Slashdot Mirror

ProfKyne writes "I was excited to read this book when I first noticed it listed as "coming soon" in the Java section of O'Reilly's site back in May. I downloaded and read the sample chapter and waited expectantly for the book to be released. I was hoping that this book would be perfect for me, as nearly all of the Java programming I have done has dealt in some way with database access, though I do not consider myself to be an expert on the subject. The book didn't disappoint; Java Database Best Practices is an excellent high-level guide to writing database-driven applications from Java." Read on for the rest of ProfKyne's review. Java Database Best Practices author George Reese pages 267 publisher O'Reilly Associates rating Excellent for Java programmers moving to J2EE reviewer Erik Price ISBN 0596005229 summary A high-level introduction to writing database-driven apps in Java

What it's about: The book is divided into three sections of several chapters each:

1. Data Architecture - an introduction to database-driven application concepts
2. Persistence Fundamentals - descriptions of the various persistence frameworks for Java application development
3. Tutorials

I should note that the book follows a strange order: the most logical progression for the apparent target audience of this book (developers just getting into J2EE) would be to read Part 1 first, then Part 3, and then Part 2, as the "Persistence Fundamentals" section draws heavily on content introduced in the later "Tutorials" section.

The first section (Data Architecture) introduces some of the concepts that will be covered in greater depth later on in the book, but also contains an excellent chapter, "Relational Data Architecture," on database schema design and normalization. By the way, this is the sample chapter that can be downloaded from O'Reilly's site. In fact, this chapter set itself apart from the rest of the book in that it goes into a great deal of detail on its subject (although obviously an aspiring DBA should probably read whole books dedicated to the topic of relational database concepts). Most of the rest of the chapters in the book is somewhat more lightweight than "Relational Data Architecture." This section also contains a chapter that introduces some of the things to be aware of when managing transactions, including implementation tips on using transactions in JDBC programming such as optimistic locking and the various transaction types (dirty reads, etc).

The Persistence Models section focuses on different persistence frameworks, there is a chapter for each of the following: Persistence Fundamentals, EJB Container-Managed Persistence (covers 1.x and 2.0 models), EJB Bean-Managed Persistence, JDO, and "Alternative Persistence." The fundamentals chapter is where some of the best of the "best practices" of the book are found, and introduces such patterns as the Data Access Object pattern and the Memento pattern in the context of a simple guest book JSP application. The EJB chapters do assume that the reader has a basic understanding of how EJB works, and provides suggestions and guidance on ways to implement EJBs in real J2EE applications. (Don't worry, if you don't know about EJBs, the J2EE Tutorial chapter later in the book provides this.) The JDO section is one of the shortest in the book; I think that it's just such a new technology (in terms of available implementations) that most of the "best practices" are yet to be discovered. "Alternative Persistence" means Hibernate and Castor.

The Tutorials section is definitely not for advanced Java programmers, as it contains beginner-level introductions to the J2EE platform, the SQL language, the JDBC architecture, and the JDO API. If you really don't know anything about JNDI or servlets or EJB, then the J2EE chapter is written for you -- it's not a "how-to" tutorial, but rather a description of the basic concepts. The JDO tutorial is like the J2EE tutorial, introducing the basic concepts such as "the extent" and the filter language used to query for JDO-persisted objects, but I think partly because it's such a new technology, there's not a lot of detail here. You'll still have to read more about J2EE EJB, or JDO, if you decide to use them in a production application. On the other hand, you will learn how to make effective use of SQL queries and the JDBC API (which lets you execute SQL queries from your Java code) from their respective tutorials.

While this is a good start, you will eventually want something more in-depth than this if you are actually implementing a J2EE application (such as a book dedicated to servlet/JSP programming or Enterprise JavaBean development). But I really wish that I had read Java Database Best Practices before tackling these subjects, as it would have helped ease the transition

What's to like As strange as it may sound, one of the things I liked most about the book is that it is relatively thin. In other words, the author gets right to the point and doesn't waste excessive space replicating information that can be found elsewhere. For instance, when describing how to implement a database-independent sequencing component, he incorporates enough code to support what he's saying, but doesn't include page after page of complete code listing, intact with multi-line Javadocs and plenty of whitespace -- just the meat. You can download all of the code from O'Reilly's site in a zip archive (and yes, it does include the Javadocs and whitespace that are wisely omitted from the book). Ironically, the book costs no less than other offerings from O'Reilly that are twice as thick.

