizen Kane), but also mentions Pimple-faced Kid, Sarcastic Middle-Aged Man, Lindsay Naegle, Jack Larson, Mayor Quimby and Chief Wiggum. Chapter 5, "Lisa Lionheart," discusses not only Lisa's many faces -- Genius, Little Kid, Activist -- but goes off on several tangents about Activism in general, Culture Jamming and Politics. Chapter 6, "Marge Knows Best," is perhaps the greatest misnomer in the book. While it does present Marge as the moral center of a show that repeatedly and blatantly denies the presence of a moral center, large sections cover the Flanders family (with special attention to Ned's "unbearable piousness"), battles with the Catholic Church and suicide-prevention groups, Abe Simpson and Homer's mom. The material is all related, but I felt Marge got a little shorted. And no mention of Maggie anywhere!

The last five chapters take a different spin, focusing not on specific characters and their relation to society, but on societal events and their relation to The Simpsons.

Chapter 7, "The Simpsons in Cyberspace," documents appearances of the Internet on The Simpsons (and vice versa) as the Internet rose from nothingness to ubiquity. It discusses "Freeze Frame Fun" (the quick jokes you can only catch if you tape and play back the show in slow-motion), alt.tv.simpsons and The Simpsons Archive (www.snpp.com), which the author cites as one of his major resources used in the writing of the book. This latter discussion includes mention of how an online critic of the show ultimately led to Comic Book Guy's infamous line in episode 4F12 "The Itchy and Scratchy and Poochie Show": "Worst. Episode. Ever." Life imitating art imitating life, as it were. Though this is interesting reading, it's also one of the more unfocused chapters, starting off talking about The Internet on The Simpsons and closing with a discussion about societal change and global warming. Slashdot readers will also be amused to see an incorrect citation of Moore's Law on page 304. But I digress.

Chapter 8, "The Ugly Springfieldianite," documents how The Simpson family's travels across America and around the world reflect U.S. actions in world affairs, the global reach of The Simpsons, and the way in which stereotypes are presented in the cartoon. Material such as trips to Australia, Canada and Africa are documented and analyzed, and "ethnic" characters such as Bumblebee Man, Apu and Groundskeeper Willie (including his infamous "Bonjourrrr, you cheese-eating surrender monkeys!") are covered in detail.

Chapter 9, "The Simpsons Go Hollywood," covers the various appearances of celebrities on the show and how for the most part such appearances satirize the very stars themselves. It documents in-person appearances by Tony Blair and Tony Bennett, as well as celebrity voice acting by Kathleen Turner as Stacy Lovell (creator of Malibu Stacy) Elizabeth Taylor as Maggie's first word ("Daddy"), and Johnny Cash as a Space Coyote spirit. It also covers, in some detail, repeat appearances by stars such as Jon Lovitz, Albert Brooks, and the late Phil Hartmann (Troy McClure and Lionel Hutz), as well as the notion of celebrity within The Simpsons itself (Krusty, McBain, etc.). As a whole, this is probably the most solid and focused chapter in the book.

On the other hand, Chapter 10, "The Simpsons Through the Looking Glass," is probably one of the weakest. Still interesting reading, it's a bit unfocused, as if that looking glass were a little bit clouded. It discusses the notion of the mediascape as a vast wasteland, irony, parody, self-reference, satire, hysteria and media saturation, with special attention on the shows inside the show (Krusty, Itchy and Scratchy, etc.) and anchorman Kent Brockman. Perhaps it's a bit too broad of a topic to try and cram into one chapter, especially since many of the same points are made in other sections of the book.

Planet Simpson

The book ends with Chapter 11, "Planet Simpson," in which the author attempts to bring together the disparate ideas presented throughout the book. He discusses the notion of "what is" vs. "what should be," the amusing case of Fox nearly suing itself over Episode ABF09, "Mr. Spritz Goes to Washington" (in which The Simpsons ran a fake news crawl on the bottom, satirizing Fox News), and brings his thesis to a head with this statement:

"Planet Simpson is a state of mind, a loose realm of shared consciousness. It is a place populated by folks who watch The Simpsons every week or even twice a day, who maintain Simpsons fan sites, who never lose at The Simpsons trivia board game, who used to watch it every chance they got, even if these days they don't watch it as much as they used to."

As a member of a generation raised on Saturday Morning cartoons, a person who grew up watching The Simpsons and who now regularly visits websites like Fark, Metafilter and Slashdot where Simpsons references run thick, I can't disagree with the author's notion of a globally-shared Simpsonian philosophy. It's clear that the show has affected our culture (or, at the very least, our Internet subculture), and that American culture has had an impact on the show in return.

Turner's book does a good job of looking at both sides of that coin and presenting his points in a way that is generally interesting and fun to read. Though there are times in the book where I found myself scratching my head, or wondering how he could have missed a favorite quote (Where, oh where, are the dogs who shoot bees from their mouths?), overall this is a solid piece of writing. Anyone who's enjoyed the show will find this enthralling reading, whether you're looking for a bit of Simpsons history, a deeper analysis of the show's impact in the present, or an idea of where the show might go in the future. The book is at times weaker, at others strong; at times unclear, at others startlingly focused; at times funny, and at other times quite serious. But then, that describes The Simpsons as well.

You can purchase Planet Simpson: How a Cartoon Masterpiece Defined a Generation from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

Simon P. Chappell writes with a review of the Addison Wesley-published Hibernate - A J2EE Developers Guide. "To quote the project website: 'Hibernate is a powerful, ultra-high performance object/relational persistence and query service for Java.' To quote the back cover of the book: 'Now there's a practical, hands-on guide to using Hibernate's flexible, fast object/relational persistence and query services.' Phew! What a lot of spin packed into two sentences. Let's take a look and see if it delivers." Read on for the rest of Chappell's review. Hibernate - A J2EE Developers Guide author Will Iverson pages 351 (13 page index) publisher Addison Wesley rating 7 reviewer Simon P. Chappell ISBN 0321268199 summary Overall a solid work

What's To Like

The first thing that I liked is the way the book is written. Mr. Iverson has a very pleasant writing style that I found engaging. Not too formal and not too light. Naturally, there is a certain amount of Hibernate evangelism, but hey, if the author doesn't like the tool, then how am I supposed to feel good about it either? The evangelism does not feel like it strays from the bounds of truth, and there is much honesty in his first and last chapters where he discusses reasons for using a tool like Hibernate, and how Hibernate has influenced the design of the soon-coming version 3 of the EJB standard from Sun.

Chapters two, three and four cover the basics of using Hibernate. Each covers a different aspect, and each is independent of the other. Chapter two covers the use of the Hibernate mapping file as the reference that everything else is built from. This is the recommended mode of operation, where the database schema and data access objects are built for you. Chapters three and four are for those of us in the corporate world where the code or the database schema comes first and we have to adapt to and accommodate it.

Chapters seven and nine give the database theory-challenged amongst us a useful refresher in database relationships and transactions. The information, while provided in the context of Hibernate, serves as a useful refresher for the rest of us.

Hibernate has three query mechanisms. Given its relational database capabilities, one of the options is the use of plain old SQL, naturally. The two remaining options are the Hibernate Query Language (HQL) and the Criteria API. The HQL gets a fairly decent amount of coverage and left me to infer that it is the preferred means of expressing queries. The Criteria API gets only four and a half pages of explanation, which is still more than the single page dedicated to SQL.

The next to last chapter is a collection of real-world advice and tips for getting the best from Hibernate. This is a very useful chapter and looks like it contains good advice. The only thing I would suggest is that it's a little slim for a chapter of its own. Either the information could have been tucked in an appendix, or it could have been spread through the book in the form of embedded tips.

Naturally, the book has a website to accompany it.

What's To Consider

The book carries a copyright date of 2005 and a first printing date of November 2004. That being said, it should come as no surprise that the version of Hibernate covered is 2.1.2, but at the writing of this review (early April 2005) Hibernate 3 went final. I feel that the majority of the concepts and basic operations will be unchanged, but take this into account when deciding upon a purchase. While it is difficult to write books against the constantly moving target of an open-source or free software project, it is possible. I was involved in the technical review of a number of Struts books and they were challenged with the task of being available as version 1.1 was released. A massive undertaking, but one that they proved doable.

The typesetting seems crowded in this book. I'm not a white-space extremist, but I sure recognise when there's too little. The listings are often multi-page and have a slightly squashed feel to them.

Depending upon your point of view, chapter five is either a very useful annotated explanation of all of the available mappings within Hibernate, or it's a bad case of using available online documentation as filler (53 pages). Personally, I dislike this, but if you're in the market for an "all-in-one" style of book, this might work for you.

Summary

This is a solid work that will take you from novice to a good working knowledge of Hibernate. If you can live with the fact that the book targets Hibernate 2.1.2 while the current production version available from the website is 3.0, then give this book a try.

You can purchase Hibernate - A J2EE Developers Guide from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

nazarijo (Jose Nazario) writes "As a biochemist by training, Jeff Augen's Bioinformatics in the Post-Genomic Era was very interesting to me. Though I left the field some years ago, I was using the bioinformatics tools that are covered in the book daily and still look in from time to time. Naturally I was curious to see a larger perspective, as well as any progressions, that have occurred in the past few years. Augen's book gave me part of the larger picture, but it could have done more." Read on for the rest of Nazario's review. Bioinformatics in the Post-Genomic Era author Jeff Augen pages 388 publisher Addison-Wesley Longman rating 7 reviewer Jose Nazario ISBN 0321173864 summary Genome, Transcriptome, Proteome, and Information-Based Medicine

Bioinformatics is the science of biological information, namely sequences and metadata about organisms and sequences. What's interesting about this field to many people, both in the sciences and outside of it, is the large volume of data that gets analyzed and the results that emerge on a daily basis. Obviously interesting for the medical advances and the rapidly growing business in the life sciences, there's a complex field that has developed in the past ten years or so. And following the sequencing of the human genome, new challenges have arisen for everyone involved. Augen's Bioinformatics provides a good introduction to this new field of research for students in the sciences, and anyone with a decent undergraduate education in modern biology. I think that this accessibility of the material is one of the book's biggest winning points.

After an introduction to the book and the subject area of bioinformatics (chapters 1 and 2), Augen begins at the level of the structure of a gene (chapter 3). Here, anyone with an undergraduate level understanding of genetics or molecular biology can begin using the book and bridging the gap to the new areas of modern bioinformatics. Augen then describes how basic sequence analysis is performed at the DNA sequence level (in chapter 4). The material in Bioinformatics covers some of the higher-level methods for sequence analysis, including hidden Markov models, neural networks, and pattern discovery, and introduces some of the common algorithms found to do this analysis.

Chapter 5 then covers transcription, the process of going from DNA to mRNA. Beginning with the biology behind this activity (the ribosome and the larger "transcriptome"), Bioinformatics then describes how you would perform transcriptional analysis. Here, Augen shows how you go from a wet lab to a computational lab and describes what classes of experiments you perform to gather data and then what kinds of analysis you perform on it. This chapter introduces some of the more common clustering techniques for data aggregation and understanding.

The next step in the DNA -> RNA -> protein chain is found in chapter 6, which covers the translation process. Coupled to chapter 7, which describes protein structure prediction and searching, these two chapters bridge the next gap between laboratory data and computational analysis. Protein folding and structure analysis was one of my pet areas of study as a graduate student, and Augen's text does a decent summarization of the field to date. The resources listed and techniques described are definitely on par with the common practices in the field.

Finally, Bioinformatics gets into the next major area of bioinformatics, medical databases. Augen's bridge from genetics to medical science is complete, and he discusses how medical professionals utilize databases and can begin to predict disease, for example, based on data mining. The final chapter, "New Themes in Bioinformatics," covers exactly that, but also what Augen refers to as "workflow computing," or basically going about being a bioinformatics scientist. One of my favorite emerging areas in bioinformatics, metabolic pathway elucidation, is also covered briefly.

I've shared this book with a few friends who are all studying computer science or practicing computer scientists. I did so because Augen's material does a good job of explaining my background and introducing them to some of the analysis forms I introduce into my own work. It does a good job of that, and gets them quite excited. Bioinformatics really bridges a number of fascinating areas of computer sciences, including data mining and high performance algorithms. Augen's Bioinformatics is a good introduction to the field for them, and really anyone who has studied a couple of biology courses in college.

Where the book falls short, however, can be grouped into two main areas. The first is the failure of Augen's presentation of the algorithms. While the methods used to describe computational algorithms in Bioinformatics is common for non-computer scientists, it's completely unusable for computer scientists who are used to a specific algorithm presentation style that looks more like pseudocode than rambling text. The ambiguities this presents for a technical reader are unfortunate, especially if anyone studying bioinformatics is supposed to be computer science literate. The book itself assumes a life science literacy, so this isn't an unreasonable expectation of the reader.

The second area that consistently falls short in the book is in the utility of the information given. While I am significantly happier with the quality and depth of material presented in Augen's book than in the O'Reilly bioinformatics series, where the book fails to deliver is in showing the reader how to actually use the data they gather. After all, the book shows various sequence analysis algorithms and discusses tools available to do this work, but it only devotes a few pages (out of over 370 in total) to a workflow that can be used. Also, the book fails to point the reader at very worthwhile web resources sometimes, including meta sites like the SDSC Biology Workbench site, and just says "some Perl scripts" for local data analysis. As such, you'll have to go a few extra miles on your own to make use of the data sources.

I guess a third complaint of the book for me is that Augen has ignored or omitted significant bodies of research that fit squarely into the scope of the book. For example, Ken Dill's research into protein folding models, as well as Martin Karplus' work on the subject, receives no mention, nor does the topic of Bayesian network analysis when Augen discusses time series data analysis. These aren't new, they've been around for many years and influenced most of the field, and their absence is noted. The book's spotty coverage in some places, like these, is noticeable.

Bioinformatics does a few things well, but overall reads too much like a biology textbook to be useful to the average computer scientist. More emphasis on the practice of bioinformatics and data analysis would have made this book stronger and complemented the substantive background material well. Finally, using an approach more similar to the computer science approach would have been a tremendous benefit, since the material really is computer science in part. That said, I think this is probably the best introduction to this exciting area of science that I have yet seen.

You can purchase Bioinformatics in the Post-Genomic Era from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael Gracie writes "Spamroll is a recently launched blog and information resource on spam, phishing, and other internet security issues, the purpose of which is to bridge the gap between information and discussion among technical professionals, and that targeted for end users. As part of the research for Spamroll, I picked up Spam Kings - The Real Story Behind the High-Rolling Hucksters Pushing Porn, Pills, and @*#?% Enlargements, written by Brian McWilliams and recently released by O'Reilly. , With Spam Kings, Mr. McWilliams has put together a book suitable for shelving next to The DaVinci Code and the Bat Book (Sendmail 2nd edition, by Brian Costales and Eric Allman). It is a compellingly detailed account of the burgeoning of spam, spammers, their foes, and the intricate community that intertwines them." Read on for Gracie's review. Spam Kings - The Real Story Behind the High-Rolling Hucksters Pushing Porn, Pills, and @*#?% Enlargements author Brian McWilliams pages 333 publisher O'Reilly rating 9 reviewer Michael Gracie ISBN 0596007329 summary Excellent spam history and reference.

