Slashdot Mirror

Andrew Murphy writes " The Register's security guru Thomas Greene has written a book for the average computer user, though it contains a great deal of information that professionals need to know. It's insightful, instructive, and calls for open source software even on Windows for enhanced security. The single most interesting feature is the author's emphasis on open source software as a security feature per se. He rightly notes that there are no secrets in OSs, and teaches users to leverage this transparency regardless of their platform. As early as the introduction, Mozilla is urged as a secure replacement for IE and OE, and this came before the Scob outbreak." Read on for the rest of Murphy's review. Computer Security for the Home and Small Office author Thomas C. Greene pages 405 publisher Apress rating 9 reviewer Andrew Murphy ISBN 1590593162 summary No secrets means that open source software, when it survives, tends toward robustness -- so it can help even if you run a closed-source operating system.

The book covers popular OSs replacements for Windows applications and utilities; it explains vulnerabilities; it offers practical setup information for both Windows and Linux to harden a system and make it extremely difficult to attack.

The Preface describes the book in general terms. The Introduction explains firewalls and their limitations, and explains how to install Mozilla to limit email and http exploits and spam.

Chapter One debunks the malicious-hacker mythology and shows that most so-called hackers are only script kiddies who are easily thwarted with commonsense tactics.

Chapter Two explains malware, spyware, bad system configurations, and the scores of other routes to system exploitation and privacy invasion that firewalls and antivirus software don't address. It includes a step-by-step guide to simplifying and hardening a system. Most importantly, it offers a useful guide to turning off unnecessary services and networking components for both Windows and Linux, and setting sensible user permissions, and is liberally illustrated with screen shots.

Chapter Three offers a good breakdown of social engineering and phishing scams, and how to defend against them.

Chapter Four is about using common tools, like Ethereal, Netstat, PGP, etc. It explains how to monitor an Internet connection to spot software secretly reaching out or phoning home to remote servers; how to monitor your system for signs of malicious processes; and how to use PGP and GnuPG to encrypt sensitive files and Internet correspondence. This is one of the best introductions to using encryption available anywhere.

Chapter Five explains how to eliminate all traces of Web activity from your computer and defeat forensic recovery of stored data; how to surf the Web anonymously using an encrypted connection and defeat remote monitoring; how to set up and use SSH (SecureShell) to conceal both your identity, and the data content of your Internet sessions from all third parties, including your ISP. The many hiding places of sensitive or incriminating data are revealed for both Windows and Linux users.

Chapter Six explains the advantages and disadvantages of migrating from Windows to Linux; why Linux is easier to configure for security, and why it's better suited to less technically-inclined users; how to judge whether Linux is right for you, and the issues you should consider before migrating. The author is clearly biased towards Linux, but he understands that most users will stick with Windows. Hence the emphasis on tools that run on Windows.

Chapter Seven is a catchall essay explaining security from an anecdotal point of view. There were places where it got a bit tedious, but the idea is to look at security as a process or a frame of mind, not a specific series of computer settings. The material in this section is informative in only a general sense. The real configuration information comes in chapters Two, Four, and Five.

There are several indexes with useful information on firewalls, ports, Trojan activity, sources of information, and more. Most of this information is conveniently located and linked at the author's website, BasicSec.org

Overall, the book is exceptionally well written for a tech manual. The author is a good writer and his prose flows nicely. The book is highly readable, and even witty in parts. I found myself laughing aloud on several occasions. The author has the art of The Register's irreverent presentation. I enjoyed reading it. But it is not perfect, so I give it a 9 out of 10.

My biggest criticism is that the book shifts back and forth from practice to theory and back again. It's good that readers learn the reasons for the (very sensible) procedures and settings listed; but I felt that the book was organized wrong. This is a minor issue, and the book remains exceptionally useful; but instead of interlacing the various parts, theory and practice might better have been separated in two distinct sections. It's difficult simply to flip to a section of this book and learn what needs to be done: there is a lot of theoretical talk between each practical item. It's very good talk, and very instructive talk, all right, but I would have preferred that it be located in a particular place. I would rather not have to read the entire book through in order to tweak my system for good security. Unfortunately, the author has structured the book so that a read-through is necessary.

Overall, this book will tell professionals what they need to do, and novices everything that professionals ought to know, but probably don't. It's in plain English, so no one should worry that they can't grasp it. You can make your computer, or your network, very hard to attack, whether you use Windows or Linux. This book will show you how in excellent detail. You've got to read the whole thing, unfortunately -- but it will work nicely for you, casual user and sysadmin alike.

You can purchase Computer Security for the Home and Small Office from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

Ben Rothke writes "Within law enforcement, establishing a modus operandi is one of the crucial things that can make the difference between finding a criminal and not. For example, a daylight murder with a single bullet to the head is quite different from finding a decapitated and mutilated body in a ditch. While both victims are equally dead, the manner of their deaths is radically different. So too with computer crime; knowing the modus operandi of the attacker can mean the difference between finding the perpetrator and not. In Know Your Enemy: Learning about Security Threats, the members of the Honeynet Project have written an excellent security reference that can enable one to begin to understand the motives of those who are attacking and compromising their systems." Read on for the rest of Rothke's review. Know Your Enemy : Learning about Security Threats (2nd Edition) author The Honeynet Project pages 742 publisher Pearson Education rating 8 reviewer Ben Rothke ISBN 0321166469 summary Observe intruders without putting your data at risk by building a tempting honeynet.

KYE was not written by a single author, rather by The Honeynet Project. They are a group of 30 individuals with complementary technical and legal skills. This diverse authorship creates a book with an abundance of valuable information.

The book details setting up a honeypot (a single host designed to gain the attention of network intruders) and a honeynet (a network designed to be penetrated to understand the motives of the attackers). If you can get an intruder to attack the bogus network, the double benefit is that 1) the attacker can do no damage to production data, while 2) his activities are being monitored, and with analysis can be understood.

The book's premise is that it is not simply enough to know you have enemies; you need to understanding what exactly it is they are doing, how they are doing it, the tools they are employing, and their objectives. Armed with such information, a company can ensure that they are best using their resources to defend and defeat their enemy.

This is the second edition of KYE and honeynets have changed significantly since the first edition came out. With that, the first five chapters of the book goes into what exactly a honeynet is, and then explains the differences between first and second-generation honeynets. The main difference between the editions is that the first edition focused more on honeypots, or individual hosts. The second edition expands that to networks meant to be broken into, namely honeynets.

The opening chapters also go into details about the specific value of honeynets. For those that entertain the idea that their honeynet is going to enable them to catch the next Kevin Mitnick, they will be clearly disappointed. The main benefit of honeypots and honeynets is information. Information is power, especially in computer security. For most hackers, their greatest fear is not necessarily getting caught, but rather having someone watch and gather information on them without their knowledge. And that is exactly what a honeynet attempts to do.

Chapter 8 (written by an attorney from the U.S. Dept. of Justice) concludes part one of the book with a look at the legal issues involved with honeynets. There are legal issues that one needs to take into consideration before rolling out a honeynet. Failing to take their legal issues to heart can change a honeynet from being an invaluable forensics tool into an expensive legal liability. Those in the corporate arena are well served to work with their legal counsel before deploying a honeynet.

Part 2 (chapters 9-15) goes into the important area of analysis. Collecting data, after all, is only the first part. Analyzing it and making sense of it all is the difference between an experienced detective and a Keystone Cop. The analogy is real in that a honeynet is a potential crime scene.

Data analysis and forensics are crucial in that it is the only way to interpret the various types of data involved. The key for those involved is turnout and extracting different types of data and turning that data into valuable information. Effective forensics enables digital investigators to know the difference between an innocuous attack and a malicious one.

While Part 2 is the most technical section of the book, Part 3 (chapters 16-21) attempts to explain the sociological reasons why whitehats and blackhats do what they do. Just as Clarice Starling in The Silence of the Lambs was able to profile Hannibal Lecter, knowing a profile of your adversary is crucial in containing the damage he can do. Identifying and understanding those attacking your system is just as important as the technical and analytical skills you will use in exposing them.

Know Your Enemy is a unique book in that it details how not to simply install and configure security devices, but how to use those devices to ensure a much greater level of security. It shows how you can take an offensive approach to computer security and to understand the mindset of the attacker. That is something not easily found in other books.

The CD-ROM that comes with the book includes 10 of the book's 21 chapters, a number of informative white papers, all of the open source tools that the authors use, and a video about honeynets.

Those who enjoyed Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage by Clifford Stoll will similarly find KYE entertaining and invaluable.

The companion web site for the book is honeynet.org/book. In and of itself, it is a great website, and complements a great book.

Overall, KYE is a most informative book on a fascinating subject. Unlike many computer security books, KYE is light on theory and screen dumps, but heavy on valuable and useful information on security hosts and networks from adversaries. If you are looking for a proactive way to secure your corporate network, Know Your Enemy is the perfect place to start.

You can purchase Know Your Enemy : Learning about Security Threats (2nd Edition) from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

Motor writes "Broken Angels is the second novel by Richard Morgan, and a follow up to 'Altered Carbon' (see a Slashdot review here) with the same protagonist, Takeshi Kovacs. Although 'Broken Angels' works as a standalone novel, it does draw on the background established in the first book: the Envoy Corps; the Protectorate; the Martians, and most significantly the concept of 'sleeves.'" Read on below for the rest of Motor's review to see if this book might be your kind of Sci-Fi. Broken Angels author Richard Morgan pages 484 publisher Gollancz rating 8 reviewer Motor ISBN 0575075503 summary Violent, gory and intelligent hard SF

First, a little background on the universe of Broken Angel. A few hundred years before the events in Altered Carbon, humanity discovers the technological remains of a space-faring species on Mars -- and naturally nicknames them Martians, even though it is clear Mars is not their home planet, just a colony. After decoding some of their technology and information, humanity begins moving out to the various worlds detailed in the Martian records.

The other big technological breakthrough is the ability to record a person's mind via a cortical stack implanted in the spine. This effectively abolishes death through injury or disease, as the stack can be recovered and the data stored -- and even downloaded into a new body, or 'sleeve.' It also makes Real Death, or the destruction of someone's cortical stack, a much more serious crime than mere organic damage.

Far from creating a technological utopia of plenty for everyone this tech-breakthrough, diaspora and near-freedom from death, leads to more revolutions, more killing, and more varied inventive ways of brutalising each other. New bodies, or sleeves, cost money and most people are unable to afford them, and are consequently kept "on stack." Raw, unfettered captialism is the way. Criminal behaviour gets you stacked for a number of years, and your body handed over to someone else. It also opens the way to such charming practises as virtual torture, with no hope of escape or death.

Takeshi Kovacs, born on the Harlan's World colony, is a former member of the Envoy Corps. A military branch that 'conditions' its members, effectively rewriting their personalities to make them better soldiers. The Envoy Corps are the most feared soliders of the Protectorate. The conditioning gives them iron emotional control, a lack of empathy, extra combat awareness, and skill at psychologically manipulating others. They also possess the ability to deal with being quickly and frequently re-sleeved when deployed into a combat situation via needlecast (a kind of hyperspace communication system) -- something that can, apparently, be quite traumatic for normal people.

Altered Carbon covered (in flashback) some of Kovacs' background story, and the reasons for his disillusionment and desertion from the Envoys; Broken Angels continues his story. After the events in Altered Carbon, Kovacs finds himself signed up to fight in a mercenary unit -- known as 'The Wedge' -- on the colony world of Sanction IV. Former Envoys are highly prized by commanders, and despite his distaste of command and responsibility, it pays the bills.

After being injured in a battle, Kovacs is approached by another soldier to get involved with the unofficial find of a Martian artifact ... one of the most extraordinary and potentially lucrative yet found. It's a race to claim ownership, against other ruthless corporations, betrayal, slow sleeve death due to radiation sickness (the Mandrake corporation engineers the nuking of a nearby city, just to clear out the area), and killer nanotechnology.

Like Altered Carbon, Broken Angels is a brutal read in parts. It doesn't flinch from the horrific things people do to each other, and is spectacularly inventive in thinking up ever more horrendous methods of punishment and interrogation. It throws in voodoo, 'soul markets' where dead soliders' stacks are sold, and an anatomiser -- a machine designed for a horrible ritual punishment in The Wedge.

While I enjoyed Altered Carbon, I thought it almost too much of a teenage-boy fantasy novel: An almost unstoppable bad-ass who can deal with anything, but is basically a good guy at heart; the almost fetishistic descriptions of weapons and gleefully detailed battles and brawls. It's all good stuff; well written and inventive, but a bit limited (except for the Jimmy de Soto hallucinations, which I thought were excellent). It was saved by its imaginative technology, hard SF speculation and clever detective story twists. Broken Angels seems a bit more mature. There is still the gleeful descriptions of battles, but the surrounding characters seem more fleshed out. 'Broken Angels' is no character-driven, emotionally deep masterpiece -- but it is a page-turner which neatly combines fast-paced action, imaginative technology and plot twists.

A quick note for any British readers who remember when the Conservatives (the traditional party of the Right) were in power: In the novel, the current whiney political officer of Kovacs' Wedge unit is called Lamont (he's been deliberately addicted to wire to keep him quiet), and the previous one was Portillo (he was regularly beaten, also to keep him quiet). It's a safe bet that Morgan is not a card-carrying member of the Conservative Party.

You can purchase Broken Angels from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

The Importance of writes "Tech columnist (for the San Jose Mercury News) Dan Gillmor is a journalist who gets it. You may not always agree with every detail of his reporting, but he clearly has a deep understanding of what is important and what is not in the technology world. And, because he is a trained writer, he knows how to explain it well. Of course, he'll probably end up most famous for what he doesn't know, as in his self-proclaimed mantra: "the readers know more than I do." In large part, his new book, We the Media: Grassroots Journalism by the People, for the People, is about what happens to journalism when technology reveals the truth of Gillmor's mantra." We the Media: Grassroots Journalism by the People, for the People author Dan Gillmor pages 299 publisher O'Reilly rating 9 reviewer The Importance Of ISBN 0596007337 summary The revolution in media and what it means for journalism.

The main focus of We the Media is the ongoing revolution in journalism, but it is much broader than that. It is about media and communication in general. It is a report in mid-2004 on many of the predictions that Marshall McLuhan made in the 1960s and 70s about how technology will change the way we communicate for good and ill.

It's actually somewhat difficult to write, precisely, what the book is about. Gillmor has taken a diverse range of subjects from technology, to politics, and law, from blogging to broadcast and spread spectrum, and combined them into a compelling and provocative narrative. The ideas come fast and furious, but Gillmor's writing talent keeps the reader on track. In fact, there are so many concepts discussed that there really is not enough room to summarize them all in this review.

Instead, it is probably easier to talk about who the book is for. Gillmor sets it out in his introduction: journalists, newsmakers and the people formerly known as "the audience."

Journalists

Very simply, We the Media should be required reading in journalism schools for students and professors. I'm serious. If you're a publisher, editor, or an actual breathing reporter, and you want to get up to speed on what is happening to your profession, you need to read this book.

Revolutionary shifts don't usually happen overnight, and the one in journalism that Gillmor describes didn't either. He briefly sketches a progression of changes from revolutionary era newspapers and pamphleteers to the increasing centralization of corporate media behemoths in the 20th century. However, there is a day he can point to when the latest shift became pretty obvious. That day was Sept 11, 2001. That was the day that personal media, through email lists and websites, became an important way for the story to get out.

Personally, I was at a public television conference in Wisconsin. Many of the attendees were journalists for local PBS affiliates. Connected to the net in the conference room, I was getting news through Slashdot because most of the major media websites were down, and the broadcast news was simply playing video of the attacks over and over. Soon, many of the other attendees were also checking Slashdot for links to and mirrors of the news gathered by Slashdot's readers. That may not seem like a big deal, but as Gillmor relates, similar things were taking place in many other net forums. The importance of these alternate news sites has continued (you're reading this aren't you?).

Because the whole book is about journalism, it is a bit hard to pick out more highlights, but Gillmor does begin his chapter on "Professional Journalists Joining the Conversation" with a Slashdot anecdote concerning Jane's Intelligence Review thanking the Slashdot community for pointing out the flaws in a proposed article on cyberterrorism back in 1999. Actually, much of what Gillmor is talking about is basically how journalists can be more like Jane's - working with and taking advantage of the fact that the audience knows more than the publication.

Newsmakers

If you are a politician, CEO or advisor to similar, you should probably read this book as well. In many ways, journalists are middlemen, connecting those making news with those who want to learn the news. One of the things technology is enabling is the ability of newsmakers to connect directly with their audience in many ways. Of course, as Gillmor documents, many businessmen and politicians don't really understand how to communicate through this new medium properly. Nevertheless, there are lessons that can be learned from the mistakes as well as some positive examples of those who've used new technologies successfully.

The People Formerly Known as "The Audience"

Basically, everybody who comments down below this review is participating in it. You're not simply an audience; you're co-authors of this review. What I'm writing here is only a starting point for the conversation. If you're interested in becoming a more active participant, in learning more about the role the once-passive, now-proactive audience is playing in creating, editing and filtering media, then you probably want to read this book too. We're all journalists now.

Free As in Speech (and Beer)

The book has an Attribution-NonCommercial-ShareAlike 2.0 Creative Commons license. The digital text isn't available on the web yet, but should be very soon. Expect a profusion of formats, audio versions, translations, and wikis to follow. One thought of mine is that classes of journalism students should be regularly given an assignment to keep the book up-to-date.

We the Media also has a weblog, which will be a good place to keep track of the book as it develops. Just because a book has been published doesn't mean it has finished changing.

You can purchase We the Media: Grassroots Journalism by the People, for the People from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

norburym writes "This is an interesting format for a techie book geared at non-techies: instead of providing a detailed installation and configuration instruction set for a particular full Linux distribution, Marcel Gagne has included a Knoppix CD with his book, Moving to Linux: Kiss the Blue Screen of Death Goodbye! The author's intention is clearly to give the reader a no-risk introduction to Linux. As such, this book is not intended for power users or professionals; there are other books more suited for this market. At the same time, this book is not really for the Dummies style audience, either. It's for the Windows user who is looking to migrate to the Linux platform and find solutions to his or her day to day computing needs." Read on for the rest of norburym's review.
Since the book comes with Knoppix and the author's purpose is to introduce the Linux desktop immediately, the first few chapters of this book only briefly describe what Linux versions are available, how to get a copy and how to install your chosen distro. Gagne gives some example installation choices with Mandrake, Redhat and SuSE. The next two chapters deal with using and customizing the author's desktop environment of choice (KDE) and exploring with Konquerer.

Chapter 7 provides a "release-agnostic" approach to package installation with examples and screen shots from Kpackage, RPM installs via shell and building from source. Most readers will become quite familiar with Chapter 8: Working with Devices, despite the author's exclamation that "Device support under Linux is excellent. No, really." Printing looms large in this chapter and there's some good advice to be had here for the newbie. The next several chapters tackle getting connected to the Internet, email and using Konquerer and Mozilla. In short, mainstream user necessities. Mandrake, RedHat, SuSE, and Ximian are all represented in the chapter on system updates along with a pitch to get involved in the Linux community (this is a good thing).

The make-or-break chapters for those readers requiring office productivity solutions come near the half point of the book. Gagne gives an overview of OpenOffice.org's suite of MS Office counterparts. These are really meant as introductory lessons on migrating from the more familiar, more ubiquitous MS suite of applications and not intended as an in-depth look at OpenOffice.org. Here is where the user will judge whether Linux is a viable alternative to Windows. Productivity is essential. Can you create a document that can be shared in a Windows dominant world? Can you do it without struggling to learn new rules and exceptions to the rules? Gagne makes a strong pitch for ease of use in the Linux world.

The final chapters on multimedia and games round out the topics that every semi-literate computer user has on their "must know how to" list. Under multimedia, KsCD, XMMS and Noatun are covered, including visualization plugins and skins. K3b, Grip and MPlayer are also described. Favorite Linux games are represented: KSirtet, KAsteroids, Frozen-Bubble, KBattleship, KPatience, KPoker ... well, you get the idea!

Care has been taken in laying out the book; from the beautiful typography, the boxed asides with Quick Tips, Shell Outs and Notes to the Resources list at the end of each chapter. The book is easy to read and the author has a crisp conversational style of writing devoid of distracting anecdotes or sophomoric humor (chapter subheadings aside!). Gagne succeeds in providing a guidebook to Linux that should enable the average Windows users to make a smooth transition to a Linux distro of their choice. At the very least, Gagne gives the nervous Windows-to-Linux wannabe an excellent bootable Knoppix CD to test drive while following along in the book. I wouldn't hesitate to recommend this book to someone who is looking to give Linux a spin but is afraid to commit their working PC to Linux entirely. This book and the accompanying CD will ease the way toward independence from Windows.

You can purchase Moving to Linux: Kiss the Blue Screen of Death Goodbye! from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

aaronvegh writes "Although it qualifies as a Young Adult novel, M.T. Anderson's Feed is a worthy read by any card-carrying geek. Especially the kind curious about where today's Net culture is heading. Set in a dystopian future America, the narrative follows a 14-year-old boy named Titus as he hangs out with his friends and tries to win the love of Violet, a girl much smarter than he." Read on for the rest of aaronvegh's review. Feed author M.T. Anderson pages 320 publisher Walker Childrens Paperbacks rating 8 reviewer aaronvegh ISBN 074459085X summary A disturbing and believeable rendering of a dystopian future America features some cool tech gone amazingly wrong.

The trouble is, all the citizens of this future state are connected to the global network with a direct neural link, called the Feed. The Feed connects its users directly to all others, allowing instant access to information and communication.

Like today's Net, however, the flow of information has grown disturbingly two-way: the Feed is owned by corporations, and their agenda to increase consumerism has led to such privacy-stripping "innovations" as predictive marketing (getting "bannered" by merely looking at purchaseable items) and constant interruptions (such as chats being broken by Google AdSense-inspired ads).

Even more sinister, those same corporations bought out the government's role in education, and so Titus and his friends attend School(TM) -- where literacy is not on the curriculum. Instead, students learn how to make purchase decisions and better use their Feed.

Titus' new girlfriend, however, is representative of a growing counter-culture. Violet's education is strictly home-based, and her objections to the mainstream grow increasingly strident, even as she becomes a victim of it. It is perhaps no coincidence that her lack of affluence in this society is tied to her resistance against it.

The citizens of this future America, weaned on the Feed, are shockingly illiterate. Their language is largely incoherent, riddled with "like"s and "thing"s. Poor verbal composition is combined with an almost complete lack of vocabulary, so characters are often caught referring to objects as "thing... uh..." -- pause while they look up the term through their Feed -- "table."

We often attribute poor language skills to teenagers, but the author's willingness to show adults with the same deficiencies is telling. Even the President of the United States appears unfocused and uneducated.

Not surprisingly, the inhabitants of this world are incredibly self-absorbed. Titus repeatedly demonstrates a callous disregard for the feelings of his dying girlfriend, although he has the good grace to feel guilty buying a sweater while she confesses her fear of death. It's a culture where citizens are trained to value only what's shiny and new, and to dispose of the old and used. How any relationship can survive in that environment is a mystery only philosophers and Slashdot commentators might dare address.

The author's handling of the characters is both realistic and sensitive. I found myself shaking my head at Titus and his friends, but my disgust was accompanied by a sympathy; like a baby raised by wolves, his behaviour is completely understood, if not acceptable.

In fact, the picture drawn of this future is all too clear, and the author's skill at connecting the dots between today and that time make for some serious introspection. After all, today's Internet is an obvious precursor of the Feed, and as commercial life makes ever-greater demands of our attention online, where does it end?

The gear that makes this future possible is incredibly empowering. It connects all people together, literally, to the sum total of all human knowledge, while providing a complete, instant telecommunications network. But corporate interest is clearly the villain here, with all technology perverted to consumerist ends, ripping away privacy, individual expression and true liberty. In the right hands, the Feed would be more powerful than the agricultural, industrial and communications revolutions put together; instead, the Feed is leading its users to an apocalypse, as the author strongly hints at the end of the novel.

Most savage of all, the citizens of this future America don't see the apocalypse coming. As they increasingly turn a blind eye to how their goods are manufactured and delivered (sound familiar?), they ignore the radiation-induced skin lesions that everyone has, the fact that couples can't reproduce without a "conceptionarium", the glowing green clouds, the dead seas, the ash falling from the sky. In their dome habitats, life goes on, in the malls and upcars and fake lawns underneath the Clouds(TM) -- while the other nations of the Earth vow to obliterate America's corporations by any means necessary.

It's a hell on Earth, but a hell that seems destined to come to a crashing halt. Like the best in science fiction, this novel shows us the worst-case scenario, so we can thoughtfully avoid it.

You can purchase Feed from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

Alex Moskalyuk writes "According to O'Reilly Publishing's Web site, the missing manual series was started after many software publishers decided to drop the practice of including manuals in the boxed set. Supposedly, the same information could be retrieved from the Web site or help file, but those uncomfortable with the manufacturer's site, or those with pathological fear of reading anything that follows F1 were left out in the cold. So it's understandable that missing manuals exist for Windows, Mac OS X, Dreamweaver MX and other products packed with features that are not easy to grasp through naive experimentation. But a manual for Google? A manual for the Web service that makes money by creating an interfaces as simple and intuitive as possible? To put it mildly, are they insane?" (Read more below.) Google: The Missing Manual author Sarah Milstein, Rael Dornfest pages 224 publisher O'Reilly rating 7 reviewer Alex Moskalyuk ISBN 0596006136 summary Everything there's to know about Google

Looking at the table of contents (for some reason PDF only), I figured out the book might be useful for someone relatively new to the Internet with intrinsic fear of doing something wrong (which pretty much describes my parents as well as their friends within the same age group). Chapters 8 and 9 on Web-mastering with Google might be useful, as it talks about buying AdWords for ad campaigns and serving AdSense for making money off the Web site. Still, I was interested to see what the book had to offer and started reading from Chapter 1, only to find this useful tip on page 24:

A lot of people probably knew this, but Google allows you to do a phrase search even if you don't have an idea of what the complete phrase looks like. Wildcard search allows one to use an asterisk for any word that's missing. Google will fill it in automatically. Pretty useful for finding the lyrics for that song you heard on the radio, but couldn't figure out the last word.

But this is not a Google tutorial: it turned out to be surprisingly useful even for me, someone who uses Google probably about a hundred times a day. Google features have that feeling of serendipity, where you can use the engine just fine without knowing anything advanced, but once you discover a few shortcuts, there's truly no replacement. For example, the book tells you what kind of numbers can be usefully entered into the Google search window: you can search for area codes, ISBN numbers, UPC numbers, flight numbers, Fedex/UPS/USPS tracking numbers as well as vehicle ID numbers (btw, the car is for sale).

Chapter 4 is very informative for Google's less frequently used services - Groups and Answers. While Google Groups and the Usenet search are probably bookmarked by any geek out there, not many people know that Google runs a paid service that can help you if you're just stuck with no results. Moreover, once the answer is posted and someone has paid for it, Google allows all the visitors to browse it for free, and some advice, for example, in small business section, can save a trip to the lawyer or paid consultant. The book takes the reader through the process of setting up an Answers account (which is actually the same account as the one for Groups) and asking informative questions requiring additional research.

Google: The Missing Manual is a pleasant book to read. Lots of screenshots (although all black-and-white), detailed information on the services and quite useful tips for newbies as well as professionals, clearly marked chapters, notes and tips spread throughout the book all make for a good reading experience. It's interesting URLs like this one that show that the authors really put time and effort into creating a book that's fun as well as informative.

Will the book be useful for an average Slashdot reader? Unlikely, since most of the information is already out there and most of the people here don't need a hand-holding walk-through into Google services. Will it be useful for Webmasters? Most of the tips I've read in the last two chapters were pretty much something I knew before. It's not something you need when you've had your own Web site for a few years, but the book is pretty good if you've just started up building Web pages. Also, since so many features have been only recently introduced, the book doesn't cover things like graphic ads in AdSense or Gmail accounts.

For someone quite unexperienced with the Internet or those seeking to gain expertise in Google services and broaden their research skills, though, it is a useful, fun-to-read title. It's not expensive either, so while I think for most of the geeks it's redundant, it would be a good gift for those in the family who keep calling and asking questions that begin with "Where do I find...?"

You can purchase Google: The Missing Manual from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

GMan00 writes "A flurry of BSD UNIX-related (Berkeley Software Distribution) books have hit the bookstores during the recent past, and more are on the way. From books specific to Secure Architectures with OpenBSD in April 2004 and the reissue of The Design and Implementation of the BSD Operating System for FreeBSD 5.x (expected in August 2004), to Michael Lucas' series of BSD Books from NoStarch Press, print documentation is certainly available for those interested in learning about the free, open source UNIX system which powers operations such as Yahoo! portal and Sendmail.org website, Verio and Pair hosting, not to mention web server survey site Netcraft. Dru Lavigne's BSD Hacks (O'Reilly and Associates, May 2004), is the latest book in these releases, and is an enormously useful resource for system administrators and end-users alike." Read on for the rest of George's review. BSD Hacks author Dru Lavigne pages 427 publisher O'Reilly & Associates rating 10 reviewer George ISBN 0596006799 summary A great array of hacks you can perform on your BSD box, many applicable to all the BSDs, including FreeBSD, NetBSD, OpenBSD and Darwin/OS X.

Dru writes the BSD Basics column on O'Reilly & Associates' OnLamp. Her clarity and fluid style are perfect for those looking to understand aspects of the BSD operating systems. I have had some email communications with Dru about various New York City *BSD User Group-related activities, and managed to speak with her several times at BSDCan this past May.

Like most computer nerds, Dru has a sense of humor. Unlike most, however, she's actually funny.

BSD Hacks is the first book that is almost solely focused on hacks for sysadmins, without boring you with the details for basic operating system installation and configuration that has been so well documented elsewhere. BSD Hacks is not just for sysadmins, though. Intermediate and advanced BSD users will also find the book an excellent tool. For those who find difficulty in BSD installs and other fundamentals, on the other hand, it's best to start with the FreeBSD Handbook, the NetBSD Guide or the OpenBSD FAQ.

There's lots of good hacks buried in the various BSD books, around the internet in different HOWTOs and tutorials. But BSD hacking is the sole purpose of BSD Hacks; there's no need to browse through install screens and overviews of TCP/IP before getting to the heart of the matter.

With 100 listed hacks, multiplied by an impressive level of detailed angles for each, Dru provides an array that demands the placement of this book right in your server room, not in a pile of "must-read-at-some-distant-point-in-the-future" texts.

The majority of hacks are applicable to all the BSDs, including Darwin and OS X, although some are specific to one BSD or another.

This review obviously can't list every hack, although you would be smart to sit and work through the book yourself over a weekend or two. But it is possible to provide a good flavor of BSD Hacks in brief. O'Reilly and Associates does give a good glimpse on their Sample Hacks page, but let's do a quick work through ourselves.

The first chapter is called "Customizing the User Environment," and is probably best for end-users looking to go beyond their first steps. But it does include some useful hacks, such as "Use an Interactive Shell" that certainly fit well into the arsenal of any sysadmin, not to mention Hack #12 "Use Multiple Screens on One Terminal."