Also, the "best practices" in the book are very good and, at least in my case, I was not familiar with some of them, so it was very worthwhile reading. As an example, I myself have recently run into the problem of different sequencing systems on different databases (such as MySQL's AUTO_INCREMENT column type vs PostgreSQL's sequence types). I've worked around it by modifying the application's database calls, but that isn't really a good strategy. Implementing a sequencer at the application level (one of the "best practices") is a much better idea if you're not clustering your application servers and other applications will not be performing INSERTs into the database. On the other hand, if clustering is an issue, then it's probably a better idea to use EJBs, and if other applications will be writing to the data store, then database portability will be difficult in the first place (even with the help of Perl's DBI or PHP's PEAR DB abstraction). Some of the other excellent best practices introduced are the DAO pattern and database schema normalization coverage.

What's to consider The most important thing to know when considering this book is that it really struck me as being appropriate for novice J2EE developers and/or those who are new to database programming in general. First of all, I think it's safe to assume that most people who will be doing anything with databases in Java will be using at least some element of the J2EE platform, and this book makes that same assumption. Java's tremendous success right now is in server-side application development. This means there won't be as much useful information in this book for the folks who are writing, say, an AWT interface tightly coupled to a MS-Access database through ODBC calls. Second of all, the patterns and practices described in this book should be familiar to most people who are already architecting J2EE applications, and are covered in greater depth in other books on enterprise application development.

Having now covered the main consideration, I do have to pick a couple of nits. Firstly, this book does suffer from a few of the editing problems that plague nearly all computer books (yes even the O'Reilly books) in their first printing. It's kind of embarrassing, but even in the sample chapter I found a somewhat bizarre mistake near the end, where a class diagram is drawn up using ERD notation instead of UML. Fortunately, there aren't too many technical errors like this. Another bone to pick was the author's choice to use a hideous scriptlet-heavy JSP instead of a servlet forwarding to a JSP in the small Guest Book application in "Persistence Fundamentals." I know that this is Java Database Best Practices, not Java Model View Controller Best Practices, but scriptlets are both difficult to read and quite frankly scorned as J2EE moves toward JSTL and JSP 2.0. It's a little too bad that View and Controller are mixed up in this example, because the author does an excellent job of explaining how to implement the Model using the Data Access Object pattern.

Finally, I have a feeling this book was named "Java Database Best Practices" for marketing reasons, perhaps to go with O'Reilly's other offering, "Java Enterprise Best Practices". While this is an excellent book about Java database programming, and there are indeed dozens of "Best Practice" tips strewn throughout the book, I think a better name for this book would have been "Java Database Fundamentals."

The summary I didn't want to simplify and rehash the book's "best practices" contents in this review, but rather provide prospective readers with an idea of what to expect from this book. Personally, I got a lot out of the book, but if you've already implemented bean-managed persistence in your EJBs using JDO, then you've probably already gotten past the point where this book is going to be a big help. In your case, it might be worth having around the office if you can get the company to pay for it. However, for those who have learned the Java language and want to get more involved in server-side application development, you're going to want to make sure you're familiar with all of these concepts and this book is the perfect way to get started with that. Where to find more info I'm not going to replicate the table of contents or any of the content in the book, because all of that information as well as the excellent sample chapter are available from O'Reilly's site. I purchased the book from SoftPro Books in Massachusetts (US), a bookstore for computer geeks. This is a good place to peruse the book if you're still riding the fence.