Spam Kings is a pseudo-chronology of the exploits of the biggest spammers of the late nineties and new millennium, following their trail right down to the lunch menu, with the underworld's anti-spam fighters of the day taking the order. The book details the comings and goings of the likes of Sanford Wallace, an early spam king who claimed constitutional authority to send UCE, up to the present-day powerhouses such as Ron Scelson and Scott Richter, whose wealth and influence keeps the heat off of them. [Though Richter's finally gotten some heat where it counts -Ed.] In between, it runs across characters such as Jason Vale, Thomas Cowles, and Rodona Garst, who have all seen some serious time in court and/or jail for their actions, and some, like Brad Bournival, who tangled with the monster called AOL and is still awaiting his fate, and Karen Hoffman, a one time spam hunter who has turned to "the dark side."

But the real (and underlying) story is about two individuals, Susan Gunn, of NANAE fame, and David Hawke, a former neo-Nazi and notorious spammer who continues to elude the massive AOL lawsuit judgments against him.

The antagonists' and protagonists' paths cross often, but they never seem to directly butt heads. What makes the saga so interesting is that their actions affect each other's lives in profound ways, exemplifying the intensely close-knit nature of the spammer and anti-spam communities that surround them, and sometimes, their disloyalties. Furthermore, the lines between spammer and "anti" sometimes blur beyond natural reason, reflecting the deep knowledge of systems and processes each side attains during their trials and tribulations, and the monetary value of that knowledge in the open (if sometimes seedy) market.

What I found most appealing during the read was the relevancy of events that take place throughout, and the meticulous references to the news of the day. I found myself wondering where I was, how much spam I was getting, and whether I could remember receiving any scurrilous product pitches from the characters within. I am now checking old email archives, just for posterity.

The book ends with an epilogue that outlines what is happening in the spam world, right this very moment. CAN-SPAM doesn't seem to be working, other countries have instituted new laws that are, and people of all shapes and sizes may be complicit in the ongoing problem. The epilogue winds up with a "where are they now" for most of the major characters. Many are retired and/or have moved on to new (but not necessarily unrelated) professions, some are still drowning in legal judgments, while some are...educating your children! But you can be sure others have stepped in to take their places; just check your junk mail folder.

The book also contains an excellent glossary of technical and business terms used throughout. If you are a sys admin who saw the term chickenboner or mainsleaze on a help forum, and are embarrassed to ask what that means, then your bases are covered in this book. If you are a regular everyday email user, and are curious what these "blacklists" and "whitelists" are and what they mean to you, the glossary will again prove very useful during and after your read. The work also contains a deep notes section, which I found extremely helpful -- McWilliams conducted in-depth interviews with many of the characters (and they are characters). And let's not forget the center illustration section, complete with numerous photos of the biggest spammers of all time, at work and at play, as well as some gratuitous mug shots (which I am sure is all you really want to see if you despise spam as much as I do).

I knocked this puppy off in two quiet evenings. While the type is appropriately sized and spaced, and the material not overly technical, what drove me was the fact that the work was a bit of a "page turner" -- I had a hard time putting in down.

In my opinion, Spam Kings is a publication for both the technology/history buff, as well as the everyday email user still wondering where the heck all those Viagra ads in their inboxes really comes from.

Spamroll is the latest creation of Michael Gracie, who thinks spam and phishing represent some of the greatest threats to ecommerce and online world in general. You can purchase Spam Kings - The Real Story Behind the High-Rolling Hucksters Pushing Porn, Pills, and @*#?% Enlargements from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

honestpuck (Tony Williams) writes "If there is an application I run more often than my Web browser, particularly since I also use it as my email client, then I don't know what it might be. As a Firefox convert, that made the arrival of Firefox Hacks from O'Reilly a wonderful surprise." Read on for the rest of Williams' review. Firefox Hacks author Nigel McFarlane pages 368 publisher O'Reilly rating 7 reviewer Tony Williams ISBN 0596009283 summary A good, fairly technical examination of Firefox

The first of several books on the topic of Firefox hacking (two more are due from other publishers in the coming months) Firefox Hacks sets the bar quite high. The author, Nigel McFarlane, has already written a number of other books and articles on similar topics and knows his subject well. He has also enlisted the help of a number of other cognoscenti to cover the more distant corners covered in the book.

A Web browser is a much more complex piece of software than you may realize on first examination, and Firefox -- with the core Gecko engine surrounded by a large wrapper written in XUL and JavaScript -- provides a fertile ground for any number of changes and enhancements. Firefox Hacks does a good job of mapping out the boundaries of this space.

Over the course of the now-traditional 100 hacks found in the same series' other members, this book covers hacking with, on, and to almost all aspects of Firefox and the 'net. The book is broken up into nine chapters, most worth reading by almost everyone -- even the first, "Firefox Basics," taught me a couple of tricks for getting the best out of a slow (and expensive) GPRS connection. The others are "Security," "Installation," "Web Surfing Enhancements," "Power Tools for Web Developers," "Power XML for Web Pages," "Hack the Chrome Ugly," "Hack the Chrome Cleanly," and "Work More Closely With Firefox." I have to say I felt the chapter on Power XML (with 17 of the 100 hacks) was far too general on Web technologies and a little out of place; easily half the hacks in that chapter could have been dropped without any real loss to a reader's understanding of Firefox. I would have preferred more on the browser itself. No insult intended to Seth Dillingham, who wrote four of the hacks I'd throw out -- they are well written and do show how best to deal with Web technologies inside Firefox. I just felt that the space would have been better devoted to more "core" topics.

The first four chapters will be useful to everyone, covering mainly the use of Firefox. From that point, the hacks become increasingly complex as they cover Web development, then modifying the interface, before covering such arcana as creating extensions and custom builds.

I am hard pressed to think of a corner of Firefox not at least touched, though it must be said that the later hacks only touch on the topics covered without really providing a lot of depth. If you get to the last two chapters in the book, performing and expanding on the hacks, you will probably need a great deal more information and assistance to branch out on your own. McFarlane, however, points out the possibilities and gets you started. I didn't feel this was a flaw, just that a line had been drawn, as it must unless the book was going to be three times the size and price.

The book is fairly well written. The quality of writing and editing fall into that middle ground of "fairly good" that one expects from the average O'Reilly book, though not the "excellent" they can sometimes hit. The structure and flow are excellent, making the book readable in large chunks -- enough sticks that when you are back in front of the computer using Firefox you can remember a few things. (Or, sometimes, I remembered that a hint existed and was able to easily find and use the information.)

For a closer look there is a decent page at O'Reilly with links to six example hacks, the table of contents (listing all 100 hacks) and the index.

To conclude, I'm not sure I could recommend this book to everyone; it spends a little too much time a fair way along the technology curve for those who aren't ready for some programming, though for anyone who wants to get their hands dirty and perform some hardcore hacking on their favourite browser, then this is an above-average volume. For someone who is happy as "just a user," this book may be too much: wait and see what else emerges into the Firefox book market -- including O'Reilly's other offering, the soon-to-be-released Don't Click on the Blue E, which they describe as giving "non-technical users a convenient roadmap for switching to a better web browser--Firefox."

Also watch soon for a review of Prentice Hall's Firefox & Thunderbird Garage. You can purchase Firefox Hacks from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Aeonite (Michael Fiegel) writes "The back cover of Game Creation and Careers says "Reading this book is like being at a round-table discussion with more than 150 of the video game industry's most successful designers, developers and publishers." In fact, it's exactly like that, for better and for worse. Mostly worse." Read on for the rest of Fiegel's lengthy review. Game Creation and Careers: Insider Secrets from Industry Experts author Marc Saltzman pages 744 publisher New Riders rating 4 reviewer Michael Fiegel ISBN 0735713677 summary A poorly organized series of interviews with industry-leading game designers.

Structurally, the main section of the book is broken up into four parts. Part 1 is devoted to Pre-Production, and includes chapters on Game Genres and Player Perspective, General Game Design, and the like. Part 2 is devoted to Production, with chapters on Programming Theory, AI, Game Art and Animation, User-Interface and Game Control, Sound Engineering and Music and Gaming. Part 3 takes a look at Post-Production, with information about Proper Game Testing, Tech Support and Public Relations/Marketing. Part 4, titled "How to Make it Happen," discusses DIY Shareware solutions, Breaking into the Industry, Agents and Headhunters, Design Schools, Internet resources, Conventions and Awards.

The book closes with an Appendix that includes biographies of more than 80 of the interviewees featured in the book. These are interesting but somewhat uneven: some of the artist bios are single paragraphs, while others (such as Don Bluth's) run to two pages long; some of the bios are little more than bulleted lists of games worked on, while others talk about future plans; and of course, one wonders why, if the book features more than 150 interviewees, why did nearly half of them not bother with a bio?

Words of the Prophets

The bulk of the book is devoted to material gleaned from interviews with game industry professionals. None of these is presented as its original whole; rather, bits from each are cut and pasted around, so American McGee's comments about Action Game Design, Game Industry Jobs and Storyboards are all located within the (usually) relevant chapters, rather than being presented as a whole, continuous interview.

I say "usually," because there are some rather questionable decisions made about where to place chunks of information. For example, much of the information in Chapters 15 and 16, which cover Sound Engineering and Music and Games respectively, is instead about breaking into the industry, which belongs in Chapter 21. Chapter 6 (which discusses, in part, Creating Characters) has a Note that says "See Chapter 13, 'Game Art and Animation,' for a discussion from legendary Hollywood animator Don Bluth on how to create a successful game character..." One wonders why, if it's relevant to this chapter, why it's not right here. Earlier, Chapter 5 contains a chunk of text about User Interface Design, even though Chapter 14 is supposed to be about UI Design (and in fact, this text refers to the later chapter before giving the advice). And in Chapter 5, there's a section in Gordon Walton's interview about breaking into the industry, which closes by saying "For more on breaking into the industry, sink your teeth into the meaty Chapter 21!"

Whether these were in-person or e-mail interviews is never clear, but they're all a little uneven, with some relating personal stories and others reciting information verbatim from company websites. Taken individually, many of these interviews are filled with interesting tidbits, insightful commentary and quirky bits of trivia which are worth reading. However, a good deal of the advice is not at all helpful or insightful, except perhaps superficially. For example, here are Yu Suzuki's thoughts on what separates a great game from a good game:

1. Passion.
2. Never give up.
3. Create a game carefully, thinking about the people who will play it.

Certainly good advice for creating a game. Or, with some word substitution, for writing a book, or flying a plane, or developing a cure for cancer, or becoming a Jedi Master. I think Yoda said it better: "Do, or do not. There is no try."

Much of the "advice" throughout the book is like this -- vague and meandering, and only peripherally relevant to game design. It's tempting to read the words of the designers within as if they were carved in some holy rock on the summit of Mount Radeon, but the fact is that when you look past the aura you get the impression that a lot of what they have to say is nothing but common sense. And with the way the book presents their interview excerpts their advice often comes across as, well, less than inspirational:

• Todd Howard on UI design: "Interface is everything. It's the player's way of using the game."
• Richard "Lord British" Garriott on MMORPGs: "Hire experienced personnel."
• Kevin Cloud on becoming a game artist: "You can't learn to be a computer artist unless you spend time on a computer."
• Thomas Warfield on shareware game design: "Make a good game that's fun to play."

I don't know too many people who would intentionally design a bad game that's awful to play by designing a crappy interface with inexperienced personnel without using any computers. But maybe it's just me.

Too Many Cooks

By far the most frustrating aspect of the book is the one I alluded to in my opening paragraph. Namely, that "too many cooks spoil the broth," as goes the old saying. In each chapter, advice from up to two dozen designers is presented, and in many cases one piece of advice contradicts another. In fact, in the few cases where such advice is in agreement, the author feels inclined to point it out, as on page 43, where he tells us, of Scott Miller, "Notice how closely his comments resemble George Broussard's advice? Now that's focus!" In fact, Saltzman addresses the issue himself in the opening to Chapter 14 by saying "...it's likely that you'll find some conflicting advice in areas of this book on art techniques, level design suggestions, or the best way to animate a character..." That's putting it mildly.

"Asked about the importance of design documents," says the author, "(David) Perry directly contradicts Lorne Lanning and others." He does not, however, tell us who to listen to. Nor does he tell us what to think when Ragnar Tornquist contradicts himself with "I said earlier to avoid clichés and stereotypes, but sometimes clichés and stereotypes are great ways to establish a character immediately." Later, John Slagel, asked about job-seeking, says "Don't go through a recruiter," and the author is quick to remind us that "the folks in Chapter 22, 'Game Agents and Headhunters,' may disagree!" On page 386, Greg Thomas tells us that, when it comes to game art, "It's better to make the model simpler at first and continue to add details until the limits are reached," but on page 387 Todd Howard says "Aim high... it's easier to scale down than up later on."

So do you listen to the game designer on page X who says one thing, or do you listen to the contradictory advice on page X+1? Higher or lower? Recruiter or on your own? Design document or not? Red pill or blue pill? Left or right? Up or down? The book leaves all that for the reader to decide, which raises the question: what's the point? It's difficult to understand the true intent of a book which presents such a diverse range of opinions on the topic of game design, except perhaps as an amusing diversion from actually designing games. In order to use this book as a guide to game design, one must inevitably choose which advice to follow. And as presented, that's an impossibility.

This all comes to a head in Chapter 21, "Breaking Into the Industry." "Find a job, any job," says one designer, while another says you should get a Master's degree first. Scott Miller says "with all the ideas that have been sent to me (hundreds), I've yet to see one that's worthy of turning into a game," and Sid Meier says putting together a playable demo and shopping it around is the way to go, and then Minh Le says that building a mod for an existing game is the best route to success. What all this boils down to is this: these people are not telling you what will work for you. Rather, they are telling you what worked for them. Everyone's story is different. Every path to success is different. Even the recruiters themselves disagree in Chapter 22. Melanie Cambron says "...at the early stages of one's career, using recruiting services is not the best approach," but two pages later Jeff Brunner's interview "...explains why a budding artist, programmer or game designer should consider using the services of a recruiting agency." Admittedly, this latter comment comes in the author's own words, which leads me to my next subject.

Wowza

In a book which basically amounts to a series of interviews, the author's voice repeatedly pops up with interjections-cum-interruptions that are annoying, repetitive, and just plain unnecessary. Sometimes it's a throwaway phrase, at other times just a word, but it's always a speed bump in the experience. For example, in his introduction to the book (titled, in unnecessarily casual fashion, "So, You Wanna Make Games For A Living, Huh?"), Saltzman says "... it's no wonder why the video game industry has broken the $10 billion dollar-a-year mark in the U.S. alone, which is significantly more than the revenues generated from movie box office receipts. Wowza." Wowza?

Later, Saltzman tells us to turn to Chapter 21 to read about "...breaking into 'da biz.' Whew!" On numerous occasions, he invites the reader to "pull up a chair," just in case you were reading the book while skipping rope. In Chapter 14 the reader is invited (or perhaps commanded?) to "Enjoy the following paragraphs." And page 247 cheerfully chirps "Pencils in hand?" before listing five points about Level Design. Why would we need to take notes with a pencil when the book has the notes already printed? These are obviously attempts to insert some lighthearted banter into the book, and in some places they do help to provide transitions between thoughts, but in my opinion they're nothing but an indication that the author has misjudged his audience. If they're meant to be ignored, then they shouldn't be there, and if they're truly meant to be read, then, well ... they still shouldn't be there. These little interjections come across as little more than the author jumping up and down at our round-table discussion, shouting "Don't forget me! I'm over here" or else "Don't forget about this other stuff! It's over there."

It is this latter tendency is the largest issue I have with the author's comments, in that most of them are redundant and unnecessary attempts to explain the obvious or refer to other sections of the book. From the introduction to Chapter 2, "General Game Design: Action/Arcade Games," comes this helpful tidbit:

"This chapter features designers from the action/arcade category. Chapter 3, 'General Game Design: Strategy Games,' delves into the strategy game genre. Here we go!"