The second chapter, "Dealing with Files and Filesystems" also contains gems for both end-users and sysadmins. The use of mtree, which maps a directory hierarchy, is mentioned as a tool for recovery. Later on in chapter 6, Dru details its use for making a hacked data integrity checker, thus filling the role often played by products such as Tripwire.

Another great tool Dru covers in the second chapter is g4u, a free ghosting program that gives you the ability to perform quick restores over ftp. Ghosting a drive image is an incredibly useful tool, whether it's about replicating servers or doing a quick reinstall and configuration when a server fails in an emergency.

Chapter 3 is entitled "Boot and Login Environments." It gives some hacks that aren't just for basic system administration, but also some useful security ones including changing your /etc/passwd file to Blowfish encryption and utilizing OPIE for one-time passwords, which is built into FreeBSD.

"Backup Up" is the focus of Chapter 4. It includes some very creative methods of dealing with maintaining that necessity, and also includes an excellent primer on Bacula, which is increasingly gaining prominence as a cross-platform backup system.

Chapter 5 covers "Network Hacks," and continues on educating a sysadmin. Included in this chapter is the tcpdump program, a vital tool for watching traffic flowing by your network interfaces.

There's a strong security focus in Chapter 6, entitled "Securing the System." While security hacks are sprinkled generously throughout the book, this chapter works with firewalling with IPF and PF, in addition to covering SSH and Snort. It also includes the earlier mentioned 'intrusion detection-lite' approach with mtree.

Chapter 7, "Going Beyond the Basics" explores scripting, analyzing dreaded buffer overflows and more. Dru also includes a bit on "Creating a Trade Show Demo," not something you'd expect documented in print anywhere, but nevertheless quite useful for anyone working for the BSDs at a conference.

Dru continues with "Keeping Up-to-Date" in Chapter 8, which includes useful details on upgrading and downgrading your installed ports.

The final chapter is "Grokking BSD." "Grok," as Dru comments, refers to the science fiction writer Heinlein's Martian phrase for having a "thorough understanding." Dru covers creating your own manual pages, dealing with custom patches, playing with dictionaries and more.

Certainly there are no walls between each chapter, as many of the hacks could be shifted around. All the more reason to work your way through the book from beginning to end.

One useful addition for this book could have been somehow denoting which of the BSDs (in some cases, it's all of them) to which each listed hack can be applied. Certainly not all are available to Darwin and Apple's OS X. And certainly there's no point in making the OpenBSD /etc/passwd file encrypted in Blowfish, since that is its default.

While many of the hacks are found somewhere in the manual pages, on some useful website, buried in another book or in the minds of some developer somewhere, they're not necessarily in the annals of official documentation. But there's no single book or site that provides the depth and breadth that Dru provides. She managed to tap into the thoughts of dozens of developers and sysadmins around the world, greatly enhancing the variety of hacks in this book.

As a side note, the scope of BSD Hacks isn't limited to just the BSD family. Many of these are likely applicable to Linux and the other UNIX systems. But with recent, impressive increases in the BSD install base, there's a good chance that you can access a BSD box somewhere.

Whether you're a sysadmin managing hundreds of servers, or a power user ready to go beyond the obvious, BSD Hacks belongs next to your CRT.

You can purchase BSD Hacks from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

The Importance of writes "Siva Vaidhyanathan, an Assistant Professor in the Department of Culture and Communication at New York University, defender of Fair Use, and the author of Copyrights and Copywrongs (Slashdot interview), is branching out beyond copyright issues in his latest book, The Anarchist in the Library: How the Clash Between Freedom and Control is Hacking the Real World and Crashing the System." Read on for the rest of The Importance Of's review. The Anarchist in the Library: How the Clash Between Freedom and Control is Hacking the Real World and Crashing the System author Siva Vaidhyanathan pages 256 publisher Basic Books rating 9 reviewer The Importance of ISBN 0465089844 summary A thoughtful but pointed examination of the sparring roles of centralized control and anarchy in the control of and creation of information.

Basically, the book puts the information battles relating to culture and copyright into a broader context, ranging from Parisian enlightenment cafes through the latest copyright battles to the Zapatistas and Falun Gong. Unlike many recent books that deal with these issues, Siva doesn't approach them from a legal perspective so much as from a political/cultural/media theory basis. But don't let that scare you, the book is as readable as it is wide-ranging.

At its most basic level, The Anarchist in the Library is about control of information, both cultural and political. As Siva says in the last chapter, "This book was supposed to be about entertainment - the battle over control of digital music, text, and video ... But as I researched this new project, the world shifted beneath my feet ... My concerns moved to the regulation and control of all sorts of information, much of it cultural, much of it political." Thus, throughout the book, Siva contrasts two very different regimes of information control: oligarchy and anarchy.

Oligarchy we are all familiar with. It is the traditional, centralized control of information by the few. It is the system that, for the most part, we all grew up with and continues to be the default today. On the other hand, we've all heard of anarchy, but most of us aren't familiar with its deeper meanings and history. Siva helps us to understand anarchy as a serious positive political philosophy, something more than merely a reaction to oligarchy. To his credit, however, Siva fully endorses neither position. His is a course of moderation, avoiding the excesses and pitfalls of both sides.

The other theme that runs throughout the book is that of cynicism. Here Siva contrasts the civically engaged cynicism of the Greek philosopher Diogenes of Sinope, with the narcissistic cynicism of Seinfeld's George Costanza. Why cynicism? In Siva's words, "What could be a more ideal environment for a cynic than cyberspace...?" The question, however, is whether and how we can promote the responsible and humane cynicism of Diogenes vs. the shallow, rude and selfish cynicism of Costanza. Of course, it sort of depends on how you define rude. To make a point, Diogenes once masturbated in the market square. Says Siva, with tongue in cheek but also a valid point, "And nothing represents the overall nature and substance of the Internet better than masturbating in the marketplace."

Diogenes' zealous humanity is also an especially important consideration of Siva's. Whenever possible, Siva emphasizes consideration of the humane over cold theory. It is this concern with the humane, I think, that draws Siva from engaging with Metallica's issues with P2P to questions of terrorism and networks.

Framed by these themes, Siva proceeds to dig through the many information control issues that have come to the fore these past few years or so. He starts with Peer-to-Peer, of course, and moves through many of the issues constantly showing up in "Your Rights Online" such as MP3s, DeCSS, the broadcast flag, the Phantom Edit and many, many others. The path is not random, however; Siva is demonstrating the reactions between oligarchic control and anarchic response in the creation of culture, and that culture requires, even demands, some anarchy in order to thrive.

From this point, Siva begins to leave the world of digital rights and begins to explore other means of controlling information and culture, such as the subtle, sometimes nearly invisible assumptions made by many international institutions through trade policy and market regulations. The book also discusses how information and cultural controls (such as the PATRIOT Act) grow out of security concerns and fear.

At this point in the book, some readers who might have been nodding along in agreement so far may begin to disagree with some of the points Siva makes, as he takes on the WTO riots, "Techno-Libertarianism," and the war in Iraq. But the book is no thoughtless, radical polemic; it seeks a moderate, well-articulated and researched middle ground.

In the end, Siva's moderation is demonstrated as he concludes that there are seldom easy answers in a world where control of information and culture is sometimes necessary. Without giving specific answers, Siva argues for approaching problems from a particular perspective: with engaged, humane cynicism and a commitment to civic republicanism, both within and without our borders. It is a perspective well worth reading about.

[Full disclosure: I've met Siva a couple of times at conferences and corresponded with him by email on occasion. I would consider him a friend in the fight against copyright maximalism.]

You can purchase The Anarchist in the Library: How the Clash Between Freedom and Control is Hacking the Real World and Crashing the System from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

CWitz writes "I'll be honest: I'm not terribly technical. In fact, I'll probably have to get someone to help me add in the tags necessary to convert this review to readable HTML. But what I lack in technical skills, I more than make up in apprehension about the darker aspects of the internet. When I get an unexpected e-mail, I'm sure it's from some identity theft villain full of virtual lock picks just dying to snatch all my private information. John Bigg's new book Black Hat: Misfits, Criminals, and Scammers in the Internet Age is an entertaining and educational book that provides me with more than enough information about how to protect my vulnerable computer." Read on for the rest of his review; it's not aimed at experts, but Scott makes it sound like a good read for the interested layman. Black Hat: Misfits, Criminals, and Scammers in the Internet Age author John Biggs pages 176 publisher APress rating 8 reviewer CWitz ISBN 1590593790 summary An introduction to the morass of malice that threatens any internet-connected personal computer; gives a broad overview of both social engineering and purely mechanical attacks, and advice on avoiding them.

Biggs is a technical journalist with more than seven years of real-world IT experience (programming and management), and he handles complex topics on the page in a fun, easy to understand manner. The book begins with the tale of a hapless spam victim in Germany, and moves on to introduce us to Alan Ralsky, the "spam king of Detroit."

Ralsky describes himself as an honorable marketing professional, but a Detroit Free Press article in November of 2002 pointed out that his computers vomit out more than 650,000 emails each hour. While his label of spammer or marketer may be debatable, there's no question about his efficiency. From the interview with Ralsky, Biggs moves into telling the story of his own struggle with spam. The discussion then turns to various relevant legal and social issues, and this shift is a hallmark of the book's positive qualities.

Black Hat effortlessly moves from straightforward factual reporting to first-person narratives to social and political commentary. The factual sections are just-the-facts-ma'am-reporting that would seem at home in any newspaper or technical journal. The first-person narrative sections are funny and reassuring. For leery technophobes like me, it's nice to know the experts struggle with many of the same computer bugaboos that plague me. The political and social commentary sections succinctly explain legal and cultural influences that shape the world of the internet today.

A good example of the political commentary is the chapter entitled "Upload or Perish: Pirates." As an aspiring author myself, I've always found myself believing that "sharing" intellectual property was inherently wrong. So I chose not to use Napster or Kazaa or the other options and totally agreed with efforts to prosecute active Napster users. But in this chapter, Biggs points out the misguided attempts of the industry by targeting the wrong people in their fight against sharing and piracy. In Eastern Europe and China, there are CD-pressing factories spewing out thousands of copies, complete with jewel case, printed insert, and full-color printing that are almost impossible to distinguish from the real product.

Biggs writes: "BMG Music representative Rob Anderson told me that many of the pirates have better CD and DVD reproducing equipment than even the large, official distributors." The discussion of industry actions targeting the wrong people continues with "Record companies can sue as many 12-year-olds as they want...but the equation will always be the same: piracy cannot be stopped." Detailed explanations of key landmark piracy lawsuits follow and the chapter ends with Biggs providing some suggestions for how the industry can help themselves in more effective ways, rather than attacking kids with home computers and a Jones for Metallica. Quite simply, he states the industry should use the technology to effectively deliver their product, at a reasonable cost, to the consumer. If listeners are going to share files, then the industry should harness the technology instead of stomping their feet and demanding that teenagers continue to trek down to the local mall and spend twenty dollars on a CD that may only have one or two good songs.

Personally, I'm still not sure that I believe in file sharing. Just because something isn't tangible (it's music or it's words or it's code) doesn't mean someone didn't work hard for it and invest in it. But Biggs' illuminating discussion certainly made me see how the industry has mismanaged their very lifeblood. I may not be file sharing anytime soon, but I won't be part of the angry mob hunting down file sharers any longer.

In Black Hat, Biggs manages to clearly explain certain technical aspects of spam, viruses, and other internet parasites. For instance, we've all seen that pile of gibberish at beginning of spam e-mails and Biggs explicates that mess in a way that anyone can understand. Like those rare moments in high-school English class when the teacher explains a poem that you always thought was unintelligible garbage, and the light goes on, and suddenly that long-haired Brit makes sense -- after reading Black Hat, I now understand much of what was to me only gibberish before.

In the chapter entitled "Shockwave: Worms and Viruses," Biggs dissects a simple, working worm. The worm was written by 16-year-old in Austria named Second Part to Hell with a taste for programming to White Zombie. Biggs interviews the worm writer and delves into the world of programmers he likens to sword makers, steeped in art and tradition. They do not include any dangerous payloads in their worms, but the possibility that someone could use the worm for malevolence isn't their concern, any more than the sword maker worries about how the weapon is being used. The dissection of Second Part to Hell's worm begins by actually showing the PHP web-programming code. Biggs then walks through each section, explaining how the worm selects which files to infect, creates a copy of itself, and processes its code to spread, and finally appends itself to the top of each file so it can seek out new victims.

The book goes on to discuss Nigerian 419 scammers, malicious virus writers, hacking legends like Lord Digital, spyware, and ultimately what a user can do to protect their computer and data. Entertaining and educational, Black Hat was a valuable read to a non-technical person like me. Best of all, John Biggs' suggestions for protecting my computer against the frightening aspects of the internet have made my cyber activities more comfortable and secure.

You can purchase Black Hat: Misfits, Criminals, and Scammers in the Internet Age from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

Martin Ecker writes "A few months ago, the OpenGL Shading Language -- OpenGL's own high-level shading language for programming Graphics Processing Units (GPUs) -- was ratified by the Architectural Review Board (ARB) responsible for the development and extension of the OpenGL graphics API. The first real-world implementations are just becoming available in the latest graphics drivers of the big graphics hardware vendors. Now the first book that features this new shading language is available, with the intention of becoming the standard book on the subject. Randi J. Rost's OpenGL Shading Language (published by Addison-Wesley) is a good introduction to developing shaders with the new OpenGL Shading Language, and demonstrates a number of useful applications for real-time programmable shaders." Read on for the rest of Ecker's review. OpenGL Shading Language author Randi J. Rost pages 608 publisher Addison-Wesley Publishing rating 8/10 reviewer Martin Ecker ISBN 0321197895 summary A solid introduction to developing shaders in the OpenGL Shading Language.

Because of its orange cover, the book is also called the "Orange Book," and together with its siblings, the classic "Red Book" (aka OpenGL Programming Guide) and the "Blue Book" (aka OpenGL Reference Manual (see this earlier review), it is a member of the OpenGL family of books from Addison-Wesley. Although it has a short overview of the basic features of OpenGL, it is intended for an audience that is already somewhat familiar with OpenGL and with 3D graphics programming in general. The interested reader should probably have read the "Red Book" or at least have a good understanding of how to use the OpenGL graphics API before attempting to tackle this book.

Rost, as well as the co-authors on some of the chapters, John M. Kessenich and Barthold Lichtenbelt, all employees of the graphics hardware vendor 3Dlabs, were driving forces behind the inception of the OpenGL Shading Language. They are also core contributors to the final language specification as well as the OpenGL extensions that provide the framework for this new shading language. So the information in the book actually comes from the people that created the language, which is a definite plus.

The book consists of 17 chapters and two appendices which can be roughly categorized into four major parts: An introduction to the basics of OpenGL and GPU programmability; a description of the OpenGL Shading Language and the associated OpenGL extensions; a number of chapters that show the shading language in action; and finally a reference section on the language grammar and the entry points introduced by the new OpenGL extensions. Each chapter of the book has numerous interesting references to get further information on the presented topics. I can only recommend taking a closer look at some of them.

The first two chapters of the book describe the basics of the OpenGL graphics API, followed by an overview of the new programmable processors in the graphics pipeline and an overview of the shading language used to program them. The introductory chapter on OpenGL basics is very well written and worth the read even for more experienced OpenGL programmers. However, as mentioned above, the reader should have enough expertise in using OpenGL to be able to understand the more advanced parts of the book. The introductory chapter won't be enough in my opinion.

The third chapter, written by John Kessenich - one of the main authors of the OpenGL shading language specification - presents the language definition. This chapter is where the basic data types as well as the available control structures are described in detail. For people interested in writing a compiler for the OpenGL Shading Language, Appendix A also contains the entire language grammar in BNF.

Chapter four moves on to describe the programmable graphics pipeline, which was first introduced in the second chapter, in more detail. The programmable vertex and fragment processors and their interaction with OpenGL's fixed functionality are presented. In chapter five, the description of the shading language concludes with the available built-in functions. Chapter six offers the first simple example that shows the shading language in action - a shader to procedurally create a brick texture.

Until this point, the book doesn't talk much about how to integrate shaders into the host program running on the CPU. New OpenGL extensions were created for this purpose, in particular GL_ARB_shader_objects, GL_ARB_vertex_shader, and GL_ARB_fragment_shader. Chapter seven contains detailed descriptions of the entry points provided by these new extensions. Among other things, it describes how shader objects are created, compiled, and then linked to form shader programs that can then be used to render objects. Appendix B also has a reference section on the new entry points similar in style to the "Blue Book." Chapter seven concludes the dry, technical part of the book that introduced both the shading language and the necessary infrastructure to use it from a host program running on the CPU.

The remaining chapters delve into the really interesting topic: shader development. These chapters offer multiple ideas on what can be done with shaders and how to effectively use them in graphics programming. Standard techniques, such as bump mapping, procedurally creating textures, using noise, and others, are presented. Chapter nine deserves special mention because it presents shaders that mimic the behavior of the OpenGL fixed-function pipeline. Many developers new to shader programming are faced with re-implementing certain features offered by OpenGL's fixed functionality. This chapter addresses this.

Chapter fourteen also deserves mention. Shaders that procedurally create textures usually suffer from aliasing artifacts. This chapter shows a number of anti-aliasing techniques to diminish these artifacts. In my opinion, this important topic has not received the attention it deserves -- it's good to see such a chapter in this book.

Closing this section of the book, chapters fifteen and sixteen describe some interesting non-photorealistic shaders and shaders for doing image processing. (For more ideas on what can be done with shaders I also recommend the book "GPU Gems", which I have read and reviewed some time ago.

The final chapter of the book (chapter seventeen) is a language comparison with other high-level shading languages such as the RenderMan Shading Language, SGI's Interactive Shading Language from the OpenGL Shader package, Microsoft's HLSL, and NVIDIA's Cg. Although I am quite familiar with most of these languages, I found this chapter to be an interesting read because it attempts to look at the languages objectively, listing advantages and disadvantages of the various approaches.

The book contains many diagrams and images, all in black and white, except for 16 pages containing 30 color plates in the middle of the book. Most of the images are not overly "flashy" but do give a practical idea of the types of rendered images a particular shader can produce.

There is also a website for the book where you can find an errata list and download a sample chapter (chapter six). As mentioned above, this chapter develops a simple brick shader to show the basic features of the shading language. The website also has all the shaders presented in the book available for download. Because the book does not come with a CD-ROM this is the only means of getting shaders code without having to type them. At the time of this review, the site appeared to be in a transitional state.

Rost's OpenGL Shading Language succeeds at giving a good introduction to shader programming with the OpenGL Shading Language. Not only does it provide the necessary technical instruction to allow the reader to write his/her own shaders as well as integrate them with the host program, it also demonstrates a number of practical applications for shaders and tries to encourage exploring the new dimension of real-time graphics programming opened up by the OpenGL Shading Language. Since there is no other book currently available on this topic, it is hard to say whether the "Orange Book" will stand the test of time and actually become the reference book on the OpenGL Shading Language, but I believe it will.

Ecker has been involved in real-time graphics programming for more than 9 years and works as a arcade game developer. He also works on a graphics-related open source project called XEngine. You can purchase OpenGL Shading Language from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

Eli Singer writes "I'm writing to recommend The Power of the 2x2 Matrix , the best book on decision-making I've seen in a long time. The book presents 55 decision matrix models by some of the best minds out there including Stephen Covey ( 7 Habits of Highly Effective People ) and Geoffrey Moore (Crossing the Chasm). Although the book is primarily for business decision-making, the matrices really force you to think about your own personal and professional life." No bones about it, Singer is not a disinterested party: he helped with research that went into it. Read on for the rest of his review, below; there's also a link to a sample chapter of the book. (The Globe and Mail recently reviewed this book as well.) The Power of the 2x2 Matrix author Alex Lowy & Phil Hood pages 320 publisher Jossey-Bass rating 8 reviewer Eli Singer ISBN 0787972924 summary Using 2x2 Thinking to solve business problems and make better decisions

I had the pleasure of working with the authors of this book for over a year as a research assistant. Over that time I came to deeply associate with the 2x2 Matrix approach to problem-solving, and believe it is one of the most novel, fun, and effective ways of understanding business and personal dilemmas.

The idea behind 2x2 Matrix problem solving is to simplify any dilemma you're experiencing to its two core, often competing, facets. For example, The Gartner Magic Quadrant evaluates a company's technology solution based on Completeness of Vision and Ability to Execute. These two aspects are then placed on opposing axis of a grid and given hi/low extremes. This instantly generates four quadrants of distinctly different possible scenarios. In this case:

• Niche Players - Low completeness of vision, low ability to execute
• Visionaries - High completeness of vision, low ability to execute
• Challengers - Low completeness of vision, high ability to execute
• Leaders - High completeness of vision, high ability to execute

The authors, Alex Lowy and Phil Hood, have gone to great lengths to examine outstanding problem solving practices offering both an academic explanation of the theory behind 2x2 modeling, and a profile of 55 of the best decision models out there.

These 55 decision models, presented in short, clear summaries with illustrations and often technology-based case examples (drawn from IBM, Apple, HP, Borland, and the open source world) are the real gold in the book. The models range from highly business-oriented strategy, marketing, and employee-motivation frameworks, to personally oriented frameworks that help structure time, understand personality conflicts, improve leadership skills, and evaluate career transition opportunities.

Chapter 3 is devoted to what the authors call Archetypal Business Dilemmas. The dilemmas presented here speak vividly to the challenges being experienced right now by the open source community:

• Head vs. Heart The toughest choices are between doing what makes sense, and what feels right.
• Content vs. Process Content is the what, Process is the how. Success in most things requires mastery of both qualities.

Also, there are a host of technology gurus who have been interviewed and have matrices presented from their work: Charles Fine, author of Clockspeed; Watts Wacker, author of The Deviant's Advantage ; Hal Varian and Carl Shapiro, authors of Information Rules ; Paul Weifels and Geoffrey Moore, authors of Crossing the Chasm; and Joseph Pine and James Gilmore, authors of The Experience Economy.

It is almost impossible to read this book and not compulsively apply these exceptional models to personal life. At the moment I've been working with Stephen Covey's Urgency and Importance matrix.

For many of us, life is filled with tasks that are Urgent, leaving little time for more fundamental and long-term activities necessary for personal and professional development.The Time Management matrix explores two key dimensions, Importance and Urgency:

Importance. Things that are important are reflective of one's values and contribute to achieving higher-priority goals and personal mission. Importance is about results that matter.

Urgency. Urgent things require immediate attention. They tend to be visible, popular with others, and to act on us.

My cell-phone and inbox both feel highly Urgent, and I often answer my messages immediately, despite the fact that in most situations their Importance is questionable. I'm working at shifting away from a crisis-oriented instant response, which is in turn generating more free time to work on the things that are really important to me but don't necessarily jump in front of my face.

Without actually sitting down and plotting how I used my time during a week on the matrix, I would never have had to directly face the multitude of things I was sacrificing just to keep up with my trivial emails. It's the simplicity and clarity of 2x2 modeling that makes it a great tool for wrestling with dilemmas, and generating deep insights.

Most will find the book an easy and engaging read, especially the framework sections. The downside, if there is one, is the sheer volume of great frameworks. One can only absorb a few at a time and for this reason I'd recommend reading slowly, jumping from the table of contents right to parts that sound the most interesting.

You can purchase The Power of the 2x2 Matrix from bn.com; a sample chapter is available here. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

Anton Chuvakin writes "When I first got this little book called Network Security Hacks, I was unimpressed by its idea: a seemingly random collection of network security tips combined under the same cover. However, when I started reading, more and more often I exclaimed "Ah, that's how it is done!" as well as found better ways of doing what I was doing." Read on for the rest of Chuvakin's review. Network Security Hacks author Andrew Lockhart pages 312 publisher O'Reilly rating 8 reviewer Anton Chuvakin ISBN 0596006438 summary Surprisingly good; packs a lot of network security knowledge into a small book.

The book is structured around many security subjects. These are: UNIX, Windows, Network Security, Logging (covering collecting, summarizing and analyzing log files), Monitoring, (covering system and network monitoring and collecting various statistics), Tunnels (covering various kind of VPNs and encrypted communication), Intrusion Detection, and Recovery and Response (short section covering very basic forensics).

Each section has a dozen or more tips, each taking from a page to several pages. For example, looking for SUID and SGID files takes just half a page, while installing and configuring Snort NIDS takes several pages. As a result, the style is understandably terse and to-the point.

The book ended up being one cool collection of tips, ranging from mundane ('how to configure iptables on Linux') to fairly esoteric ('how to use MySQL as an authenticating backend for an FTP server'). If you've always wanted to use 'grsecurity' or 'systrace,' but thought they were too complicated - grab the book and give it a shot. If you want to set up a fancy encrypted tunnel between two networks, it covers that too. Admittedly, a lot of advice given in the book can be found on Google, but it is nice to find it in one place. Network Security Hacks covers selected topics in host security, SSH and VPNs, IDS, monitoring and even touches upon forensics. I also liked its multi-platform coverage, with a slight but unmistakable UNIX/Linux bias.

Overall, Network Security Hacks is a great book, provided you don't try to find in it something it isn't; it is a neat collection of simple network security tips. I somewhat disliked that many tips don't go beyond 'how to install a tool' and so stop short of discussing how to use it best. Another gripe: I'd rather some of the tips skipped the obvious (such as "./configure; make; make install") and focused on little known and cool ways to use technology for security. Network Security Hacks will be useful for people involved with system and network management, those starting up in the security field, as well as for more advanced professionals (as a way to check their knowledge and skills). Also, it helps folks to jump straight to effective ways of doing things in the areas where their skills are less developed.

For example, I knew it was possible to use SSH to create a makeshift VPN, but this books is the first I've seen with a really good description of doing so. Similarly, I found some neat MySQL hardening tips in the book. Overall, there is a lot in the book for most people who are somehow involved in computer security, particularly if they're also running UNIX or Linux.

Anton Chuvakin, Ph.D., GCIA, GCIH is a Senior Security Analyst with a major security information management company, author of Security Warrior (and contributor to Know Your Enemy II), and maintainer of security portal info-secure.org You can purchase Network Security Hacks from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

Joel Natt writes "Planet Broadband is not a Star Trek episode or another Sci-Fi title. It is the title of a new book by Rouzbeh Yassini which answers the question of where the term 'broadband' originated and why is it used when discussing cable internet services." Read on for the rest of Natt's review of Planet Broadband. Planet Broadband author Rouzbeh Yassini pages 140 publisher Cisco Press rating 9 reviewer Joel Natt ISBN 1587200902 summary The birth and growth of High Speed Internet

When I first received the book, my initial thoughts were focused on the cable Internet environment, but the book addresses the DSL side as well. This small book of 140 pages, including index, not only explains how the concept of broadband communication evolved, but also delves into possible directions it may head.

This book is clearly a history of how the concept of broadband was developed and the growth of the Internet that it has led to, not a how-to-guide suited to setting up broadband service. I can foresee future generations of children reading this book in a college course on Information Technology. When one considers that only three to five percent of the American public use any form of broadband services, the growth potential presented is unbelievable.

For me, a detail-oriented reader, it took about eight hours to read Planet Broadband. That may seem slow, but considering the topic and the scope of events occurring within the world of telecommunications, it's better than I expected. As I read this book, I would pause from time to time and comment to myself on how Yassini's predictions and descriptions of possibilities offered by broadband access are already manifesting themselves. Some of the concepts presented include virtual training (which many universities are now offering) and virtual meetings with individuals all around the world. While Yassini does point out that not everything is available on demand in this day and age, in time we will witness more and more bandwidth-heavy services that are.

Yassini points out the concept of being able to check the items in the refrigerator from work, or have the washing machine place a service call to the manufacture before you know there is a problem. These are features of a true broadband planet -- and perhaps time our children and their children will not know a world where analog modems are still used to connect to the internet. But as you read, you realize that while today is the birth of broadband, this book is more the introduction to tomorrow's internet. To prove the point that Planet Broadband is an introduction, my baby-boomer mother (who works in the cable industry in customer service) took the book from me and read it cover to cover one day and told me 'This is where we are going.' If a 50+ year old parent can see it, we know that the world will be there some day.

Near the end of the book, Yassini focuses on telecommuting and a comparison of that to working at the office. While he clearly points out that telecommuting is not for everyone or all the time, it has productivity advantages and will only grow with time. I think one of his best examples is in Chapter 6, where he recalls an MCI commercial depicting a woman working at home and changing a presentation on the fly for clients and co-workers halfway across the country. That image is an example of how the world has changed thanks to the advances of broadband.

This book is not designed for the IT world, but for the general public. Just the same, I would recommend this as an excellent addition to anyone's library and especially to individuals in the information technology community. For management or others it is an excellent resource to justify a telecommuting policy or practice, or a good reason why they should upgrade from the modem and narrow band to the world of high-speed Internet.

You can purchase Planet Broadband from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

emmastory writes "When I mentioned this book to some of my friends, the response was usually either 'Doesn't the iPod come with a manual?' or 'Does the iPod even need a manual?' There is, in fact, a little CD-sized booklet that comes with the iPod, and it's true that you probably don't need much more than that if all you need to know is how to turn the thing on and play a song. But one of the great things about the Missing Manuals series is that while they tell you everything a manual ought to, they also tell you an awful lot that a manual never would." Read on for the rest of emmastory's review of iPod & iTunes: The Missing Manual, Second Edition. iPod & iTunes: The Missing Manual, Second Edition author J.D. Biersdorfer pages 349 publisher Pogue Press/O'Reilly rating 9 reviewer Emma Story ISBN 0596006586 summary An inexpensive way to get the most out of your iPod

For example, if you ask someone (like an Apple store employee) how to get MP3s off of an iPod and onto a computer, they'll tell you that the transfer is only supposed to go the other way. The idea is that you're not supposed to be able to just collect the entire music libraries of anyone who happens to drop by your home with his or her iPod. Of course, it turns out that there are plenty of legitimate scenarios in which you might want to be able to get your own music off of your MP3 player. (I certainly intend to rescue my music from my iPod should the external drive that's currently holding my files ever give up the ghost.) The Missing Manual, on the other hand, devotes several pages to detailing the various ways you can go about accomplishing the unspeakable act of iPod-to-computer copying.

And additional content isn't the only thing you'll find in this book -- there's also a significant difference in the depth and helpfulness of the respective texts. I'll compare their coverage of a common question among new iPod owners: what's going on when the iPod screen always says "Do not disconnect"? Here's the answer as given by the iPod User Guide:

Important: If it is not safe to disconnect iPod, a message on the iPod screen says "Do not disconnect." Don't disconnect iPod if you see this message. You could damage files on iPod. If you see the "Do not disconnect" message, you must eject iPod (see page 22) before disconnecting it.

Apple's apparent fear of possessives and articles aside, this is pretty much as bare-bones as you can get. It tells you one thing you can do if you're seeing this message, but not why it's happening, or what to do if ejecting the iPod doesn't make it go away. Here's an answer to the same question in the Missing Manual:

If you've turned on the "Enable disk use" box in iTunes' iPod Preferences panel, the "Do Not Disconnect" message appears on the iPod at all times. You have to unmount the iPod from the computer manually to make it go away (see page 215).

Even if you haven't set up the iPod to work as a FireWire disk, its hard drive may not have spun down properly. If it's stuck in a loop, the "Do Not Disconnect" message may also appear. Try clicking the Eject iPod button in iTunes, or dragging the iPod icon on the desktop to the Mac's Trash, to see if you get the "OK to Disconnect" message. If that doesn't work, try resetting the iPod as described on page 46 and then try ejecting it.