You can purchase the Java Database Best Practices from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

A reader writes:"Dan Gillmor has just published a column on his weblog about creating a collaborative book with his readers. The outline/full details are on his page - O'Reilly will be publishing the book." Dan and I spoke briefly about this - it's semisimilar to what Slashdot did with Jane's Intelligence Review - which turned out well.

rjnagle writes "The availability of HOW-TOs and newsgroups is supposed to make the sysadmin's job easier, right? Much as I am a proponent of the 'distributed learning model' for Linux, the endless searching for answers on the Web for setting up Linux RAID was getting to be a royal pain. Sure, there was a RAID how-to and an excellent newgroup, but some of the information is out of date, and the tricks suggested by people a year ago may be no longer needed today. Robert reviews the O'Reilly title Managing RAID on Linux below to see how it stacks up to HOWTOs, guesswork and anecdotal evidence. Managing RAID on Linux author Derek Vadala pages 245 publisher O'Reilly rating The best reviewer Robert Nagle (aka idiotprogrammer) ISBN 1565927303 summary This book brings RAID to the masses

A person deciding to go with RAID faces a panoply of options and gotchas. Hardware or software? How many controllers? ATA or SCSI (or ataraid)? RAID 1 or RAID 5? Which file system or distribution? Kernel options? Mdadm or raidtools? /swap or /boot on raid? Hybrid? Left or right symmetric? One poster pointed out that putting two ATA drives on the same controller could impact performance. Yikes! Didn't I do that? Upon discovering that O'Reilly had just published its Managing RAID on Linux book, looking at sample chapter , I bought the book and let my blood pressure return to normal.

RAID is one of these subjects that is really not complex; it's just very hard to find all the information in one place. This is precisely the book to solve the problem. Author Derek Vadala, sysadmin and founder of Azurance.com, an open source/security consulting firm, has gathered a lot of information and even personal anecdotes to go through the decision making process when going over to RAID. He goes step-by-step through that process, educating us about hard drives, controllers, and bottlenecks along the way. This exhaustive book may be the first to bring RAID to the masses.

Although parts of the book (RAID types, file system types) may seem already familiar to experienced Linux users, it is helpful nonetheless to have everything in a nifty little book. A section of file systems provided not only a rundown of the merits and drawbacks of each one, but also a guide to their utilities. I learned for example what "file tails" for Reiser are, and why using them causes performance to degrade after reaching 85% capacity. The book compares raidtools with mdadm as well as lovely commands like nohup mdadm -monitor -mail=paranoidsysadmin@home.com (which, if you haven't guessed, causes the system to email you RAID status reports upon boot).

People who use software RAID may skip over the chapter on RAID utilities for the leading RAID controller cards. Still, there was one interesting tidbit: Why, the author asks, do makers of controller cards put all their BIOS utilities on DOS floppies which require us to find a DOS boot disk? Seriously, how many of us carry around DOS boot disks nowadays? The book made me aware for the first time of freedos, an open source solution that solves precisely that problem.

The Software RAID stuff was pretty thorough and clarified a lot of things. The book does an excellent job in helping to identify and eliminate bottlenecks and optimizing hard drive performance (using hdparm and various monitoring commands). The anecdotes and case studies definitely clarified which RAID solution is suited for which task.

I am less impressed by the book's sections on disaster recovery and troubleshooting. Although these subjects are brought up at several places in the software RAID chapter, the book could have discussed several failure scenarios or used a fault tree (such as the famous Fault Tree in Chapter 9 of the Samba book, a marvel for any tech writer to read). The book doesn't even discuss booting with software RAID until the last 10 page of the book and then gives it only a single paragraph (even though the author acknowledges it as "one of the most frequently asked questions on the linux-raid mailing list."). Call me old-fashioned, but isn't the ability to boot into your RAID system ... kinda important? As someone who just spent a significant amount of time troubleshooting RAID booting problems in Gentoo, I for one would have liked more insight into the grub/lilo thing. Also, in the next paragraph in the last chapter on page 228, the author casually mentions that "all /boot and / partitions must be on a RAID-1." Say what? Please pity the poor newbie who religiously follows the instructions in the book but fails to read until the end. I'm not sure what the author meant by this statement, but it required a much more substantial explanation and needed to go into a much earlier chapter.

These complaints don't detract very much from this excellent book, a true O'Reilly classic and a model of clarity and helpfulness. This book provides enough knowledge to avoid the dread and uncertainty that comes with trying to tackle Linux RAID. With a book like this, a sysadmin can sleep a little easier.