Each section and interview constantly reminds us of other chapters and sections that we might want to read, like one of those old Choose Your Own Adventure Books. At the end of a section on game design in Chapter 2, we are reminded to go to Chapter 6 to read more about characters. In Chapter 6, we are encouraged to read not only about breaking into the industry in Chapter 21, but also about game design in Chapter 2. Page 187 of Chapter 6 invites the reader to "(f)ling yourself back to Chapter 2." What, right now?

This reaches its climax in Chapter 5 with "For more from the vocal Chris Taylor, jump to Chapters 6, 17 and 21. Whew!" Whew, indeed; which do we choose? Back and forth, back and forth, every page referring to another two pages. Perhaps this is meant to replicate a hyperlinked web page, or to encourage reading the book out of sequence, but in the end it merely comes across as schizophrenic and eminently unhelpful, as in this gem from Chapter 3: "In Chapter 21, 'Breaking Into the Industry,' Bill Roper offers some advice on breaking into the industry." Or how about the first sentence in Chapter 10: "Chapter 8, "Level Design," dealt with level design ..."

You think?

Also sprinkled haphazardly throughout the book are "Notes," which in theory are supposed to explain something but generally tell us nothing relevant. In many cases, the Note does little more than refer us to another chapter, as with the cross references above. An interview with Richard "Levelord" Gray in Chapter 8 mentions John Romero's interview in Chapter 20 for no apparent reason. An interview with Joel Jewett in Chapter 21, "Breaking Into the Industry", closes with a Note that Noah Falstein has more to say about breaking into the industry in Chapter 6; if it's relevant to the current chapter, why is it not in the current chapter? Most egregious, perhaps, is the Note which leads off Chapter 16, "Music and Games", informing us that we should turn back to Chapter 15 to read about Sound Engineering. But we were just there! In fact, later in Chapter 16 an interview excerpt with George "The Fat Man" Sanger leads off with the words "In Chapter 15," and ends with the words "See Chapter 15!"

OK, we get the point -- you like Chapter 15!

The Bad and The Ugly

Graphically, the book is quite unimpressive. The book's black-and-white printing turns the majority of the photographs into ugly blotches that do little to illustrate anything. For example, page 74 features a drab grayscale illustration from Age of Mythology, amusingly captioned with "Talk about gorgeous graphics!" Elsewhere, screencaps from The Sims contain illegible dialogue, images from Red Faction are indecipherable, and a bewildering photo of a parking lot on page 592 adds a certain je ne sais quoi. None of it is pretty.

There are also a few photos of the designers themselves, which range from the typical ("here's me in front of a computer") to the arrogant ("here's me holding a gun next to two hot chicks") to the silly ("here's me in a bunny suit"). Most of these have nothing to do with the text, the book, or anything at all that I can think of. A picture of George "The Fat Man" Sanger is accompanied by a caption informing us that the snakes on his suit were all hand-embroidered. Objection, your honor -- how is this relevant?

Relevance is also a big problem with the artwork; as in, there mostly isn't any to speak of. In but a few cases is the art both appropriate to the text as well as interesting and/or useful (as with the sketches from Twisted Metal: Black on page 35). Some of the artwork is obvious promotional art, as when a pre-rendered still from Diablo II is passed off as a shot from the game, and some of it is merely irrelevant to the text it accompanies, as when two stills of Oddworld's Abe accompany text that talks about how unique his friend Munch is. Later, two random shots from Unreal are dropped in with a caption discussing puzzle design in the middle of a chapter on level design. Then a discussion about User Interface design is accompanied by two shots from The Sims, bereft of any sign of its pie menu interface, the only thing that would have made the images relevant. In Chapter 21, "Breaking Into the Industry," what will you find stuck in between interviews with Donny Thorley of Day 1 Studios and Dave Davis of Electronic Arts? Inexplicably, four screenshots from Rockstar's Grand Theft Auto, Vice City, and a caption that talks about Chapter 19, "Public Relations and Marketing."

The book could also use some updating and at least one more round of editing; though few and far between, there are some embarrassing mistakes to be found. Page 25 mentions "Warcraft: Diablo," and page 242 reverses the name of a popular mod by referring to "Condition Zero: Counter Strike." Other errors are more egregious: page 138 talks about Dungeon Siege 2, slated for a 2004 release, but page 142 tells us that the same game is "not confirmed by the company at the time of this writing." Later, the reader is invited to "peruse Namco's 2002 lineup at www.namco.com"; if Namco still has their 2002 lineup online, they're in trouble. And page 155 tells us that Everquest is "something 400,000 people enjoy almost daily [and for $10 a month!]" while the very next page contains a caption about the same game informing us that "(m)ore than 450,000 gamers are paying $13 a month ..." At that rate, by the time you finish paging through the book, everyone in the world will be paying $1500 a month to play Everquest. Which I guess isn't so inconceivable, come to think of it.

It's also worth mentioning the Cover, Table of Contents and Index here, all of which are poorly organized. The cover is an awful purple mess which lists a number of the interviewees, a list which continues on into the inside front cover of the book. The Table of Contents then gives us more lists of names, showing us who's interviewed in each chapter. Two pages later we are presented with yet another two-page list of the same names. We're 23 pages in and we've seen the list three times. This might be excusable if the Table of Contents was at all helpful, but it's not. Every sub-sub-sub-section of the book is listed; in case you were wondering what page the blank User Interface Detail #2 entry of the Master Design Document Template was on, it's page 225.

Then, of course, there's the 34-page long Index, which includes entries for each interviewee as well as topical entries followed by lists of interviewees in each chapter. Just in case it wasn't confusing enough, the individual interviewee names are organized alphabetically by last name, but their entries under each topic are alphabetized by their first name. And for added fun, how about the fact that the interviews within each chapter are not presented alphabetically at all (either by first name or last)? In sum, there are some 60 pages of the book -- nearly 10 percent -- devoted to repeated lists of names organized differently each time.

Conclusions

In the Introduction, Saltzman points out that this book is an extension and expansion of the popular and commercially successful Game Design: Secrets of the Sages. I've not read that book, but I can't help but think that perhaps an expansion was not the best idea. In some cases, less is more, and this book, while interesting, helpful and at times enlightening, really would have been a whole lot more with a whole lot less of some things. Removing unnecessary banter, unhelpful Table of Contents and Index entries, the ubiquitous page cross-references and some completely useless photographs would make this book 100 pages lighter and a lot more worth reading.

As it stands, the book is worth a look only if you're really interested in what these "gods of gaming" have to say about the industry, or you just want some light reading material to round out your collection. It's fun to hear Scott Miller trash Lara Croft as having "a generic, valueless name that says nothing about her personality" just a few pages before Toby Gard talks about her in glowing terms, but is it helpful? To borrow a Fark tag: Unlikely.

If you're looking for information on how to get into the industry, or any insights into designing and developing better games, there are better books out there, including some others by New Riders (helpfully referenced at the back of this book) which are more focused and better structured. And if you're looking for a magic-bullet solution to landing an industry job, you're not going to find it in here (if anywhere at all). When you boil down the advice in the book and pick out the few things these 150 experts agree on, it comes down to this: go to college, practice your skills, take a job in QA or testing to get your feet in the door, and play lots of games. Outside of that, whatever works for you is what will work for you.

Ultimately, the best piece of advice in the book comes in an anecdote about Nintendo's Shigeru Miyamoto, who signed a fan's Nintendo Power Magazine with the following advice: "To Jeremie, Play Outside on Sunny Days, Shigeru Miyamoto."

You can purchase Game Creation and Careers: Insider Secrets from Industry Experts from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

norburym (Mary Norbury-Glaser) writes " Beginning PHP 5 and MySQL E-Commerce: From Novice to Professional by Cristian Darie and Mihai Bucica is a valuable resource for the web developer/intermediate programmer who is preparing to create a database-driven e-commerce site and who is most comfortable learning by example. The authors have prepared a book with real-world application in a tutorial format; they give detailed instruction on how to create a fully developed e-commerce web site from design phase to deployment. This book is not for the raw beginner; some knowledge of PHP and MySQL is assumed and truthfully, this book will most benefit a professional web designer who has some experience building dynamic elements into web sites." If that fits you, or if you want it to, read on for the rest of Norbury-Glaser's review. Beginning PHP 5 and MySQL E-Commerce: From Novice to Professional author Cristian Darie and Mihai Bucica pages 568 publisher Apress rating 9 reviewer Mary Norbury-Glaser ISBN 1590593928 summary Create an E-Commerce Site Using PHP 5 and MySQL 4

The authors use a T-shirt shop scenario as their model for the design and implementation of their e-commerce site. The book is separated into three distinct "phases" of development. Phase I covers the foundations of creating the Web site, what tools to use and how to use them including creating a product catalog, incorporating a search tool, using PayPal payment processing and adding an administration interface. Phase II proceeds with enhancing the site with a custom shopping cart, a client-server ordering process, a page for pending order administration and a dynamic product recommendations system. Phase III looks at a more complicated customer accounts scenario: taking credit cards instead of using PayPal, building an order-processing pipeline, implementing credit card gateways, adding a product reviews system and accessing web services using SOAP (Simple Object Access Protocol) and REST (Representational State Transfer) XML-based protocols.

Chapter 1 introduces business strategies for considering an online commerce solution and the reasons for launching an e-commerce presence: acquiring more customers, making customers spend more and reducing the costs of fulfilling orders. A thorough read of Appendix C ("Project Management Considerations") would be a good aside at this point. This section provides excellent insight into choosing an appropriate software development cycle model for different projects with a good discussion of advantages and disadvantages of various methods and theories.

Chapters 2 through 7 constitute Phase I proper. The authors begin by tackling the basic structure of the site and focusing on flexible design, scalability and reliability. They introduce a three-tier architecture model: the presentation tier (dynamic pages that contain the elements that allow visitor to the site to interact effectively with the business end), the business or middle tier (requests for data that are posed by the visitor are passed on by the presentation tier to the data tier) and the data tier (manages the data and sends appropriate responses back to the business tier when requested).

Chapter 2 lays the groundwork for the reader to establish the TShirtShop site and accompanying database. Installation instructions for Apache 2, PHP 5, MySQL 4 and phpMyAdmin are referenced to Appendix A. Instructions for installing other tools used in this book - the Smarty template framework for PHP and PEAR DB - are included within Chapter 2. I quite admire the authors' choice to use Smarty. Smarty parses templates behind the scenes and creates PHP scripts from them so when a Web page is rendered, Smarty reads from the PHP scripts instead of pulling the templates themselves, eliminating run-time parsing of templates. Smarty also has built-in caching of template outputs, which saves on overhead in retrieving data from the database.

After creating the main index.php page and the index.tpl Smarty template, the authors discuss error handling and reporting (with a nod to PHP's often head-scratching error messages). They provide a nice set of instructions here for creating an efficient error handling/reporting scheme. The last step in Chapter 2 is to load phpMyAdmin and create the new tshirtshop database and an admin user.

From this point forward, the authors structure each chapter to adhere to the three-tier model. Implementing the presentation tier, the business tier and the data tier is an integral part of the construction of the site. The reader is encouraged to begin every major aspect of the project with these elements in mind.

Chapters 3 and 4 lead the reader through the creation of the product catalog for the TShirtShop site. The authors give a brief overview of SQL, relational databases, using PEAR DB and Smarty plug-ins. The first table is created and populated with data, PEAR DB is used to access the data and a Smarty template is used to implement the user interface. Multiple tables are then added to enhance product catalog features, which allows for a discussion of table relationships. Filtering SQL results and joining data tables are then examined in the section on implementing the data tier.

Chapter 5 introduces a product search engine to the site by using MySQL to search the database and using Smarty templates to build the user interface. This is a major component of any e-commerce site and the authors prepare an excellent code set for this purpose by using the full-text searching functionality of MySQL. The pros and cons of this versus using LIKE are also discussed.

Chapter 6, "Receiving Payments Using PayPal", will be of great interest to many readers. Many individual proprietors and small businesses don't have the resources to process credit cards and therefore use Internet Payment Service Providers to process transactions. In this chapter, the authors teach the reader how to create a new PayPal account, how to integrate the PayPal shopping cart and custom checkout and how to configure PayPal to automatically calculate shipping costs. There is a bit of missing code in this chapter but it appears correctly on this book's Apress errata page (apress.com).

The last chapter of Phase I covers implementation of a catalog administration page using componentized templates and a simple authentication scheme for administrator access to the page.

By the completion of Phase I, the design and programming for a completely functional e-commerce site is in place.

Phase II begins with a pros and cons discussion of using a simple cart method like PayPal versus creating a custom shopping cart and checkout to enhance flexibility. There are some neat tricks here including storing the cart ID as a cookie on the client.

In Chapters 8 and 9, the reader learns how to store cart info in the database, how to implement a client-side ordering mechanism and an orders administration page for pending orders. The benefit to this is that since the data is now stored in the database, quantitative analysis and tracking can be done based on the products sold.

In Chapter 10, the authors add product recommendations to their TShirtShop site. This dynamic visitor-specific functionality is an excellent sales strategy intended to boost sales by adding suggestions for upgrading a purchase or complementing a purchase with another product. The items recommended are based on what products were ordered together by other customers. The SQL query to get the list of products is very nicely done!

This concludes Phase II and the site is again fully functional but with some neat new enhancements: the site has its own shopping cart, credit card processing is accomplished through PayPal and an orders administration page and product recommendations system have been added. Many individually run or small businesses may stop at this point and be completely content with the e-commerce site that has been developed so far. But the authors proceed with more complex scenarios by offering Phase III: "Processing Orders and Adding Features". This final section of the book deals with processing credit cards, using SSL to encrypt data transactions, storing customer accounts, adding a customer product review system (think Amazon.com) and using XML Web services to integrate Amazon.com products into the site.

The authors spend some time covering the design of the order pipeline and optimizing the logical sequence of tasks that need to be tracked. Chapter 12 deals with the modifications necessary to the enable pipeline processing and the database schema changes for auditing and storing data. Chapter 13 implements the pipeline sections in preparation for adding full credit card transaction functionality in Chapter 14 and rounds out with the creation of a new orders admin page that shows an audit trail for any particular order stored in the database.

Full implementation of credit card orders is completed in Chapter 14. The authors discuss credit card transaction fundamentals including working with credit card payment gateways, understanding transactions and card processing. They look at two payment services providers as examples: DataCash (a UK-based company) and Payflow Pro (a division of Verisign).

Product review integration is the subject of Chapter 15. This is another highly coveted enhancement to e-commerce sites. The authors provide a very simple (and therefore, elegant, in my view) implementation of code to add review capabilities to the sample site.

The final chapter of the book is Chapter 16, "Connecting to Web Services", where the authors complete their professionally developed TShirtShop e-commerce site by integrating the Amazon E-Commerce Service using SOAP and REST.

Appendices A-C cover necessary application installation (as mentioned above), hosting advice, steps for getting your files where they need to be on various hosting models and project management theory. Access to code and errata is available on the Apress Web site (apress.com). This book has a nice layout, clean typography, plenty of screen shots and the code sets are offset from the main body of text and are extremely easy to follow. The book can readily be propped open while looking on from your development machine and the overall size of the book isn't unwieldy or awkward to place on a surface.