Note: If you live in a cross-platform household and have both Macintosh- and Windows-flavor iPods lying around, make sure you're plugging the WinPod into the PC. Macs are generally friendly towards PC-formatted 'Pods, but not vice versa. Mixing them up can lead to several error messages, including the "Do Not Disconnect" message (even as the computer won't mount or recognize the iPod) and the "This iPod is linked to another Music Library" message.

(Note that I plucked that answer from the iTunes troubleshooting section - there's also a similar response in the MusicMatch section.) I don't know about you, but this strikes me as infinitely more useful and enlightening than the User Guide's response (no offense to Apple's technical writers intended). And of course there are questions answered in the book that aren't addressed at all in the User Guide, nor on Apple's site.

There are plenty of other things that you'll find in this book that you might not already know, and that you certainly won't find in the included booklet - like information about the iPod on Linux Project, or descriptions of a number of different shareware and freeware programs you can grab to enhance your iPod. You'll find tricks to extend your battery life, ways to make the 'Pod behave even more like a PDA than it does by default, and how to boot off of your iPod should the need arise. Of course, it's true that you can find a lot of this on the web by yourself without having to pay for a book, so part of your decision about buying it will depend on whether you care more about spending $24.95 or saving yourself some time.

If you're wondering whether it's worth buying if you don't use Mac OS or if you have an older iPod, rest assured - coverage of all the different iPods is included, and there's material on both versions of iTunes, as well as MusicMatch for Windows. There's not a whole lot about using an iPod with a *nix box, although the topic isn't completely ignored (as you might expect). There's enough about the iPod itself that Linux users wouldn't be making a mistake to pick it up. On the other hand, it's probably not worth buying if you don't have an iPod and are just curious about iTunes. But iTunes is covered in almost every general Mac book out there, so you're not totally out of luck if that's the case. For most iPod owners, though, this book is a great and inexpensive way to get the most out of your new best friend (as long as your new best friend happens to be an iPod).

You can purchase iPod & iTunes: The Missing Manual, Second Edition from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

sympleko (Matthew Leingang) writes "PHP5 has hit its third release candidate, so get used to the idea of using it. George Schlossnagle has written a great book on PHP programming which ought to generate some enthusiasm. But it's not just about PHP5: the book includes great information on everything from coding style to high-level problem-solving. I met George through a friend of mine who works for the Developers Library, and I'm glad to have finally gotten a look at his book." Read on for Leingang's review of Advanced PHP Programming: A practical guide to developing large-scale Web sites and applications to PHP5. Advanced PHP Programming: A practical guide to developing large-scale Web sites and applications to PHP5 author George Schlossnagle pages 609 publisher Sams Publishing (Developers Library) rating 9.999/10 (I don't give perfect scores) reviewer Matthew Leingang ISBN 0672325616 summary See subtitle

Many of the previous generation of PHP books were fattened with lots of filler: how PHP imports form-submitted variables into its namespace, definitions and examples of valid XML documents, one-line summaries of every PHP function, even an HTML reference. It's like going to Gallagher's Steak House and filling up on free bread. Ladies and gentlemen, may I submit the Atkins-Friendly PHP book. This is not a book about syntax or data structures. This is a book on how to use PHP in enterprise environments. During my first read, I realized around page 126 that I had already learned as much as I had expected to learn and I was just getting started!

The book is very well written, with a friendly tone that is neither pedantic nor partisan. A knowledge of PHP before version 5 is assumed, and the situations tackled are very much from the real world. The focus goes beyond getting what you want to appear in the browser, too; scaling problems of very large web sites, managing a code base with multiple developers, and building your own extensions to PHP are all discussed.

The author draws most examples from a Unix + Apache + PHP environment, and MySQL is the primary database used. The examples are all in PHP5, but many ideas can still be implemented in PHP4. In other words, you can still learn a lot even if you're committed to PHP4 for the near future.

Part I of the book is called Implementation and Development Methodologies (some of these part and chapter names could be a little less clunky, even if they are correct), and the first chapter is about coding style. After that comes a thorough discussion of the new features of PHP5. These are language aspects that are commonplace in other object-oriented languages (e.g., java and python), but which I admittedly knew little about:

• encapsulation: the ability to keep object attributes and methods private or protected;
• static attributes and methods to make class functions or singletons;
• user-definable constructor, destructor, accessor, mutator, and copier functions;
• interfaces, which are like abstract classes. A class can implement one or more of these as well as extend a concrete class;
• exceptions, which allow propagation of errors and warnings back up through the function stack.

Other PHP programming concepts are discussed in this part, such as templating, using the command-line interface, and unit testing. The chapter on Managing the Development Environment includes some CVS basics as well as how to organize and keep separate your development and production environments without breaking what works. Another topic discussed is when to use PEAR classes and when to roll your own.

Part II, Caching, is where the book gets hard-core. Once your application works, how do you optimize its performance and scale it so you can have hundreds of thousands of users?

• You can use static variables to reduce recalculations, and compile your regexps.
• You can cache data on the PHP level in flat files, DBM files, shared memory, or even in user cookies.
• There are also solutions outside of the PHP userspace. The ordinary PHP process takes the text which constitutes the programmer's code and compiles into a assembly-style intermediate code. Then the intermediate code is executed. If a script is executed several times without change, the same intermediate code is created, executed, and thrown away several times. A compiler cache saves this intermediate code and reuses it. The author has developed a free, open-source compiler cache.
• There are also code optimizers, which eliminate dead code and overly-verbose constants.
• Reverse proxies also work in web sites to reduce network latency. Latency occurs when a server is stuck waiting for a request to be completed before it can execute. A reverse proxy server only collects requests, then hands them off on a high-speed network to the actual server.
• This can be made even better with content caching. The proxy can determine if the request requires handling by the PHP webserver at all. If a stale, cached copy suffices, it is served instead.
• Content compression sends your data over the internet compressed. The client's browser is in charge of decompression.

Part III, Distributed Applications, is of big importance to the developer of medium-sized sites. The author discusses the familiar topics of database interaction (including how to troubleshoot your slow queries), authentication, and session handling. Then a chapter on clustering: how to arrange multiple, redundant servers to create a robust, fail-safe system.

The final chapter in this part covers another hot topic: Web Services. Say you want to edit your weblog entries on a real text editor rather than through a web form. If you have RPC (Remote Procedure Calls) set up on your web server, you need only write a script which manufactures a request to a web service and and ships it out. What's the sales rank on Amazon of the book you just wrote? What's the weather like in Medford, Massachusetts today? These are all jobs for web services. XML-RPC and SOAP are approaching the standards state of usage, so using one of these means you don't have to develop your own RPC client or server library. SOAP is even richer than XML-RPC: it's an all-purpose messaging protocol which is in use by many of the big players in web services (e.g., Amazon, Google).

In Part IV, Performance, the author returns to the optimization question. How can PHP scripts themselves be made to run faster? There are several techniques:

• Use the apache benchmarker or other load-generating programs to determine which requests take the most time.
• Use a PHP profiler such as the one the author has written to examine your script line-by-line and determine which function calls are most expensive.
• Use a synthetic benchmarker (such as the one included in PEAR) to analyze small bits of code and discover how efficiently they do their task. Which is faster: interpolation of variables or string concatenation (the latter, at least before PHP 4.3)? If you don't have a library compiled into PHP, can you implement all the functions in userspace efficiently (not really)?

Part V, Extensibility, is for people who want to adapt PHP on the language level for their needs. This part requires a knowledge of C and a strong grip on your hat! After a discussion of PHP and Zend Engine (the virtual machine on which compiled PHP runs) internals, the author shows how to make both simple and complex extensions. You can add new functions to PHP, add a suite of library wrappers, add and manipulate classes and objects, all using pre-defined macros. In the last chapter, you can extend Zend itself to (say) implement all errors as exceptions, create a PHP Shell, an opcode-dumper, or modify the author's compiler cache or profiler.

I very much enjoyed the book. I have chosen to take the plunge into PHP5 for a new web project, partly because this book convinced me it's worth it. I can't imagine I'm going to use everything I've learned from the book, but I'm glad to know how problems like these are solved.

There are a few typos and misspellings, but that's to be expected in such a large book with limited turnaround time. Definitely recommended.

Matthew Leingang is a Preceptor in Mathematics at Harvard University. He continues to try to integrate web development into his day job. You can purchase Advanced PHP Programming: A practical guide to developing large-scale Web sites and applications to PHP5 from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

norburym writes "This is not an intro Linux book for your mom. Well, actually it's an intro Linux book for the author's mom! Linux for Non-Geeks came about by virtue of Rickford Grant's desire to create an easy to follow guidebook to installing, configuring and using Linux for his mom who, at 72, was on a fixed income. Her erstwhile son suggested giving her an old box of his with Linux installed. Willing to go along, she asked for book suggestions to learn about Linux. Stumped by the meager offerings, Grant decided to write up a set of instructions on his own. Egged on by relatives and friends to subsequently publish his manuscript, Penguinistas the world over can now rejoice! A far cry from dumbed down editions of how-to comic book style manuals from other publishers, No Starch Press has adopted a smart series of books for the capable, no nonsense audience; those folks who are not afraid to try new things and who want a clear and (more importantly) practical approach to enhancing their skill set. This book is a stand out in that series." Read on for the rest of norburym's review. Linux For Non-Geeks, A Hands-On, Project-Based, Take-It-Slow Guidebook author Rickford Grant pages 336 publisher No Starch Press rating 8 reviewer Mary Norbury-Glaser ISBN 1593270348 summary A Hands-On, Project-Based, Take-It-Slow Guidebook

The title explains exactly how Grant's book is laid out. It's for Windows users, Mac users, and new or inexperienced Linux users who are non-geeks (or wannabe-geeks) and who are itching to take the plunge into Linux without having to wade through a multitude of books aimed at power users, online HOWTOs, weblogs and IRC channels. This is one volume with enough worthy information to credit the cost of the $34.95 investment.

The content is based on Redhat's Fedora Core and includes CDs for installation. As such, the author has chosen to go with the default Fedora desktop, GNOME. Choices have to be made: Fedora Core vs. Mandrake vs. SUSE vs. Xandros etc., and GNOME vs. KDE vs. Enlightenment, etc. Grant has chosen stability and ease of use, and he has chosen well. Fedora would have been Redhat 10, had Redhat gone that route. They didn't and we can all lament the changes the company has launched toward focusing on corporate gains or we can move on. Moving on, we can see immediately that Fedora Core is excellent and if Red Hat's idea in Fedora's community focus is to go the Debian route and have lots of experienced eyes taking care of this project, then it will continue to be excellent. Once you get into this book and get your fancy tickled by Fedora and GNOME, go wild. 'Nuff said.

The first two chapters of the book cover the 'penguinista' mindset (why you're even looking at a book on Linux), hardware compatibility and the install process. Easy enough, and Grant does a great job of leading the reader through this process. It's the scary part, after all! Once the deed is done, the reader is introduced to Chapter 3, 'A New Place to Call Home'. Gnome is the desktop of choice and the author goes into detail, easing the reader through a wealth of GUI options. Lots of screenshots and photos give the reader a clear sense of what to expect when they are navigating through the choices. Lots of time is spent on customizing and some may find this trivial but there is nothing more frustrating to the beginner than being told to "click click click" when they aren't comfortable finding the correct windows, buttons and choices. After spending some time on this chapter, the reader will be able to progress through the book with confidence.

Connecting to the Internet is the next chapter, with information presented on hardware, connection options, using the browser, email and IM. The Internet is a must-have so this chapter is well placed. Get 'em going and they'll keep plugging along!

Once the reader is up and running, a side road is taken for those who want to get more familiar with the GUI and who like to tweak everything to look as individual (and tacky) and they can.

After getting on the Web, printing is probably next on the list in importance. Grant dedicates Chapter 6 to explaining how the reader can achieve good printing karma with printer support, printing to PDF, changing settings and handling queues.

Part one of external media is covered next, with an introduction in to floppies (whaaaa?), data and music CD reading/playing/burning, and ISOs (an absolutely necessary part of life for Linux users, especially since we all tend to experiment with different distros when they become available!).

With Chapter 8, we get into the core of every OS user's skill set, no matter how newbie the newbie is, one thing everyone wants to know how to do on their platform of choice: how to install applications (did I say "games"?). Grant gives the reader a very well written chapter on package management, walking the reader gently through four examples, including Skoosh and -- woo-hoo!! -- Frozen Bubble (well, we all need Frozen Bubble!). He even gives the reader a taste of "dependency hell" (don't panic! It's a controlled environment!). There will be a few folks who complain that RPM is Redhat-centric thinking and they'd be right. We are working with Fedora Core after all. Remember the "'Nuff said" above'?. Grant later presents chapters on APT and Synaptic and also on compiling a program from source so the reader has ample chance to get geeky.

A (too short) chapter on the terminal and the command line is wedged in between with practice projects on pyWings and pyChing that brings it all home. Part two of data management comes next, covering USB storage devices and the Windows partition, if there is one. Chapters 13 and 14 deal in depth with music (audio formats, mp3 support, apps like Grip, Rhythmbox and XMMS) and 'getting arty with the GIMP' (including how to scan and use your digital camera).

Then, it's back to business, with several chapters dedicated to workplace productivity and what options are available to Linux users in a 'dark side' dominated world. Grant looks at several office suites including OpenOffice.org (the clear winner) as well as KOffice and some stand-alone apps like AbiWord, Dia, Gcalctool and GPdf. There is also quite a bit of excellent coverage on fonts (a must read!) and finally, language support within Linux.

Now, if everything is working well so far and you can connect to the Internet, print, get your work done and play games. So what's left? Doing it all from your living room, bedroom, even bathroom! In short, going wireless. Grant succinctly explains what it means, what you need and how to do it.

The last few chapters of the book deal with bits and pieces of necessary information that are essential to the reader for further Linux exploration: system settings and system updates, KDE, 'odds and ends' and the requisite troubleshooting section for "uh oh, now what do I do now?" moments. Lots of help and resources round out the book.

A few things could have been expanded on or included: a bit more on firewalls and internet security (we are not entirely immune, after all), handling email attachments is missing (the author promises an update to this on his web site), something on yum and device installation; the slim description of installing a CD-RW drive in the book merely refers the reader to his web site where one can download PDF instructions ...hmmm, that seems a bit skimpy. Installing drives and cards (especially sound cards) would have been a nice chapter on its own, especially since this would most likely require re-compiling the kernel. The reference to this on Grant's web site results in a 'broken' pdf link and no obvious way to alert the author to the damaged file.

At this writing, there are only a few errata but it would be wise to take a peek at Grant's site before delving too deeply into the book.

Overall, I like how Grant chose to lay out his chapters; he's anticipated the needs and expectations of the level of reader he's targeting and placed well-constructed topics in a logical series of chapters. Nicely balanced information for a new Linux user, an on again/off again Linux user or for the switcher (is that trademarked?!). Other distros will be a short leap after reading this one volume. So yes, I lied: Linux for Non-Geeks is for your mom -- and for you, too, come to think of it. (And are those references to Vonnegut scattered about? Erudite crowd, Linux folk, yes?)

You can purchase Linux For Non-Geeks, A Hands-On, Project-Based, Take-It-Slow Guidebook from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

Alex Moskalyuk writes "Remember the Best Buy commercial where a puppet asks a woman for a laptop computer, and upon hearing that it's a 'wireless' laptop, starts imagining his life free of strings and limitations? That guy doesn't know it yet, but soon the harsh reality will kick in, ironically kicking him off the wireless network periodically if he uses Microsoft Windows Wireless Zero Configuration or if he wants to run Linux on a laptop with WiFi card that doesn't support Linux. This book, however, is not just about getting your Linux laptop onto the wireless network. Granted, WiFi plays a big role in today's business and personal networks, and three chapters are dedicated to exactly that purpose, but behind that wireless adjective we have a variety of technologies." Read on for the rest of Alex's review of Linux Unwired, from O'Reilly. Linux Unwired: A Complete Guide to Wireless Configuration author Roger Weeks, Edd Dumbill, Brian Jepson pages 300 publisher OReilly rating 8 reviewer Alex Moskalyuk ISBN 0596005830 summary Complete guide to wireless configuration on Linux

Infrared, Bluetooth, 802.11 (in current a, b and g offerings, 802.11i is also being discussed), wireless access points friendly to Linux, United States commercial cellular networks and GPS systems are all covered in a single title that surprisingly fits all of this information into 284 pages. All the chapters can be subdivided into two large parts - familiarizing yourself with the technology (the primer on GPS is pretty good) and running Linux on it (with code and shell command samples and lots of URLs).

Introduction

The authors start up with introduction to wireless, intended for Linux geeks who are not quite up to speed on radio technologies. The concepts of waves, spectrum and radio wave behavior are explained, so later the reader can explain what a retracted radio wave is. Then the first chapter moves on to explain antenna behavior, wireless infrastructure modes and some common problem, like a hidden node in ad-hoc infrastructure. The chapter is well-written, and you're not expected to have an advanced radio degree or ARRL membership to understand the terms.

WiFi cards

Chapters 2, 3 and 4 deal with connecting a Linux desktop or notebook to a wireless 802.11 network. The first issue is that of chipsets used in the wireless card, and even though enough research has been done already, authors discuss different quirks relevant to Intersil Prism, Lucent WavelLan/Orinoco, Aironet/Cisco, Symbol, Atmel, Atheros and Broadcom chipsets. We need to discuss chipsets instead of discussing the actual wireless cards, since some hardware may be shipped under the same brand name with different internals. "A good case in point: the D-Link DWL-650. This radio card initially shipped with a Prism II chipset and was very popular, because it worked on a Linux box. However, D-Link changed chipsets when it released the DWL-650 Version 2, choosing the ADMtek chipset. It is very difficult to tell from the packaging which version of the DWL-650 you are purchasing".

The chapters are done in traditional walk-through mode. They are not HOWTOs or compendia of reference information, available from the manufacturer's Web sites. The authors made an effort to ensure the reader is capable of starting up a wireless connection on Linux box, knowing nothing about it while learning important technology in the process. Certain wireless drivers need to be compiled into Linux kernel, so the task is not for the meek, but with detailed explanation, plenty of URLs and nice fonts and paragraph formatting O'Reilly Publishing uses to differentiate between the text, commands entered at the shell, and URLs, the book is easy to read.

Chapter 3 (available in PDF) teaches the reader how to connect to existing wireless network once the wireless card has been recognized by the system and proven functional. By the time the book hit the stores it was already a bit out of date, since the very first hotspot operator, Cometa Networks, shut down in May 2004. Chapter 4 discusses wireless security, touching WEP settings, a $20 Linuxant utility allowing the user to implement WiFi Protected Access, as well as authentication utilities wpa_supplicant and XSupplicant.

WiFi access points

The issue of WiFi access points is not trivial either, as many vendors out there will ship the product with a Windows app being the only way to set it up. However, for the access point setups that are Web-based, a browser in Linux will do the job. The most Linux-friendly access point include Linksys, Netgear, D-Link, Cisco, SMC, EnGenius, Belkin, US Robotics, Microsoft and ActionTec. Again, harsh reality kicked in between the time the book was written and went to press, and it's sad to see yet another Linux-friendly access point vendor quitting the market.

Not satisfied with commercial offerings out there? Chapter 6 takes the reader into the task of building your own access point. Don't forget that an access point doesn't need to be a compact portable - your old 486 with Linux on it and a wireless card connected to it might serve the purpose. Unfortunately, after all the hardware is bought and assembled, the final product might still cost you the quadruple (in case you go with smaller form-factor motherboards and CompactFlash cards for software storage), so consider this more as a geek project, not a viable solution. The authors use LinuxAP distribution for this task.

16 pages are dedicated to hacking Linksys WRT54G access point with Sveasoft, described as disruptive technology by Robert X. Cringely. The authors also take a brief look at Wifi-box and OpenWRT.

Other wireless technologies

Bluetooth, Infrared, cellular and GPS chapters follow the same chapter plan - first the basics of the technology and simple use case scenarios of what you might use it for, then the hardware needed to implement the wireless technology, available Linux software to do the jobs, accompanied with the list of shell commands to successfully talk to a wireless product, and after that typical applications of the working link.

The authors tested various wireless data plans in the United States, although this data, once again, is constantly changing as the operators buy one another and introduce new data plans. The winner of the quality and the fastest download tests, by the way, was a Motorola v120e phone on Verizon Wireless network. In upload speed tests a Merlin C201 PCMCIA card on Sprint PCS network won. T-Mobile also offers a PCMCIA card for its GPRS network, so the authors install and run it under Linux in Chapter 9.

The last chapter discusses using Linux computers with GPS devices and open-source GPSdrive project for reading GPS data.

The book

For those just venturing into the wireless world, the book would be useful. All the information provided on WiFi connectivity can perhaps be googled and found in various HOWTOs. With wireless operators, GPS systems and Infrared connection one would have to rely on enthusiast sites and newsgroups. Having such informative title that covers all of the technologies would be very useful to a Linux enthusiast.

With that, the book can be quite overwhelming, although it's probably not intended to be read from page 1 to the end. There's usually more than one correct way to do things in Linux, and for each successful project another competitor appears on SourceForge the next day. I like the authors' approach of dedicating most of the chapter space to one, leading, Linux package that seems to be dominant in the field, and then briefly mentioning the others. A notable omission is Intel's Centrino drivers for Linux, as the company is bound to become a leader in the chipset marketplace with 42% of notebooks shipped in 2003 running Centrino chipsets.

But overall the book proved to have a high informational and educational value, not only you follow the steps on setting up wireless technologies on Linux, but you also learn the internals of the technology and why certain things are done that way, but not another.

You can purchase Linux Unwired from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

honestpuck writes "Paul Graham has delivered final proof that he is a marvelous essayist with his volume of fairly diverse writings, Hackers & Painters. I first came across his writing with his article, "A Plan For Spam," on using Bayesian filtering to block spam and found it a well written and informative technical article. I next came across him some time later when he wrote an essay on his web site entitled "Hackers & Painters," and once again it was well written, informative and (more importantly for an essayist) thought provoking. I was excited to hear he had published a volume of writing and pleased when O'Reilly sent me a copy, despite my pleas that I did not have time to review it." He found time, to your benefit; read on for honestpuck's review. Hackers & Painters author Paul Graham pages 271 publisher O'Reilly Media rating 8 - May not interest absolutely everyone reviewer Tony Williams ISBN 0596006624 summary Interesting collection of essays, mainly concerned with software

Literature has a long history of the essayist; since those famous theses on the church door at Wittgenstein a well written and thought provoking essay on a topic has provided power and focus for important discussions. Graham has either learnt or discovered the important points in writing a good essay; brevity, quality writing and thought.

In this volume Graham covers a range of topics, though all are, understandably, centered on computers. Why nerds are unpopular at school, and what this demonstrates about our eduction system; why program in Lisp; the importance of "startups", programming languages and web development are all touched on. At the same time he covers topics less techno-centric such as heretical thinking and speech. wealth creation and unequal income distribution.

I found myself disagreeing with him often while reading the book, though every time I did I found his argument compelling. I agree with Andy Hertzfeld, quoted on the back cover of the book, "He may even make you want to start programming in Lisp." Graham is politically more conservative and right wing than me, he is also a fervent supporter of Lisp, while I'm a C and Perl advocate. It is telling that at no time did I find myself railing at his views, rather I was reading his arguments and giving them meme space. A good sign of a writer that does not indulge in unnecessary or extreme polemic.

Graham also tends to concentrate on a single point in each essay, allowing for both good coverage and a brief essay. Where he covers a larger context, such as high school education in "Why Nerds Are Unpopular" that opens the book, he seems to focus on just one or two good points of discussion.

The title essay is the second in the collection and provides an interesting look at hacking and some lessons we can learn by analogy to the work and life of Rennaissance painters, particularly in how it is done and how it can be funded. The third, "What You Can't Say" is social commentary on heretical thinking. Four, "Good Bad Attitude" is on the benefits of breaking rules, both in life and hacking. Five, "The Other Road Ahead", is an excellent look at web based software and why it offers benefits to both user and developer with Graham examining some lessons he learnt while building ViaWeb. Six, "How To Make Wealth", is a look at becoming wealthy and how a 'startup' might be the best way to do it. The seventh, "Mind The Gap", is an argument that we should not worry so much about 'unequal wealth distribution' and why it might actually be a good thing. From this list, and a look at the table of contents (available as a PDF on the O'Reilly page for the book), you can see that Graham covers a wide spectrum while never straying from topics he knows.

If I was forced to identify a weakness in this book it may well be that Graham does not evince doubt or uncertainty in his arguments, on a few occasions he may admit to a narrow view or knowledge but doubt or uncertainty don't seem to enter his field of vision while he writes. This coupled with a single viewpoint makes the book less than all-encompassing in discussion. However, I must admit that it is almost impossible to be anything more with a single author and Graham may well be more honest than others who pick and choose the alternatives they present.

Most of the essays are available at Graham's website, but frankly I am a fan of dead trees and appreciated that this book could be read on the bus or in bed. If you would prefer something you cna read on the bus then a PDF of the second chapter, "Hackers & Painters" is available from the O'Reilly page linked above.

I would recommend this book to anyone who wants to think about a number of topics important to the culture of our tiny corner of the world, computers and the net, while not ignoring the rest.

You can purchase Hackers & Painters from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

Two strongly contrary claims describe the usability of Unix and Unix-like operating systems. Roughly, these claims go like this: 1) "Unix is easy! With a few simple commands you can navigate the filesystem and manipulate text; for the rest, just read the fine manual." That's the viewpoint (painting with a broad brush) of technically literate technojunkies. 2) "Unix is a pain. Cryptic commands, confusing explanations -- when I can get them -- from my smug cousin Jim. And where is this so-called manual?" That's the viewpoint (same broad brush) of a lot of people who -- let's say -- aren't the ones rushing to upgrade their heatsink and overclock their RAM, but have given things Unixy a spin. Linux for Dummies has been around long enough to reach its recently published 5th edition (written by Dee-Ann LeBlanc); it aims to bridge the 'Way too Hard!' and 'All Perfectly Easy' schools of thought. Read on for my review of the book. Linux for Dummies, 5th Edition author Dee-Ann LeBlanc pages 382 publisher Wiley rating 8 reviewer timothy ISBN 0764543105 summary The large-print onslaught on Linux anxiety continues, with lucid explanations and examples for the non-guru.

Not everyone can Read The Fine Manual Wiley's "For Dummies" series tends to provoke polarized reactions, so here's fair warning: I love them more than I loathe them -- partly out of contrarianism, partly because I often fall well within their target demographic. If the folksy, self-deprecating tone of these books infuriates you as it does many people, most likely it's because you aren't part of the target audience. No one likes being talked down to. On the other hand, for many people who might otherwise be interested in switching to Linux (or at least playing with it more), being told to look at man pages is like being told to drive up a brick wall, and books like Linux for Dummies are a welcome resource both to learn from and to point out to others. (For more technically oriented novices and intermediate users, I might rather point out Jon Lasser's Think Unix! )

A series of bracketed command-line options (followed by terse explanations of what each one does) works perfectly, to those familiar enough to use them. Man pages are a great memory aid, reminder, and basis for experimentation ("Hmm, can I combine the -a and -v switches?"). What man pages aren't is consistently friendly and approachable; this book is. This is not a knock on man pages: the thing is, they're written by and for "computer people," which is not the same as everyone who wants to use a computer. Not everyone is a power-user, or wants to be, and on areas outside their usual domains, even power users can sometimes use a bit more hand-holding.

Promises, promises Linux for Dummies' back cover says it will teach the reader how to work with popular Linux distributions (specifically, Fedora, SUSE and Mandrake), choose an ISP and configure dialup access, understand bash syntax, install and use OpenOffice.org, and manage the Linux file system. It does all of these things, to a reasonable depth, but don't expect a heavy tutorial on any one of them: the whole point is naming and defusing common newbie problems. A DVD included with the book contains Red Hat's Fedora Core 1 and source code, making it a reasonable way to obtain that distro as well.

LeBlanc is a good instructor; since she does computer training professionally, it's not surprising this book is organized well for self-directed learning, albeit at a pace that readers installing Gentoo on obscure hardware would likely find boring -- Chapter 6, 82 pages in, is titled "Dip in those toes." To be fair, by that point the book has zipped right through readying a system for and then installing a Linux distribution, and booting up for the first time. Not bad, really.

The early chapters leading up to that toe-dipping fulfill parts of the back cover's promises, by going through a graphical Fedora installation step-by-step (showing the user how to fill in each blank and go on to the next stage), then adding in the next chapter Mandrake- and SUSE-specific differences, emphasizing the similarities more than the idiosyncrasies.

The book's later chapters cover connecting to the Internet (via ethernet or modem), using a number of commonly included programs for email, web-browsing, word-processing and other workaday tasks, manipulating several types of files (for plaintext, this book leans understandably toward vi over emacs, but where are pine or joe?), navigating and lightly tweaking both GNOME and KDE, playing music and video files, and securing and updating one's system. Since there's clearly no way one book can address all of these things to the satisfaction of an advanced reader in 360 pages of text, don't look at the book that way: instead, the text provides a chatty overview of big issues (a few hundred words on why to avoid unnecessarily running as root, say), links to websites around the net for longer explanations, and skips completely religious wars about text editors, licenses, and proper window management.

When it comes to applications, this book is oriented toward desktop use; Apache doesn't even make the index. Chapters 7, 8 and 9 cover connecting to and using the Internet. Chapter 7 is all about the technical side of this -- setting up a working connection (with a friendly, necessary warning that not all modems, and not all ISPs, are equally adept at handling anything other than Windows), assigning IP numbers (or using DHCP) and using tools like traceroute to verify that things are working right. 8 and 9 cover various Internet tools, leaning toward Mozilla and Evolution for web-browsing and email, respectively. (Konqueror gets a one-line mention as a web-browser here, which is a bit short considering its strong KDE integration and dual life as a file browser.)

Working with file permissions and directories (both with and without a GUI) occupies Chapter 10, while 11 goes strictly into working from the command line. It's no In the Beginning Was the Command Line , but it does an admirable job of introducing the most necessary command line tools without straying into esoterica: things like ls, cd, pwd, man, clear and kill, in other words, the ones without which it would be hard to get around a system.

Chapter 14 is solely about using OpenOffice.org; it covers the drawing, presentation, spreadsheet, math and word-processing modules well enough to get started with each one. While there's a lot to be said for Abiword (clean, quick) and KOffice (frame orientation is very useful), OO.org is probably the most sensible office software to focus on in a book aimed at a non-expert audience. (And for the moment, anyhow, I find it the most compatible with Microsoft's office suite, which lends it considerable power in the form of network effects.) The chapter provided does as much justice to the suite, with lucid first steps outlined for common tasks like writing a text document and doing simple calculations with the Math module, as roughly 30 pages can be expected to.

By contrast, Chapter 18, devoted to securing one's system by way of passwords, network management and use of SSH, is only 13 pages long. (For the moment, that may be enough for this book, but I suspect by the next edition it won't be.) Still, quick but workable explanations of connecting from the Linux desktop to remote machines via ssh, and connecting Windows clients via ssh to your new Linux box, at least close some of the most obvious security holes, as does the advice to close down unneeded ports and daemons.