In the The Expert's Voice in Open Source series, Apress has harnessed the knowledge and expertise of some of the best folks in open source and this book is no exception. Cristian Darie has previously written several well-regarded volumes (Programmer's Guide to SQL, Beginning ASP.NET E-Commerce, Visual C# .NET: A Guide for VB6 Developers, among others) and his skill in untangling complex subject matter is apparent in Beginning PHP 5 and MySQL E-Commerce. Both authors have prepared a book that will enable any intermediate developer to create a fully functional e-commerce Web site that they can then customize and extend. This book is consistent, well organized and clearly presented. Beginning PHP 5 and MySQL E-Commerce: From Novice to Professional is the perfect tutorial-style book for start-to-finish e-commerce site development instruction for any developer with the desire to learn the advanced tools and techniques to get a scalable professional site designed and in production.

You can purchase Beginning PHP 5 and MySQL E-Commerce: From Novice to Professional from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

r3lody writes "If you spend time working writing applications that have to do pattern matches and/or replacements, you know about some of the intricacies of regular expressions. For many people they can be an arcane hodgepodge of odd characters that somehow manage to do wonderful things, but they don't have enough time (or interest) to really understand how to code them. Nathan A. Good has written Regular Expression Recipes: A Problem-Solution Approach for those people. In its relatively slim 289 pages, he offers 100 regular expressions in a cookbook format, tailored to solve problems in one of six broad categories (Words and Text, URLs and Paths, CSV and Tab-Delimited Files, Formatting and Validating, HTML and XML, and Coding and Using Commands)." Read on for the rest of Lodato's review. Regular Expression Recipes: A Problem-Solution Approach author Nathan A. Good pages 289 publisher Apress rating 8/10 reviewer Raymond Lodato (rlodato AT yahoo DOT com) ISBN 159059441X summary A cookbook of useful regular expressions for Perl, Python and more.

Regular expressions are not restricted to just the Perl or shell environments, so Nathan offers variations for Python, PHP, and VIM as well. In most cases the translation is relatively straight-forward, but in a few cases a different environment may have (or lack) additional facilities, prompting a different expression to do the same task.

Before you even read chapter 1, Nathan provides a quick summary course on regular expressions, with detail given to each of the five environments you might utilize. He has written the syntax overview in a highly-readable format, making it easy to understand the gobbledy-gook of the most bizarre concoctions you might encounter.

The first chapter (Words and Text) starts simply enough. He gives examples of how to find single words, multiple words, and repeated words, along with examples of how to replace various detected strings with others. In each case he gives an example of its use for each platform, followed by a bit-by-bit breakdown of how it works. Not every environment is given on every example, and in many cases the "How It Works" section refers to the first one, as most REs are identical between the platforms.

The next chapter (URLs and Paths) offers various methods of doing commonly needed parsing. Pulling out file names, query strings, and directories, as well as reconstructing them in useful fashions is covered in the 15 offerings given here. Validating, converting, and extracting fields of CSV and tab-delimited files are handled in chapter 3, while chapter 4 is concerned with validating field formats, as well as re-formatting text for the fields. Chapter 5 handles similar tasks for HTML and XML documents. The final chapter covers expressions that facilitate the management of program code, log files, and the output of selected commands.

First, I must admit that there are a number of useful solutions provided, especially for someone who is concerned with application and web development. However, I did feel a little cheated by the fact that several chapters covered essentially the same task, with only minor variations. It almost seemed as though the author was trying to pad out the solution count to the magic number 100. A simple example: three solutions in chapter one cover (a) replacing smart quotes with straight quotes, (b) replacing copyright symbols with the (c) tri-graph, and (c) replacing trademark symbols with the (tm) sequence. In each case, the expression was simply "s/\xhh/ rep /g;". Did we really need three separate chapters for that? I don't think so.

Another quibble revolves around some of the coding of the expressions. Nathan has made liberal use of the non-capturing groups (that is, (: expr )) to insure only the items that needed replacement were captured. While a worthy idea, in some cases the expression may have been simplified for understanding. Another issue is a slight error in searching for letters. In a number of expressions, Nathan uses [A-z] to capture all letters. Unfortunately, the special characters [, \, ], ^, _, and ` occur between upper-case Z and lower-case a, making it match too much. Either [[:alpha:]] or [A-Za-z] should have been used.

Despite these quibbles, Regular Expression Recipes does provide a useful compendium of solutions for common problems developers face. Presenting the information in a cookbook fashion, along with ensuring that those using something other than Perl don't have to sweat translating the expressions to their target language, makes this a handy book to have. I wouldn't hesitate to recommend it.

You can purchase Regular Expression Recipes: A Problem-Solution Approach from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

AdamBa (Adam Barr) writes "Juiced is not a great book. The writing is workmanlike but not particularly entertaining, none of the stories are more than slightly amusing, and its protagonist projects an unappealing mixture of vanity and whining. There is a bit of dirt on players, and a couple of nuggets about Madonna and the sex lives of baseball players (and the intersection of those two), but as a baseball autobiography, it pales besides better competition. And yet, Juiced may be one of the most important baseball books ever written." Specifically, the book provides an insider's account of one aspect of biotech that has achieved widespread use, if not acceptance. Read on for the rest of Barr's review. Juiced: Wild Times, Rampant 'Roids, Smash Hits, and How Baseball Got Big. author Jose Canseco pages 290 publisher Regan Books rating 6 reviewer Adam Barr ISBN 0060746408 summary Canseco used steroids and maybe we should too.

Canseco, for those who spent the last 15 years hidden under a rock, played major league baseball for 17 seasons, from 1985 to 2001. He was most famous for belting massive home runs, but he was also pretty fast: in 1988 he became the first player in history to hit at least 40 home runs and steal at least 40 bases in a single season. For his career he hit .266, with 462 home runs and a .515 slugging percentage. He was a 6-time All-Star, won a Rookie-of-the-Year and MVP award, and picked up two World Series rings.

(How good was Canseco as a player? In his book Whatever Happened to the Hall of Fame?, Bill James presents several methods of estimating how likely someone is to be voted into the Baseball Hall of Fame. On the "Hall of Fame Standards" test, where 60 percent of players with a score of 40-49 have gotten into the Hall of Fame, Canseco scores a 38. On the "Hall of Fame Monitor" test, where a score of 100 indicates someone is likely to get in, Canseco scores an 103. So Canseco may not get elected to the Hall of Fame (and likely won't, after the publication of his book), but a reasonable case could be made that he belongs there. The answer to the question of how good Canseco was is "very, very good.")

What's important about Juiced, especially to the average Slashdot reader who may not know a baseball diamond from the Hope diamond? The answer is buried in the subtitle's heap of verbiage: "Wild Times, Rampant 'Roids, Smash Hits, and How Baseball Got Big." Canseco's book is about the growing user of steroids in baseball, something you hear a lot about today. But Canseco has an unusual opinion: steroids in baseball are not bad; in fact they are very, very good.

Spurred in large part by Canseco's book, the U.S. House Government Reforms Committee subpoenaed some of the biggest names in baseball -- including Mark McGwire, Jason Giambi, and Sammy Sosa -- to testify at a hearing on March 17. Allegations are flying that Barry Bonds was on steroids when he set the single-season mark of 73 home runs in 2001. The typical press reaction to this is one of disgust: words such as "tainted," "artificial," and "cheating" are common.

Not so fast, says Canseco. Steroids in baseball are good. Steroids help players get stronger, and enjoy longer careers. And it's not just baseball players who can benefit: steroids can help almost anyone live a longer, healthier life. His book is a wakeup call not just for baseball, or sports in general, but for all mankind. That's his view, anyway, but he makes a decent case for it, using himself as an example.

Canseco explains how he used steroids (which in this context really means a combination of steroids and human growth hormone) to transform himself from a skinny kid to the beefed up example of manhood that gazes soulfully at you from above a bulging bicep on the back cover of his book. He gained confidence as well, and there's no doubt his ego was pumped up: the book is full of references to how good-looking he is, with some attempts to balance those with descriptions of how ugly he was as a kid.

The book also has a B storyline, which is that the media discriminated against Canseco because he is Cuban, in comparison to the All-American image of Mark McGwire. The current media dismissal of Canseco's claims that McGwire took steroids only adds fuel to his conspiracy theory. If you read the book, you would be hard-pressed to doubt that McGwire took steroids on a regular basis. Canseco is not describing rumor or innuendo; he is talking about obtaining steroids and then personally sticking a needle containing them into McGwire's gluteus maximus, repeatedly, over a period of years when they were both with the Oakland A's, and then later injecting his Texas Ranger teammates Rafael Palmeiro, Juan Gonzalez, and Ivan Rodriguez.

A glance at the rookie cards of players like McGwire and Barry Bonds shows that those guys have put on a lot of muscle since they reached the majors (rookie cards are a good source of pictures since a hitter with no action photos from major-league games usually gets the basic pose of bent elbow, bat over shoulder). A Giambi minor-league card shows a lot of loose sleeve around the bicep. If Canseco is making all this up, he is doing an excellent job, and the fact that nobody is threatening to sue him over the book lends credence to the accuracy of his claims.

Remember, Canseco is not "accusing" anyone of using steroids, in the usual negative sense of an accusation. He is merely stating that people used them, and in fact applauds them, considering it a wise decision both medically and financially. Unlike almost every other media report, Canseco's book discusses steroid use in a factual way, absent the finger-pointing and hand-wringing. He presents steroid users not as cheaters, but as vanguards of a new era of athletic performance.

So how should a libertarian, "I'll believe it when I see it" cynic view the accomplishments of juiced-up baseball players? People are talking about asterisks on records, Hall of Fame bans, revoking MVP awards. Is this reasonable?

It's a fact that in sports where achievement is measured in objective terms, athletes today are much better than they used to be. Yet in sports where opinions are subjective, the older athletes are usually recalled as being better than their modern counterparts. In 1920, the year that Babe Ruth began hitting home runs at a previously unprecedented pace, the world record for the mile was 4 minutes, 12.6 seconds; today it is 3 minutes, 43.13 seconds. That doesn't sound like a huge difference, but if you picture the race as four laps of a quarter-mile oval, as it is usually run, the modern miler would finish almost half a lap ahead of his 1920 counterpart, an obviously dominating victory. Today a good college runner can run the mile faster than the 1920 world-record-holder. It would seem logical to assume that a good college hitter (a good college power hitter, anyway), if magically transported back to 1920, could hit more home runs than Babe Ruth.

Almost any baseball analyst today would laugh at that notion. I think they are wrong; I think a modern hitter, or pitcher, would in fact completely dominate their counterparts from early in the last century (even if you let the pitchers throw spitballs, which have now been banned from baseball, yet their erstwhile practitioners are considered crafty, not cheaters, and their statistics remain unblemished by any asterisks). It's documented that pitchers of yore could mostly take it easy out on the mound. In books like Christy Mathewson's Pitching in a Pinch, it was explained that pitchers could save their energy for the dozen or so times in a game that they really had to bear down.

I'm not saying that Babe Ruth or Christy Mathewson, if born today, could not become great major-league players. They obviously had natural talents that separated them from their peers. What they were lacking was all the knowledge that has been built up over the years. It's not just diet and conditioning -- it's all the miracles of modern life that keep us going. Even up to the 1970s, pitchers could never see video of themselves pitching (a huge advantage in correcting flaws in their pitching motion) unless they happened to pitch in the World Series. Jose Canseco had surgery three times for back injuries, any one of which presumably would have ended, or severely curtailed, his career 85 years ago, yet nobody accuses him of cheating for undergoing surgery.

One of the miracles of modern baseball medicine is "Tommy John surgery", named after the pitcher on whom it was first performed. It involves repairing the ulnar collateral ligament in the elbow using a ligament from another part of the body. A pitcher who undergoes this surgery is not only avoiding a career-ending injury (the linked article above says that Sandy Koufax, who retired due to a self-described "dead arm," is thought to have had damaged UCL). The surgery usually leaves the elbow stronger than it was before. And more than 10% of major-league pitchers today have had this surgery. Are they cheating? Do they need an asterisk next to their records? There is no doubt that in the near future, athletes will undergo surgery not to repair injuries, but to prevent injuries that have not yet occurred. One day athletes with artificial limbs will be relegated to their own Olympics not because they perform worse than their non-bionic counterparts, but because they perform better.

The Olympics, of course, have taken a hard line on pharmaceuticals: popping a Sudafed before the big event will disqualify you. Nobody is suggesting that baseball go that far, but what is the dividing line between steroids and a lot of other substances that athletes put in their bodies? As Jim Bouton points out in his classic book Ball Four, baseball players have long been searching for that extra chemical edge. His diary of the 1969 Seattle Pilots describes rampant use of "greenies," or amphetamines. Bouton expounds further on this topic:

"I've tried a lot of other things through the years -- like butazolidin, which is what they give to horses. And D.M.S.O. -- dimethyl suloxide. Whitey Ford used that for a while. You rub it on with a plastic glove and as soon as it gets in your arm you can taste it in your mouth. It's not available anymore, though. Word is it can blind you. I've also taken shots -- novocain, cortisone, and xylocaine. Baseball players will take anything. If you had a pill that would guarantee a pitcher 20 wins but might take five years off his life, he'd take it."

The issue with steroids, of course, is that they really work. They're not magic: you still have to work out, hard. But you do get stronger, and according to Canseco, even more important is the increased stamina, the ability to hit as well at the end of a 6-month season as you do at the beginning. Canseco also points out that baseball players used to be known for drinking and recreational drug use. But a steroid-user can't afford to tax their liver with alcohol and drugs, and they don't need to mess around with greenies, so Canseco feels that the arrival of steroids also ushered in a time of "clean living" among baseball players.

Canseco presents himself as "The Chemist," the one who did the experiments with steroids, learned how to use them properly, and then passed his knowledge on to others. He maintains that he taught McGwire in Oakland, then Palmeiro, Gonzalez and Rodriguez in Texas (and that McGwire taught Giambi), and when Canseco returned to Oakland, he taught Miguel Tejada. Canseco views the $72-million, 6-year contract that Tejada signed with Baltimore in December 2003 as proof that Tejada made a wise decision to increase his physical ability (although Canseco adds a disclaimer in this case: although he claims to have taught Tejada about steroids and saw him grow bigger and stronger, he did not actually witness Tejada using steroids).

Fans, of course, do love home runs. I saw a baseball game in St. Louis in 1999, and I have never seen an audience so clearly devoted to a single player. The only jersey you saw in the stands was Mark McGwire's number 25. The fans loved him, and the place came alive when he was batting. And when, mirabile dictu, he cranked a four-bagger over the left-field fence, the place went nuts, and I bet every fan felt they got their money's worth. What about those kids, the ones in the stands, when McGwire is revealed to have feet of clay?

Canseco has an answer: we shouldn't worry about those kids having fallen heroes, because in his eyes, they aren't fallen. Furthermore, he accuses baseball's owners and management of being complicit in trying to hush up steroid use, in order to give the fans what they wanted.

Juiced, as mentioned earlier, has problems. Canseco states that young athletes should not use steroids, but beyond a blanket disclaimer at the beginning of the book, does little to discourage teenagers from attempting to emulate the professionals. He gives an unsurprisingly sympathetic and glossy account of his various run-ins with the law: gun possession charge, a couple of domestic violence cases, a bar fight, three months in jail in 2003. He tosses around the names of various steroids, but for someone who claims to know so much about the subject, he gives little background on them: how they were discovered, the legal uses for which they are manufactured, how suppliers obtain them.

But as background reading for today's steroids controversy, and as a potential harbinger of the future of our species, it's worth a look.