Screenshots throughout (cleanly printed greyscale) are well-chosen; this is one of the improvements that this edition has over the 1st edition I gave to my father a few years ago. Most of the screenshots reflect the author's choice of GUI programs over terminals, including graphical utilities for things like setting security options. By choosing Fedora's, LeBlanc sidesteps arguments about KDE vs. GNOME aesthetics -- since the images use the default Bluecurve theme (which looks just about identical under both of the most common windowing environments), I'm not even sure which environment was used to create most of them.

Two appendices close the book: the shorter (second) one lists the contents of the included DVD and system requirements; the longer one which precedes it provides a listing of common commands from alias to xxd (about which more below).

Along for the ride The included DVD is a compromise between audience (self-diagnosed computer dummies) and practicality (fitting six CDs' worth of Fedora into a book jacket with minimal fuss). The machine I set aside to play with Fedora doesn't have a DVD drive, so I used a standard download from Red Hat to play along with the examples. (I didn't bump into any contradictions between screen and page, but that's Situation Normal, since I used the same distribution.)

(Aside: though for various reasons Fedora does make a wise choice in a book like this, I hope future editions, or competing books in the non-expert-user niche, will use Live CDs such as Knoppix instead. That would open them up to users who want to mess around with Linux more before crossing their fingers and wiping a hard drive.)

There's one more freebie -- a single-sheet tear-out reference sheet listing common commands and a few of their options, including a list of the right commands to mount CDs under the Red Hat and Mandrake (identical) and SUSE (just slightly different enough to confuse). It only has to get used a few times to be worthwhile.

The gloss ceiling The same brief-and-breezy approach that makes the book worthwhile for some purposes (like not abandoning the audience) sometimes just makes it confusing; in several places the compromises necessary in boiling down a complex subject for a beginner audience made me itch to pencil in suggestions.

A few more pages worth of one-line summaries would have made the Appendix A, (the one on common Linux commands), far more valuable. As it is, LeBlanc lists a number of general categories (Printing, System Control, Communication, etc), summaries each category, and lists several built-in commands relevant to each.

Under the heading of 'Communication,' for example, she points out that sysadmins find the listed utilities "useful for providing information about users and communicating with them," then provides a handful of commands: finger, wall, write, and who. And while the section starts out with the advice to look up each command's man page if curious, this section strikes me as filler in its current configuration -- it could be struck to make more room discussing Live CDs, or vector drawing apps, or Mozilla's mail client as an alternative to Evolution.

Many applications are given short shrift simply because an adequate treatment of more window managers, graphics programs (two and a half pages dedicated to the GIMP is more than most programs get), music players and all the rest would have meant a far thicker book. I wish a few pages had been spared for at least capsule descriptions of pico and nano (my favorite text editors for Dummies -- err, "future experts" -- including me), Xchat, and gaim. Also on the wishlist: Wiley would commission LeBlanc to write a similar book aimed squarely at schools, in which applications like Scribus and some of the many Edutainment packages could be emphasized instead.

Since I've been dealing (arguing) with a wireless network in the time I've had this book, there's one other thing I wish this text didn't skip, which is a tutorial on connecting Linux systems via 802.11. The typical distro's autodetection abilities and set-up tools have improved to the point where this would be no more complicated to explain (and probably more useful) than the provided explanation of connecting through a modem.

The Upshot for Dummies Linux for Dummies isn't for everyone; it leaves out far more than it includes, leading to what would for advanced users be egregious omissions. However, for new, intermediate and merely rusty users, this book easily justifies its $30 pricetag -- as a confidence boost to the absolute beginner, and a refresher to everyone else. Linux, for various reasons of various worth, can certainly be cryptic (the same can be said of Windows and probably every OS under the sun), but a little bit of executive summarizing can inspire a would-be user, so he can actually enjoy and understand using it. Kudos to LeBlanc for providing that kind of catalyst.

You can purchase Linux for Dummies, 5th Edition from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

Martin Ecker writes "Following other entrants in the successful series of graphics and game programming-related "Gems" books, Randima Fernando of NVIDIA has recently released GPU Gems - Programming Techniques, Tips, and Tricks for Real-Time Graphics through Addison- Wesley. As the title indicates, GPU Gems contains a collection of tips and tricks for real-time graphics programming with graphics processing units (GPUs) that are found on modern graphics adapters." Read on for the rest of Ecker's review, and for a few more notes on the book. GPU Gems – Programming Techniques, Tips, and Tricks for Real-Time Graphics author Randima Fernando (Editor) pages 816 publisher Addison-Wesley Publishing rating 9 reviewer Martin Ecker ISBN 0321228324 summary An excellent book containing many "gems" for real-time shader developers.

The book is intended for an audience already familiar with programmable GPUs and high-level shading languages and is divided into six parts that concentrate on particular domains of graphics programming. Each part contains between five andd nine chapters, with the entire book containing a total of 42 chapters. Each chapter was written by a different renowned expert(s) from a gaming company, tool developer, film studio, or the academic community. About half of the contributors are from NVIDIA's Developer Technology group. The chapters focus on effects and techniques that help developers to get the most out of current programmable graphics hardware. With approximately twenty pages per chapter, the contributors are able to describe various effects and techniques in-depth, as well as delve into the required mathematics.

All the shaders in the book are written in the high-level shading languages Cg and HLSL. The demo programs on the CD-ROM that accompanies the book use both Direct3D and OpenGL as graphics API, depending on the authors' preferences. Even though the shaders are in Cg and HLSL, it should be fairly straightforward for OpenGL programmers who might prefer to use the recently released OpenGL Shading Language to port the shaders, as the syntax is very similar.

The first part of the book deals with natural effects and contains chapters on rendering realistic water surfaces, water caustics, flames, and grass. Two chapters look behind the scenes of NVIDIA's Dawn demo, which shows a dancing fairy with realistically lit skin. There is also a chapter on Perlin noise (improved version) and its implementation on GPUs that was written by Ken Perlin himself.

The second part of the book concentrates on lighting and shadows. There are chapters from people at Pixar Animation Studios that describe some of the lighting and shadow techniques used in their computer-generated movie productions, as well as a chapter on managing visibility for per-pixel lighting. In the shadow department, the two predominant ways of rendering shadows in real-time, shadow mapping and shadow volumes, are discussed with possible optimizations and improvements. The chapter by Simon Kozlov on methods to improve perspective shadow maps presents some especially interesting new material on the topic.

The third part of the book covers materials and contains chapters on subsurface scattering, ambient occlusion, image-based lighting, spatial BRDFs, and how to use them efficiently in real-time, while part four describes various techniques for image processing (being used more frequently in computer games), mostly in the form of post-processing filters. The chapters presented in this section deal with various depth-of-field techniques, a number of filtering techniques using shaders, and the real-time glow effect seen in many of the newer games (especially in Tron 2.0). Not surprisingly, one of the authors of this chapter is John O'Rorke from Monolith Productions, a developer of the game. Contributors from Industrial Light & Magic introduce the OpenEXR file format used for storing high-dynamic-range image files (see openexr.org).

Part five, titled "Perfomance and Practicalities," is a collection of chapters that deal more with software engineering aspects of developing software that uses shaders. In particular, there are chapters on optimizing performance and detecting bottlenecks, using occlusion queries efficiently, integrating shaders into applications and content creation packages (in particular Cinema4D), and how to develop shaders using NVIDIA's FX Composer tool. There is also an interesting chapter on converting shaders written in the RenderMan shading language, a language for offline rendering, to real-time shaders. The chapter uses a fur shader from the movie "Stuart Little" to demonstrate this conversion. With the large increase of GPU processing power, more shaders from the offline rendering world will enter the realm of real-time graphics and it will be useful to re-use already existing resources, such as RenderMan shaders.

The final part of the book deals with a topic that has recently received a lot of attention by graphics researchers - a topic called General Purpose GPU or GPGPU programming, i.e. using the GPU for other things than rendering triangles. This part comprises chapters on performing computations, in particular fluid dynamics, on the GPU, chapters on volume rendering, and a nice chapter on generating stereograms on the GPU. As a side note, there is a website that deals exclusively with news in the GPGPU community at gpgpu.org.

The book contains a many images that show the presented effects in action, and also plenty of diagrams and illustrations that explain more complicated techniques in detail. Unlike Randima Fernando's previously released book, The Cg Tutorial, which I have also reviewed in the past on Slashdot, the book and all of its illustrations and images are printed entirely in color. The large number and high quality of the illustrations is probably one of the best features of this book that makes even the more advanced effects easily comprehensible.

The book comes with a CD-ROM that contains sample applications for most of the chapters in the book. Some of these applications include the full source code, whereas others, such as NVIDIA's Dawn demo (also described in some of the book's chapters), are included as executables only. It must be noted that all applications run exclusively on Windows, even though some of the samples that are available in source code form and use OpenGL could probably be built to run on other operating systems as well. Furthermore, about half of the samples require what Fernando and Kilgard in The Cg Tutorial call a fourth-generation graphics card to run, in particular, an NVIDIA GeForceFX card. Note that most samples that require a GeforceFX will not run on comparable ATI hardware. This comes as no surprise since GPU Gems is predominantly an NVIDIA book. It should be noted, however, that the techniques, effects, and shaders presented in the book's text are generally applicable to programmable GPUs and are equally useful when working with graphics hardware from vendors other than NVIDIA.

This is a great book that every programmer involved in game development and/or real-time computer graphics should have on his/her shelf. For the game programmer it is critical to stay up-to-date with the latest and greatest effects available with modern GPUs in order to remain competitive when creating the gaming experience. For the graphics developer, it is interesting to see how the immense processing power of current graphics hardware can be exploited in graphics applications. This book offers insight on both of these topics and more, and I highly recommend it.

A few notes from reader Akalgonov: Reader akalgonov contributes a few more thoughts on the book:

"The sample programs and demos require shader support, Cg, OpenGL, or the latest version of DirectX to run. On the plus side, the majority of the companion topics included pre-compiled binaries (but not the runtime dynamic link libraries) or an AVI illustrating the subject in addition to the source code. While the CD contains over 600 MB of examples from the text, it provided only 23 of the 42 topics covered in the book. Since most of the articles provide an overview and references to a topic, additional material on the CD would have been beneficial.

I found the wide range of subjects quite interesting - and was refreshed that the topics actually seemed "ahead of the curve" in terms of hardware requirements. However in order to provide more subject depth, it seemed that the text could have been split into two volumes in order to expand the existing chapters with sufficient depth. As the material is just enough to get one started, the subject treatment may disappoint some readers seeking to apply the clever and unique techniques presented in the book directly or those hoping to use the book as an opportunity to learn some of the advanced features provided in a programming graphical processing unit."

Martin Ecker has been involved in real-time graphics programming for more than 9 years and works as a games developer for arcade games, and works on the open source project XEngine. You can purchase GPU Gems -- Programming Techniques, Tips, and Tricks for Real-Time Graphics from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Spencerian writes "Aaron Hillegass new book, Cocoa Programming for Mac OS X, 2nd Edition, is a very helpful book for developers interested in getting not only their feet wet, but become totally immersed in creating applications using the OpenStep-derived API known now as Cocoa. Don't dive in without knowing how to swim in C++/Java, however." Read on for the rest of Spencer's review. Cocoa Programming for Mac OS X, 2nd Edition author Aaron Hillegass pages 450 publisher Addison Wesley rating 9 reviewer Kevin H. Spencer ISBN 0321213149 summary Aaron Hillegass new book, Cocoa Programming for Mac OS X, 2nd Edition, is a very helpful book for developers interested in getting not only their feet wet, but become totally immersed in creating applications using the OpenStep-derived API known now as Cocoa. Don't dive in without knowing how to swim in C++/Java, however.

The author is no stranger to OpenStep, having worked at NeXT as well as Apple in OpenStep application development and training. Currently, Hillegass teaches Cocoa programming for The Big Nerd Ranch.

Cocoa Programming for Mac OS X, 2nd Edition is written in a way that makes you feel like you are in a class. There are prerequisites you must know and understand before you can begin, and, as a good professor would, the author points out what you need to have and know before beginning. Happily, the author is quite meticulous and has generously provided useful resource links and help where readers may explore for their supplies and primers and the like.

Essentially, anyone with a copy of Mac OS X 10.3 Panther has all that should be required--the Developer Tools CD contains all developer software and documentation necessary (the author notes in the book specific locations for key primers and references).

If you are experienced in C++ or Java programming, Cocoa development will seem familiar enough. Objective-C is used throughout the book (the author notes that development in Java is possible, but not recommended) for the various and numerous exercises. Cocoa development is made easier with Apple's Xcode application, however, Cocoa is not for the timid or novice programmer. This book is well-written and easy to follow IF you have a respectable level of C/C++ or Java development under your belt.

The text, as well as its diction, is easy on the eyes and mind, and while this is a programming book, the author's voice speaks well, allowing you to feel as if you can ask the book questions as if you were in a classroom. Graphics and text are plentiful, but information is not packed on every page, so following along is far from drudgery. Each chapter does stack itself on information from the previous, so this isn't a reference book in the strictest sense.

Addison-Wesley, the publisher, has formatted the book nicely, with a pleasant font that won't tire the eyes, consistent code and text conventions, and a detailed Table of Contents and Index, However, it's thickness and binding doesn't lend itself to lying flat, so you'll have to weight the book pages down to read the book hands-free as you type in examples. Speciality bindings that could have been useful for this book are not cheap, based on my publishing experience, and such a binding would add more to the book's $45 US cost. (Amazon has a great deal on the book at the time of this review.)

Five new chapters were added in this 2nd edition, which discuss creating AppleScriptable applications, integrating OpenGL, adding Undo abilities, creating reusable frameworks, and tinkering with GNUStep, the raw open-source tools for those curious about making Cocoa apps under Linux.

If you're a UNIX or Windows developer who picked up a Mac OS X machine recently in hopes of developing new apps or porting your apps to Mac users. this book should be strongly considered as one of your essential reference and training tomes.

You can purchase Cocoa Programming for Mac OS X, 2nd Edition from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

Alex Garrett writes "First, a quibble. Hardcore Java is not hardcore. Hardcore is implementing coroutines in assembly language or creating a full-fledged OO system in 6K. But if you ignore the title and judge the book solely on its merits you'll find that a Java novice will find a good selection of interesting topics and even an expert will learn a few things. The expert will also find plenty of things to disagree with -- some matters of opinion and others of fact." With that start, read on for the rest of Garrett's review of Hardcore Java, a book in which he finds slightly more worth for Java novices than experts. Hardcore Java author Robert Simmons, Jr. pages 400 publisher O'Reilly rating Experts: 4/10; Novices: 6/10 reviewer Alex Garrett ISBN 0596005687 summary The path to Java guru-hood

The two fatal flaws with this book are that it suffers from a lack of cohesion and focus on its audience and that it doesn't present anything new. That the book doesn't present anything new isn't bad if its goal is to summarize, clarify, and educate the novice. But this book doesn't even work for novices because the author has misidentified his audience. At times he writes for the intermediate programmer, at other times he writes for beginners. The confusion over the audience causes the book to leave novices and experts unsatisfied in equal parts.

Detailed Review
Simmons goal is to write a book that helps "transform a [Java] developer from the intermediate level to a true guru." It is his contention that there is a distinct lack of books that target the intermediate to advanced programmer -- his shining exception is the book Secrets of the C++ Masters by Jeff Alger. While I tend to agree with his assessment, I think that he fails for the following reasons: he doesn't stay true to the audience he has chosen and he doesn't say anything particularly new about the topics he covers.

Rather than provide a review of the book as a whole, I'm going to focus on a few chapters and describe what I thought worked and what I thought didn't work. I chose chapters where I thought the author really had an opportunity to distinguish this book from other similar books. At the end of the chapter reviews I provide an overview of the book.

Chapter 1: Java in Review
In this chapter the author sets the stage for the following chapters by providing an overview of the Java concepts that the reader is expected to be familiar with.

The Good:
Assertions are one of the things that a good software engineer should understand and use. It shows good judgement on the author's part to put them at the beginning of the book so the reader can benefit from the author's impressions. I also found his discussion of initialization to be insightful and interesting. I thought I had a pretty solid understanding of the subject but I was surprised to learn that a field can be initialized by what amounts to an inline method. The author cautions that this technique shouldn't be used often, but he gives a compelling example of when it can be used. It's definitely a trick I'm going to keep in my toolkit.

The Bad:
The first problem is that none of the material in this chapter is necessary for understanding the other parts of the book. Most of it could be reduced to footnotes or sidebars if the author felt it necessary to clarify subsequent topics, but to spend time explaining the importance of the default clause in a conditional is a waste of the reader's time. There's an old saying, "Tell me and I'll forget, show me and I may remember, involve me and I'll understand." The author of a technical book needs to make a significant effort to involve the reader. If involving the reader isn't possible for some reason, the author should, at the very least, show the reader rather than simply enumerating principles divorced from a learning context. Simmons should show us how to use assertions by using them. He does a great job of this with his ubiquitious use of final. I'm less certain of how well he does with his other core concepts. I could go back to the book and look it up, but if I need to do that, it means he's already failed.

The other problem with this chapter is that the author assumes the stance that the reader is a C++ programmer approaching Java. He asserts, "To understand the advanced concepts of the Java language, there are a few core concepts that you must have firmly in mind. Without these concepts, much of this book will not make a lot of sense. The concepts of pointers in Java, its class hierarchy, and RTTI (runtime type identification) are three of the most important on this list." This list might be important for a C or C++ programmer moving to Java (which is a position I'll hazard a guess that the author found himself) but it's marginally useful for anyone else. Allow me to summarize: Java has no pointers, all objects inherit from java.lang.Object, and you can interrogate an object to determine its type at runtime. 'Nuff said.

Unfortunately, this is a theme that runs throughout the book. The author seems to assume that his audience has a C++ background and he either differentiates between the things that Java has that C++ doesn't (e.g., pointers) or he introduces bits from his C++ background that are also in Java (e.g., the ternary operator). The reason for this, I believe, is that the author has failed to separate himself sufficiently from his audience. That's to say, he's writing the book that he would have liked to have read when he was starting his Java career. This isn't a bad thing if you're sufficiently like Robert Simmons, Jr. to warrant that kind of advice, but if you're not, his exposition is going to be hit or miss.

Chapter 5: Exceptional Code
This chapter covers the use and misuse of exceptions in Java. It provides a summary of the different types of exceptions and provides some guidelines for good coding practices.

The Good:
Exceptions are an important part of Java and are misunderstood by a fair chunk of Java developers. The author recognizes this and attempts to provide an introduction to exceptions and show some of the common exception anti-idioms. His discussion on the necessity of the atomicity of transactions was valuable and clear. He shows what happens in the rare instances when a transaction fails midstream and isn't rolled back. He then provides good advice on how to write code to prevent this sort of thing from happening.

The Bad:
This is a short chapter and that's unfortunate because the topic of exceptions is rich and worth much investigation. This chapter provided an excellent opportunity for Simmons to display some virtuosity and say something significant about the subject. If nothing else, he could have elaborated on the relative merits of checked exceptions vs. unchecked exceptions; a topic that has been the subject of Holy Wars in the Java/C# community. Unfortunately, all he really mustered was an, "unchecked exceptions are Java's way of not cluttering up your code with too many 'throws' clauses." (paraphrased, but see the end of section 5.1.1)

The author seems to have some good intuitions around the use and misuse of exceptions, but rather than clearly delineating the issues and sharing his insight with the reader, he sets up a couple of toy examples that show the syntax of exception handling and waffles around the issue of when to use checked exceptions and when to use unchecked exceptions. There is little enough spoken about exception handling that this might be sufficient if Joshua Bloch hadn't already provided a solid grounding in exceptions with Effective Java. But since he has, I had hoped for some new insights, which Simmons failed to provide.

Chapters 9 & 10: Practical Reflection and Proxies
These chapters provide an introduction to Java's capabilities for introspection of types and objects, as well as describing the new JDK 1.4 DynamicProxy class. Simmons also gives some examples of how to write proxies--dynamic and static.

The Good:
In choosing to cover Java's introspection facilities, the author demonstrates that he recognizes the importance of metaprogramming as a qualification of Java expertise. It's on par with things like writing classloaders or grokking bytecode and it separates the gurus from the merely competent. If nothing else, it gives Java programmers the opportunity to do the things that smug lisp weenies are always nattering on about.

The author gives a good overview of how reflection works in Java as well as providing some examples. He also distinguishes between static proxies (like the Proxy pattern in Design Patterns) and the nifty dynamic proxy part of JDK 1.4 and shows how to use these proxies and provides some demonstrations of how they can be used.

The Bad:
As with much of the book, the examples aren't particularly compelling and Simmons doesn't take the opportunity to take the reader to the next level and show him some sweet metaprogramming. Reflection and proxies aren't complicated conceptually, and the syntax is fairly straightforward. He could have gotten the implementation details out of the way and then provided examples from the field. The JMock guys are doing some nice work in generating mock objects for unit testing with dynamic proxy and the Nanning guys have a nice aspect-oriented programming framework that uses reflection and proxies. This is the kind of work that's being done with metaprogramming and confining the discussion to toy examples is discouraging.

Overall:
The Good:
The author has a good conversational style and seems like the kind of guy that you'd enjoy working with--friendly, knowledgable, and genuinely enthusiastic about his subject. The book has plenty of interesting material. The use of final is a great way of turning logic errors into compiler errors. A knowledge of metaprogramming is becoming more important every day, and bringing metaprogramming to test-driven development is an idea with considerable merit. Someone new to Java could use this book as a sampler of some important ideas in the practice of Java programming and explore the topics in greater depth at a later point.

The Bad:
This book suffers because the author identified his audience and stated his goal and then didn't follow the path he laid out. As a result, the author winds up disappointing all readers. The novice will find that the author glosses over topics that are clearly over their heads, while the expert will be bored by the level of detail that the author devotes to relatively simple topics.

Additionally, the examples are so simple that a newcomer to Java will not have trouble following them, but someone who has used Java for more than half-a-dozen months will find them uninteresting and unchallenging. The author should have taken the opportunity to really explore the space.

Conclusion:
While this book covered some interesting and high level java topics, it covered them shallowly and its content was presented inconsistently to readers of varying levels of expertise. The author needed to stick with his audience, choose topics that fit well together, and challenge the reader. That said, I don't lay the blame entirely on the author. His editor should have made the book tighter, more compelling, and more focused on its central thesis: helping intermediate Java programmers become expert Java programmers. The technical reviewers, who are presumably experts, should have provided the feedback that Simmons needed to raise the bar.

The book would be more appropriately titled, Robert Simmons, Jr. Shares Some Cool Things from Projects He Has Worked On. I think the best thing for this book would have been for the author to cull each chapter down to one quarter of its existing size and then publish them separately as magazine articles.

Alternate Sources:
The Java Programming Language, 3ed and Effective Java together cover nearly everything in this book in much greater detail and with better authority. Ken Arnold and James Gosling are two of three authors for the first book, and Joshua Bloch, author of the java.util.Collections classes is the author of the second. If you've mastered the material in these two books, you're an expert, full stop. Unfortunately, these books don't really cover reflection and proxies. If you're an intermediate java programmer and you want a good overview of proxies and metaprogramming in Java, I recommend the source code for Nanning, a lightweight aspect-oriented programming framework for Java.

Alex Garrett is a contract programmer who mostly works with Java. For a while, he was the acquisitions editor for Manning Publications, which inclines him to be a smug publishing weenie. You can purchase Hardcore Java from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

Ursus Maximus writes "'Sailing' is a gentle and easily readable re-introduction to Greek civilization and culture, with numerous parallels and lessons drawn to our own times by the astute author. Cahill has a real knack for this sort of thing, as he has amply demonstrated in three previous volumes in his "Hinges of History" series. I was introduced to his work in his first volume in the series, 'How the Irish Saved Civilization,' and I thoroughly enjoyed it. Cahill aims to give us a well rounded glimpse into the way the ancient Greeks lived, saw the world, and in fact into the whole of Greek experience. He does this in an idiosyncratic way that will please neither academics nor purists, but which does allow one to taste and smell the Greeks' cultural milieu, and not just to cogitate about it. But cogitate you will, as Cahill gives enough food for thought as post modern man is likely to be able to bear." Read on for the rest of Ursus Maximus' review. Sailing the Wine Dark Sea: Why the Greeks Mattered author Thomas Cahill pages 304 publisher Doubleday rating Excellent, 5 stars reviewer Ursus Maximus ISBN 0385495536 summary This book explores the Greek contribution to Western Civilization

According to Cahill, the Greeks' invention of the alphabet (or refinement of the Phoenician alphabet) into a potent intellectual tool was the beginning and the heart of their cultural expansion. Perhaps, in our own time, the arrival of computer technology and the web carries a similar promise, if only we can tease as much innovation from the web as the Greeks did from the alphabet.

But it is hard to consign the Greeks' invention of democracy (a Greek word meaning "rule of the people") to second place, even to so fine a contender as the alphabet itself. For the Greek city-state of Athens truly did refine direct democracy and their achievement can be seen as the bedrock and foundation of Western Europe's later development of democracy, and especially of the American experiment in indirect and representational democracy.

Yet of equally revolutionary significance is the Greek invention of total warfare, with highly organized militaries made up of hoplite soldiers and shrewd, calculating generals. This Greek way of warfare has been the foundation of the Western way of war ever since, right down to and including our current American military dominance of the planet. Cahill cites extensively from the brilliant and influential military historian Victor Davis Hanson and his book "The Autumn of War" to the effect that the western way of total warfare has dominated the planet ever since; and it appears that Donald Rumsfeld and Dick Chaney are well versed in Mr. Hanson's theories, not to mention Greek hubris.

The lessons for the USA in its war on terrorism alone are compelling, if not down right chilling. Central to the cultural echoes provided is a speech from Pericles, ruler of Athens at the beginning of the Peloponnesian War, a mighty struggle that lasted for 30 years, beginning with Athens at the height of its imperial, cultural and financial powers, and ending with Athens defeated and subjected to domination by Sparta and her allies, never again to regain the zenith of her glory and might.

At an annual ceremony honoring and burying the bones of her young war dead after the first year of the 30 years war, Pericles orated about the Greek forefathers, and he sounds a lot like a contemporary American politician:

"...generation after generation in unchanging and unbroken succession, they have, by their hard work and courage, handed down to us a free country... "

This comes from what is by far the longest of the many quotes Cahill intersperses in his book, and it sounds ever so much like George W. Bush. I admire the way the author intersperses these quotes without ever boring the reader. The quotes from such luminaries as Homer, Socrates, Plato and others are absolutely integral to the book and greatly enhance its character. If Pericles' speech above reminds us of Lincoln's Gettysburg Address, so it must also remind us somewhat of our current President's oratory about the War on Terror.

The book is organized around chapters that bring together material in an organic way, not an academic way; with titles like: "The Warrior: How to Fight", "The Wanderer: How to Feel", "The Poet: How to Party", "The Politician and the Playwright: How to Rule", "The Philosopher: How to Think", "The Artist: How to See", and "The Way They Went: Greco-Roman World meets Judeo-Christian".

All in all, this is a quick read, a delightful and thought provoking exercise, and a worthwhile adventure. I highly recommend it. Be forewarned though, you may find yourself wanting to go on and read the other volumes in the series, including "How the Irish Saved Civilization", "The Gifts of the Jews", "The Desire of the Everlasting Hills" (about early Christianity), and the three forthcoming volumes, the next of which is promised to be about how the Romans became Italians. By the time all three future volumes are published, this promises to be a very accessible investigation into the making of the modern world and the impact of its cultural innovations on the sensibilities of the West.

I suspect that Slashdotters of all persuasions will enjoy reading this book; you can read more on related topics on my weblog and web site at http://www.awaretek.com/weblog/

You can purchase Sailing the Wine Dark Sea: Why the Greeks Mattered from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

Jack Ganssle writes "High Integrity Software: the title alone got me interested in this book by John Barnes. Subtitled "The SPARK Approach to Safety and Security," the book is a description of the SPARK programming language's syntax and rationale. The very first page quotes C.A.R Hoare's famous and profound statement:'There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies.' This meme has always rung true, and is one measure I use when looking at the quality of code. It's the basis of the SPARK philosophy." Read on for more of Ganssle's review of the book, and some more on the SPARK language. High Integrity Software author John Barnes pages 448 publisher Addison-Wesley rating 8 reviewer Jack Ganssle ISBN 0321136160 summary The book describes a language that insures programs are inherently correct.

What is SPARK? It's a language, a subset of Ada that will run on any Ada compiler, with extensions that automated tools can analyze to prove the correctness of programs. As the author says in his Preface, "I would like my programs to work without spending ages debugging the wretched things." SPARK is designed to minimize debugging time (which averages 50% of a project's duration in most cases).

SPARK relies on Ada's idea of "programming by contract," which separates the ability to describe a software interface (the contract) from its implementation (the code). This permits each to be compiled and analyzed separately.

It specifically attempts to insure the program is correct as built, in contrast to modern Agile methods which stress cranking a lot of code fast and then making it work via testing. Though Agility is appealing in some areas, I believe that, especially for safety critical system, focus on careful design and implementation beats a code-centric view hands down.

SPARK mandates adding numerous instrumentation constructs to the code for the sake of analysis. An example from the book:

Procedure Add(X: In Integer);

--#global in out Total;

--#post Total=Total~ + X;

--#pre X > 0;

The procedure definition statement is pure Ada, but the following three statements SPARK-specific tags. The first tells the analysis tool that the only global used is Total, and that it's both an input and output variable. The next tag tells the tool how the procedure will use and modify Total. Finally a precondition is specified for the passed argument X.

Wow! Sounds like a TON of work! Not only do we have to write all of the normal code, we're also constructing an almost parallel pseudo-execution stream for the analysis tool. But isn't this what we do (much more crudely) when building unit tests? In effect we're putting the system specification into the code, in a clear manner that the tool can use to automatically check against the code. What a powerful and interesting idea!

And it's similar to some approaches we already use, like strong typing and function prototyping (though God knows C mandates nothing and encourages any level of software anarchy).

There's no dynamic memory usage in SPARK -- not that malloc() is inherently evil, but because use of those sorts of constructs can't be automatically analyzed. SPARK's philosophy is one of provable correctness. Again -- WOW!

SPARK isn't perfect, of course. It's possible for a code terrorist to cheat the language, defining, for instance, that all globals are used everywhere as in and out parameters. A good program of code inspections would serve as a valuable deterrent to lazy abuse. And it is very wordy; in some cases the excess of instrumentation seems to make the software less readable. Yet SPARK is still concise compared to, say, the specifications document. Where C allows a starkness that makes code incomprehensible, SPARK lies in a domain between absolute computerese and some level of embedded specification.

The book has some flaws: it assumes the reader knows Ada, or can at least stumble through the language. That's not a valid assumption any more. And I'd like to see real-life examples of SPARK's successes, though there's more info on that at www.sparkada.com.

I found myself making hundreds of comments and annotations in the book, underlining powerful points and turning down corners of pages I wanted to reread and think about more deeply.