You can purchase Juiced from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

jsuda (John Suda) writes "Web Design Garage is a remarkably clear-headed, concisely-written and feature-rich book about contemporary web-design topics. It is part of a "Garage" series of hip-looking, style-laden books published by Prentice Hall (Prentice Hall Professional Technical Reference -- PH PTR) and is targeted at the "garage" level designer: small business professionals, hobbyists, and technophiles. It assumes some modest familiarity of HTML and working with Javascript." Read on for the rest of Suda's review.

Web Design Garage author Marc Campbell pages 530 publisher Prentice Hall PTR rating 8 reviewer John Suda ISBN 0131481991 summary Hands-on Guide to web design and usability

This is not a primer, tutorial, or concept-bound book. It is meant to provide practical guidance and solutions to the most common Web design issues dealt with by Web designers. Author Marc Campbell, offers a set of 86 topics about Web design problems and solutions. The format for nearly all of the 86 topics is to highlight a design challenge, then offer solutions using pictures, examples, and code snippets. Although a good and quick read from beginning to end, the book can be read piecemeal for information and guidance on a specific issue. One can pick and choose topics depending on interest or need.

There are no traditional chapters, only a set of design topics of relatively short length organized into 8 general categories. Those categories include design and usability topics, layout, images, text, links, forms, and two others -- one of miscellaneous items, the other an explanation of basic Web-design material. There is also an index and a short glossary of HTML, CSS, Web, and graphics-related terms.

The fundamental theme of the book is that design and usability are, or should be, the same thing. Usability is paramount, of course, but the author's approach to Web design emphasizes creating a "sense of place": good design unites pages so that they look like they belong together.

This is not an earth-shattering idea, but like most of all of the design treatments, the goal is to design pages which make it easy for visitors to use the site. Many good design virtues are virtually invisible to the casual user. There is a confluence of design and usability; it's only when a design element doesn't work well that it comes to the attention of the user, and that's something to avoid. The author shows by example how design and usability are intertwined.

There are a handful of themes which guide the book. Admirably, the author emphasizes for every design element a concern for accessibility. Many of the design guides refer to accessibility by screen-readers and non-graphic browsers. A second major concern is for compliance with contemporary Web design standards as those promulgated by the World Wide Web Consortium. Consequently, there is much emphasis on the separation of page structure from content, where CSS is used for structure and HTML is used for content. A contrast of HTML and CSS formatting is highlighted in many of the chapters.

There is a large handful of sections which express HTML and CSS formatting differences on page layout, text and image positioning, and other Web design elements. There is clear discussion on how to work with Javascript and stylesheets. The emphasis is on "forward-looking" coding, i.e., clean, standards-compliant, and accessibility conscious. Campbell offers an experienced designer's insights on choices to be made in design components. There is much value for both inexperienced and seasoned designers.

Each topic is richly expressed with clear and straightforward text, illustrations, screenshots, and sidebars on a variety of related matters. There are sidebars throughout titled "FAQs" and "Geekspeak," explaining concepts or terminology for the less-knowledgeable reader. Then there are those called "Tips" which usually offer an insight to practical problems, especially dealing with browser-compatibility issues. There are many useful tables and charts indexing specific tag attributes, with examples. In addition, and most useful, are the "Toolkits" which are sample code snippets. It would have been nice to have the code snippets available for downloading from the publisher's Web site.

This is a dense volume containing all sorts of information useful for the "garage" web designer. For some reason, the depth and weight of the content is reflected in the book itself, which is remarkably heavy, weighing in at a well-produced 29 ounces.

There are many books available on basic Web design, but this one is unusually clear and well-expressed. This is the type of book one keeps handy in the bookshelf next to the computer to access for quick solutions to everyday Web design problems.

You can purchase Web Design Garage from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

norburym writes "PHP 5 Power Programming is the latest in the Bruce Perens Open Source series of technical books focusing on Linux and Open Source technologies. Prentice Hall PTR publishes each book under an Open Source book license and provides free electronic versions several months after each book's publication. This particular book also includes a link to a 90-day version of Zend Studio, an IDE for PHP which also includes a PHP debugger, code analyzer and code profiler. PHP 5 Power Programming was written by Andy Gutmans (co-creator of PHP versions 3 through 5), Stig Bakken (creator of PEAR -- the PHP Extension and Application Repository -- a framework and distribution system for reusable PHP components) and Derick Rethans (leader of the PHP QA team). The move to PHP 5 has begun and this volume will prepare power users with the necessary knowledge and tools to make the transition from v.4 easy. Gutman et al. provide PHP engineers and experienced web programmers a proficient introduction to the enhancements and improvements in PHP 5." Read on for the rest of Norbury-Glaser's review. PHP 5 Power Programming author Andi Gutmans, Stig Saether Bakken, Derick Rethans pages 720 pages publisher Prentice Hall/PTR rating 9 reviewer Mary Norbury-Glaser ISBN 013147149X summary PHP 5 Power Programming

Chapter 1 sets the stage by asking "What Is New in PHP 5"? The chapter begins with a quote from John Scully: "The best way to be ready for the future is to invent it," which perfectly describes the authors: Andy Gutmans and Zeev Suraski have continued to push the PHP project to improve on the original foundation and to add cleaner programming enhancements. The leap from v.4 to v.5 is no exception, as this new version has brought singular advances: OO programming with PHP enjoys a leap forward in focus with a complete redesign of its object model, a completely re-written MySQL extension (MySQLi), support for SQLite, a new mechanism for handling errors via exceptions, a suite of re-written XML extensions based on the libxml2 library, a C-based implementation of SOAP and a new memory manager.

Following this tour of the new features of PHP 5, the reader is exposed to a brief chapter on the basic language of PHP. An experienced developer can skip this chapter, but it's a very good overview of the syntax including variables and superglobals, basic data types (integers, strings, booleans, arrays, constants), operators, control structures (conditional, loop, code) and functions.

PHP 5's OO support is the subject of Chapter 3. Object oriented programming was introduced in PHP 3 but it was in an extremely elementary form and while it was improved upon in PHP 4, it truly comes into its own in PHP 5. Covered in this chapter are the basics of the OO model, object creation and lifetime, access restriction keywords and the benefits of using class inheritance, as well as tips for exception handling.

Chapter 4 is a well written chapter on advanced OOP and design patterns (strategy, singleton, factory and observer), with some very good code examples on iterators and the reflection API, which allows the programmer to collect information about his or her script at runtime.

Chapter 5, "How to Write a Web Application with PHP," is an excellent fusion of code and best practices in developing a complete dynamic web application based on PHP. The concept of good design practices is often overlooked in "how-to" manuals. Rather, many technical books focus on overcoming code issues and avoiding pitfalls associated with poor code execution. Here, the authors take time out to detail techniques on making scripts "safe" ("trust nobody, especially not the users of your web applications"). Bugs and security holes are a fact of life, and this chapter covers some very practical techniques to avoid consequences arising from weirdness caused by users as well as from deliberate attempts by bad guys to crack a site's security.

Databases are covered in depth in Chapter 6. SQL and SQLite are discussed (each with a section on strengths and weaknesses) before examining the new database-connectivity features of PHP5 using mysqli and sqlite extensions. PEAR DB is also presented, with a section on the pros and cons of using a database abstraction layer like PEAR DB. Connections, queries, fetching modes/results and other topics are well covered. I would have liked to see some additional discussion and implementation of SMARTY in this chapter. SMARTY is a template engine with an ability to cache templates into PHP scripts which saves on overhead and contributes to speed and efficiency.

Error handling is the topic of Chapter 7. Types of errors (undefined symbol errors, portability errors, runtime errors and PHP errors), PEAR errors (PEAR_error class, handling of PEAR errors and PEAR error modes) and exceptions (exceptions explained and the specifics of using exceptions) are treated adroitly.

"XML with PHP 5" in Chapter 8 will undoubtedly become a focal point of the book for many readers. Along with the addition of support for OO programming, using the new XML extensions are some of the most exciting developments in PHP 5. The XML implementation is standardized on libxml2, compliant with W3 standards and extremely efficient. This chapter introduces XML in PHP 5 with sections on the vocabulary of XML, parsing (SAX, DOM, XPath), the SimpleXML extension (very cool, because this allows the programmer to access the XML through a data structure representation, treating the information as objects), PEAR classes that deal with XML (XML_Tree, XML_RSS), converting XML and communicating with XML (XML-RPC, SOAP). PHP 5's new SOAP extension is a welcome improvement over previous PHP versions.

Following this excellent chapter is one on other valuable mainstream extensions: files and streams (I/O streams, compression streams, URL streams, locking, renaming and removing files, temporary files), regular expressions, date handling, graphics manipulation with GD ("gif draw" to old-timers, "graphics draw" to the youngsters) and multi-byte strings and character sets. This is a solid chapter encompassing the wide range of functions that are intrinsic to the core of PHP to the many favorite and practical extensions that are outside the core of PHP.

Chapters 10 through 12 deal with PEAR: installing PEAR, commands, packages and components. Stig Bakken's extensive knowledge and experience is obviously prevalent here. It's worth noting that you won't find a better single coverage of PEAR and PHP 5 anywhere else.

For those readers experienced in PHP 4 and who are looking to move to v.5 and are wondering what to expect during the transition, Chapter 13, "Making the Move", will be of particular interest. The authors suggest that in migrating to PHP 5, "you can encounter some minor incompatibilities" and address a number of these: using compatibility mode to revert to PHP 4 behavior, recognizing script problems using OO features and learning the new names and locations of files in the PHP 5 distro, among others. Users of PHP on the Windows platform may want to spend some time over this chapter (and maybe reconsider their choice of development platform!).

Designing for performance is the subject of Chapter 14, and the authors encourage the reader to plan for optimal performance during the design phase: benchmarking, profiling with Zend Studio's Profiler, APD (Advanced PHP Debugger) and Xdebug, using APC (Advanced PHP Cache) and ZPS (Zend Performance Suite), optimizing code using micro-benchmarks, rewriting in C and writing procedural versus OO code. This extensive chapter offers the reader a fairly complete set of tools and sage advice for more efficient design.

Chapter 15 is titled "An Introduction to Writing PHP Extensions," and introduces the extension API that allows developers to write custom PHP extensions. This isn't a chapter for everyone, since there are already a large number of available extensions and, as the authors note, unless you need to wrap an existing C library to give it an interface from PHP then you can easily skim or skip this chapter entirely. Note, though, that memory management has a section here and it's worth a read because of PHP 5's support for multi-threaded environments.

The final chapter of the book is called "PHP Shell Scripting," and explores the CLI SAPI (command line interface Server API). There is an introduction to PHP CLI shell scripts (how CLI differs from CGI, the shell scripting environment, parsing CL options, good practice) with some nice examples.

Appendices on PEAR and PECL (PHP Extension Community Library) Package Index, phpDocumenter format Reference and Zend Studio Quick Start Guide complete the volume.

The authors succeed in providing an excellent manual for "power programming" in PHP 5. There is terrific guidance here for many PHP developers and experienced Java, C++ and C# coders who are looking to either migrate to PHP 5 from v.4 or who are looking to gain experience in PHP programming. The experience the authors bring to the table is indisputable and their style of writing and the ease with which they bring new language and tools to their audience is admirable.

You can purchase PHP 5 Power Programming from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Dustin Puryear writes "I work extensively with LDAP as a consultant, and so I'm always reading the latest and greatest books and articles on the subject. It's just part of the business. So I was excited to see "Deploying OpenLDAP," by Tom Jackiewics and published by Apress, on Amazon's electronic bookshelf. After reviewing the Table of Contents I quickly ordered the book. This looked good. After all, Jackiewicz had some great chapter titles such as 'Implementing Deployment, Operations, and Administration Strategies.' That just sounds smart. Before giving you my feelings on the book, let me first say that I'm already well experienced with LDAP. This is especially true with OpenLDAP. With a title like "Deploying OpenLDAP" I was expecting a book that tackled not just low-level tactical issues such as installing OpenLDAP binaries, but strategic ones as well, e.g., how to design access control. So if you have never used OpenLDAP then your experience with the book may differ." Read on for the rest of Puryear's review. Deploying OpenLDAP author Tom Jackiewicz pages 344 publisher Apress rating 5 reviewer Dustin Puryear ISBN 1590594134 summary HOWTO for installing and using OpenLDAP.

The book begins with a quick note that the target audience is those wishing to install and configure OpenLDAP, and not those that wish to delve into the intricacies of LDAP architecture. Unfortunately, Jackiewics delivers on this promise. While I didn't expect the book to provide me with a guide on enterprise-level LDAP deployment, I had hoped to see more focus placed on design, but that wasn't forthcoming.

The first chapter, "Accessing Your Environment," is a moderately good review of how to identify key elements of your company that are appropriate for inclusion in a directory service. In addition, Jackiewics makes a clear case that an LDAP directory is not a relational database -- so don't try to replace Oracle with OpenLDAP. A very good point.

Chapter 2, "Understanding Data Definitions," provides background information on how schemas are defined. Basically, a schema is just the types of object classes and attributes that your directory supports. Jackiewics actually does a good job covering customized schemas, which is a troublesome area for new OpenLDAP administrators.

It was in Chapter 3, "Implementing Deployment, Operations, and Administration Strategies," that I was hoping to get some real nuggets of information. Alas, that wasn't forthcoming. The chapter should be renamed to "Where to put your OpenLDAP server on the network, and what to name the server." There are some areas of this chapter that really disappointed me. The most culpable: Jackiewics spends almost four pages explaining how to come up with a good hostname for your server, and then a brief page on understanding OpenLDAP's log file, and that brief page mostly contains example output. This chapter is also a good example of a bad book layout -- why are we reading about hostname conventions in the same chapter that discusses debug output?

Chapter 4, "Installing OpenLDAP," is a decent HOWTO for installing OpenLDAP. It also provides several manpages in case you accidentally deleted the 'man' command on your own system.

Chapter 5, "Implementing OpenLDAP," is kind of the "catch all" chapter. Jackiewics discusses how to decide on hardware, but his examples aren't very clear. One of the real gems of the book is his discussion on SASL and OpenLDAP. In addition, there is a reasonable discussion of replication between OpenLDAP servers. Alas, there is almost no troubleshooting on replication, and replication does hiccup at times. (Indeed, this book contains essentially no help in troubleshooting any problems.) Another sore point: Jackiewics only provides a single paragraph on access control (i.e., OpenLDAP ACLs). That topic alone deserves its own chapter.

Because Jackiewics had specifically stated that this book's scope was quite narrow I would typically be more lenient. However, Chapter 6, "Scripting and Programming LDAP," consumes sixty pages that are immediately outside the book's scope. I would prefer to see this chapter removed entirely, and the sixty pages devoted to a chapter on troubleshooting OpenLDAP and deciphering slapd's debug log file, and perhaps another chapter on designing a scalable replication infrastructure using OpenLDAP. Unfortunately, what we get is essentially sixty pages of manpages and documentation labeled as "Scripting and Programming LDAP."

Jackiewics closes the book with Chapter 7, "Integrating at the System Level," and Chapter 8, "Integrating OpenLDAP with Applications, User Systems, and Client Tools."

Chapter 7 discusses how to replace "old technology," such as NIS and Sendmail alias files, with LDAP. Not a bad chapter, although Jackiewics continues to delve too far into man-page material. Chapter 8 provides examples of using LDAP in Apache, Pine, Samba, and various other types of clients.

Overall, I would say that I left this book with little new information. People that are just now installing OpenLDAP may find the book beneficial, but I really didn't see any material that stood out. My personal belief is that this "Deploying OpenLDAP" needs to provide far more troubleshooting and example deployment scenarios and less regurgitation of manpages and HOWTOs.