A great deal of the book covers SPARK's syntax and the use of the automated analysis tools. If you're not planning to actually use the language, your eyes may glaze over in these chapters. But Part 1 of the tome, the first 80 pages which describes the philosophy and fundamentals of the language and the tools, is breathtaking. I'd love to see Mr. Barnes publish just this section as a manifesto of sorts, a document for advocates of great software to rally around. For I fear the real issue facing software development today is a focus on code ueber alles, versus creating provably correct code from the outset.

You can purchase High Integrity Software from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

Oil -- and energy in general -- has long been a big topic among Slashdot readers. Predictions about The End of the Age of Oil (about which, claims the subtitle, this book provides "all you need to know") certainly are not new -- and if civilization lasts long enough, one day they'll prove true. It's nice to consider that automobiles aren't necessarily tied to petroleum, but mine certainly runs on 87 octane gasoline, and there aren't enough turkey guts or grease to power everything that we use petro-fuels for right now (though places like Iceland are trying hard to tap other sources). Current gas prices (in the U.S. at any rate) are higher than they have been in a decade or so, but in constant dollars, gasoline prices have certainly been worse. How much to panic, and when? Read on below for Arthur Smith (apsmith)'s brief review of David Goodstein's Out of Gas for a rather gloomy look at the future of oil-based energy. Out of Gas: All You Need to Know about the End of the Age of Oil author David Goodstein pages 128 publisher W.W. Norton & Company rating 9/10 reviewer Arthur Smith ISBN 0393058573 summary Why replacing oil is the world's most urgent and ignored problem. Americans have started to notice prices at the pump with an unfamiliar '2' on the sign. Meanwhile, crude oil prices are hitting 13-year records close to $40 per barrel. As the International Energy Agency reports, there is "no relief in sight". All this should come as no surprise to readers of David Goodstein's Out of Gas - the only question is, have we left it too late to survive the inevitable shocks that are coming?

In this slim and subtly illustrated volume Dr. Goodstein, physics professor and vice provost at Caltech, explains in clear and simple terms why the fossil fuel age is coming to an end. A "massive, focused commitment" is needed to develop alternatives, and every year of delay in that commitment adds immeasurably to future human suffering.

In years, or at best a decade, we will reach the global "Hubbert's peak" for conventional oil, when production starts to decline even with rising demand. Such a peak was reached for US production in 1970. "Foreign oil" has sustained us until now, but Goodstein shows why it cannot for much longer.

A number of books on this subject have come out in recent years, some very pessimistic about the future (for example Heinberg's "The Party's Over", which warns of a greatly decreased world population). Goodstein offers some hope in alternatives, substantially based on the analysis of climate scientist and space solar power advocate Martin Hoffert.

Solar-based renewables and fusion are the only long-run energy solutions. According to Goodstein, natural gas and nuclear fission can help tide us over. All of these have problems, with the most scalable (solar power from space) still the least mature. Goodstein's longest chapter discusses thermodynamics and the physical laws that explain usable energy and its relation to entropy. As a physicist, I was pleased and surprised to learn something from Goodstein's clear explanation here.

Goodstein also discusses global climate problems with continued use of fossil energy, particularly an increasing dependence on coal. He concludes: "Civilization as we know it will come to an end sometime in this century unless we find a way to live without fossil fuels."

There were a few minor things to complain about. Transitions between the chapters are too abrupt, perhaps caused by the wide range of discussion in such a short book. A few technical things seemed wrong - for example, it is quite feasible to run transportation systems off grid electricity (electric trains, subways, etc. do this) - would it be so hard to do it for personal transport too?

But Goodstein's book is the clearest explanation yet of our need to get beyond fossil fuels. Is it enough to get the public, and our leaders, actually paying attention?

You can purchase the Out of Gas: All You Need to Know about the End of the Age of Oil from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

JoshuaDFranklin writes "When confronted with the reality of Open Source, academics often ask what processes allow it to happen. In his new book The Success of Open Source, Berkeley professor Steven Weber answers that question. He presents a clear, logical picture of how Open Source development works in a variety of projects, and comes to the intriguing conclusion that the process may be generalizable to other areas of production. The results, he argues, would 'make the consequences of the first-generation Internet seem quaint.'" Read on for the rest of Franklin's review. The Success of Open Source author Steven Weber pages 320 pages, 5 line illustrations publisher Harvard University Press rating 9 reviewer Joshua Daniel Franklin ISBN 0674012925 summary Weber argues that the success of Open Source is due to a production process than may be generalizable to other arenas.

Weber is an academic and makes no apologies for it. He is not presenting an exciting new business plan, advocating a particular method of software development, or calling hackers to revolution. He is simply describing his findings after extensive research of the Open Source development process and drawing conclusions from them. As such, this book may not appeal to everyone in the Open Source community. However, Weber's ideas are timely and informative for anyone who wants to explain or advocate Open Source. He likens his work to The Machine that Changed the World, the story of Toyota's production method (224):

That book made two simple and profound points: The Toyota "system" was not a car, and it was not uniquely Japanese. The parallels are obvious. Open source is not a piece of software, and it is not unique to a group of hackers.

The first part of The Success of Open Source is a historical case study that examines the origins and social development of the Open Source community. It begins with Unix and hacker culture. For those who have read Steven Levy's Hackers: Heroes of the Computer Revolution and Peter Salus' A Quarter Century of UNIX, there is little new material here, but Weber offers a new and interesting perspective on the events. For example, he offers the insight that "hacker culture" existed before widespread network connectivity, drawing into question whether cheap bandwidth is really essential.

From there, he covers the development of the BSDs, Apache, and Linux, focusing again on social structures. He describes diverse events such as the messy expulsion of Theo de Raadt from the NetBSD core, the creation of Apache by an informal group of interested developers, and the establishment of Alan Cox as de facto Linux networking lieutenant. Weber draws from an impressive array of firsthand accounts, including mailing lists, websites, conference speeches, and personal interviews.

I get some interesting trivia out of this, such as Larry McVoy's original Unix is dying troll (98). Unfortunately, since Weber's narrative is mainly topical, it is occasionally redundant in telling one story from multiple social angles. Other claims are close to flamebait, such as suggesting that Richard Stallman is an example of a "failed leader." (168)

For the second half of the book, Weber moves on to Explaining Open Source in the terms of his discipline, political economy. He sees two broad categories of principles to the Open Source process: Microfoundations, including individual motivations and the economic logic of the collective good; and Macro-Organization, solving the problems of coordination and complexity. (133) While I doubt each reader will catch every academic nuance in these chapters, Weber is thankfully sparing in his use of specialized vocabulary and writes his overall argument in clear, easy-to-follow logic.

This section also contains the most insightful observations in The Success of Open Source. While there are too many to list here, one is the concept of Open Source Software as antirival. As more copies are made and put into use, value increases as a result of a larger market and the small percentage of users that contribute bug reports and possibly patches. This turns the traditional "free rider" problem into an advantage.

Though Weber does not mention this in the text, one can see part of this principle in proprietary vendors' providing free downloads or turning their backs on rampant piracy. It also does not take a great leap of logic to see application of the antirival model to other fields such as music or academic research.

As is customary in social science literature, Weber uses his conclusion to both recap his argument and to raise questions for future direction of research. What is the best organization method for property distribution, as opposed to the current methods based on exclusion? How can the Open Source production process be used effectively to improve prospects for the developing world? What is the best way for closed, hierarchical systems to interact with open, network-based ones? While some of the issues involved are offtopic for this book, hopefully future work will examine these questions in depth.

Though Open Source has been mentioned in many recent works, The Success of Open Source is the first academic book that focuses on the Open Source community as its object of study. It gives a readable, thought-provoking, and occasionally funny account of what Open Source is and means, making it an extremely valuable resource for those who want to engage and discuss these issues on an intellectual level. As Weber states, his positive, constructive outlook "may not be fully satisfying, but it's not a bad place to start." (272)

Joshua Daniel Franklin is a graduate student at the University of Washington's Information School. This review may be redistributed under the Creative Commons Attribution License. You can read the table of contents, preface, and an excerpt of the first chapter of The Success of Open Source at the Harvard University Press website. The reviewer's website has an list of errata. You can purchase the The Success of Open Source from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

sdedeo writes "Perhaps the only competitor of rock climbing for the canonical geek sport, cycling -- for utility or amusement -- asks for a good blend of engineering and physiological savvy. For many the hands-on tinkering of bicycle maintenance and cycling technique provides welcome relief from more abstract manipulations in the library or office. Whether you think of cycling as the ultimate open source engineering project, or as a handy metaphor for your computer-of-choice, its appeal to the mechanism-oriented mind is undeniable." Read on for the rest of DeDeo's review. Bicycling Science, Third Edition author David Gordon Wilson pages 476 publisher MIT Press rating 10 reviewer Simon DeDeo ISBN 0262232375 summary A technical look at two-wheeled self-propulsion blending engineering and physiological savvy.

Released this April, David Gordon Wilson's updated Bicycling Science fills the gap between, on the one hand, shop manuals and training guides, and on the other the contemporary literature on human powered vehicles. Wilson, Professor Emeritus at MIT, navigates physics and physiology to produce a hefty source of insight.

Wilson splits his book into three broad sections -- the biology of human power generation, the physics of turning complicated muscle motions into linear velocity, and radical redesigns of the standard diamond bicycle frame.

The first section explains, among other things, the role of oxygen uptake and distribution, and gives empirical and theoretical backing to some, but not all, of the conventional wisdom surrounding cycling. The curious will find a detailed explanation of why high pedal cadence allows for long-term, low-intensity, high-efficiency power generation. Modifications to the standard choices -- from elliptical chain-wheels to hand-powered cranks -- are analyzed critically.

The second section might be jokingly termed "extreme high school physics." Wilson explains how people intuitively balance and steer on two wheels, and the design of braking systems to avoid flip-over. He gets down-and-dirty in the metallurgical literature to explain the role of metal fatigue in frame failure, and into fluid dynamics to discuss air drag in laminar and turbulent air flows.

Wilson manages to give a sense of how the different demands physics makes on all aspects of bike design cohere into the more-or-less efficient system that we recognize today as the road and mountain bike. Wilson is an innovator, but he has a healthy respect for current designs along with a good deal of skepticism for passing fads such as that for ultralight components.

The final section covers Wilson's love: the radical redesigns of human powered vehicles to enable people to not only cover vast distances or reach high speeds, but also to swim, submarine, fly and even hover or flap on the power -- between 100 and 700 W -- the "NASA standard" man or woman can provide on timescales between hours and seconds.

The text occasionally jumps into a wider historical and social context to provide lighter relief, such as the diagrams that compare cycling's efficiency to other modes of of transportation (cyclists handily undercut a fully loaded diesel commuter train for calories expended per rider.) Wilson is not amused by those who would compare cyclists to dolphins or hawks in terms of efficiency, distance, or speed -- too bad. A brief rant against cars near the end is the exception to the rule of Wilson's professional, honest style.

Bicycling Science can be used as a handbook for the armchair designer of human powered vehicles. Or, if you prefer, as a way to answer the nagging science questions that arise after a thoughtful bike ride. Perhaps its most inspiring use, however, is as a bed-table compendium of stand-alone investigations into what engineers have come up with on a device that has been perfected, again and again, for decades longer than the internal combustion engine.

You can purchase the Bicycling Science, Third Edition from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

ubiquitin writes "Existence of the Secure Architectures with OpenBSD text was first made public on the OpenBSD Journal in early April 2004. The OpenBSD Journal, also known as deadly.org and now undeadly.org, recently changed hands from James Phillips to Daniel Hartmeier amid several more or less obscure references to Pogues lyrics. The peaceful transfer of the site is a good thing, as it means that the several-hundred articles posted to the journal will remain in publicly-accessible archives for the foreseeable future and the occasion gave Hartmeier, known for his development of packet filtering (pf) and network DVD playing (kissd) software, a reason to try his hand at building a content management system. Jose Nazario is both an author of the book under review here and a contributor to the OpenBSD Journal web site, which seems to be a watering hole for unix hackers, having something of the flavor that Slashdot had in the late nineties." (Jose is also an occasional Slashdot book reviewer, and a good cook.) Read on for the rest of ubiquitin's review. Secure Architectures with OpenBSD author Brandon Palmer, Jose Nazario pages 515 publisher Addison Wesley Professional rating 9/10 reviewer Mathew Caughron ISBN 0321193660 summary Overview of BSD systems administration practices

The godfather of OpenBSD, Theo De Raadt, was given space on the cover for a snarky comment, his blessing apparently, that the book "works in tandem with OpenBSD's manual pages. As a result it will help many users grow..."

This comment is apropos, since the OpenBSD man pages, beginning with man afterboot, are some of the best getting-started OS documentation available anywhere on the net. So it is perhaps fair that a certain justification be offered for texts on this topic. This book gives many example configurations, some shell scripts, and an organizational approach that are simply beyond what one can realistically expect from the online manual pages. So yes, Theo, this book is destined to help mere mortals grow in knowledge and skill.

One nice feature of this book is that its authors refer to Linux equivalents where appropriate, e.g., in terms of configuration and system file locations and names. This makes it an ideal text for a Linux sysadmin who wants to take OpenBSD for a test drive on the public network. Two chapters covering the OpenBSD packet filter (pf) and IPSec are the gems of this text and even advanced Linux users will likely benefit from alternative approaches to solving the same problems in the alternate universe of a different operating system.

The Start-Up and Shutdown chapter has a careful and complete walk-through of /etc/rc, the equivalent of Linux's inittab. I found this to be a useful part of the book, because the various parts of this script are not always obvious from a first read through of the shell commands. Palmer and Nazario break it down into 41 sections, each with a discrete purpose. After running through the primary boot process run commands script, a brief explanation is given of each of the seven default OpenBSD processes.

Although a close examination of a minimalistic OS setup shouldn't be foreign to any mildly accomplished sysadmin, even those of the Microsoft camp, reviewing exactly what it is that the process list tells you is always a worthwhile exercise.

Like other opera omnia, the work falls into three parts, in this case: I. Getting Started, II. Configuration and Administration, and III. Advanced Features. The index and contents occupy only 25 or so pages out of the total 500 and will readily direct the casual reader into an appropriate chapter of her choice. The index entry for chroot, for instance, will direct the reader to the section on the most commonly encountered chroot issue: dynamic content generation under apache.

Coverage of the X Window System is as minimal as it should be on a platform where the benefits derived from its use have little immediate relevance for client-side GUI applications. Mac OS X users might find the book helpful, since OpenBSD can be installed, for those willing to undergo the hassle of repartitioning, on pretty much all current hardware from Apple. Many of the recipes (apache, sshd, gdb, sudo) are directly relevant to their own Darwinian flavor. Windows users will also find various parts of this book useful, since the Services for Unix product from Microsoft/Interix is widely known to be based upon an early version of OpenBSD. Note: Microsoft here joins a very long list of BSD-license adherents in opposing the world of GPL functionality, whether this be for better or for worse. So although the audience for this text is decidedly directed at those who are taking the plunge with Puffy the Blowfish, other audiences will benefit from the insights into basic systems administration activities.

This text may also serve as potent advocacy for the systems-administration practices of BSD masters. For instance, the process of user removal from a Red Hat or Debian system versus OpenBSD's rmuser script. The lifecycle of user accounts on long-lived systems does, after all, have an end as well as a beginning, so this process deserves attention, though it may occur less frequently in growing systems it nonetheless deserves attention. Note also the detailed description of rate-limiting, packet-scrubbing, transparent filtering, and load-balancing features of the platform's packet filter. It hardly seems fair to criticize snort2pf for being immature when pf itself is a novel feature with the 3.4 openbsd kernel.

Backup and Housekeeping chapters are particularly well laid out, and include strategies, not merely howto recipes. This is an important and often-neglected body of sysadmin knowledge. The Towers of Hanoi strategy backup script that uses key-based authentication to remotely backup servers will likely be a useful tool for readers of the text who are administering a remote server that needs to have routine off-site transfer of its contents.

An explanation of how to modify the default send-only setup of sendmail starts off the chapter on mail administration. Unfortunately, there is no mention of how to set up certificates for secure IMAP or POP authentication. This is an obviously necessary part of administering an email server in which passwords are not sent in the clear and I consider it to be the most egregious omission of the book. Perhaps the authors don't see email services as a place in which BSD actively or effectively contributes. X.509 key generation is covered in the Apache section for SSL and then again under the IPSec chapter, but configuration of the popular mail serving daemons to use cryptographic authentication surely deserves a place in this text which claims "secure architectures" as its purpose.

The appendices may be worth the price of the book alone for junior sysadmins first discovering the joys of BSD. These include a walk-through of CVS basics, how to use patch and diff, kernel tuning with sysctl, how to make sense of dmesg output, and the basics of core file analysis, interpretation of RAM dumps by gdb produced at crash time. If pkg file creation were given similar treatment, it may help the *BSD package system find a broader appeal.

If you take a "hold forever" approach to your investment in books, it might be worth waiting until the second edition. Brandon Palmer indicated in a posting to the OpenBSD journal that a rewrite of the book would likely include greater coverage of spamd administration as well as BGP and some of the high-availability features in CARP. No timing on the second edition is available and it should be noted that everything in the text is appropriate for OpenBSD 3.4, i.e., the Robin Hood puffinfish, not the 3.5 Monty Python puffinfish. I'd expect that in two more release cycles, summer 2005, it will be time to ask around about an update to this text. The IPv6 chapter will likely need a dramatic rewrite by then since it gives helpful configuration parameters for a handful of the current crop of IPv6 v.6 applications. As it is, the book stands on its own: current and relevant. A year and a half is many generations of kernel compiles in Linux-land but only a few rounds of planned upgrades for the slower-paced approach of BSD admins.

Attention to documentation seems to be the distinguishing mark of a mature project. In that vein, the recent round of OpenBSD texts can be seen as an argument that the platform is destined for greater mainstream use. Listed here are a few other recent texts on OpenBSD. The most direct competitor to this text is Absolute BSD: Unix for the Practical Paranoid by Michael Lucas and Jordan Hubbard which has been available in bookstores now for more than a year. For greater detail on the packet filter, refer to Building Firewalls with OpenBSD and PF by Jacek Artymiak or OpenBSD Firewalling by Jorg Kutemeier which is so far only available in German. Brian Carter's text OpenBSD: Implementing the Secure UNIX Platform was not available to the reviewer at the time of this writing but is expectedly to be out in distribution shortly.

Daniel Hartmeier's quotation on the back cover stating that the book's organization will help you save time is right on target. Although time will tell whether this book becomes the de facto standard as a systems handbook or complete text on OpenBSD, it is a book you can confidently recommend to anyone who wants their first experience with OpenBSD to include learning the ropes of minimalistic, and therefore robust, secure server administration practices.

Postscript: Addison Wesley has made the index of the book available. You can purchase the Secure Architectures with OpenBSD from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

daltonlp writes "The Flickering Mind deals a crippling blow to the blind faith that educators and politicians place in computers as solutions to education's woes. The level of research and breadth of evidence is tremendous. The book sums up America's past 20 years of false promises, senseless faddism, and wasted millions in attempts to computerize the nation's education system. And no, open source won't help a bit." Read on for the rest of Dalton's review of The Flickering Mind. The Flickering Mind author Todd Oppenheimer pages 512 publisher Random House (Oct. 2003) rating Excellent reviewer Lloyd Dalton ISBN 1400060443 summary An extremely well-researched critique of technology's role in education.

What's bad: The first 350 pages of The Flickering Mind are as depressing as anything I've read. In case after case, Oppenheimer describes politicians' and educators' mindless acceptance of claims by technology pundits and technology companies. The sheer number of tax dollars poured into worthless software and soon-to-be-obsolete hardware is appalling The fact that so few lessons have been learned in 20 years beggars the imagination.

Those are my words, not the author's. The book's examples are laid out in very plain, factual language. No raving rants, no wild tangents. Just record after record, study after study, interview after interview.

Oppenheimer has researched the book by interviewing teachers, students, former students, educational software employees, district policymakers and government officials across the U.S. People with hands-on experience using things like distance-learning systems, CD-ROM-based textbooks, math and reading games, multimedia software, student laptops, school intranets, web-based research papers, and dozens of pieces of educational technology.

A recurring theme in these interviews is how computers either make formerly easy things harder (like classroom discussion), and hard things avoidable (students who know how to copy-paste don't have to construct sentences).

"One English teacher could readily tell which of her students essays were conceived on a computer. "They don't link ideas," the teacher said. "They just write one thing, and then they write another one, and they don't seem to see or develop the relationships between them."

The many interviews give The Flickering Mind a personal feel, and make the reading easier. In many ways, it's like a record of the author's travels from school to school. But one of the book's great strengths is Oppenheimer's unwillingness to rely on anecdotal evidence. Much of the book is devoted to analyzing studies of technology's impact in schools. A good chunk of these studies are commissioned by firms that sell educational software. Not surprisingly, they tend to be shallow and nonscientific. Many pages are spent pointing out flaws in this research. This becomes important when Oppenheimer turns the same critical eye on studies which support his own conclusions. An interesting sub-topic of the book is how very few truly objective educational technology studies exist.

All the evidence against computers as useful learning tools wouldn't be so alarming if computers didn't cost so much. But educators seem especially blind to the continual costs of staying on the technology bandwagon. There are two faces to this problem, and The Flickering Mind addresses both. The first is schools cutting faculty and programs in order to purchase hardware and software. The second is local and national governments granting subsidies and to companies who promise to assist schools with technology. In both cases, taxpayers foot the bill.

The Flickering Mind relies mainly on educators' own criteria for determining how technology helps learning (can the kids read, write, and do math?) But it also takes time to puncture the oft-recycled dogma that society has a shortage of graduates with high-tech skills:

"When employers who were fretting about this gap were asked what skills mattered to them, this is what they said: Most important of all is a deep and broad base of knowledge. "Want to get a job using information technology to solve problems? Know something about the problems that need to be solved." This statement reflected the sentiments of nearly two thirds of the Information Technology Association of America's members. Following far behind this priority was "hands-on experience" with technical work, which less than half the nation's IT managers considered critical (Most apparently felt perfectly capable of teaching those skills on the job.)

What's good:

All is not Luddite doom-and-gloom. The Flickering Mind is careful to highlight the areas where computer technology helps kids learn. Many schools do benefit from computers--as long as the computers are in central labs (not in the classroom), and not networked. One school has a senior-level class in which students build the computers used in the labs. Programming classes are valued by upperclassmen with an interest in technology careers. Some educators have made adjustments, like the teacher who removed all but a single-size font from the machines "so the students can write instead of wasting time adjusting the text".

The final third of the book is an uplifting counterpart to the ignorance and frustration described in the first two thirds. Oppenheimer gives details of visits to several schools which buck the trend of embracing technology as an end in itself. They use computers, but not in the class:

"In an aging brick building on New York's Upper East Side, a dozen teenagers of varying ages, half of whom look like street kids, pull their desks into a circle as their teacher distributes several thick handouts. "You're killing trees," one student complains."

"Yes," says the teacher. "I'm killing lots of trees"

After the students have spent fifteen to twenty minutes with the handouts, discussion begins. The debate is constant and heated. Whenever the dialog bogs down or goes off course, the teacher quickly interrupts. "I want to hear some pieces of evidence here!" he insists.

A university professor contrasted former students of this school with others she'd met: "I've had the experience of asking students a question and there's a one-sentence answer. And it's not a question of shyness or dumbness, but the person hasn't learned how to develop an idea. How to make a statement and then qualify and describe and give examples and illustrations. Each and every one of these people could do that."

Conclusion

The Flickering Mind is one of the most well-researched books I've read. It is well worth checking out from your library. It's even more worth buying, because you'll likely be re-reading it and lending it to your friends.

You can purchase the The Flickering Mind from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

jmweeks writes "Neal Stephenson's The Confusion is an exhausting read--not simply in keeping track of the dozens of major characters, many with two or three names or titles or hyphenated titles; not due to its quite literal circumnavigation of the globe; not even, or at least not only, because of its interminable cycle of fortune and misfortune: Its 800-plus pages are much more taxing for what Stephenson leaves out than what he includes." Read on for the rest of jmweeks' review. The Confusion author Neal Stephenson pages 813 publisher William Morrow rating 8 reviewer Jose M. Weeks ISBN 0060523867 summary An exhausting and extraordinary read from the author of Snow Crash and Cryptonomicon.

The Confusion is the second volume of Neal Stephenson's Baroque Cycle (preceded by last year's Quicksilver , to be concluded later this year with The System of the World). Quicksilver tells two stories: the political and scientific development of Europe at the beginning of the Enlightenment, through the person of Daniel Waterhouse, and the adventures of "Half-cocked" Jack Shaftoe, a vagabond tramping around France and Germany, as he rescues a young woman named Eliza and does his best to win her. As the story develops, Eliza leaves the life of adventure and enters the world of politics, acquiring for herself along the way the title of Countess in France and Duchess in England; Jack falls so deeply to adventure that he disappears completely from the final third of the novel. We leave him to a certain death, an oar-slave aboard a pirate ship, half-insane with syphilis.

As The Confusion begins, Jack, in the first of dozens of reversals of fortune, wakes cleansed of syphilis by a boiling fever, rowing for a much less brutal master than expected, and somehow a member of a cabal with (I suppose by definition) a Plan. Eliza finds herself relieved of a staggering fortune and held, for practical purposes, under house arrest.

This volume follows the largely-separate stories of these two characters over the course of fourteen years, interweaving them chapter-by-chapter, as they move toward some ultimate climax that, of course, we will not have reached by this volume's conclusion. Stephenson labels each of these, though they are non-contiguous, as a book of The Baroque Cycle. Jack's story is book four, "Bonanza"; Eliza's, "Juncto", is book five.

Lazy critics will certainly remark that The Confusion has an appropriate title. Those who read at least two-thirds of it may notice that Stephenson presents a definition of "con-fused" (solids melted and then allowed to run together and mix) that bears a certain resemblance to the structure of this novel. But I read the title more as a reference to a period of time, at the cusp of the Enlightenment, in which all of Europe seems taken aback (another term for which Stephenson provides the origin, which he positively revels in doing). The world is in the midst of a deep depression, and the great confusion then is, what exactly is money?

Indeed, one gets the impression that The Baroque Cycle could just as well have been titled "How Money Got To Be That Way." Late in this novel, when Stephenson compares foundries to heartbeats, it becomes very clear that what we've been witnessing throughout The Confusion is the path through the gushing arteries and trickling capillaries driven by that heart. I recall now that in Cryptonomicon Stephenson spent an uncomfortable amount of dialog on the financial inner-workings of corporations. At the time I dismissed it as the ramblings of a particularly pedantic character; now I'm beginning to wonder if, inside Stephenson's hacker/geek-novelist facade, there isn't an accountant just screaming to get out.

Yet I make it sound dry, and Stephenson is anything but: in The Diamond Age he made Turing machines seem exciting, in Cryptonomicon it was cryptography and computer programming and mathematics in general--and he did so without the cheating we've been forced to accept these days, especially in film. And here, in the ebb and flow of silver, Stevenson constructs revenge plays, alchemical conspiracies, and an engrossing picture of the Way Things Work. There is a slow and deep pleasure in learning, in understanding; his talent is to impart this with all the visceral immediacy of swordplay.

That is not to say that he is above actual swordplay. Or conspiracies of piracy and murder and torture. In the world of Jack Shaftoe we have adventure packed so thickly that Stephenson finds he can't quite fit it all in: We follow Jack through each daring escape, each execution of an intricate plot that doesn't quite go according to plan--then we cut to the next chapter, months or years later, in which Jack has somehow found himself again destitute and in great peril. We spend half the chapter trying to figure out exactly what he's gotten himself into, and how, and what precisely happened to all of his co-conspirators, and the other half (once they've coincidentally reunited) watching them plot once more.

The worst of these is about half-way through The Confusion: After Jack and his cabal leave us successful in carrying out a particular plan, we return to Jack to find he's been working in an animal hospital in Hindoostan, hung in mid-air so that all the blood-sucking patients, from mosquitoes to ticks to giant centipedes, can feed. As he is displacing native workers I can only assume this is an elaborate pun on the word "scab." (His jokes, when they misfire, are horrendous. Example: "Any sufficiently advanced technology is indistinguishable from a yo-yo.") We find his companions have been scattered by a pirate ship (filled exclusively with female pirates) and Jack has been waiting patiently three years for the narrative to return to him. This was the point I nearly put the book away.

I can accept the cyclic reversals of fortune; I can accept the method of storytelling that begins in the middle and fills in back-story as it moves forward; I can accept a very long middle volume of a trilogy, which by nature has no real beginning or end. Together though, these do exhaust my patience and at times my attention. The Confusion would be a much better novel written completely at 1000 pages than it is part-summarized at 800.

Now I fear I'm being too negative. The novel dips at the center, but it shines in every chapter concerning Eliza, and toward the end it even shines for Jack. Eliza's talent lies mainly in manipulation, and so much of her story involves cryptic political moves, hints being dropped, and relationships being exploited. As the novel begins she is still young, and her motivation is mainly revenge. She is a the Stephenson heroine: Sharply intelligent, beautiful in a fierce sort of way, sexually uninhibited, and though morally centered, vicious when wronged. (He understands his audience--geeks, male, young--and he has a pretty good idea of what they want.) As she grows older, she softens, or at the very least she becomes to some degree satisfied.

There is maturity here, for Stephenson's characters and for Stephenson himself. Moreso than anything he's so far written. He allows his characters the room, the experience, the years it takes to fundamentally grow. There is more to it than that, though: there is the classical resonance, Jack's journey with The Odyssey, the reluctant Esphahnian revenge play with Hamlet, the general Shakespearean method of History, melding the reality of Kings and Dukes with the artistic truth of fiction. Stephenson has in The Baroque Cycle given himself a canvas broad enough that he can truly develop.

About the ending: though Stephenson need not really bother to end this book, as it is incomplete until the third volume is published, he does make an effort. What it suggests about the further story is intriguing, but it suffers from the same deficiencies, as an ending, as plagues his other novels: It is tied together clumsily and it doesn't really make all that much sense. It is painfully abrupt. I think, though, that I have come to understand why Stephenson ends his books this way: his characters are so vivid, so capricious, that they drive his stories anywhere but the ending he had in mind. He closes a book not in completion so much as surrender.

Disregarding Snow Crash, which is of another class completely, this is the best book Stephenson has so far written. I score it an eight, but I do so on a scale broader than the nine Slashdot previously gave Quicksilver: The Confusion is the superior novel.

You can purchase the The Confusion from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

erikharrison writes "Dominic Giampaolo's Practical File System Design with the Be Filesystem has been around since 1999 - not exactly a new book. The book has been out of print for a time now, however, so Dominic made the book available in PDF form on his website. With this public release of the book, and the BeOS rising to join the ranks of OSs that won't die (hi Amiga!) it makes sense to take a look at what the book has to offer us today." Read on for the rest of Harrison's review below to see just what that is -- it covers a surprisingly broad range. Practical File System Design with the Be File System author Dominic Giampaolo pages 227 pp publisher MORGAN KAUFMANN PUBLISHERS, INC. rating 8.5 of 10 reviewer erikharrison ISBN 1558604979 summary Discusses implemeting a file system, using the Be file system as example

Table of Contents

• Chapter 1 Introduction to the BeOS and BFS
• Chapter 2 What Is a File System?
• Chapter 3 Other File Systems
• Chapter 4 The Data Structures of BFS
• Chapter 5 Attributes, Indexing, and Queries
• Chapter 6 Allocation Policies
• Chapter 7 Journaling
• Chapter 8 The Disk Block Cache
• Chapter 9 File System Performance
• Chapter 10 The Vnode Layer
• Chapter 11 User-Level API
• Chapter 12 Testing
• Appendix A File System Construction Kit

First thing to note is that Giampaolo is not a great writer, nor is he a bad one. He does not have the gift that some tech writers have of making both an interesting technical document and a fun read. His style is very straightforward - introduce idea, explicate idea, summarize idea. On the other hand, he knows his topic inside and out, and has an obvious enthusiasm for the material, and a real talent for saying things simply without dumbing it down, and his occasional dry wit makes the book a surprisingly easy read.

Giampaolo is doing two things - discussing designing filesystems in general and documenting the Be filesystem. He does both well. BeFS has some advanced features - arbitrary metadata, attribute queries, and indexing. The desire to support these features influences the overall design of the system, but Giampaolo shows how changes to that design change implementation details. The result is a good overview of how a file system works, the trade-offs in optimizing for a particular usage pattern, and how to design one yourself.

The book can be roughly divided into three sections: the first is an overview of how filesystems work and some of the concepts that you encounter - extents, inodes, B-trees, superblocks, and the other standard pieces of a filesystem. Included in this early section is a good high-level overview of the design of five other file systems: BSD FFS, Linux's ext2, Macintosh HFS, Irix XFS, and Windows NT's NTFS. The coverage here strikes a proper balance between too much and too little information. Giampaolo prefers to show rather than to tell, and these filesystem overviews make the connection between design, performance, and features perfectly clear, and provide a solid background to talk about a specific implementation in detail - namely BeFS.

The second section is the bulk of the book - how to implement a filesystem from the ground up, leaning heavily on the BeFS implementation for examples. This is the most straightforward part of the book. Giampaolo covers a single issue in design and implementation in a "Here's the problem, here's and overview of possible solutions and their drawbacks, here's how I did it, now lets summarize" manner. Again, Giampaolo's style makes this an easy if somewhat dry read. As a filesystem and kernel ignoramus, I would have appreciated a slightly more detailed coverage of how all of the various data structures get to disk - how are they serialized, whether endianess is an issue, etc. The BeOS was pretty portable, running at one time or another on the AT&T Hobbit processor, PowerPC, and x86 - I would have liked to have seen portability issues discussed, however, BeFS wasn't written until after the move from the Hobbit to PowerPC, and the book was written prior to the move to x86, so the lack of coverage is reasonable.

Even considering the plain Jane style of this middle section, there are a few gems. The coverage of journaling is excellent, and while I've long understood journaling from a 10,000 foot perspective, this really made me understand the underlying concepts, combined with simple code snippets that helped understand implementation. The Allocation Policies chapter showed in clear terms that disk access is a major bottleneck, and filesystems have become very sophisticated in their optimizations.

The third section of the book deals with some of the more indirect concerns in implementing a file system; specifically, interacting with the kernel, designing a user level API and the major role of testing in filesystem development. This is the one place Giampaolo's writing shines. He really is a good teacher, and this section affords him the chance to talk about the broader perspective of OS design, and even recount a few war stories. For example, in terms of parentage, the BeOS has BSD and classic MacOS as its father and mother. In a few places, such as the Storage Kit API covered in chapter 11, this heritage shows some signs of less-than-seamless integration, and this offers Giampalo a chance to wax philosophical on the nature of OS design, company politics, and the pressure of shipping dates.

In short, the book lives up to it's title. The author is a pragmatist, and offers a clear roadmap for those who have a need to work with low level filesystem implementation. His emphasis on testing, careful optimization, and data structure protection not only helps to show the pitfalls of filesystem work, but also offers a Swiss army knife of techniques to dodge them. The book concludes with a short appendix which covers a file system construction kit, allowing a would-be implementor to begin work on his own filesystem safely without worrying about killing his hard disk. All in all, a solid read.

Here's a link to Practical File System Design with the Be File System as a PDF; you can also look for a used copy at Barnes & Noble. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

Tasha Jessup writes "The fourth edition of the OpenGL Reference Manual, edited by Dave Shreiner, provides an official command reference for the OpenGL graphics library version 1.4. Published by Addison Wesley, the text is approximately 760 pages and has a suggested retail price of $59.99." Read on for the rest of Jessup's brief review to see how well it justifies that pricetag, and for whom. OpenGL Reference Manual v1.4 author Dave Shreiner pages 760 publisher Addison-Wesley rating 8 reviewer Tasha Jessup ISBN 032117383X summary Handy desk reference

First introduced in 1992, OpenGL is an industry-standard graphical application programming interface (API) that supports 2D and 3D rendering across a host of platforms. The Architectural Review Board (ARB) governs the OpenGL API and oversees the adoption of new interface functions. Functions (or commands) within the API are usually simple and discrete. A developer calls a series of these small functions in sequence to specify rendering operations. To help utilize the library, the OpenGL Reference Manual supplies key functional documentation in a uniform manner.

The first two chapters provide an introduction to OpenGL, and an overview of the OpenGL architecture. The provided information is largely for reference rather than instruction. Generally, it is assumed the reader has a working knowledge of the pipeline already. The third and fourth chapters list different groupings of the functional commands to provide the reader with several methods to index and reference functions. The third chapter details all each official OpenGL command categorized by functionality. The fourth chapter lists the various OpenGL constants that are compatible with each command.

Beginning with the fifth chapter, 160 official OpenGL commands are described. Listed alphabetically, every command has the following sections: Name, Function Prototype, Parameters, Description, Notes, Errors, See Also, and (sometimes when appropriate) Associated Gets. The coverage of each command spans an average of 3 pages.

The last two chapters describe fifty-two of the OpenGL Utility Library (GLU) and thirty-five OpenGL X-Windows extension commands. The reference format is identical but slightly shorter (averaging about 2 pages per command).

Overall, the organization and consistency is excellent. Often, material is duplicated per command to save the reader cross-referencing other sections of the book. Throughout the text, the wording is clear and unambiguous (if a bit dry) -- exactly what you'd expect from a reference book of this nature.

The book does have a few shortcomings, however. There is only a small trace of sample source code. While the commands are presented alphabetically by class, the book contained no overall index. OpenGL Extensions (pixel and vertex shader commands, etc.) are not provided since they're not officially part of the Standard. Finally, having an electronic version of the text would have been a nice touch -- especially one that integrated with the common development environments to provide context sensitive help or electronic searching.

Overall, the latest edition of the OpenGL Reference Manual is a great companion for OpenGL developers. To get the most from this book, readers unfamiliar or interested in learning the API should first read the OpenGL Programming Guide, 4th Edition (ISBN 0-3-211-73491) also published by Addison Wesley.

You can purchase the OpenGL Reference Manual v1.4 from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

Alex Moskalyuk writes "It was supposed to be a deal of the millennium. When it was leaked to the media from the highest ranks of America Online, the journalists wanted a second source. It was just too incredible to believe, too likely to be a prank. AOL was merging with Time Warner with the terms of the deal making it more of a buyout than an equal merger. In truly Orwellian fashion, two corporations decided to treat one another as equals, although executives of newly formed AOLTW somehow always referred to the AOL part as "innovative" and thus leading into the future, while the TW was "old media" with that implies. Read on for Alex's review of a book about how that deal came to be, as well as its aftermath. There must be a pony in here somewhere author Kara Swisher pages 320 publisher Crown Business rating 6/10 reviewer Alex Moskalyuk ISBN 1400049636 summary The AOL Time Warner debacle and the quest for the digital future

Kara Swisher's There Must be a Pony in Here Somewhere is subtitled "The AOL Time Warner debacle and the quest for the digital future." Debacle is not an over-exaggeration, as the chapters of the book unveil personal, professional, corporate and political dramas happening during the so-called merger. A reporter for The Wall Street Journal, Swisher knows many AOL executives personally, and according to her stories, frequently engaged in lively conversations conducted where else but in AOL Instant Messenger, available on PCs of top management and board members as the preferred means of communication.

The title of the book takes roots from a famous joke, attributed to Ronald Reagan, where a hopeful boy is dealing with a large pile of manure. When asked why he is so insistent about digging the pile with such enthusiasm, the boy replies that with such a pile there "must be a pony in there somewhere." If you read the press lately and followed AOLTW's stock ride, you probably know that the pony wasn't quite there.

It's amazing how many optimistic forecasts and wide smiles were presented to the press and general public on the day of the merger and long after it. The word "synergy" could qualify for the most popular noun of the year, used by AOL executives almost in every sentence.

As Swisher writes on page 18, "Most people involved in the deal seem to be suffering from a peculiar amnesia now, so it's easy to forget that kind of hype and optimism. Today, almost everyone near to this toxic merger runs screaming from it in an attempt to avoid any culpability. The denials come fast and furious: Not me. I wasn't involved. I thought it was wrong from the very beginning. And - most of all - Steve Case is a big, fat loser. This was always more familiar territory for me, since that was exactly how most of the world regarded Case throughout his career. For most of it, he had always and forever been a loser."

Well, you can tell that the author is not sucking up to AOL's ex-CEO.

Swisher's book is extremely personal. Unless you've been involved in AOL or Time Warner personally, you are probably not aware of the company's management. At the time, when executives of Yahoo, eBay and other Silicon Valley startups weren't just visionaries, they were cool, AOL's top management was rather bland and plain. They weren't the cool guys, they were just managing some dial-up ISP in Dulles, VA that somehow took over the United States with its goofy icons, goofy commercials, goofy sounds and likewise membership. The author takes you through the personalities of top managers, talks about the AOL-TW off-standish behavior towards one another, questionable deal and threatening techniques used by David Colburn and AOL's Business Affairs department.

The book is easy to read and is full of interesting details. For example, the day when the deal was announced, there was another company discussing potential merger with AOL. But since everyone was involved on Time Warner deal that was supposed to be "huge," Meg Whitman and eBay crew got almost no attention from America Online, with executives constantly leaving the room and portraying an attention span of five-year-olds. Perhaps if some executives paid more attention to eBay and discuss potential buyout, the Internet would look different nowadays.

Otherwise, the book looks like a classic business study on how failures happen and what to avoid when you are faced with the task of running world's largest media outfit. It's an easy and pleasant read, informative as well as entertaining. Don't expect technical details from it in regards to AOL's operations, load balancing and nationwide dial-up network, since Swisher's main audience is business types and readers interested in details behind the "deal of the millennium". The first chapter of the book is available online on New York Times Web site.

You can read more of Alex's reviews of business and technology titles. You can purchase There Must be a Pony in Here Somewhere from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

Blaine Hilton contributes this review of the Network Security Portable Reference, part of Osborne's "HackNotes" series. He writes "This book is best suited as an introductory overview to network security. Very little is covered in-depth. However, the book touches on pretty much the whole breadth of security topics. For people that are experienced with computer/network security topics, this book can be used to round out that knowledge and find weak areas." The rest of his review follows. Hack Notes Network Security Portable Reference author Mike Horton and Clinton Mugge pages 228 publisher Osborne rating 9 reviewer Blaine Hilton ISBN 0072227834 summary A concise overview of network security

It may sound like a problem that the book doesn't give all of the details, but if it did there is no way it could be a "Portable Reference". My favorite feature of the book is its small size. I can easily keep it in my laptop bag and reference it as needed. I can then use that as a springboard to look up more information such as man pages. It is important to understand though that one will not become a network security expert after reading this book alone.

The book starts off talking about the Asset and Risk Based INFOSEC Lifecycle Model (ARBIL). This is something that I've heard many times before, but the drawing of the process helped engrain that concept. It also visually demonstrates how security is not just a one-time activity, but a continual process that just keeps going. You analyze the system, find the weaknesses, fix them, and then start over again. In the same fashion the book covers the SMIRA risk assessment process in a highly graphic way.

The Network Security Portable Reference is for people who have access to and are very familiar with both *nix systems and Windows. Depending on what tool or commands they are using both systems are used throughout the references. The book gives a list of tools they think you need, and basically say go to the site to learn about it. If you want detailed information on how to use these tools then this is not the book for you.

The book goes over different security aspects for *nix and Windows machines, it also talks about how the network itself can be compromised, including wired networks, and wireless. The authors also go over web applications and older technology such as phone PBX systems.

The assessment checklist at the end of the book provides a great check to determine your network security baseline and see what areas need work. Along with the assessment checklist there is a list of best practices. However, they are in the front of the book and while I can vaguely understand the difference, it seems to me that they should be together. As I believe when auditing a network you would check if best practices were implemented along with the rest of the checklist.

Another odd layout issue in the book is what they call the Reference Center. This is an area in the middle of the book, with a separate numbering system and the first page in the table of contents. There is no mention as to what this Reference Center is until you flip through the book and find the blue pages in the middle that begin with page rc1.

As I've mentioned before this book is a great springboard that will help point you in the right direction for information. One of the ways the authors do this is by having a Reference Center in the middle of the book and quite a few appendixes in the back of the book, there is also an index which is helpful for quick look ups.

When doing consulting work I've found that using the checklist in this book is a great way to begin looking at a company's network security. I have used this on two networks so far and have found it helpful, it is much better then trying to remember to check everything that you can think of at any particular moment. I have also found the Open Source Security Testing Methodology Manual to be quite thorough.

You can purchase HackNotes Network Security Portable Reference from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

Simon P. Chappell writes "It used to be that a website could be standards compliant or it could be attractive and impressive to prospective customers, but it could almost never be both. Now with the rise of CSS compliant browsers, a new generation of web designers are finding that the old wisdom is ready to be retired. CSS technology allows a website to have both excellent, semantically indicated content and attractive layouts. Core CSS (2ed.) positions itself as a complete guide to all of this standards based goodness." Read on for the rest of Chappell's review. Core CSS (2nd ed.) author Keith Schengli-Roberts pages 818 (10 page index) publisher Prentice Hall rating 6 reviewer Simon P. Chappell ISBN 0130092789 summary A flawed diamond

What is CSS? Cascading Style Sheets (the CSS part of the book's title) are a way to separate the content and presentation of a web page. The CSS file holds the presentation instructions, leaving the HTML to hold only the content. While CSS is a formal World Wide Web Consortium (W3C) standard, the adoption has been somewhat slow, with browsers only reaching full compliance with the base level of the standard within the past year or so. So why is CSS useful? CSS shines when it is used to define the style of a whole site. Want all of your headings to be the right shade of your corporate blue? No problem. Want every page to have the corporate logo on it's background? No problem. Whoops, got bought by GlobalMegaUberCorporation Inc. and need to change the colours and background logos in a hurry? No problem, just change the CSS definitions and your new corporate identity will shine out for all your customers to see. What do I know about CSS? I am a relative newcomer to CSS, having been laying out websites using tables since 1995. I had decided that it was time to learn how to bring my personal website up to speed with the latest standards, when I was offered the chance to review this book, so I took Prentice Hall PTR up on the opportunity. This review then, is from the perspective of one who knows HTML well enough to develop a couple of sites using only vi and who has decided to learn CSS. Overview The back cover blurb claims that Core CSS 2nd Edition is a comprehensive guide that shows both beginning and expert web developers all they need to know to achieve great results with the latest style sheet properties. It also claims to be ... the most complete and up-to-date CSS reference available. This review will explore those two claims. What's To Like The first thing to like about this book is that it does cover almost everything that it's possible to write about Cascading Style Sheets. I have included the table of contents below so that you can get a feel for the breadth that this book aims at covering. The writing style is clear and explanatory with an underlying conversational tone, quite suited to this manner of book. It is also obvious from the text that Mr. Schengli-Roberts does understand his subject matter very well indeed.

The biggest thing to like about this book, for me, is appendix B, an alphabetical listing of the defined CSS properties and values. This list covers 92 pages and is a key part of the whole book. Importantly, it doesn't feel like filler and gives an impression that care has been taken in devising this very useful resource. Each entry in the appendix gives an example of correct usage of each property, which as a CSS neophyte I appreciated greatly.

What's To Consider This book carries a 2004 copyright, yet it feels old when you view the list of browser compatibilities for each property. While it does give compatibility information for Microsoft Internet Explorer 6, it only covers Mozilla 1.0, it mentions Konqueror without any version details and completely omits Apple's Safari browser. This spotty coverage seems at odds with the rest of the book and really felt like a glaring omission to me. Summary This is a good book -- and if you're in the process of learning to use Cascading Style Sheets, you should certainly consider it for your collection. It is flawed by a poor selection of browsers for it's compatibility lists; while this may not be an issue for you, I found it quite irksome. This explains my review score and my description of this book as a flawed diamond.

Far more information than most people could ever want to know about Simon P. Chappell is available at his personal website. You can purchase Core CSS (2nd ed.) from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

Craig Maloney and honestpuck contribute two reviews for your almost-the-weekend reading pleasure: read below for their respective impressions of two dead-tree compendiums of online humor: Bride of the Bastard Operator From Hell and The Best of The Joy of Tech. Bride of the Bastard Operator From Hell, The Best of The Joy of Tech author (see each) pages (see each) publisher (see each) rating (see each) reviewer (see each) ISBN (see each) summary Tech-oriented humor in strip-cartoon form; your mileage and laughter may vary.

Bride of the Bastard Operator From Hell author Simon Travaglia pages 160 publisher Plan 9 rating 8 reviewer Craig Maloney publisher Plan 9 rating 8 reviewer Craig Maloney ISBN 1929462484

> DUMMY MODE ON < If you've been around computers for a while, you've probably read the adventures of The Bastard Operator from Hell (or BOFH). Throughout the years, Simon Travaglia's version of the BOFH has become the canonical version with it's witty and humorously sadistic vignettes. Bride of the Bastard is the third print compilation of the tales of treachery from The Register. (Note: a fourth, Dummy Mode is Forever is now available as well.)

When we last left our heroes...

The Bride of the Bastard Operator From Hell picks up right where The Son of the Bastard Operator from Hell leaves off. The higher-ups of the corporation want this new-fangled video conferencing, and the Bastard is only happy to oblige, with his usual underhanded tricks, and wanting to dabble in his movie making abilities. What follows is 35 hilarious tales which would get anyone outside of a complete bastard from hell fired or sent to prison. Similar to Son of the Bastard, the stories in Bride of the Bastard Operator From Hell are only a few pages apiece, so the casual reader can take in a few without much trouble. The truly voracious reader will look at this book as merely an appetizer. What it lacks in quantity it more than makes up for in quality. There are some real laugh-out-loud moments in this book which have to be read in context in order to appreciate them. Suffice to say, readers of this book won't be disappointed.

Judge this book by its cover

This edition of The Bastard Operator from Hell is expertly illustrated by Jeffrey Darlington, creator of the web-comic "General Protection Fault." Unlike The Son of the Bastard Operator from Hell, Jeffrey illustrated every single story with an illustration that matches the story. It's a welcome change to have a matching illustration to look forward to rather than the handful of sight gags penned in the previous volume by J.D. "Illiad" Frazer.

Plan Nine Publishing does fantastic work laying out their books, and this book is no exception. My only complaint remains from the previous book: no table of contents. Locating a story in this book to come back to is downright difficult, and a table of contents would help out greatly.

So what's in it for me?

If you're a fan of the series, you've probably already read this book. If you're on the fence about this book, get the heck off of it and pick it up before someone applies current to it. If you've never heard of the BOFH, this book would be a fine place to get acquainted with him. Just make sure you watch your step. And don't take the lift.

The Best of The Joy of Tech authors Nitrozac and Snaggy pages 192 publisher O'Reilly rating 7 reviewer honestpuck (Tony Williams) ISBN 0596005784

I must be crazy, I was flamed so badly after my last review of a cartoon book that I had to replace my asbestos review suit. The Best of The Joy of Tech may be worth the risk.

Of course it's easy to enjoy a cartoon book by a pair of cartoonists that share your prejudices. It is obvious from the cartoons that Nitrozac and Snaggy are Macintosh-loving, Linux-leaning, Microsoft-loathing geeks. Hmmm, sounds like me.

Not that Nitrozac and Snaggy are totally one-eyed. They still have a dig at Apple and Macintosh owners along the way. Unlike quite a lot of cartoons about tech, these two also see the more human side, just as likely to make a joke about your cat's relationship to you and the computer as poke fun at LARTing end-users or pointy-headed bosses. Their cartoons are more about living with technology than working with it.

The book reproduces a couple of hundred of 'The Joy of Tech' cartoons from their website, in improved colour and resolution. There are also a small number that are original for the book and some funny marginalia in a couple of spots. It also has the matching JoyPoll and a short comment about the cartoon in a 'JoyWorld' section at the back of the book.

I find a fairly large number of the cartoons repeatedly funny and most of the rest worth a chuckle. These two have a good eye for the whimsical, ironic and downright funny side to a wired in, geek life. They even manage to get in a sly reference to Slashdot with a fake O'Reilly book, "Trolling In a Nutshell" with a troll wearing a T-shirt emblazoned with "FIRST POST" on the cover and an Introduction by 'Anonymous Coward.' There's even a couple of margin cartoons of CmdrTaco and CowboyNeal, just for the Slashdot readers who'd like to know what those two should look like.

Oh, that reminds me. The book has a very Wozniak foreword (by Steve himself) and an introduction by David Pogue that is nowhere near as good as the book (I'm sorry David, but any self-respecting geek [male or female] would rather do almost anything than edit the Windows registry, starting with install a decent operating system and working all the way through to changing jobs -- heck, I'd rather sleep with Jobs.)

The book is broken up into various sections, each with a theme. It starts with "Boot-Up" and continues with "4nim4l cr4ck3rs" (most about cats), the whimsical "Geek Love", "Hacks and Cracks" (I loved the couple who want to buy a house within 50 metres of a war-chalked wall), "Techie-daze," "How about them *nix" (featuring the luscious 'Linux Lass'), "The Joy of Mac," "Who do you want to poke fun at today?" (you'll enjoy the 'Stress Relief Dartboard'), "Sci-Fi The Comic Frontier," and "Do You think I'm Xexy" before finishing with "The World According to Geek" (with 'The Lord of The Root - One Geek To Rule Them All', the two good-looking woman who don't shy away from maths and the Barbie 'DotCom Rescue' CD-ROM game).

If you go to Joy Of Tech you can grab a copy from the authors that has been signed (you even get a chance to ask for a custom inscription) and for an extra fee Nitrozac will even bless your book and attach a lucky sticker. You could go to the O'Reilly page, but since they don't have example cartoons and I don't imagine a cartoon book will ever have errata there isn't much point.

It's not easy to review a cartoon book. Suffice to say that I found the 'toons in this book to be a good variety from amusing through to funny with some that are just a little too true to make me do more than groan. If you've never come across this pair (and they've been slashdotted at least once) then check out the site and if you like the last few examples then the book will not disappoint. Hang on a second, just let me do up my collar - OK, flame away.

You can purchase The Best of the Joy of Tech (and just maybe a used copy of Bride of the Bastard Operator from Hell) from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

Craig Maloney and honestpuck contribute two reviews for your almost-the-weekend reading pleasure: read below for their respective impressions of two dead-tree compendiums of online humor: Bride of the Bastard Operator From Hell and The Best of The Joy of Tech. Bride of the Bastard Operator From Hell, The Best of The Joy of Tech author (see each) pages (see each) publisher (see each) rating (see each) reviewer (see each) ISBN (see each) summary Tech-oriented humor in strip-cartoon form; your mileage and laughter may vary.

Bride of the Bastard Operator From Hell author Simon Travaglia pages 160 publisher Plan 9 rating 8 reviewer Craig Maloney publisher Plan 9 rating 8 reviewer Craig Maloney ISBN 1929462484

> DUMMY MODE ON < If you've been around computers for a while, you've probably read the adventures of The Bastard Operator from Hell (or BOFH). Throughout the years, Simon Travaglia's version of the BOFH has become the canonical version with it's witty and humorously sadistic vignettes. Bride of the Bastard is the third print compilation of the tales of treachery from The Register. (Note: a fourth, Dummy Mode is Forever is now available as well.)

When we last left our heroes...

The Bride of the Bastard Operator From Hell picks up right where The Son of the Bastard Operator from Hell leaves off. The higher-ups of the corporation want this new-fangled video conferencing, and the Bastard is only happy to oblige, with his usual underhanded tricks, and wanting to dabble in his movie making abilities. What follows is 35 hilarious tales which would get anyone outside of a complete bastard from hell fired or sent to prison. Similar to Son of the Bastard, the stories in Bride of the Bastard Operator From Hell are only a few pages apiece, so the casual reader can take in a few without much trouble. The truly voracious reader will look at this book as merely an appetizer. What it lacks in quantity it more than makes up for in quality. There are some real laugh-out-loud moments in this book which have to be read in context in order to appreciate them. Suffice to say, readers of this book won't be disappointed.

Judge this book by its cover

This edition of The Bastard Operator from Hell is expertly illustrated by Jeffrey Darlington, creator of the web-comic "General Protection Fault." Unlike The Son of the Bastard Operator from Hell, Jeffrey illustrated every single story with an illustration that matches the story. It's a welcome change to have a matching illustration to look forward to rather than the handful of sight gags penned in the previous volume by J.D. "Illiad" Frazer.

Plan Nine Publishing does fantastic work laying out their books, and this book is no exception. My only complaint remains from the previous book: no table of contents. Locating a story in this book to come back to is downright difficult, and a table of contents would help out greatly.

So what's in it for me?

If you're a fan of the series, you've probably already read this book. If you're on the fence about this book, get the heck off of it and pick it up before someone applies current to it. If you've never heard of the BOFH, this book would be a fine place to get acquainted with him. Just make sure you watch your step. And don't take the lift.

The Best of The Joy of Tech authors Nitrozac and Snaggy pages 192 publisher O'Reilly rating 7 reviewer honestpuck (Tony Williams) ISBN 0596005784

I must be crazy, I was flamed so badly after my last review of a cartoon book that I had to replace my asbestos review suit. The Best of The Joy of Tech may be worth the risk.

Of course it's easy to enjoy a cartoon book by a pair of cartoonists that share your prejudices. It is obvious from the cartoons that Nitrozac and Snaggy are Macintosh-loving, Linux-leaning, Microsoft-loathing geeks. Hmmm, sounds like me.

Not that Nitrozac and Snaggy are totally one-eyed. They still have a dig at Apple and Macintosh owners along the way. Unlike quite a lot of cartoons about tech, these two also see the more human side, just as likely to make a joke about your cat's relationship to you and the computer as poke fun at LARTing end-users or pointy-headed bosses. Their cartoons are more about living with technology than working with it.

The book reproduces a couple of hundred of 'The Joy of Tech' cartoons from their website, in improved colour and resolution. There are also a small number that are original for the book and some funny marginalia in a couple of spots. It also has the matching JoyPoll and a short comment about the cartoon in a 'JoyWorld' section at the back of the book.

I find a fairly large number of the cartoons repeatedly funny and most of the rest worth a chuckle. These two have a good eye for the whimsical, ironic and downright funny side to a wired in, geek life. They even manage to get in a sly reference to Slashdot with a fake O'Reilly book, "Trolling In a Nutshell" with a troll wearing a T-shirt emblazoned with "FIRST POST" on the cover and an Introduction by 'Anonymous Coward.' There's even a couple of margin cartoons of CmdrTaco and CowboyNeal, just for the Slashdot readers who'd like to know what those two should look like.

Oh, that reminds me. The book has a very Wozniak foreword (by Steve himself) and an introduction by David Pogue that is nowhere near as good as the book (I'm sorry David, but any self-respecting geek [male or female] would rather do almost anything than edit the Windows registry, starting with install a decent operating system and working all the way through to changing jobs -- heck, I'd rather sleep with Jobs.)

The book is broken up into various sections, each with a theme. It starts with "Boot-Up" and continues with "4nim4l cr4ck3rs" (most about cats), the whimsical "Geek Love", "Hacks and Cracks" (I loved the couple who want to buy a house within 50 metres of a war-chalked wall), "Techie-daze," "How about them *nix" (featuring the luscious 'Linux Lass'), "The Joy of Mac," "Who do you want to poke fun at today?" (you'll enjoy the 'Stress Relief Dartboard'), "Sci-Fi The Comic Frontier," and "Do You think I'm Xexy" before finishing with "The World According to Geek" (with 'The Lord of The Root - One Geek To Rule Them All', the two good-looking woman who don't shy away from maths and the Barbie 'DotCom Rescue' CD-ROM game).

If you go to Joy Of Tech you can grab a copy from the authors that has been signed (you even get a chance to ask for a custom inscription) and for an extra fee Nitrozac will even bless your book and attach a lucky sticker. You could go to the O'Reilly page, but since they don't have example cartoons and I don't imagine a cartoon book will ever have errata there isn't much point.

It's not easy to review a cartoon book. Suffice to say that I found the 'toons in this book to be a good variety from amusing through to funny with some that are just a little too true to make me do more than groan. If you've never come across this pair (and they've been slashdotted at least once) then check out the site and if you like the last few examples then the book will not disappoint. Hang on a second, just let me do up my collar - OK, flame away.

You can purchase The Best of the Joy of Tech (and just maybe a used copy of Bride of the Bastard Operator from Hell) from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

prostoalex writes "Advanced Unix Programming by Marc Rochkind is published by Addison-Wesley this year in its second edition. A book that has been considered a timeless classic, a title that saw its first edition back in 1985 and its second edition almost two decades later, in 2004. Where do you even start to review?" Read on below to see read prostoalex's evaluation. Advanced Unix Programming, 2nd Ed. author Marc Rochkind pages 736 publisher Addison Wesley Professional rating 9/10 reviewer Alex Moskalyuk ISBN 0131411543 summary An introduction and guided course through the world of Linux I/O and interprocess communications, with C++ source code provided for your viewing pleasure. More than 1100 functions explained.

Advanced Unix Programming (AUP) has been updated to include information relevant to Solaris, Linux, FreeBSD, Darwin and Mac OS X. Rochkind has added more than 200 system calls, according to the preface. But who is the book for?

First off, if you look at the table of contents, you will find that AUP is largely a book on input-output in Unix operating systems. The input-output varies from Basic (Chapter 2) and Advanced (Chapter 3) File I/O to Interprocess Communications (Chapters 6, 7), Network I/O (Chapter 8) and Terminal I/O (Chapter 4). The rest of the book consists of purely informational chapters on fundamental concepts of Unix operating systems (Chapter 1), working with threads and processes (Chapter 5) and signals and timers (Chapter 9).

If you get the impression that this is an academic title, you're not mistaken - if your university has some kind of Advanced Unix/Linux or Unix Networking course, they probably use some AUP material. Note that the book is not a how-to or manual on setting up Apache, Samba, FTP, various filesystems or Jabber servers - it does have a chapter on networking but teaches Unix I/O concepts from developer's perspective only, meaning you have to know C and C++. If you prefer to look at the source code, it's on the author's Web site.

There are two types of readers for AUP: those who start off programming in Unix/Linux, and those who are quite good at it, have read the first edition and are now wondering whether the second one is worth it.

If you are just starting with programming in Unix/Linux environment, don't let the word "Advanced" scare you off. The first chapter is pretty good in getting the reader up to speed with the concepts discussed in the book. It talks about such common tasks as getting the system to tell you what it has in terms of POSIX, getting a Unix box to tell you the date and time inside a C++ application, and counting your app's execution time. In many aspects, the second half of each chapter falls under O'Reilly cookbook format, where you are given a certain task and then provided the source code and explanations of what needs to be done to accomplish the task.