You can purchase Deploying OpenLDAP from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Eli Singer writes "Are gamer employees different? This is the question John Beck and Mitchell Wade answer in Got Game, How the Gamer Generation is Reshaping Business Forever. They argue that yes, employees who grew up with Nintendo, TurboGrafix and Genesis approach their work in fundamentally different ways than non-gaming workers. If you grew up with games, you can use this book to teach your boss how to appreciate your gaming abilities in the workplace." Read on for the rest of Singer's review. Got Game author John Beck & Mitchell Wade pages 202 publisher Harvard Business School Press rating 7/10 reviewer Eli Singer ISBN 1578519497 summary Got Game describes the unique abilites gamer employees bring to the workplace, and teaches managers how to harness these often untapped skills.

1980s-era Nintendo-thumbed teenagers are now adults moving into senior positions in the workforce. As they move up, a cultural rift is forming in the workforce between the old guard who've never held a controller, and those who grew up hunting for the Triforce. Got Game proposes how to bridge this gap.

Beck and Wade argue that a massive culture gap began in the '80s when video game systems like the NES suddenly appeared in tens of millions of households across North America. Games radically reshaped youth for a whole generation by creating a new leisure activity with a distinctive culture. Ever since, gaming has become deeply embedded in our society and in the lives of each cohort over the last two decades.

At its core, Got Game is a guide for senior managers stumped at how to manage their gamer employees. Its purpose is to teach them that they must treat video games as serious preparation for the workforce, and that gamers possess a unique set of skills necessary in the modern business world:

"Anyone who actually looks at the games selling and being played knows that the typical video game is not the blood-spattering, media-grabbing, parent stressing cartoon that makes the nightly news on a slow or tragic day. Instead, it's a massive problem solving exercise wrapped in the veneer of an exotic adventure. Or it's the detailed simulation of an entire civilization, or a pivotal battle that affected the course of world history. Or it's a serious opportunity to try coaching a sports team or setting military strategy. In short, even if their surface is violent, sexist, or simpleminded (which is not true nearly as often as non-gamers believe), games are incredibly complex computer programs that lead the brain to new combinations of cognitive tasks."

The book is divided into two parts. The first three chapters are a primer for non-gamers, outlining video game culture, dispelling myths, and generally building the case for treating games and gamers seriously. Chapters four through eight, though, are where I thought the most innovative thinking lies. Here the authors draw explicit parallels between the skills people hone to win video games, and those needed in our global, techno-centric workforce. These chapters also go the extra distance by instructing managers on how to restructure their style to harness the skills in their gamer employees.

As a casual gamer, I found these aspects of the book helpful. By outlining the instances where managers and executives from outside the game generation don't see things the way I do, and then translating into terms they can understand, it is possible for me to effectively bridge the culture gap. Building understanding and common language reduces tension, making work less stressful, more fulfilling (and ultimately more like a video game!)

Here are some of the top insights in the book for non-gaming managers:

Tap into the gamer instinct for heroism
Gamers "have a hero's appetite for a challenge that requires full attention. Meeting these needs, giving the potential heroes who work for you a challenge that will inspire extreme efforts - can unleash enormous commitment."

Don't let superficial badges of culture mislead you
"Remember the old fogies who thought men with long hair automatically couldn't be trusted? We boomers now have the chance to replicate the fogies' mistake, or to build on major assets that out less open-minded peers overlook."

Don't dismiss gamers' ability to focus and multitask
"Gamer employees will prefer to be surrounded by extraneous noise and attentional clutter. They might want to have two or three activities assigned to them at once so that when they tire of one, they can move to the next, and then come back to the first when they have something useful to add."

Manage your teams as group video games
"Structure team assignments like a game, providing clear high-level direction but also lots of room to explore. Tell your team, 'here are the boundaries; you can't go outside them, but inside try anything - open all the doors, run into the walls, find a way to succeed.'"

Beck and Wade support their points of view with a commissioned study involving 2,500 business people. Graphed results are presented throughout comparing how gamers and non-games view risk, teamwork, decision-making, and responses to authority. While I realize that providing statistical support of ideas is essential, I didn't find the graphs or conclusions very compelling.

What I do appreciate is that in publishing this book, Harvard Business School Press is sending signals to the business community that video games are an important part of our culture and that we ought to consider the serious impact gaming is having in offices throughout the country.

The scope of this book goes beyond the 'important books for managers' genre. Proactive employees could easily benefit from strategically giving a copy to a boss to kickoff a conversation on refining a working relationship. For the more adventurous gamer, I'd recommend absorbing the business insights and using them to manage upward and get ahead in the workplace.

This will not be the last book about gamers in the workplace, but it does a good job kicking off the genre. I extend thanks to Beck and Wade for bringing attention to this real phenomenon.

Reviewer Eli Singer lives in Toronto. Apart from technology consulting, he blogs at singer.to and sends biking tours to Europe. You can purchase Got Game from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

r3lody (Raymond Lodato) writes "Anyone who has been working on the *nix platform has had a brush with Perl, the scripting language whose acronym (depending on who you ask) could mean Practical Extraction and Report Language, or Pathologically Eclectic Rubbish Lister. In either case, there is a distinct difference between learning to use Perl, and learning to use it well. In my opinion, the best way to learn any language well is to see how others have used it to solve problems. One of the foremost experts in the use of Perl, Randal L. Schwartz, has been writing columns since March of 1995 on the use of Perl in the real world, and has provided us with 6 books and over 200 columns with many examples on how Perl is used." Read on for the rest of Lodato's review. Randal Schwartz's Perls of Wisdom author Randal L. Schwartz pages 350 publisher Apress rating 7/10 reviewer Raymond Lodato (rlodato AT yahoo DOT com) ISBN 1590593235 summary A dated compendium of the best of Randal's Perl columns

Perls of Wisdom is a collection of 65 selected columns from Linux Magazine, Unix Review, and the now-defunct Web Techniques magazines, written between May 1995 and July 2004. In each column, Randal discusses some problem that he had to solve, or that someone else needed help in solving. He carefully discusses the problem, and then shows the Perl code needed to resolve it. Many of the columns are complete applications that can be run (with minor modifications) by the reader. (The listings are also available from the apress.com web site.) Each column has been reproduced as it was written in the original magazine, with "Randal's Note" prepended. Therein lies this book's best feature and greatest flaw. Allow me to explain.

When I first picked up this book, I had only read a couple of Randal's columns (from Web Techniques), and saw that he wrote tutorials of proper Perl usage. He also relies on the wealth of modules submitted to CPAN to leverage a solution. After all, why reinvent the wheel? I expected to see more commentary on the reasons behind choosing one solution over another, or insights into the inner workings of Perl itself. I more or less got what I expected. For example, the first column reproduced in the book (It's All About Context) explains why, when someone used my ($f) = 'fortune'; instead of my $f = 'fortune'; he got in trouble with the law (see the book to understand the legal issue). The first form only retrieves the first line of the output of the fortune program, while the second form retrieves the entire output. Little items such as scalar versus list context can trip many Perl coders.

The first chapter (Advanced Perl Techniques) does give you many tips and insights like the example I just gave. All but two of the twenty columns are little tutorials on the ins and outs of handling the commonplace day-to-day issues that Perl can address with ease. Some delve into more obscure topics, such as the difference between shallow and deep copies of structures, and Perl's Taint mode. Two columns contain complete programs. One extracts the text from the man pages and determines their "fog" index (a measure of readability). The other creates a mirror of files needed by CPAN.pm to install new modules. For each program, Randal gives the entire listing as well as an almost line-by-line description of how it works. Each column is written in a conversational style that is easy to read, yet doesn't talk down to you.

The following chapter is comprised of seven tutorials on the various aspects of searching, sorting, and formatting text. In addition to describing the creation and compilation of regular expressions, Randal also discusses formatting and the nifty "Schwartzian Transform" (Perl's map-sort-map idiom for sorting on almost anything) which was named for him, but not by him. While some of the information is a little long-in-the-tooth (the column on Text-Processing was written shortly after Perl 5 was released), it's all interesting and educational nonetheless.

Chapter 3 starts refocusing the use of Perl to web sites. This chapter discusses HTML and XML processing in six little columns. He shows how to generate a web page index, producing a web page calendar from a file of events, and parsing XML to retrieve the data within. He also includes a lesson on how to use Perl to compare two arrays to create an HTML-formatted difference table.

The next chapter demonstrates that Randal has spent a lot of time working out ways to update and improve his web site. It covers the intricacies of CGI programming in Perl. All but one of the fifteen columns are complete programs (again, available from apress.com) with line-by-line commentary. The programs do implement mostly worthwhile functionality, but each column was pretty much "I had this problem, so I wrote this program. Lines 1-3 do this; lines 4-5 do that, etc." Granted, some of the programs are pretty nifty (check out how he automatically keeps track of the "What's New?" pages), but the reading of one program after another started to become stale.

The final chapter is titled "The Webmaster's Toolkit," consisting of fourteen programs and three tutorials. Randal covers diverse web server background topics such as creating a light-weight load balancer, random links, and forcing users to enter through the "front door." There are also instructive techniques for throttling your web server's usage of the processor (a necessity at the time for Randal, as his web site was co-resident on a server with others), and calculating download times.

In its entirety, Perls of Wisdom contains 65 columns, split roughly half-and-half between tutorials and fully commented programs. More than half of the columns show that Randal uses Perl for web processing more than for general scripting, data reduction and reporting. His tutorial articles are top-notch, but I have a quibble over his program articles, which are somewhat dated. There were a number of prefaced notes to the effect that today he'd do it differently with some new feature or CPAN module. I really wish he had actually updated the column to show the new coding techniques. The original code is interesting in the historical sense, but I wanted to see nuggets of Perl wisdom for me to use in my daily job. The writing style is fine; the bits of insight are useful, but many of the programs are too specific to problems you or I may never see, and were solved in code that's showing its age. I'm glad I got to read the book, but I think it only rates a 7 out of 10.

You can purchase Randal Schwartz's Perls of Wisdom from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

nazarijo writes "You can usually tell someone who's been writing a lot of code by how they write code. That may sound like a tautology, but it's got a deeper meaning than that. What editor they use, what idioms they use to avoid common pitfalls, and what organization patterns they employ all tell you what kind of programmer you're meeting. When you first start writing code, so many things are inconsistent and just plain wrong that it's almost embarrassing. I know that when I look over older code that I've written I feel sheepish about it. But how do you grow as a programmer, and what really makes a good programmer beyond language familiarity?" Read on for Nazario's review of Code Reading: The Open Source Perspective, a book which attempts to instill deeper knowledge about programming than just "knowing how." Code Reading: The Open Source Perspective author Diomidis Spinellis pages 499 publisher Addison-Weslet Longman rating 7 reviewer Jose Nazario ISBN 0201799405 summary A tour of large-scale development projects from code to organization

A few books are tackling this subject, including Coder to Developer and Programming Language Pragmatics. These books don't teach you much about a particular language in the way that an introductory text would. Instead, you grow as a skilled developer by studying them and learning from them. That's one of the key things that people are talking about lately, that to be a strong developer requires more than a working knowledge of a language. It requires a familiarity with the strengths, weaknesses, and core features of a language and the base libraries to be efficient.

Code Reading: The Open Source Perspective is one of these books in this small but growing library. In it, Diomidis Spinellis takes you through a large body of code and focuses on several languages, techniques, and facets of development that differentiate strong developers from weak ones. What I like about this book is how much it covers, how practical the information is, and how much Spinellis teaches you. You wont learn a language, which is the complaint of some people who read this book, but if you know one or two you'll be a better programmer.

Perhaps one of the most telling things about the book is that it draws heavily from NetBSD source code, and features over 600 examples to make the point. Examples are often annotated using NetBSD as a reference. This makes sense, because NetBSD is a large project that's relatively stable and mature. Everything from how to define a C structure consistently and sanely to UML diagrams and build systems are covered, making this truly a developer's book. However, even Windows and Mac OS X developers will benefit, despite the BSD focus.

Chapter 1 introduces some of the basic tenets of the book, namely that code is literature and should be read as such. All too often people only read code when they have a specific problem to solve or want to get an example of an API. Instead, if you read code frequently you'll always be learning things and improving your skills. Also, Spinellis discusses the lifecycle of code (including its genesis, maintenance, and reuse), which simply must be taken into account if code is to be good. Poorly skilled developers forget these things and just slap it together, never thinking ahead.

In Chapter 2, a number of concepts basic to any programming language are covered, including the basic flow-control units common to many languages. The book focuses on C, with additional coverage given using C++, Java, and a few other things thrown in for good measure. As such, these chapters -- in fact the whole book -- focuses on concepts common to these languages but absent in some other languages, like Scheme or LISP. One neat section is called "refactoring in the small." It illustrates the real value of the book nicely, in showing you various ways to organize your code and your thoughts for various effects. Oftentimes a book will only teach you one way (which doesn't always suit your needs), and Spinellis' examples do a nice job of escaping that trap, not just here but throughout the book.

Chapter 3, "Advanced C Data Types," focuses on some language-specific matters. These are pointers, structures, unions and dynamic memory allocation, things that most people who code in C may use but only some truly understand well. Again, a somewhat basic chapter, but useful nonetheless. Make sure you read it; chances are you'll learn a thing or two.

In Chapter 4, some basic data structures (vectors, matrices, stacks, queues, maps and hash tables, sets, lists, trees and graphs) are covered. This is an important chapter since it helps you see these structure in real-world use and also helps you understand when to chose one structure over another. While Knuth, CLRS, or other algorithms and data structures texts cover these, they often do so in isolation and at a theoretical level. While their coverage is short, it's to the point and usable by anyone with a modest understanding of C.

Chapter 5, "Advanced Control Flow," the last chapter that deals with actual programming information, is another useful one. Again, short but to the point, this chapter covers things like recursion, exceptions, parallelism, and signals, all topics that have warranted their own books (or major sections in other books) but which are covered in a single chapter here. Still, seeing them side-by-side and in the context of each other and in real-world use provides some justification for the compact presentation.

The remaining chapters of the book go well beyond a normal programming book and focus on projects. These chapters complement the first bunch nicely by focusing on the organization of your code and projects. Chapter 6 deals specifically with many of the commonly identified (but rarely taught) things like design techniques, project organization, build processes, revision control, and testing. A number of things that aren't covered include defining and managing requirements for a release and their specifications, basics on how to use autoconf and automake, and instead rips through a whole slew of topics quite quickly.

Chapter 7 is sure to be controversial for some people: it covers "Coding Standards and Conventions." Some people seem to be big fans of the "if it feels good, do it" style of programming, and instead of writing sane, usable code, what they produce is buggy and messy. This chapter teaches you tried and tested methods of naming files, indentation (and how to do so consistently using your editor to help), formatting, naming conventions (for variables, functions, and classes), as well as standards and processes. The style and standards are (as you would expect) based on NetBSD, which differ slightly from GNU and Linux standards, as well as commonly found Windows practices. However, I think you'll agree that the style is readable with minimal effort, and that goal, coupled to consistency, is paramount in any standard.

Chapter 8 introduces you to documentation, including the use of man pages, Doxygen, revision histories, and the like. Also included are hints at using diagrams for added value. One thing I don't like about this chapter is the opening quote, which sets a bad precedent. It blithely suggests that bad documentation is better than none, which is highly questionable. Misleading docs can be worse than no docs at all, since someone without docs will have to dig through the code in front of them to understand it. Someone with bad docs will rely on the docs and wonder what's broken when things go awry.