The author also "falls" into the trap of using some quick solutions only to "discover" that they do not work on all the systems. For example, subchapter 3.6.1 Reading Directories first tries to access the contents of the directory via ec_neg (fd = open (".", O_RDONLY) and ec_neg (nread = read (fd, buffer, sizeof(buffer))) only to find out that under Linux the call retrieves unhelpful "*** EISDIR (21: "Is a directory") ***" message. After that we are introduced into proper, not quick and dirty ways, to access Unix directories via opendir(), closedir() and readdir().

From experience, it looks like most of the people I know who own a copy of the first edition of AUP bought it because of its section on Interprocess Communications. The author does indeed provide a great learning and reference resource when in Chapter 5 he takes the reader through Unix processes and threads, explains how fork() works. The simple pop quizzes are there as well. A way to win friends and amuse the opposite sex during watercooler talks is to offer the following example:

void forktest (void)
{
int pid;
printf ("Start of test.\n");
pid = fork();
printf ("Returned %d.\n", pid);
}

Run this example as forktest and you will get a message:

Start of test.
Returned 11111.
Returned 0.

Run this test as forktest > tmp and suddenly the message in tmp file changes:

Start of test.
Returned 22222.
Start of test.
Returned 0.

Why is "Start of test" printed twice in the second example? Warning: the book contains an early spoiler in 5.5 fork System Call

By this point, you probably wonder whether the code examples will work on your system. The author tested the code on Solaris 8, SuSE Linux 8, FreeBSD 4.6 and Darwin (Mac OS X kernel) 6.8. In the preface, he talks about using a Windows box with SSH client to upload the code to the destination systems and run them there.

The book is very convenient to read; the chapter numbering system always gives you a good feel of where you are at. As reading of the entire book is not required, and a lot of people use AUP as a reference, an index containing just functions and system calls is included in Appendix D. Don't know what tcgetpgrp() does? The index will point you to 4.3.4. All the code is printed in monospace font, so it's quite easy to differentiate from the regular text. All the function definitions are boxed with function name, description and signature provided. The signature itself contains comments on what the parameter represents. They also are not saving whitespace on function samples, using the style where each line of source code and each { gets a separate line in text. Overall, more than 1100 functions are covered.

The book is quite practical, too, so don't think of it as pure API rehash. For example, in 8.4.3 (the chapter 8 deals with Networking), you are given the source code for a text-based browser that's written in less than 50 lines of code (although it doesn't quite understand HTML and just dumps everything to standard output).

Overall, if any part of your job description or hobby list includes Unix/Linux development, especially if it's high on that list, this book is a must have. Moreover, looking at the job market defined by keyword "unix", it looks like half the positions include some kind of "Sr." or "Architect" or "Networking" attribute, for which the knowledge provided in AUP would be indispensable.

You can purchase Advanced Unix Programming, 2nd Ed. from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

Wilson Fereira writes "The Jakarta Struts framework is undoubtedly the most popular MVC framework for developing web applications in J2EE. A lot of books have emerged to satisfy the appetite of avid Struts reader including the two famous books from O'Reilly and Manning Publications. Struts Survival Guide: Basics to Best Practices (SSG) is a new addition to the already growing list of Struts books. SSG is from a new comer in the publishing business - ObjectSource Publications." Read on for the rest of Fereira's review. Struts Survival Guide: Basics to Best Practices author Srikanth Shenoy, Nithin Mallya pages 224 publisher ObjectSource Publications rating 8 reviewer Wilson Fereira ISBN 0974848808 summary A short but valuable guide to the Jakarta Struts framework.

Even before I started reading the book, the fact that stood out most was its pricing. The book costs $14.95, and is great buy for everybody and especially students. The book is light -- just 224 pages -- and is an easy read. The authors' style is neither dry nor humorous, but very convincing and developer friendly. Bottom line: It does not put you to sleep.

There are two aspects to any framework: the first aspect is the features of the framework itself; the second aspect is how easy it is to use them effectively. This book does justice to both aspects of Struts. It covers enough framework features to justify its title, starting from bare bones and then slowly guiding you to more advanced topics. In addition, there are chapters dedicated to dealing with variety of scenarios in web applications where Struts can be used to solve the problems effectively. This is the area where the book shines.

Chapter-wise reviews The book starts off with an excellent introduction to MVC and how Struts fits into MVC. It then explains the basics of Struts very well and develops a hands-on application in Struts in the first three chapters.

The fun starts from Chapter 4 onwards. Chapter 4 covers advanced Struts concepts and presents some interesting ideas about Struts Action design. Of particular interest are the coverage of how to protect your JSPs from direct access, using SwitchAction to navigate between multiple Struts modules. The different mechanisms of Action chaining and scenarios where Action chaining is not recommended is also an enlightening read. One of the controversial points in the book is that author discourages you from using XDoclet and explains why XDoclet is not a great idea with Struts.

Chapter 5 covers the validation in Struts. It is the shortest write up on Validation I have ever read and yet it beautifully explains the Commons Validator and its integration with Struts. In the context of validation, the author also explains when to use DynaActionForm and its derivatives and when not to.

Chapter 6 deals with Struts Tags. Reading this chapter was such a refresher. Other books on Struts have bored me with details of each attribute of each tag in Struts. I find this approach non-intuitive since that information is supposed to be a cross-reference and available on Struts web site anyway. Not so with this book. This book takes the approach of explaining the basic tags by example. In chapter 6, the author dives straight into practical aspects of building web applications with Struts. One of the very first illustration is why and how to modify BaseTag (the one that renders ) to suit the real life deployment scenarios. Next the chapter takes up one of the serious issues with check boxes regarding their state and provides a solution. The chapter provides technique for seamlessly integrating JavaScript validations with Struts validation. A lot of Struts web application that we develop do not use plain buttons. Instead image buttons are used. Perhaps the author was very aware of this fact and the lack of support for image based form submissions in Struts. That is why the chapter and the book has frequent references and solutions for dealing with Image buttons. It all starts in this chapter with a great introduction and some classes that make the form submission on the JSP transparent to the Action classes.

The Chapter 6 provides little details on the Struts Bean tag library except for dealing with multiple resource bundles and some design tips. Perhaps the reason is that the bean tags are so straight forward and covered well in the Struts web site. Another highlight of the chapter is a short yet great coverage of JSTL as a background for Struts-EL. The JSTL is introduced in the context of Struts Logic tags as a solution to deal with convoluted and and confusing nested tags. The section on Struts-EL is really short and could have been more.

The creme la creme of Chapter 6 is the section on dealing with List Forms. Sometimes you often have to deal with Forms with collection, edit the collection or delete the collection. Developers are confused on this topic as is evident from the postings in Struts mailing lists. The author does a great job of resolving the mystery surrounding editable collections in Forms. The author also does a great job of integrating the Pager Taglib from JSPTags.com with Struts and how a high performance page traversal mechanism can be set up based on the ValueListIterator pattern (Core J2EE Pattern) and database specific mechanisms.

Chapter 7 is a very decent way to learn Tiles. Tiles can be very confusing due to its capability to achieve the same thing in numerous ways. The author sticks to just one approach of using Tiles with Struts and defends why that is the best approach. The pros of this approach are there are confusions and the learning curve with Tiles is flattened. Coverage of Tiles Controller is missing and is desirable.

Chapter 9 on Exception handling in Struts deserves some mention. It is one of the best exception handling chapters I have ever read. Most other books on Struts limit their exception chapter to explaining differences between Checked v/s Unchecked exceptions and telling how the tags work in the struts-config.xml. The coverage of Exception handling in this book alone is worth the price of the book. It provides a solid framework to handle Exceptions in Struts, log them in a centralized manner and report and alert in a production environment.

Chapter 10 is for folks who want to customize Struts and reap its benefits in design and development of production systems. It presents four examples of how Struts can be effectively customized. The best among them was how to how to handle duplicate form submissions in a generic manner. We all have to deal with duplicate form submissions in daily life and handle them on use case basis by using the Synchronizer tokens. The technique illustrated here no doubt relies on the Sync token but uses it a very ingenious manner, presents a generic Action class. I liked this technique. Other techniques I liked are that the chapter provides a Dispatch Action like functionality for Image based form submission. The DispatchAction in Struts is great, unfortunately I can use it only under certain restrictions. One of them is that the all of the buttons have to have the same name. This technique removes that restriction and opens a world of possibilities for designing cleaner applications while providing enhanced user experience.

If there is a feature in Struts which is not the best way to attack a problem, this book tells you that. The chapters are also interspersed with design tips for designing your Struts application better. In summary, this is a pragmatic Struts book and a highly recommended read for developers and architects already familiar with Struts. You will certainly pick up quite a bit of Struts tricks that will help you design better Struts applications. If you architect, design and develop Struts based applications for your living, do yourself a favor - Go buy this book. Even if you don't know Struts, you can learn it fast with this book. The only requirement is that you should already know the basics of how to develop J2EE web applications.

You can purchase Struts Survival Guide: Basics to Best Practices from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Simon P. Chappell writes "Linux programming is the C Programming Language. Elaborating a little, Linux programming is C, with the GLIBC library and the POSIX standard API. Even a language as powerful as C needs libraries and to get the Holy Grail of cross-platform portability, it's necessary to have them standardised. The POSIX API is that standardisation and Linux adheres to it very well (opinions from those litigious folks in Utah aside). For those of us who already know C, Linux Programming by Example sets out to teach you the rest in a step by step, helpful, relaxed and incremental manner." Linux Programming by Example author Arnold Robbins pages 687 (21 page index) publisher Prentice Hall rating 10 reviewer Simon P. Chappell ISBN 0131429647 summary An exellent tutorial for real-world Linux software development

What's To Like There are many things to like about this book (over and above the fact that page 118 has my all-time favourite UserFriendly cartoon on it :-). Linux Programming by Example (LinuxPbE hereafter) takes a steady, incremental path through the concepts required to write software that can effectively interact with the Linux environment.

It is a truism many of us have proven multiple times in our lives that one of the finest learning tools available to programmers is to read and grok good, working code, written in the language that we are learning. LinuxPbE takes this philosophy and walks you through actual example code from various Unixes and Linux. The first part of the book, specifically chapters one through six, covers all of the aspects of Linux programming necessary to understand the Unix V7 ls program in its full glory in chapter seven. I feel that this approach works very well.

Part two dives into processes, walking us through creating them, managing them, communicating with them by using pipes and sending them signals. A few other general topics are included for completeness. Part three then covers the art and tools of debugging in fairly substantial detail.

All the code in the book is very well laid out, with line numbers provided to the left, and comments (in a small sans-serif font) on the right-hand side of the code. This is a very readable combination that is enhanced further by the fact that at each logical division, an explanation is given of the design and implementation used by that section.

I can't resist admiring the addition of the essay "Teach Yourself Programming in Ten Years" by Peter Norvig. This is a classic exploration of the effort needed to attain mastery of any skill, concluding that the minimum length of time required is ten years. The inclusion of this article, to me, speaks well of the author and his understanding of the learning process. One can only hope that those learning from this book will come to the same understanding and realise that the book is the start of their journey to mastering Linux programming.

What's To Consider

Nothing notable.

Summary If you want to learn how to do this stuff for real, then this book will get you started. As "Teach Yourself Programming in Ten Years" explains, no book is going to cause you to become an expert in 24 hours, 24 days or even, perhaps, 24 months. That said, this book will be useful for many of those ten years, so run or surf to your favourite bookstore and purchase it now.

You can purchase Linux Programming by Example from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Craig Maloney writes "MySQL (love it or hate it) is one of the most popular databases for deploying websites. Perl (also love it or hate it) was almost synonymous with website programming. Arguably there are different choices for different needs in web development (PostgreSQL, PHP, Java, etc.), but there is no argument that if you are planning on putting together a website, using MySQL and Perl that MySQL & Perl for the Web will aid immensely in that development." Read on for the rest of Maloney's concise review of the book. While not new, he says it's still a valuable volume. MySQL and Perl for the Web author Paul DuBois pages 552 publisher New Riders rating 10 reviewer Craig Maloney ISBN 0735710546 summary A clear, well written book for Perl and MySQL

Who is this book for? Developers looking for a quality book on Perl and database development should not pass this book up. While the title of this book is MySQL & Perl for the Web, it could have easily been called DBD/DBI & Perl for the Web. The SQL examples may or may not work with various databases, but the DBI interface code should remain the same. This book will also do well as a reference for experienced coders looking for well-crafted examples of web-based applications. What's good? The second chapter should be enough to get anyone up to speed with using Perl, DBI, CGI, Apache, and MySQL. After a brief introduction and configuration of MySQL and Apache, the author settles in to discuss coding DBI and Perl. The remainder of the chapter details the best practices for using Perl and DBI together. Near the end of the second chapter, the author creates a fully functional to-do list, demonstrating ways to add, update, and delete information from the database using Perl and DBI. Instead of taking small baby steps over many chapters, the author shows important concepts and best practices for those concepts quickly. Even seasoned (hardened?) programmers may learn new tricks or methodologies from the second chapter of this book.

Is that the end? Are we left with one very well written tutorial chapter? Thankfully, the rest of the book has plenty to offer. Subsequent chapters include:

• Improving performance with mod_perl
• Generating and processing forms
• Writing form-based applications
• Automating the form-handling process
• Performing searches
• Session management
• Security and privacy issues
• E-commerce applications

Each chapter is clearly written, with several examples used to demonstrate the concepts presented. The examples are clearly written, and the author makes the whole learning process enjoyable and fun. The examples range from a give-away contest (including a random drawing), an electronic greeting card program, polling programs, and a shopping cart program. Each of the examples is presented completely, but are introduced in pieces (subroutines, modules, etc.) The full source code is available from the author's website at http://www.kitebird.com/mysql-perl/

What's in it for me? MySQL & Perl for the Web is the book that Perl programmers on any project will wish The Other Guy had read. The examples are clear, the writing is engaging, and the code is maintainable. This is a practical book and should not be overlooked in any serious Perl programmer's library.

You can purchase MySQL and Perl for the Web from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Blaine Hilton writes "Hardware Hacking starts by going over the basics of electronics, just enough so you can understand what is happening later in the book. This gentle beginning means the book is great for people who work with computers on the software side, or people who like to play with electronics. You do not need to be an electrical engineer to understand what they are talking about in this book. As the title suggests, the authors walk you through different methods and processes of modifying common hardware." Read on for the rest of Hilton's review of Hardware Hacking. Hardware Hacking author Joe Grand, Ryan Russell and Kevin Mitnick pages 537 publisher Syngress rating 8 reviewer Blaine Hilton ISBN 1932266836 summary Walks anyone through the process of modifying common electronic hardware.

The authors' explanations of many of the terms and concepts used in the book are very good. For example, the description of "power" on page 20 is the best description of the term that I've ever heard or read. From first-hand experience trying to explain this concept to others I wish I'd known such a lucid explanation -- it explained the concept much better than longer, dryer text would have.

Another positive point to this book is the pace and order of the book. It starts with part one, which is an overview of working with hardware; part two is a collection of hacks that one can do on different devices. If, like me, you never really did any thing with the Atari, you could skip those chapters and still proceed with the book. This book is easy to carry because there the authors frequently provide directions to other resources rather than trying to cram everything into this one book.

Like I said, I'm not too interested in Atari hacking, but the idea presented in this book (in an Atari-centric context) for a standard power connector is good for other things too. This is one of the biggest strengths of this book: The examples themselves are highly specific, but the thinking behind them can easily be generalized.

The first part of the book briefly explores tools that are going to be used later in the hacks and how to use them. However I found it a bit odd that the authors tell you to use a heat gun and heat-shrink tubing, but do not list these items in the tools section.

The fun really begins in part two with the actual hardware hacking. I have never really done anything with hardware before. It seems like whenever I took something apart I could never get it back again, and that those times that I did get something back it would never quite work as it should again. Those experiences have taught me to not mess with things I shouldn't and, this is why I think it's great that part two begins with the ubiquitous and cheap CueCat. I had a couple of these lying around and didn't really care about them so I jumped right in, following the many clear explanatory photos.

Starting with something like this gave me the confidence that I can take stuff apart, and if I'm careful, it will go back again.

The order of chapters seemed a bit odd in part two, though. A book must be arranged in some type of order, and my gut feeling is that it should be by order of difficulty. The second part started off great, going over tools and then the CueCat, but then it seems like the chapters that follow are tossed in at random. This could be from my lack of hardware experience, or that the chapters were designed to be random. This fact really didn't distract from anything though. Just don't expect a linear progression.

I was able to appreciate the integration between the hardware and the software. Hardware Hacking also goes over the software side of the hardware involved.

One of the areas I wish they had given more attention to was in the chapter on the Macintosh where they are hacking a CRT monitor. I believe that the safety warning should probably be a bit bolder, especially considering the earlier, prominent advice about static energy and grounding.

The authors have used part three as a technical reference, including some frank talk about Linux vs. Windows in chapter six. Sure, many people like Linux better, however you have to take into consideration who will be using the system. In a system the whole family uses, it has to be user-friendly enough for the whole family to use.

If changing hardware to better suit your needs sounds like something you would like to try, but you don't know how and are worried about what might happen, then this book may just be able to convince you go for it, along with enough information to make your next warranty-voiding attempt a success.

You can purchase Hardware Hacking from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

honestpuck (Tony Williams) writes "Many years ago I bought a second hand Ford Cortina in dubious condition. I kept it running with the assistance of a marvelous volume purchased at a specialist bookstore that was referred to as "the shop manual." It wasn't much help teaching you how to drive or how to park but if you needed to know how to perform an oil change, flush the radiator or bleed the brakes it told you all the details. Now James Duncan Davidson has given me a shop manual for Macintosh OS X Panther." Read on for Williams' review of the O'Reilly published Running Mac OS X Panther. (And for the curious, here's what google has to say about "Ford Cortina.") Running Mac OS X Panther author James Duncan Davidson pages 292 publisher O'Reilly and Associates rating 8/10 - Excellent book, a little thin on details in a few places reviewer Tony Williams ISBN 0596005008 summary A good shop manual for those running Panther

This volume assumes you know how to use your Mac, how to perform all the routine changes that are easily accomplished with the GUI. Davidson also assumes you don't want to know how to get a movie running as your desktop, or get an Exposé blob floating on the screen or any of the usual sort of 'hacks' or 'hints.' What he gives is a good guide to lifting the hood and performing serious mechanical work or tweaking the performance of your Mac with enough background information so that you can feel confident taking your own steps.

It was good after a few near misses to read an O'Reilly book that was once again well written, well edited, tight and crammed full of information pitched at just the right level. Davidson has done an excellent job with this book.

Davidson starts with a little history, and from the viewpoint he presents, this is not a waste of space; he spends his time explaining exactly how we arrived at the current version of the Mac OS.

Then we have a chapter titled "Lay of the Land" that explores the file system, including both the Finder view and the view you get from the command line. It also explains the four file system domains and the 'Library' directory. The third chapter is a quick (20 pages) look at the Terminal and shell.

Then we get 'Part II: Essentials,' which is the 120-page core of the book. This starts off, logically, with system startup and the login (and log out and shutdown). This is followed by short chapters on users and groups, files and permissions, monitoring, scheduling and preferences and defaults before a marvelous long chapter on the file system. Davidson goes into great detail and closely covers each of the topics, making sure that you get all the details not just 'recipes.'

Part III ("Advanced Topics") starts with a chapter on Open Directory that I found particularly useful. It includes coverage on Kerberos and single sign-on that explains it well, as well as the command-line Open Directory tools. The chapter on printing could have had a bit more guts. It covers the obvious but leaves out such joys as CUPS apart from a half-page sidebar; since sharing printers has caused me more than a little grief I would have appreciated more detail here. The final chapter on networking is better, and provides more useful detail.

It must be said that this section concentrates more on user level detail and leaves out real information on server level software and options. Given the target group for this book, and that a book has to draw a line somewhere, this is quite fair.

Davidson has picked his topics well, almost everyone will find all of Part II useful and educational. Part III is perfect for people wanting to run Panther in a corporate environment. He has balanced the command line and GUI well, pointing out where you can do a job with both and explaining the details.

Oreilly's page for the book has a table of contents and index but no example chapter. If you go to Davidson's page at O'Reilly there is a link to a short excerpt on scheduling tasks as well as several earlier articles Davidson has written for MacDevCenter.

I would recommend this book to any Panther user with a moderate amount of experience. It is not for the newcomer to the Mac, perhaps, but everyone else will benefit from this book.

You can purchase Running Mac OS X Panther from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page

ALecs writes "When I first discovered Samba, I was in heaven! I could serve my Linux filesystems to my Windows 95 desktop and life was good. Between then and now, though, Samba has gotten a lot more capabilities, and I've been struggling to keep up with the cryptic voodoo that is Windows networking. While 'The Official Samba-3 HOWTO and Resource Guide' has been a great resource, Samba seems to just be once of those packages that you just need to see in action to understand. Hearing my cries, and those of countless others, John H. Terpstra has bestowed upon the Samba community the tome of ancient knowledge sought by all: Samba 3 By Example: Practical Exercises to Successful Deployment ." Read on for the rest of Malone's review. Samba 3 By Example: Practical Exercises to Successful Deployment author John H. Terpstra pages 340 publisher Prentice Hall PTR rating 10 reviewer Joshua Malone ISBN 0131472216 summary Working examples to use Samba 3 in small or large office

Samba 3 By Example begins on a very friendly note by explaining how to get the most out of it any what you'll need to complete the exercises in the rest of the book. The beginning also includes a Windows networking primer, complete with packet captures (using the popular tool 'ethereal') showing how network browsing really works, under the hood.

This book follows the evolution of a fictitious company, "Abmas", through an impossible growth from a 9-person office to a 2000-person network with multiple sites around the world. You assume the role of the IT guy: charged with growing the company's network infrastructure, planning for change and, above all, keeping the users happy.

Some of the major challenges tackled in this book are:

• Using Samba-3 as an NT-4 style PDC
• Using Samba-3 as an domain member server
• Using the various authentication backends as alternatives to the traditional 'smbpasswd' backend
• Using LDAP to implement a Samba-3 PDC with backup domain controllers
• Authentication using winbindd
• Migrating from NT-4 to Samba-3 for a PDC
• Using kerberos to integrate Samba-3 into a Microsoft Active Directory domain (as a domain member server)

I am extremely impressed by Terpstra's book. It addresses the complete spectrum of Samba deployments, from the 10-person office to the 2000-seat, multi-site enterprise while explaining not just what to do, but how to do it and, most importantly, why. The examples are practical and you can really imagine some poor sap^H^H^H^H^H^H^H^H unfortunate systems administrator finding him/herself in these very positions. This book says that these scenarios are hypothetical aggregations of real-world situations, but could swear I've worked for this company before.

One of the nicest things about this book is that each situation is followed by a Q&A section - almost like a textbook - that addresses both the important points of the exercise, as well as some of the trivial details that were left out for the sake of brevity. Don't be tempted to skip them thinking that it's just a rehash.

It's worth noting that this book is not a replacement for TOSHARG and defers to it for technical details in multiple cases. These two books should be sidearms for any IT administrator that has to deal with Windows clients on a daily basis.

I'm also very impressed with Terpstra's candor about Samba's features, weaknesses and road map. Nowhere in this book is Windows put down as inferior or is Samba touted as the "be-all, end-all" of Desktop and client management solutions. The relative flexibility of Active Directory and Samba is discussed only briefly and the choice to use Samba over Windows is ultimately left to the reader. Since you've gone to the trouble of purchasing this book, Terpstra assumes you've already made up your mind and require no further convincing.

Continuing to be mindful of office politics, Terpstra devotes a section in each chapter to the political implications of replacing Windows with an open source product, and an entire chapter to the issues inherent in bringing Samba into a traditionally Windows-based shop. Even though he refers to this chapter as a "shameless self-promotion of Samba-3", I found it to be an even-handed discussion of the issues you will most likely encounter from anti-Unix advocates and IT managers who have bought into the anti-Linux FUD. These are real issues that Systems Administrators need to know how to deal with effectively but too many of us simply dismiss because we feel they are uninformed.

In addition to examples of Samba configuration, examples are provided to integrate Samba with other useful servers such as the squid web proxy, OpenLDAP, bind and dhcpd. The configuration files for Samba as well as these additional pieces of software are also conveniently located on the included CD-ROM, along with Samba 3.0.2 packages for Red Hat Fedora Core 1 and SuSE Linux (Enterprise server 8 for x86 and s390 and SuSE Linux 9).

I think my biggest complaint with this book is that the "case study"-like format of this book tends to lump a large number of new features into a single example. This can make it hard to isolate the particular feature that you're interested in.

For instance, the example that illustrates automatic printer driver downloads to Windows clients is lumped into a chapter that is primarily concerned with using LDAP to implement a BDC. Automatic driver installation is a great feature that many sites far too small to consider implementing LDAP would likely be interested in.

In all, though, I'm extremely pleased with Samba 3 by Example - perhaps even more than TOSHARG. In it, you'll find plenty of tips, working examples and honest admissions of bugs (and their workarounds) that will keep you from losing your sanity. You could almost call this book a 300 page Samba and Windows networking consultant with over 8 years of experience. Terpstra has been incredibly kind to the Samba community by imparting so much wisdom to us all in this book.

Josh Malone has been a FreeBSD and Windows system administrator for three and a half years working in development shops and hosting companies, and currently works as a Linux engineer for an embedded systems company. You can purchase Samba 3 By Example from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page

Matthew Morgan writes "Mozilla's strengths as an application platform often go unrecognized for lack of good documentation. Nigel McFarlane sets out to change that in Rapid Application Development with Mozilla. McFarlane describes his book as "a conceptual overview, reference, and tutorial" for building applications on the Mozilla platform. But does he have room for all three in one book?" Read on for Morgan's answer to that question. Rapid Application Development with Mozilla author Nigel McFarlane pages 770 publisher Prentice Hall PTR rating 7 reviewer Matthew Morgan ISBN 0131423436 summary A good overview and tutorial for building applications atop Mozilla, though not a comprehensive reference.

The Basics Rapid Application Development with Mozilla (hereafter RADM) centers on XUL, Mozilla's XML dialect for describing GUIs. Other Mozilla components, like XBL and RDF, are described mainly in terms of how they plug into XUL. Each chapter presents and explains a component, then shows it in action by using it in an example application (a web-page annotator) developed throughout the book. Chapter conclusions take the form of debugging hints; as McFarlane ruefully notes, most errors cause Mozilla to silently do nothing, making debugging a chore.

The first half of RADM covers basic XUL use -- the usual complement of widgets with CSS to style them and JavaScript to manipulate them. McFarlane does assume previous exposure to basic HTML, JavaScript, and CSS, but extensive experience isn't required. At each step McFarlane does a good job explaining what's similar to HTML (e.g. most DOM stuff) and what isn't (e.g. the layout model). A few components have no real analog in the HTML model, like Mozilla's command dispatch system, so they're presented from the ground up.

The Back End

The second half of the book leans more toward the back end: using RDF for registries and template data; piping data into XUL with overlays, templates, and XBL; using and implementing XPCOM components; and deploying applications built on Mozilla.

McFarlane's RDF tutorial is one of the best I've seen. He starts off on the right foot by introducing things in terms of a directed graph, with lots of examples and diagrams. Only after eighteen pages of that does he introduce the RDF/XML syntax. His explanation of RDF/XML is unusually lucid, quite a feat considering how hairy RDF/XML gets. (Disclaimer: I've had past experience with RDF, so I wasn't reading this as a beginner -- in other words, YMMV.)

In the succeeding chapters, RDF is applied within the various Mozilla arenas, like XUL overlays and package installation, where it's used to store config information. The centerpiece of RDF in Mozilla, though, is in its use to create data-driven XUL files through XUL templates.

The chapter on templates runs to sixty-plus pages, and it's worth it. McFarlane covers things I haven't seen covered anywhere else. For instance, he describes the algorithm the RDF query engine uses to evaluate queries, so that you can better understand what kind of queries you can construct. This is crucial information because the query syntax allows a lot of queries that are logically reasonable, but won't actually work.

This points to a strength of RADM: McFarlane doesn't hesitate to criticize Mozilla where necessary. Throughout the book, he flags incomplete features, buggy implementations, and other gotchas, such as security restrictions surrounding RDF that make it all but useless for remote scenarios.

(Incidentally, McFarlane explicitly disclaims coverage of Phoenix/Firebird/Firefox, sticking to Mozilla 1.4, but in practice everything I've tried has worked fine in Firefox 0.8.)

Two Out Of Three Ain't Bad

So, does RADM manage to accomplish its goals of being a conceptual overview, tutorial, and reference? I'd give it two out of three.

As a conceptual overview, RADM shines. McFarlane is at his best when comparing and contrasting closely related components, like overlays, templates, and XBL, all of which extend XUL but do it in different ways. I was left with a good picture of what can and can't be done in Mozilla.

As a tutorial, RADM is solidly useful. The example-application sections cover a surprisingly large amount of ground -- more than enough to get a developer new to Mozilla up and running. McFarlane chose a good subset to present as examples; still, all of his clear writing can't paper over the fact that Mozilla is really complicated, not just internally, but in the interface it presents to developers using it as a platform.

As a reference, RADM stumbles. The index is slim -- a mere eighteen pages after 752 pages of content -- which makes small chunks of information hard to find. This is mitigated by a detailed and well-organized table of contents. After a few weeks of use, I find myself turning to the contents first, and only trying the index if I have to.

Fundamentally, though, RADM isn't really a reference book, and definitely not a "quick reference." You'd be better off using a good site like XULPlanet for quick what-arguments-does-that-method-take checks, and reserving RADM for in-depth explanations.

Conclusion

RADM is published in Bruce Perens' Open Source Series at Prentice Hall under the Open Publication License. After a few months of letting the book sell on its own, they'll post the PDF of the entire book online. Is it worth buying in print? Given that it's more of a sit-down-and-read book than a quick-reference guide, I'd say so.

If you're considering Mozilla as a platform, I'd recommend RADM for its reasonable balance that shows Mozilla's strengths and weaknesses. If you're already sold on Mozilla and just want to wrap your head around it and start building an app on it, RADM is the book for you.

You can purchase Rapid Application Development with Mozilla from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page

AMuse writes "After taking a course at SANS from Ed Skoudis (and later hacking with him at the DefCon "Capture the Flag" contest in Las Vegas), I decided it was time to buy a copy of his latest book and see if he writes as well as he teaches. "Malware: Fighting Malicious code" is his most recent computer security book and was definitely a worthy purchase. Though the topic itself is not for novices, Skoudis does a splendid job of reviewing the basics with each chapter so that a less experienced security professional can follow along and learn. Additionally, he is very careful to show both Windows and UNIX/Linux examples of the topics, making the book accessible to a far wider crowd than some platform centric books I've read." Read on for the rest of AMuse's review. Malware: Fighting Malicious Code author Ed Skoudis pages 636 publisher Prentice Hall rating 9 reviewer Matt Linton ISBN 0131014056 summary A detailed look at malicious computer code, how to examine and defend against it.