Chapter 9 focuses on code architecture, such as class hierarchies, module organization, and even core features like frameworks to chose. This chapter covers a lot of material, and is, despite its size, simply too terse on many of these subjects. It serves as a decent introduction, but doesn't go very far in some places, considering the importance of the material. However, like much of the book, it's a good introduction to the topics at hand.

Chapter 10 also features a lot of good things to know. Granted, you could pick them all up with a lot of hard work and scouring for information, but it's easier to have them presented to you in a cohesive format. The chapter discusses code reading tools, things that you use to help you dig around a large body of code. One you get over a few source files, even if you have well-organized code and interfaces, many changes can require that you inspect the data path. You can do this manually, or you can be assisted with tools. Tools like regular expressions, grep, your editor -- Spinellis shows you how to make use of all of them when you write code. A lot of tools I've never used (but have heard about) are featured, and their use is demonstrated, but of course many tools are simply ignored, focusing on popular ones that will work for most people.

Finally, all of the above is brought together in Chapter 11, "A Complete Example." A small tour of a large, complex piece of code is taken (34,000 lines of Java) as the author makes changes. It's unfortunately in Java, when so much of the book focused on C (why couldn't they have been consistent examples?), but it works. The example itself could have covered a few more things, such as a proper JUnit example, but overall I'm pleased with it.

Overall, Code Reading: The Open Source Perspective is ambitious and worthwhile, both as a complement to a bookshelf of study that includes The Practice of Programming and Design Patterns, and to someone who is growing tired of books on learning a language. At times it feels like the author promised more than he wound up delivering, but it serves as an introduction to a large number of topics. You wont learn a language, and you wont be able to get as much out of the book if you don't engage it with practice, but it's a useful book to get started on the road from being someone who knows a language or two to someone who is a developer, ready to contribute to a team and work on large projects. Never underestimate the skills required to be a good developer, because they go well beyond knowing how to use a language.

You can purchase Code Reading: The Open Source Perspective from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Ken Hansen writes "It was with great anticipation that I pre-ordered Apple I Replica Creation by Tom Owad -- I'd always been interested in 'classic' hardware, and the Apple I came just before I got interested in computers (the late '70s -- timeshare terminals, TRS-80s, and my first computer, the SYM-1). I'd seen the story on Wired about Vince Briel's Replica 1 project, and wanted to try it out. When the book arrived, I quickly scanned it, and it looked pretty good: sections on the history of the Apple I, instructions on how to build the Replica I from Vince Briel, programming the Replica I in both BASIC and 6502 assembler, and some details on how the actual Apple I and Replica I hardware works. Then I started reading the book ..." Read on for the rest of Hansen's review. Apple I Replica Creation: Back to the Garage author Tom Owad, John Greco pages 416 publisher Syngress Press rating 4 reviewer Ken Hansen ISBN 193183640X summary A confused book that is thin on details.

I read the Foreword and was put off -- it had no discussion about what to expect in the book, nothing about Tom Owad, or even Vince Briel; it seemed to be a letter from Steve Wozniak discussing the Apple I and its place in history.

Moving on into the book, in the first chapter I read about several people that own (or have owned) genuine Apple I -- and while this was interesting, and helped to get me in the mindset of mid-seventies computing, I felt this too had little to do with the stated purpose of the book -- building an Apple I replica. Personally, I would have put this chapter in the back of the book, most likely as an Appendix, since the reader must have some knowledge of the Apple I before they picked up the book, and these stories do little to describe the hardware we are going to build.

The next two chapters -- "Tools and Materials" and "Digital Logic" -- provide thin overviews on building electronics projects in general, and an overview of Digital Logic. I contend that if you've never picked up a soldering iron, you shouldn't make your first effort a computer, no matter how "simple" this one is (and it is pretty straightforward, just a handful of chips with no tricky analog "adjustments" to make), and if you want to learn about Digital Logic, you'd be well served to focus on the material as covered in Charles Petzold's classic tome Code.

Next we have a chapter on building the Replica I -- there are no real insights provided, no hints or tips that relate to the reader that the author even built his own Replica I. In fact, the author includes a quote from someone who built his own Replica I, but by the end of the included story, this person hasn't gotten it working yet. Since this story was (apparently) written well in advance of the book being published, why not include an update indicating that Vince was able to get his Apple I replica up and running? (By all accounts, Vince is very helpful to those that buy his kits.)

There are almost 4 pages dedicated to the McCAD program included with the book on CD-ROM, but unless you are familiar with CAD/circuit design software, you will finish the four pages with precious little understanding of how to actually use the software, or how to turn the circuits you designed into actual printed circuit boards.

Moving on, we have a chapter on programming the Replica I in BASIC -- this chapter provides only the barest minimum information on the BASIC included with the Replica I. This BASIC is Integer only, and was written by Steve Wozniak personally. While BASIC once was a very common language (it used to be included in ROM on almost all consumer and business personal computers, before Disk Drives became commonplace), it merits a better overview than the author provides. The original Apple I BASIC Manual (available from Vince Briel's website) does a better job describing the language. The author includes an extensive dissection of a larger BASIC program (a simple text-based role-playing game), but gets lost in describing how the program works. I was left with the feeling that the larger BASIC program was included to pad the section on BASIC programming.

Then we move on to programming the Replica I in Assembler -- here the author cuts so many corners (he even reduces the now-obligatory "Hello, World" program to a much shorter text message "H W" to save space) that the reader is left with only a hint of what can be done with the Replica I in assembler. Again, material appears to be added to the book to pad out the chapter, including one of three separate ASCII Character charts, all the Op Codes of the 6502 CPU listed in several different ways (both in this chapter and in the Appendices), and the thinnest of details in the "detailed" views of each Op Code (Op Codes are the instructions used to build a program in assembler).

Next we come to a chapter entitled "Understanding the Apple I" -- what this chapter is doing in the back of the book is beyond me, since understanding the Apple I is, you know, the whole point of this book, right? The information provided is fairly technical, but does little to provide the reader with the information needed to actually design/build anything based on the Apple I design. Note that while this book is about building an Apple I replica, it is not a "clone" -- where the original had 8K of RAM, this unit has 32K of RAM, provided by one chip instead of the original 16 chips on the Apple I. This unit is functionally identical to the Apple I, but the circuit design is greatly simplified over Woz's original design (based on about 30 years of progress in the computer industry). As a concession to the realities of the current computer market, the Replica I also uses an "AT" power supply, and can use a PS/2 keyboard in place of the ASCII keyboards popular in the mid-seventies. These changes make the Replica I a more convenient project to attempt, while retaining the original programming environment of the Apple I.

Now we enter into the Appendices -- we have another ASCII Character Chart as Appendix 1 (there are three total, if memory serves me correctly), then three appendices which simply list all the Op Codes of the 6502 processor three different ways. Again, these appear to be added simply as filler material to add heft to the book -- the author adds nothing to these sections, and they repeat information covered elsewhere in the book.

Next we have an Appendix on "Hacking Macintosh": this is the clearest case of padding a book I've ever seen -- the author describes how to take a Macintosh SE and replace the case with "Lego-type" blocks -- a trivial hack, unrelated to the Apple I in any way, and a potentially dangerous activity, because you are exposing high voltage electronics by removing the manufacturer's original case with its shielding and protection. Then we have a slightly more technical hack in the "UFO Mouse" hack -- adding an LED to the original iMac UFO mouse. Then we have our final Mac Hack -- wrapping the interior case of a Mac Cube system with decorative wrapping paper and placing the now "beautiful" system back in the clear plastic case. This is a hack? How does this relate to the Apple I?

The final appendix is titled "Electrical Engineering Basics" -- and while it does a reasonable job of describing what various components do (like resistors, capacitors, diodes and transistors), there is no reference to take the reader to a place where they can learn to build things of any sophistication (like, say, a computer, perhaps?). I was left asking the question, if this material is needed by the target reader, why are they attempting to build a Replica I computer? If the target reader doesn't need it, why is it included? We also are treated to our second set of instructions on how to solder -- again, why was this included in the book?

In the end, I have no idea who the target audience market is for this book, and I felt the book had no central theme -- it seemed to be a bunch of material culled (I can only assume) from the author's Apple Fritter web site. This book was too "light" to be of any real use to an experienced electronics person looking to design an "Apple I-inspired" system, and there is precious little material for the electronics novice who wants to build Vince Briel's Replica I kit that isn't provided by Vince either on his site or in the included assembly instructions and original Apple I documentation.

I noted numerous errors in the book, and attempted to forward them to the publisher for inclusion in the next printing of the book, but after finishing the book, I suspect there will be no need for a reprinting. I say attempted, because my email to the publisher bounced, but I was able to send my notes to the technical reviewer of the book, and I have sent my notes to Vince as well, for his reference.

I found this book to be confused (no clear narrative/theme/idea), cluttered (why three ASCII charts? Why Mac Hacks?), and to contain many typos/errors. In the final analysis, unless you simply have to have this book because it is about the Apple I, I'd say save yourself the cost of the book, and simply order a pre-assembled Replica I from Vince Briel -- the money you save by not buying the book ($39.95 Suggested retail price) will almost exactly cover the price difference between the unassembled Replica I and the the assembled version (currently $40 US).

You can purchase Apple I Replica Creation: Back to the Garage from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

James Edward Gray II writes "If you've ever wanted to know more about the agile programming methodologies, Integrating Agile Development in the Real World is a fine place to look for the answers to your questions. Various agile methodologies are explained, compared, and contrasted within. A good look is taken at how they work, their strengths and weaknesses, and how they compare to the more traditional approaches of software development. This proves to be a strong introduction and overview to agile programming practices." Read on for the rest of Gray's review. Integrating Agile Development in the Real World author Peter Schuh pages 346 publisher Charles River Media rating 8 reviewer James Edward Gray II ISBN 1584503645 summary An encyclopedia of agile software development practices.

The book opens with a couple of chapters exploring exactly what it means to be an agile development team. The author doesn't spoon feed you a definition. Instead, he takes a look at the Manifesto for Agile Software Development and pulls from that a collection of values important to agile software development. A list of agile principles is presented, and each of these aspects is examined from the angle of what it's trying to accomplish and where it can help when building software.

At this point, the book introduces seven methodologies including The Crystal Methodologies, eXtreme Programming, and Scrum. Each approach is defined by their practices and focus. The author does a nice job of telling you where these methodologies excel and even where they don't. The approaches are contrasted, but not with an eye towards finding out who is right and who is wrong. Instead, the author digs for the strengths in each practice.

The next few chapters offer suggestions about what agile practices can do for your development team, and outline how to adopt a few agile practices. This is one of the many places where the book really shines, thanks to its realistic approach. The author knows that not everyone can run out, soak up some eXtreme Programming training, and convert their entire division overnight. If you can, great, but this book is more focused on people who don't meet certain agile requirements and others who just want to test the waters a little. For these groups, there is sensible advice like, "Start by doing X, Y, and Z, because they're great ideas, easy to implement, and will help you a lot." If you like those changes, the author suggests what to try next. Even better, you're told to back away from the changes you don't like, sprinkle in some ideas from other methodologies, and even customize the practices to your needs. That may not be as extreme as some agile developers would prefer you to be, but it is agile programming distilled down to what it can do for you personally. I found that to be a great touch.

With the introduction to this new world of software development covered, the book moves into detailing actual agile practices. Early chapters in this section focus on the programmer, testing, and even the database side of the operation. Later chapters get into management, the project, and an agile development cycle. When a practice is defined, you're warned of prerequisites you should have in place before considering it, offered advice for how to get started with it, and even given a few variations that might work better for your group. I wouldn't say that the detail here is sufficient to teach you all you need to know, instead this section arms you with the knowledge to decide what you should be looking into. To kick-start your research efforts, a practice always ends with a list of further resources, available both online and in print.

The final chapters of the book get more abstract, dealing with customers, communication, and even just people. There's a lot of sound advice hidden away in these pages for some difficult challenges. I personally learned a lot about how agile development deals with customers and I have a few new ideas I'm anxious to try on my clients.

As an added bonus, the book has a very nice layout, filled with intelligent, witty prose and good looking charts. These effects are always subtle but can make a text a lot more approachable. I believe my only complaint was that the author tends to throw around acronyms assuming you know what they stand for. I think he even eventually got around to defining all but a couple, but not always when you first encounter them. A glossary probably could have helped in this case.

In summary, this book is agile programming for everyone. As a one-man operation, common practices like pair programming aren't even an option for me. The author knows that the methodologies aren't one-size-fits-all, and really focus on exactly what they can do for you, whatever your own needs may be. If you don't follow any development strategy (hope that's not true), would like to know more about the agile practices without joining a cult, or even just want to stay sane in your traditional software development company, Integrating Agile Development in the Real World will give you plenty of fresh ideas.

You can purchase Integrating Agile Development in the Real World from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

James Edward Gray II writes "I'm not an XML junkie and I thought this was a very good book, so I'm betting that XML aficionados will love it. Effective XML covers 50 best practices that all developers should know and use. This amounts to a book of distilled wisdom that will push you a good distance up the chart of XML mastery." Read on for the rest of Gray's review. Effective XML author Elliotte Rusty Harold pages 304 publisher Addison-Wesley rating 8 reviewer James Edward Gray II ISBN 0321150406 summary A guide to the correct use of XML.

Before I tell you what's inside though, let me tell you what you won't find in these pages. Primarily you need to know that this book does not teach XML. I know a lot of books say that, yet still include an introduction or appendix that covers the basics, but this isn't one of them. You're expected to know XML from page one. Even syntax is only covered from a proper usage angle. Personally, I appreciated this. It always bothers me when an obvious non-beginner's book starts off by wasting a chapter on things I should already know. You just need to be aware when you buy that you won't learn XML here. Knowledge of namespaces, DTDs, the W3C's Schema Language, XSLT, and more aren't strictly required to get something out of this book, but they certainly would help you get a lot more out of it.

What you will get here is coverage of fifty miscellaneous topics spread across four sections on "Syntax", "Structure", "Semantics", and "Implementation". In "Syntax", ten topics delve into the details of things like DTDs, entity references and the XML declaration itself. It may sound silly to dig deep into a single line of XML that simply declares the format, but I doubt you will think so after reading that topic. There's a lot going on in that line and you want to be in control of those decisions instead of just copying and pasting. Entity references are an even smaller chunk of XML output, but they too get illuminated by a rare insight on how and when they should be used, and for what. Did you know that it is possible to write a namespace savvy DTD? I do now and I learned that in this section as well.

The second section of the book covers "Structure", and to me it was the best part. This collection of seventeen topics is loaded with good advice about how to build an XML document that will be ideal for anyone who needs to work with it. Here you see how metadata should be stored in XML, get tips on embedding binary content, learn which schema language is better for which tasks, and finally understand rare XML constructs like processing instructions and exactly what they are for. Additionally, there's a lot of general advice on the right way to mark up content that's really worth its weight in gold. Just one example of what I learned here is that I under appreciate mixed content for great constructs like <name><given>John</given> <family>Doe</family>, <title>Ph.D.</title></name>. If you like that, you'll enjoy this whole section.

Section three, "Semantics", deals primarily with parsers and their APIs. Again, you won't learn any APIs here. What's covered is their strengths and weaknesses and why you should choose a given API for a given task. SAX and DOM are the main focus of these ten topics, but there are other details sprinkled in, like XPath.

The fourth and final section is all about "Implementation". The thirteen topics here address client-side XML styling, server-side transformations, signatures, encryption, compression, and more. My favorite topic here was a terrific coverage of Unicode and how it affects XML. All developers should know at least as much about Unicode as what's printed here and this is a fine source to learn it from.