One of the finest points of the book is that it's structured with the simplest (and most common) cyber-attacks in the initial chapters, and later in the book builds upon those concepts clearly. With each new chapter he delves deeper into the computer attack world and the increasing complexity of attacks and how to recognize, detect and counter them. Every description of an attack is paired with useful graphics and examples of code dumps or program output. As a bonus, the programs he recommends as tools in his book are the very ones he uses in his demonstrations.

Viruses, Worms and Mobile Code: The first few chapters start out relatively light for an experienced security person. They cover viruses, worms and mobile code (the nifty high level languages like ActiveX, JavaScript and VB which are so easy to abuse). Though the information is on a light level for the pro, a novice would find these chapters packed with useful information and examples of each of many types of nasty code. After each example, the book shows how to recognize an infection, then how to prevent them in the first place.

Trojans and Backdoors Once he's gotten the reader's feet feet wet, Skoudis begins to wade in deeper with discussion and analysis of Trojans and Backdoors. Even a pro will likely read something here that they didn't know before. As a quick example, he covers "port knocking" with spoofed hosts and sniffers as a means of evading detection of your backdoor by pesky net admins. Although these chapters include many high level concepts, Skoudis clearly demonstrates them via real world examples and references to code that you can obtain yourself and try out (On a well isolated network, of course!)

User and Kernel mode Rootkits After a healthy dose of trojans and backdoors, the book moves on to discuss in very great detail the current status of User and Kernel mode rootkits. In my opinion, these two chapters were the most detailed and thorough in the book. All told, about 160 pages of the book are dedicated to the Windows and UNIX/Linux kernels, how they operate and of course how they can be completely taken over and replaced by an attacker. If there's any book that can leave SysAdmins awake at night in paranoid fits, this is the book and these are the chapters.

The truly nasty stuff In the final chapters, he leaves the world of attacks that are already in the wild and discusses attacks that are yet to come. These topics include polymorphic code that alters itself with each infection to evade IDS and Antivirus signatures, tightly packaged combo attacks, potential BIOS rootkits and even microcode attacks where the CPU itself is infected with an attackers' code, hiding rootkits as soon as the power switch is flipped on.

Tying it all together The book then ends with two very helpful chapters which detail how to establish a test lab for yourself and analyze malicious code on your own. As a bonus, there's also a chapter on real world scenarios that you can investigate yourself to see what you've learned.

Conclusion All told, I would recommend this book for any serious security professional or SysAdmin/NetAdmin. It's also a very good read for Novice geeks but, although Skoudis does an excellent job of explaining the basics, the later chapters may be a bit too complex for someone without at least a bit of time as a power user.

You can purchase Malware: Fighting Malicious Code from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page

John Miles writes "It's been almost thirty years since young Laura and Sandy Crowther sat down at a Teletype and took their first steps into the mysterious subterranean world their father, Will, created for them. Now, if Nick Montfort's Twisty Little Passages: An Approach to Interactive Fiction is any indication, Crowther and Woods's pioneering computer game Adventure and its descendants are finally beginning to garner the critical recognition they deserve. At only 286 pages, Twisty Little Passages is a small, accessible book that addresses a deep and complex subject. The author's stated intention is to bring us the first book-length consideration of interactive fiction (IF) as a legitimate literary field, and he has certainly succeeded." Read on for the rest of Miles' review. Twisty Little Passages: An Approach to Interactive Fiction author Nick Montfort pages 286 publisher The MIT Press rating 4 out of 5 grues agree: Montfort's one of them! reviewer John Miles ISBN 0262134365 summary The definitive survey of interactive fiction for the literati... and the rest of us

Eight chapters, arranged in roughly-chronological order, detail the lineage of interactive fiction from its origins in Delphic riddles to its newest and most intriguing forms.

Passion and precision Among Montfort's first statements is one that demonstrates a commitment to careful scholarship that recurs throughout the book: "Text adventure and interactive fiction do not mean exactly the same thing." Infocom's Deadline and Emily Short's Galatea are cited as examples of IF that are not "adventures" in the pop-fiction tradition of exotic settings and perilous situations. These titles, among others, demonstrate that IF isn't just a delivery vehicle for the stereotyped themes of juvenile fiction with which it's often associated. Montfort proceeds to explain why he found it necessary to write Twisty Little Passages:

To see why a solid treatment of (IF) needs to be written, one need only consider this selection from the single page that mentions IF in Ilana Snyder's Hypertext: The Electronic Labyrinth (1996):

The precedent was Adventure, developed in the 1960s at Stanford University's Artificial Intelligence Laboratory (SAIL). The program was conceived of as an experimental game. A computerised version of role-playing games like Dungeons and Dragons, Adventure comprises a series of descriptions of fictional locations inspired by J.R.R. Tolkien's fantasy The Lord of the Rings (1954), and set in the surrounding Californian mountains.

These three sentences state six specific things about Adventure - when, where, and why it was developed, that it is a computerized version of Dungeons and Dragons, that its fictional locations are inspired by Tolkien, and that it is set in California. At least four of these six statements are clearly false, and the remaining two are misleading. (pages 9-10)

Essentially, previous authors and critics writing about interactive fiction just didn't care. In Chapter 1, "The Pleasures of the Text Adventure," Montfort shows that he does. Here, and in the following chapter ("Riddles"), he suggests that the IF art form has a much deeper history than we might think:

... the combination of an explicit challenge and a verbal literary work has a clear precedent (:) the riddle. By presenting a metaphorical system that the listener or reader must inhabit and figure out in order to fully experience, and in order to answer correctly, the riddle offers its way of thinking and engages its audience as no other work of literature does. (pages 3-4)

Recognizing that his audience is likely to include technical geeks as well as literary theorists, Montfort defines some lit-crit terms as they apply to interactive-fiction analysis. Towards the end of the first chapter, we're presented with terminology like "story," "narrative," and "plot," but the definitions Montfort offers could have been fleshed out without sending us to the library to brush up on our Russian formalism. The distinction between "diegetic" and "extradiegetic" exchanges (communication with the game world and the game engine, respectively) appears next, illustrated by Zork 's first few interactions with the user. "Metalepsis" comes next, defined as an intrusion or transgression between levels of story and narration -- sometimes unintentional, sometimes with fatal results. (Portions of Floyd's commentary in Planetfall are cited as an example of the former; the protagonist's robot-assisted suicide in Suspended exemplifies the latter). Happily, none of these intimidating-looking terms are prerequisites to an understanding of the book as a whole.

Naming the game Assuming the art of interactive fiction began with the riddle, what constitutes a work of IF today? After a brief excerpt from LookingGlass Technologies veteran Dan Schmidt's For A Change gives us an example of description, interaction and puzzle-solving, Montfort goes on to establish four requisite aspects of IF:

• A text-accepting, text-generating computer program;
• A potential narrative (a system that produces narrative during interaction);
• A simulation of an environment or world; and
• A structure of rules within which an outcome is sought, also known as a game.

Works which do not include each of these elements are deliberately excluded, among them "hypertext fiction," most graphical computer games, and numerous experimental titles. In this respect, Montfort perhaps misses an opportunity to reflect upon the true extent of IF's influence over the rest of the entertainment software world. With a reported 30,000 lines of text in Deus Ex 2 - more than any Infocom game ever boasted - I'd argue that the historical text-only criterion is becoming more questionable all the time.

The rise of the smart machines Much more than a theoretical treatise on IF, Twisty Little Passages is also the most complete chronicle of important IF titles, authors, and publishers assembled to date. Its middle four chapters focus largely on academic and commercial efforts at crafting and publishing interactive fiction. Chapter 3 begins with an introduction of the concept of generative literary machines ("ergodic literature"). Montfort cites the Turing machine-like nature of the I Ching , followed by a mention of Jonathan Swift's satirical machine from Gulliver's Travels, "made of equal parts of irony, sarcasm, and mockery, that would automatically write books on all the arts and sciences." Advancing to the modern era, we encounter Theodor Nelson's early hypertext experiments in 1970; the "Choose Your Own Adventure" books that appeared near the close of the decade; and the Dungeons and Dragons phenomenon that introduced a generation to the idea of participative fiction and inspired more IF and computer-game authors than even the most dedicated scholar could count.

The mother of all computer games, in Montfort's view, was Spanish engineer Leonardo Quevedo's 1912 chess-playing robot. Devised to attack a particular endgame problem on a vertically-oriented chessboard, Quevedo's machine was unique in that it represented the first so-called "chess automaton" that operated by legitimate electromechanical means rather than by fraudulently-concealed midgets. A subsequent refinement of Quevedo's machine would later catch the eye of famed computer scientist and AI researcher Norbert Wiener, achieving recognition as the first genuine attempt at artificial intelligence.

Mechanical curiosities aside, no discussion of human-computer interaction would be complete without inviting Joseph Weizenbaum's ELIZA (1966) to the party. As the first convincing conversation "bot", ELIZA accepted plain-English input from a human interlocutor, transforming it (albeit with no semantic understanding) into a sympathetic textual murmur geared to elicit further input:

Person: Men are all alike.
Computer: IN WHAT WAY?
Person: They're always bugging us about something or other.
Computer: CAN YOU THINK OF A SPECIFIC EXAMPLE?
Person: Well, my boyfriend made me come here.
Computer: YOUR BOYFRIEND MADE YOU COME HERE
Person: He says I'm depressed much of the time.
Computer: I AM SORRY TO HEAR YOU ARE DEPRESSED. (page 82)

Even more impressive than ELIZA was fellow MIT researcher Terry Winograd's SHRDLU, the first computer program capable of modelling, rendering, and allowing a human to interact verbally with objects in a virtual world:

Person: WHAT DID THE RED CUBE SUPPORT BEFORE YOU STARTED TO CLEAN IT OFF?
Computer: THE GREEN PYRAMID.
Person: THERE WERE FIVE BLOCKS TO THE LEFT OF THE BOX THEN.
Computer: NO, ONLY FOUR OF THEM: THE RED CUBE, TWO LARGE GREEN CUBES, AND A LARGE RED BLOCK.
Person: PUT THE BLUE PYRAMID ON THE BLOCK IN THE BOX.
Computer: OK (does it)
Person: IS THERE ANYTHING WHICH IS BIGGER THAN EVERY PYRAMID BUT IS NOT AS WIDE AS THE THING THAT SUPPORTS IT?
Computer: YES, THE BLUE BLOCK. (page 84)

Prior to reading the transcript above in Montfort's book, I'd heard of SHRDLU only in passing. It deserves a lot more attention than it's received. SHRDLU was one hell of an impressive hack in 1970, and it wouldn't be trivial today, judging by the capabilities suggested. Like the incredulous audiences that must have attended the early chess robot demonstrations, I'd have been prying panels off Winograd's PDP-6 with a screwdriver, looking for midgets ex machina.

Worlds from Adventure to Zork After bestowing the title "the first work of interactive fiction" upon a deserving SHRDLU, Montfort summons the spiritual grandfather of them all: William Crowther's Adventure . Released in 1975 for the benefit of his five- and seven-year-old daughters and any interested lurkers on the nascent ARPANet, Adventure combined ELIZA and SHRDLU's human-interaction capabilities with a primitive fictional setting:

YOU ARE AT A COMPLEX JUNCTION. A LOW HANDS AND KNEES PASSAGE FROM THE NORTH JOINS A HIGHER CRAWL FROM THE EAST TO MAKE A WALKING PASSAGE GOING WEST. THERE IS ALSO A LARGE ROOM ABOVE. THE AIR IS DAMP HERE. (page 88)

Crowther is a contemporary of Zork co-author Dave Lebling, who, coincidentally, was a member of the same Dungeons and Dragons group in Cambridge, Massachusetts. In one of Montfort's many personal communications with IF luminaries, Lebling says:

Eric Roberts . . . started running a D&D group a year or so before Adventure was written. Eric had his own ideas about how D&D should be done, emphasizing storytelling and de-emphasizing the mechanical aspects of the game such as die- rolling. He tried to create a Tolkien-inspired world that was fun and consistent with Middle Earth... I think one strong component that carried over into Zork was to try to keep the mechanical workings of the game as hidden as possible, which to me enhanced the fun and immersiveness of the experience. (page 86)

With such similar roots, it's no surprise that Zork and Adventure play like long-lost brothers. In Chapter 4, Montfort details the evolution of Zork and other important IF titles that were created by multitalented college students with free mainframe access and seemingly-limitless time on their hands. Much has been written about Zork and its legendary Implementers, but seldom have we been given such a well-documented survey of the personalities and motivations behind the game's creation. One tongue-in-cheek room description from the mainframe version of Zork didn't make the cut for the commercial releases:

Tomb of the Unknown Implementer
This is the Tomb of the Unknown Implementer. A hollow voice says: "That's not a bug, it's a feature!"
In the north wall of the room is the Crypt of the Implementers. It is made of the finest marble, and apparently large enough for four headless corpses.
The crypt is closed.
There are four heads here, mounted securely on poles.
There is a large pile of empty Coke bottles here, evidently produced by the implementers during their long struggle to win totality.
There is a gigantic pile of line-printer output here. Although the paper once contained useful information, almost nothing can be distinguished now. (pages 102-103)

Zork accepted complex sentences with indirect-object phrases, offered a much-larger vocabulary than its predecessors, and broke significant new ground in multiplatform software development, predating UCSD Pascal as the first commercial application for virtual-machine technology. But it also advanced at least one purely-literary aspect of computer gaming by introducing its first complex interactive character: the wily Thief. One of Montfort's references offers an insightful Joseph Campbell-esque definition of "villain": "the symbolic representation of forces working to seemingly hinder, but actually promoting, the hero's or heroine's development." (pages 112-113) Since Adventure's dwarves and pirate are not representations of anything else ("parental figures or psychological drives"), their deeds are destructive without being truly "wicked." Zork's thief, on the other hand, serves as a foil for the player character's combat skills, as a reflection of the player's own rapacious treasure-lust, and, ultimately, as an unwitting assistant in the quest.

Zork's innovations over the state of the art established by Adventure are too numerous to count, although Montfort explicitly avoids the common mistake of canonizing Zork and Infocom games in general while giving short shrift to other important IF efforts. In Chapter 5, we learn what became of the Zork implementers in their post-MIT lives at Infocom.

Alas, poor Infocom. . . In Montfort's words, Infocom, which was founded June 22, 1979 by Lebling, Blank, Anderson, and seven other MIT alumni, "began work on the foundation of IF while the plot of ground that it was to be built upon had not been completely surveyed." Chapter 5's opening paragraph is revealing:

Adventure is considered the great original epic of interactive fiction. Infocom's works call for a grandiose comparison made on a slightly-different metaphorical ground. Whoever the "Shakespeare" playwright actually was - common or noble, working largely alone or in close collaboration with a theater company - Shakespeare wrote, remarkably, not just the greatest English-language play, by critical consensus, but almost all of the great English-language plays. Similarly, the interactive fiction creators at Infocom devised practically all of the best-loved IF works in the history of the form. (page 119)

Although Scott Adams (no relation to Dilbert's creator) and his company, Adventure International , were the first to sell IF commercially in 1978, Infocom was the most successful IF publisher of its era. The company reached US $10 million in sales in 1985 with over 100 employees on the payroll. A quoted excerpt from the New Zork Times , the company's newsletter, illustrates how Infocom's marketing focused on their games' puzzle-centric design:

Although our games are interactive fiction, they are more than just stories: they are also a series of puzzles. It is these puzzles that transform our text from an hour's worth of reading to many, many hours' worth of thinking. . . . The value of our games is that they will provide many hours of stimulating mental exercise. (page 120)

Montfort subsequently comments:

The company's ... belief in the centrality of problem solving should explain ... why Infocom did not focus on creating what might more easily be seen as artistic and literary works that favored exploration, communication with characters, or alternate plot progressions. Yet Infocom did make some progress along these lines, and advanced the state of the literary art by coupling the textually described worlds and situations with carefully crafted puzzles in ways that great riddlers might, in provocative and affecting ways. (page 120)

Of the thirty-five games that Infocom published before its US $7.5 million sale to Activision in 1986, their earlier releases receive some of the most detailed analyses in Twisty Little Passages. In addition to discussion of the Zork and Enchanter trilogies, Montfort offers us insights on the unconventional, revelation-driven structure of Deadline, the Reagan-era sociopolitical commentary found in Infidel , and the tragic end of Floyd the Robot in Planetfall:

As a character who is also a technological artifact, Floyd is more important than his immediate function in the IF world suggests. He is a figure for the sometimes emotional relationships that people have with computers, or that are mediated through computers. (page 150)

Many other games, from Trinity to A Mind Forever Voyaging and the Douglas Adams- assisted adaptation of Hitchhiker's Guide to the Galaxy are discussed extensively in Chapters 5 and 6. Private communications between Montfort and Adams's collaborator at Infocom, Steve Meretzky, lend a glimpse of what it was like to work with the late, lamented author:

Adams's "world-class procrastination abilities," as Meretzky called them, did cause some problems for the ( Hitchhiker's Guide) project, which began in February 1984 and was slated (ambitiously) to be completed by the following Christmas. Meretzky said of Adams that "being a successful person with tons of interesting acquaintances, he had an extremely distracting life. Plus, he wasn't fond of the actual task of writing. He loved coming up with ideas, but hated wrestling them into a properly-formed work." (page 173)

Montfort's 35-page bibliography is a treasure trove in its own right, with online and printed references given equal weight. Academic grognards may question the long-term utility of online citations, but the omission of sources such as Briceno et al.'s comprehensive Down from the Top of its Game: The Story of Infocom would have been a serious shortcoming. Throughout the book, Montfort's goal of preserving and documenting the great IF works remains clear, with a scholarly ethos that's just as relevant to fans of today's games. He praises Infocom's relatively-lax copy protection schemes, compared to those used by other game publishers whose heavily-protected works may be lost to posterity:

If any examples of heavily-copy-protected computer games survive through another two decades for study and discussion, it will be thanks to the loose, widespread network of teenagers and college students who assiduously cracked these programs, allowing the crippled disks to run freely both on systems at the time and on compatible computers today. (page 159)

Activision, in particular, earns well-deserved props in the book for opening earlier Infocom works and encouraging independent development.

... and other commercial efforts Although Infocom's oeuvre receives the lion's share of attention in Twisty Little Passages, the book does not neglect the many other commercial IF publishing efforts on both sides of the Atlantic in the 1980s and 1990s. Chapter 6 ("Different Visions Worldwide") opens with a quick drive-by tour of Roberta Williams's 1980 Mystery House , recognized as the first graphical adventure game. A number of IF book adaptations were undertaken in the early 1980s as well, among them The Hobbit from Melbourne House and the classics Fahrenheit 451, Rendezvous with Rama, and Nine Princes in Amber from Tellarium. Along with the aforementioned Hitchhiker's Guide to the Galaxy released by Infocom in 1984, Montfort gives favorable attention to US Poet Laureate Robert Pinsky's Mindwheel , published in the same year by Synapse Software.

Brief histories of British IF publishers Level 9 and Magnetic Scrolls round out the chapter, along with an even-briefer mention of Legend Entertainment, written before Legend's shutdown in early 2004. The latter constitutes one of the few weak spots in Twisty Little Passages's coverage of the classics. Legend's integration of music, artwork, graphical navigation, and other interface enhancements in the Spellcasting 101 series went far beyond Infocom's efforts to modernize their own IF engines, and the company deserves more than a single paragraph.

At the end of Chapter 6, Montfort recounts the 2000 failure of former Infocom author Mike Berlyn's Cascade Mountain Publishing, one of the last commercial publishers of pure text-based IF. He proceeds to draw a sheet over the commercial market for interactive fiction in general, pronouncing it as dead as Graham Chapman's parrot:

A few individuals have since sought to sell their IF works, and the occasional company like Activision has re-released older works. The main market for interactive fiction today, however, is on eBay and other auction sites, where packaged disks from the 1980s are bought and sold by collectors and IF enthusiasts. Fortunately, the end of the interactive fiction market is not the end of the story for this form. (page 191)

I don't agree with this proclamation of commercial doom, which is a recurring theme in Twisty Little Passages. It's unreasonable to look at the failure of a single company which released two IF products in two years -- one of them a recycled effort from the mid-1980s -- and draw the conclusion that future IF games will only be offered for sale alongside Beanie Babies, assorted stolen laptops, and someone's spare kidney. Unlike modern PC and console games with multimillion-dollar budgets, a killer IF title can still be written by one guy or girl working the graveyard shift at home. Success is arguably a matter of recalibrating one's expectations -- and business model -- to match contemporary market conditions. (Did it ever make sense for Infocom to employ 100 people in some of the most expensive commercial real estate in Boston, working on a handful of all-text games that fit on 140KB floppies? Montfort stops short of considering this question, but in the post-Ion Storm era we live in, the answer should be pretty obvious.)

Fortunately, as the last two chapters reveal, a healthy independent IF community has sprung up to take the place of the commercial publishers who are no longer with us.

IF's independent authors: the once and future scene In April 1993, at the culmination of a long reverse-engineering effort by "a group of programmers called the InfoTaskForce" (page 202), Graham Nelson released an object-oriented programming language capable of creating story files for the Infocom Z-machine interpreter. Along with a commercially-available text-adventure authoring system known as TADS, Nelson's language, Inform, sparked an indy IF revolution.

The (growing) community of IF authors really began to demonstrate the vitality of the form in the 1990s, innovating in ways that early hackers and later game companies did not. Their IF works are usually even more widely available today than the most successful commercial software of the 1980s, since they are typically free for download and, thanks to the Internet, widely available. ... A relevant FAQ notes that ... there were five IF games in the 1996 Year-End Download Top 40, making these games some of the most popular non-commercial computer games in the world. (page 193)

As Montfort writes, Nelson also fired the first shot of that revolution:

Nelson's most famous piece of interactive fiction - and likely the most well-known IF work since the demise of Infocom - is the first fruit of Inform, the 1993 Curses . This large, complex, and difficult adventure is set in an English country home and in certain other spaces that are linked in fantastic ways to it. Nelson (2002) said he "consciously wrote it in an Infocom-esque spirit, aiming at the same epigrammatic style of wit." (page 203)

Ten years after the first release of Inform, hundreds of independent IF authors and fans congregate on Web boards and Usenet newsgroups to discuss new titles released using Inform, TADS, and a host of other IF platforms. In particular, the annual Interactive Fiction Competition, begun by the denizens of rec.arts.int-fiction and rec.games.int-fiction, celebrates its own tenth anniversary in 2004. Past Competitions have spawned groundbreaking titles like Adam Cadre's Photopia , released in 1998 and still much-discussed today, and Andrew Plotkin's unsettling Shade . These, and many other indy releases, are reviewed extensively in Chapter 7. It would have been good to see more pointers toward longstanding IF fan sites such as Eileen Mullin's XYZZYNews in this chapter, but for the most part, Montfort's latter two chapters do a great job of summarizing the state of interactive fiction's art and culture. His enthusiasm as an observer of the modern IF scene is infectious.

Two tentacles up I can wholeheartedly recommend Twisty Little Passages not only to IF fans and amateur historians, but to anyone serious about the foundations and culture of computer gaming. Infocom and Legend Entertainment auteur Steve Meretzky's back-cover blurb says it all: "(Twisty Little Passages) is a thoroughly-researched history of interactive fiction, as well as a brilliant analysis of the genre. Reading it makes me itch to fire up that old DEC-20 and start writing interactive fiction again!" As a fan of Meretzky's many IF works, I should be so lucky. As a fan of the IF art form as a whole, I'm indeed lucky to have run across Nick Montfort's excellent book.

You can purchase Twisty Little Passages: An Approach to Interactive Fiction from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page

nazarijo writes "I look at packets for a living. I generate them, I capture them and dissect them, and I try and make sense of them as quickly as possible. Sniffers and protocol analyzers are part of my bread and butter, and I'd be foolish to not use Ethereal. Tcpdump for a quick capture, but I use Ethereal when I need detailed information in a better, more navigable fashion. Because of that, I was pretty interested to see a book on Ethereal coming out." Read on for Jose's review of Ethereal Packet Sniffing from Syngress. Ethereal Packet Sniffing author Angela Orebaugh with Greg Morris and Ed Warnick pages 468 publisher Syngress rating 7 reviewer Jose Nazario ISBN 1932266828 summary Solid coverage of an excellent networking tool. Offers value beyond free documentation, insight available nowhere else, and plenty of handy tips and tricks.

I've used the tool for years, and I've read the docs a bit, so I felt comfortable with the tool. Still, I wanted to learn something new with it, and I wanted to see if this book could offer what I was hoping for. The book delivers, and does a pretty good job. One of the big tests for me about any book that covers an Open Source project is "Does this book offer more than the existing documentation?" If it fails to, the book isn't worth the money, I'll stick with free docs. While the book comes out favorably for me, I'll start with the things I didn't like, first.

One of the big things that is missing from this book is any coverage of Ethereal on OS X. Given how many people are migrating to OS X (from UN*X or from Windows), and the coverage of Ethereal on Windows, I would have expected some mention of it. Luckily it's available in both Darwin Ports and the Fink project, but some mention of any of the quirks people may encounter would have been welcome. Amy (from Syngress) tells me that they will have a paper in their Solutions center on Ethereal on OS X, which would be great to see.

Another annoyance with the book is the repeated coverage in some sections of various aspects of Ethereal. One that stands out is the coverage of the additional tools which are installed alongside Ethereal, like Editcap and Text2pcap. They are covered in chapter 2 for a bit and then more completely in chapter 6. Covering these tools only once would have sufficed, but it does let chapter 2 stand on its own. Amy tells me that they do this intentionally, because it makes some chapters stand on their own as "units" for others to use. That makes sense.

A final bit of the book I didn't like was the choice of screenshots: quite a number of the screenshots were full screen dumps when only one or two elements of the page really mattered. Either trimmed or annotated screenshots would have been more welcome. A lot of information gets dumped in Ethereal, helping people navigate the UI with a static, black-and-white image would have been welcome.

Now, on to the real strengths of the book. Like I said earlier, The book offers more coverage than the existing, free docs on Ethereal provide, or at least in a more manageable form. Obviously, with the source code in front of me I could dissect the tool and learn everything about it, but that's hardly efficient. Simply put, the book introduces network sniffing and troubleshooting well. How can you place a sniffer to get coverage, what can a sniffer tell you during troubleshooting (and what can it not?), and of course how to get and install Ethereal (on UN*X and Windows).

The next chapter covers exactly what you would expect it to, how to use Ethereal. Ethereal's main use is as a GUI protocol analyzer, so you have menus, panes and windows to navigate. This chapter tells you what they are and how they present and format the data you're looking at. The next chapter deals with four tools that come with Ethereal: Tethereal (very similar to tcpdump), Editcap, Mergecap, and Text2pcap (all useful for managing pcap files).

Chapter 7 is one of those handy things to read. Ethereal is typically used to read pcap files, but it can also read snoop files, Microsoft Network Monitor files, EtherPeek files, NAI's Sniffer files, and HPUX's nettl files, all of which you'll find around. It's handy that you can see how to integrate Ethereal with these other products.

Chapter 8 brings it all together with real world packet captures, many of which are also on the included CD. These files include scans, Trojan uses, and even worm traffic. All of these are useful for learning how to use Ethereal and highlight the power of the tool. You can go from novice to a pretty decent network protocol junkie if you dilligently study the resources in this chapter and on the CD.

Chapter 9 will be useful to a small subset of people, but quite useful. This chapter gives you a tour of how to develop for and extend Ethereal. Ethereal's main strength is a huge number of decode routines, such as sFlow and MPLS (in addition to the standard ones like DNS, DHCP, and the like). Using this information you can extend Ethereal for your own needs and maybe even contribute back to the project.

Either the developer's angle or the detailed discussions and examples of the filter syntax are my favorite parts of the book. They contribute significant value for everyday use, and I found them useful in a recent task at work.

The book is going to run the risk of becoming quickly out of date, given the development pace of Ethereal. However, it relies more on underlying core concepts and principles inherent in Ethereal, so it should stay useful for longer than you may think.

All in all I would say this is probably worth picking up if you're looking at becoming a network operator or network security junkie. You'll learn a lot about a powerful tool, how to integrate it into your use, and even how to dissect real traces of traffic. I give it a 7 out of 10 for the above weaknesses, but that shouldn't stop you from strongly considering it.

You can purchase Ethereal Packet Sniffing from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page

emmastory writes "The Nutshell series includes some of the most well-worn and useful technical books I own, and Cocoa in a Nutshell is one of the newer Mac-related additions to the collection. If you're familiar with the format of the series, probably the biggest question you'll have is whether or not this book is as good as the other Nutshell handbooks - the short answer is Yes, it's just as good as its predecessors." Read on to see the logic underlying that conclusion, in the rest of Emma's review. Cocoa in a Nutshell author Michael Beam, James Duncan Davidson pages 545 publisher O'Reilly rating 8 reviewer Emma Story ISBN 0596004621 summary A good overview of the language and API reference.

Cocoa is a great thing to learn, and if you've got some relevant experience with other languages, this book is a great way to learn it. It's one of the Apple Developer Connection recommended O'Reilly titles, and comprises a complete and thorough reference to the language that most Cocoa developers will appreciate.

I say most Cocoa developers rather than all of them because this is of course a Nutshell handbook - it's not intended to serve as a step-by-step tutorial for those without any prior Cocoa or object-oriented programming experience (for that, there's Learning Cocoa with Objective-C). Readers completely unfamiliar with the language may find the book a little bewildering, it's true. However, that's not to say you need to have already mastered the language before picking up the Nutshell book - the first part contains quite a decent introduction, and if you're already familiar with something like Java, this will probably be all you need. I have a couple of years of experience with C and Java myself, and although this was my first Cocoa book, I didn't feel lost when reading the book's first half.

Coauthor Michael Beam notes that "The 'In a Nutshell' format had always been a very efficient means of communicating information, particularly for more experienced developers. Cocoa is a very verbose and wordy API; that is, the method names are long and can have many arguments. It is often the case that a developer can be moving along in his code, and he knows what method to use, but can't remember the precise syntax. This book seeks to provide a quick way to look up that syntax." I think that's a goal it achieves admirably, and as long as readers are aware they're buying a reference and not a gentle introduction to programming, they won't be disappointed.

It's primarily the second half of the book that serves as a complement to Apple's documentation for the Foundation and AppKit classes. Apple's Cocoa site is better than it used to be, and it does include a basic API Reference along the line's of Sun's site for the Java API - you can use it for the kind of syntax-checking Beam is talking about, and many developers do just that. If you're already in the habit of looking things up on the Apple site, the API documentation in this book won't change your life. I prefer it to the web version, partially because there's slightly more explanation of the various classes, but not everyone will feel the same way.

So, who should buy this book? The intended audience is pretty much the same as that of the other programming-related Nutshell books. If you're completely new to programming, don't bother. You'll be much better off starting with something that assumes no knowledge of programming concepts and skills. On the other hand, if you're an experienced Cocoa developer who'd rather use Apple's Cocoa site than shell out for a book, there's really no reason to do so. But plenty of people don't fall into either of these categories. If you've got some OOP experience, and especially if you've already fumbled your way through a little bit of Cocoa but would like to learn more, you'll find the overview section very useful and the reference section convenient. (It's probably also worth noting that, at least at the moment, Amazon is offering Cocoa in a Nutshell for $15.98, down from $39.95. Even if you're not totally convinced it's worth forty bucks, it's definitely worth sixteen.)

You can also purchase Cocoa in a Nutshell from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page