One thing that really stands out in the whole text is that the author isn't afraid to cover the dark side of XML. He will tell you where the design process was less than perfect, which tools have little practical value, and some of the problems with where XML technologies are headed. This isn't complaining though. All of this is targeted at how it affects XML developers today. You learn what you can safely skip and what should be outright avoided. The author even tells you what XML is bad at and gives you advice about when you shouldn't use it. That's the mark of a man who knows his subject, if you ask me.

All told, I think the author failed to completely convince me his way is perfect on only 2 topics. That means I learned 48 expert XML tricks. Surely that's worth the cost of the book in time and money. This isn't the first XML book you need, but I think it is the second XML book everyone should read.

You can purchase Effective XML from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Motor writes "Stephen Baxter is a remarkably prolific British hard science-fiction author -- one of many that have come to prominence in Britain over the last ten years or so. Exultant is the second part of his Destiny's Children series (no Beyonce jokes, please). The first part, Coalescent, was also reviewed on Slashdot. Set in both 400 A.D. and modern times, Coalescent dealt with the possibility of humans lapsing into a eusocial society (a hive). How would such a thing get started? How would it function? And how would it hide itself from 'normal' human society? At the end of the novel, the action jumps forward twenty-thousand years to when humanity has spread out across the galaxy and is cleaning out worlds which have become coalescent. This is where Exultant begins... or rather, it seems to begin." Read on for the rest of Motor's review. Exultant author Stephen Baxter pages 490 publisher Gollancz rating 9 reviewer Motor ISBN 0345457889 summary The second book of the Destiny's Children novels

Exultant is not a direct sequel to Coalescent, in that it doesn't pick up the story of George Poole and continue it. The concept of coalescence plays little part in this new novel -- so anyone expecting more of the same may be disappointed, but not for long. Once you start reading Exultant, it quickly becomes clear that the Destiny's Children novels are part of the Xeelee sequence (something that was not obvious in the first novel). The Xeelee sequence is a future history, mapped out by Baxter, in which humanity spreads out from Earth; is crushed and enslaved; frees itself; and in a much harder and violent form begins to assimilate and destroy other alien cultures, all the while being unaware of the larger and more important cosmic battle being fought all around it.

At the opening of Exultant, humanity is close to the end of its third wave of assimilation. It has spread across the galaxy crushing everything in its way -- even the mysterious and powerful Xeelee have retreated into the core of the galaxy. The whole of human society is held together unchanged across millions of light-years and billions of worlds by the Druz doctrines -- ruthless rules intended to keep humanity conquering and to punish any deviations from the human norm. The result is a human society turned into a colossal war machine, dedicated to one aim: the destruction of its last enemy, the Xeelee. But the war machine has been stalled for thousands of years. The Xeelee have no intention of leaving the galactic core, and their advanced technology (nightfighters constructed out of flaws in space-time itself) and ability to manipulate time means that every human assault is repelled easily. Trillions of human lives are wasted by hurling themselves at Xeelee defenses ... and it goes on and on. A war machine with billions of worlds full of generations of soldiers barely in their teens born in tanks and dying in thousand-year-long projects aimed at smashing the Xeelee, and knowing nothing but training, the doctrines and death. Whether in a coalescent hive or a not, it seems most human lives are spent in an empty drone-like struggle governed by simple rules -- indeed this message pervades the novel. In Coalescent the rules governing the eusocial society were:

Sisters matter more than daughters.
Ignorance is strength.
Listen to your sisters.

In Exultant the rules are the Druz doctrines, with a key part being 'A brief life burns brightly.'

In the middle of this multi-millennial slaughter, a young pilot, Pirius, and his crew decide to disobey doctrine and instead of throwing their lives away in a pointless heroic gesture they try a bold strategy. As a result they capture a Xeelee nightfighter, which is the first significant development in the war for hundreds of generations. Naturally, the rigid doctrinal bureaucracy chooses to prosecute him rather than promote him -- but with a twist. Thanks to his faster than light travel, Pirius has arrived back a few years before he left. Time is a malleable thing in this war and meeting oneself isn't unusual.

He arrives back to find himself still in training, and both Piriuses must be punished: one for breaking doctrine and the other to make sure he doesn't in future. His saviour is a strange Earth commissioner (part of the powerful bureaucracy controlling the war effort) who is desperate for a way to unlock the stalemate with the Xeelee and bring to an end the waste of life. He needs someone willing to step outside the rules -- even if it is only a little at first. So begins the split story of Pirius Red and Pirius Blue. One sent to a punishment camp to train as Xeelee cannon fodder, and the other taken back to Earth to see a solar system radically changed by alien occupation, thousands of years of industrial activity and a society at the core of the war effort that is not as doctrinally pure as he'd been brought up to believe.

No-one will ever accuse Stephen Baxter of thinking small. His Xeelee sequence novels are set in a universe teeming with life since the first fraction of a second after the Big Bang -- and indeed before that -- and a war that has raged between dark matter life-forms and baryonic life such as the Xeelee (with humans as a self-destructive nuisance ignorant of the larger conflict), for most of that time.

Exultant is a story of individual human courage and brilliance, and collective human stupidity and self-destruction. Those who dislike Baxter's work (and there are some!) because it is pessimistic about humanity as a whole will find nothing to change their minds here. On the other hand, anyone looking for hard science-fiction of breathtaking scope and bursting with invention and ideas will love it. Personally, I'm looking forward to seeing where he goes with the next part. One advantage of following Baxter's work is that you rarely have long to wait between novels.

You can purchase Exultant from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

norburym (Mary Norbury-Glaser) writes "Mac OS X Server 10.3 Panther is one of the latest in Peachpit Press' Visual QuickPro guides (not to be confused with the beginner "QuickStart" series) and is written by one of the best IT/Mac trainers in the industry, Schoun Regan, with assistance by his devoted sidekick and co-trainer at itinstruction.com, Kevin White. Peachpit and the authors have produced a book with excellent content and delivery; the installation and setup of Mac OS X Server and Web services is explained with clarity and precise detail." Read on for the rest of Norbury-Glaser's review. Mac OS X Server 10.3 Panther author Schoun Regan with Kevin White pages 472 publisher Peachpit Press rating 9 reviewer Mary Norbury-Glaser ISBN 0321242521 summary Learn Mac OS X Server fast and efficiently.

PeachPit Press labels Mac OS X Server 10.3 Panther as intended for those readers with intermediate to advanced OS X Server experience, but this is not accurate. The step-wise instruction provided by Regan and White is richly documented with screenshots, so even those new to OS X Server can follow this book. Intermediate or advanced server admins will find some nice "tips and tricks" to add to their arsenal of tools, and if they're preparing to set up their first OS X Server or XServe, they'll find this book a handy companion to "pre-lab" with and to use as a follow along guide.

In less than 20 pages, Chapter 1 takes the reader through planning his or her OS X Server deployment with an overview of partitioning options, various methods of installation and a tour of post-install logs. This is Regan's "20-pages-of-prep/20-minutes-to-install" chapter; concise, exact and representative of the pace and caliber of the chapters that follow.

Chapter 2, "Server Tools", covers the aftermath of the install; how to use the Server Administration software that comes with OS X Server to configure the server. The authors walk through language choices, network interfaces, administrator account setup, directory service and service startup options. The Server Admin and Workgroup Manager tools are also discussed in detail; how to customize Server Admin preferences, how to use Workgroup Manager preferences (resolve DNS, use SSL for sharing, show system users and groups) and how to add users to the local database. The Server Admin tool is the most used utility in OS X Server. It offers a well-designed GUI to manage all your services as well as preferences and advanced options. If you're upgrading from AppleShare IP, you'll want to look at the section on using the AppleShare IP Migration tool to ease the transition to OS X Panther Server. An overview of the Macintosh Manager follows, for support of Mac OS 9 user preferences. The chapter concludes with a brief introduction to additional server tools: MySQL Manager, using Server Monitor, the RAID Admin Tool, the Network Image Utility, the QTSS (QuickTime Streaming Server) Publisher and the QuickTime Broadcaster (the last two are discussed in greater detail in Chapter 12).

Implementing Open Directory is the focus of Chapter 3, but the actual implementation steps are prefaced by a strong discussion of directory services. The authors begin with a summary of LDAP (Lightweight Directory Access Protocol) and Microsoft's AD (Active Directory), both methods of storing user data. This leads neatly into the Mac OS X Client and Server Directory Access application and the various services options that allow the client or server to connect to another directory service (AD, BSD Flat Files and NIS, LDAPv3 or NetInfo) in order to obtain authentication, authorization and contact information. Each of these options is detailed in its own section. Using the Authentication tab of the Open Directory service to apply global password server policies and using Kerberos (authentication method) are also addressed here. This is an exceedingly well-composed chapter. Understanding directory services and Open Directory concepts will enable the server administrator to better organize the hierarchy of users, groups and shares in his or her environment, especially in a multi-platform situation.

User and group management is the logical segue to the discussion on directory services and is the title of Chapter 4. Topics range from: configuring basic user attributes, advanced user options and administrative user permissions; configuring password types (Open Directory/Kerberos single sign-on, shadow, crypt); creating groups and assigning group folders; setting the home directory and user disk quotas; adding email to user accounts and enabling printer quotas. The section devoted to setting the home directory will be of particular interest to many readers; most academic and corporate users are in an environment where their documents and application preferences are stored in a home directory.

OS X Server excels at providing file sharing via AFP (Apple File Protocol), SMB (Server Message Block), FTP (File Transfer Protocol) and NFS (Network File System). Chapter 5 concentrates on strategies and configuration of share points and sharing protocols. Of the four protocols addressed here, the most widely referenced will be SMB, the native Windows service provided in OS X Server by Samba, an open source/free software (samba.org). Subtopics in this category include connecting Mac OS X clients via SMB and Windows clients via SMB, configuring your server as a PDC (Primary Domain Controller) to enable Windows clients to authenticate against your server and enabling WINS. The chapter concludes with instructions on creating additional network mounts using a shared Application folders and a shared Library folder as real world examples. This chapter will help anyone in a cross-platform environment to blend their Mac OS X Server seamlessly with Windows client and server machines.

Chapter 6, "Network Configuration Options" looks at extending the functionality of your server by enabling other network services like DNS, DHCP, NAT and IP forwarding. The authors spend some time underscoring the importance of properly configuring DNS and the instructions here for setting up simple forward and reverse zone records and then testing the DNS settings are excellently done. Another well-written section is on enabling NAT. This is a simple procedure to perform and well worth it for the added security it provides.

Printing services is the focus of Chapter 7 and goes over print queues, CUPS (Common Unix Printing System), configuring printers in Open Directory and on client machines, managing print jobs and viewing print logs. Every organization can benefit from a centralized print server that can allow an administrator to monitor and control print jobs. The authors make the process of configuring the server and clients extremely easy.

Not everyone needs to enable mail services (especially if they find themselves in a Windows environment with an Exchange server) but nonetheless, it's a valuable subject and the authors give a thorough explanation of not only the mail protocols and services built into OS X Server (SMTP and Postfix, POP, IMAP, Cyrus, SquirrelMail and Mailman) but they also expound on ways to handle spam, creating virtual domains, configuring secure mail authentication, enabling SSL and enabling mail lists via Mailman. Monitoring mail services using the Server Admin tool and Mailman close out the chapter.

Chapter 9, "Web Services," introduces the reader to the Apache Web server. Built into OS X Server, Apple has provided a unique integration of Apache that can be managed via the GUI. Using our friend, the Server Admin tool, the authors show how to set up a Web site, configure Web site options, set up SSL, edit or add to the built-in MIME types, enable Web proxies and monitor web services and log files. By far the most interesting part of this chapter is devoted to setting up realms and WebDAV. WebDAV is a network protocol that provides collaborative editing on a shared file server destination and it supports versioning of any type of media (HTML, GIF, JPEG, etc.), not just text-based. Since WebDAV works over HTTP, you get authentication, encryption, caching, proxy support and efficient transfers.

Every server administrator has to worry about security and the authors turn their attention to this topic in Chapter 10. They begin with physical security (locking the server room, locking the server itself, removing external devices from the server and installing Open Firmware Password to prevent someone from booting into a less secure mode) and then move to firewall basics and how to create advanced FTP rules. Password "good practices" comes next (seems like this is a no-brainer, but the sad fact is that this is a necessary reminder for many people, even server administrators) followed by how to enable encryption based on SSL (Secure Sockets Layer). The authors walk the reader through creating a private key and a corresponding CSR (Certificate Signing Request) and how to act as your own CA (Certificate Authority). They provide really nice directions on how to implement certificates for Open Directory, Web and email SSL as well using, of course, the Server Admin tool.

Chapter 11, "Running A NetBoot Server" combines many of the concepts from previously discussed protocols (DHCP, TFTP, NFS, HTTP) to illustrate another unique feature of OS X Server. NetBoot allows for client machines to boot off shared disk image files that reside on the server. It also enables the server admin to deploy an install image across a network. NetBoot is a highly valuable tool for anyone interested in creating an efficiently managed environment. The authors provide step-wise directions on how to create a bootable image and an install image, how to manage NetBoot images, how to automate installations (very neat) and how to import/export images in order to move them from server to server.

The last three tools in OS X Server are illustrated in Chapter 12: QTSS (QuickTime Streaming Server) which enables audio and video streaming, QTB (QuickTime Broadcaster) which allows you to produce live events for online delivery and QTSS Publisher which manages QuickTime movie, MPEG-4 and MP3 playlists.

The final chapter of the book concentrates on client management and how to implement managed preferences to workgroups, computer lists or individual user accounts. This, of course, is every administrator's dream: to manage and control clients from a centralized environment! The authors show that OS X Server provides excellent management options and with a bit of planning and foresight, an administrator can properly configure their OS X Server tools to provide a balance of efficiency and control.

So what's missing? Not much, really. VPN is not covered at all, though, and I would have liked a section on this. VPN is a real necessity not only for remote employees/students but also for the administrator. But sheesh -- that's a small complaint given the amount of information in this book, and I have to applaud the authors for their ability to combine such detailed instructions on nearly every aspect of OS X Server between two covers.

The book follows the classic Visual QuickPro Guide layout, with each page split into two columns to allow for instructional text situated alongside accompanying screenshots. This book is loaded with screenshots and icon graphics, so the reader will miss nary a step while following along on their test box or their production server. There are even pictures of the progress bar as configuration settings are being applied! (Well, sometimes patience needs to be encouraged.) Chapter subtopics are indicated on the binding of the book with gray thumb tabs. Extended information and digressions are highlighted in gray boxes as logical asides.

Everything about this book is designed to guide the reader through every aspect of the installation and configuration of OS X server. The authors provide clear explanations of each step using a task-based approach with extended discussions on the various choices the server presents the user with at appropriate intervals. There are plenty of real world "tips and tricks" that will save the administrator time and anguish over the course of setting up the server. Regan and White address some of the most difficult to comprehend topics and issues an admin will address: multi-platform environments and file sharing, DNS, Open Directory and security. Fully understanding these subjects is critical to making the correct choices while configuring the server. The authors' thorough discourse provides the reader with the knowledge and tools to get the job done.

Mary Norbury-Glaser is an IT Director at a University of Colorado Health Sciences affiliate center in Denver. Working in a multi-platform academic environment dominated by Windows boxes, she sometimes feels like the Mac Maytag Lady. You can purchase Mac OS X Server 10.3 Panther from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.