Recommended Readings:

• Reliable Linux , by Iaian Campbell, Wiley and Sons, Dec 2001, ISBN: 0471070408. Gives excellent information not only about RAID but on general Linux reliability issues.
  
• Software RAID in the Linux 2.4 Kernel by Daniel Robbins. (Part Two).
  
• Linux Journal Article on Software RAID by Joe Edwards, Audin Malmin and Ron Shaker. ( Part Two).
  
• "How to do a gentoo install on software RAID" by Chris Atwood. Gentoo User Forum.

Robert Nagle (aka Idiotprogrammer )is a Texas technical writer, trainer and Linux aficionado. You can purchase Managing RAID on Linux from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

David Kennedy writes: "This is a review of Brett McLaughlin's new O'Reilly title, Building Java Enterprise Applications. Volume 1: Architecture, subtitled Designing with EJBs, Databases, and Directory Servers." Read David's in-depth review, below. Building Java Enterprise Applications, Volume I: Architecture author Brett McLaughlin pages 300 publisher O'Reilly rating 9 reviewer David Kennedy ISBN 0596001231 summary Practical guide, with examples, for building a J2EE application from scratch.

Summary: Building Java Enterprise Applications is an excellent book, and ought to be on the bookshelf of every J2EE programmer working on the mid- and back-tier. If you are like me, then you then have a series of books on various parts of the J2EE alphabet soup -- a few on EJB/JNDIs, one on JMS, one on RMI, one on JDBC, a database/SQL primer, a J2EE patterns book (I recommend Depur et al. by the way), maybe even some hyped-up case studies from Sun's press etc -- but nothing on how to design an entire J2EE application from scratch. There is nothing scarier than a blank piece of paper at the beginning of a project -- this book provides a combination of a tutorial and worked example, along with an insight into the thought processes of the designer.

There are not enough books of this type for the J2EE platform; the emphasis on tying together disparate technologies to build a coherent system is exactly what I need at this stage of my career, and I found the author's constant revisions and tweaking of his design fascinating and reassuring. I'm going to pre-order Vols. II and III.

Check your sources.

You might recognise the author's name -- Brett McLaughlin is the author of another O'Reilly title, Java & XML*, and writes for flashline.com, IBM Developer Works, JavaWorld and others. You can either Google for these or visit the web-site newInstance. In my opinion he knows his onions, is aware of what other root vegetables are out there, and, most important, he can communicate well.

What's the book about? I'll give you a bit of the blurb first, as it's a fair description of the material:

"Java has many enterprise APIs: JNDI, EJB, JMS, JAXP, and the other XML APIs, JDBC and more. But how do you as a developer put the pieces together and build something that works? How do these components integrate with back-end servers (databases and directories) and with front-end platforms (web servers and web services)?"

"[This] is Volume I of that series; it covers the business logic and back-end of an enterprise system, including entity EJBs, JDBC, JNDI (...), and JMS. Volume II will discuss architectures for web applications; Volume III will venture into the still-uncharted territory of web services."

That's quite an ambitious series; and something of a departure in style for O'Reilly, who have built their enviable reputation by providing definitive titles on one technology at a time. This more a book on when to use a tool, and which tool to use, rather than how to use a tool. I think it's good to see O'Reilly branching out in this way, but it brings them into the preserve of other publishers. It might be interesting to see how this new type of title does.

So what is covered in detail? Let's have a detailed look at the contents:

1. Introduction
2. Blueprints
   This chapter outlines the case study that the author uses for the remainder of the book. This takes the form of a simple, but not trivial, financial-services tool. The blueprints are high-level sketches of the business need, the Data Layer, the Business Layer, and the Presentation Layer.
3. Foundation
   This covers designing the data stores, databases and directory servers.
4. Entity Basics
   Basic design patterns, coding and deploying beans.
5. Advanced Entities
   IDs and CMP, data modeling and the nasty details.
6. Managers
   Managers, in the facade sense, for entity beans and the LDAP directory.
7. Completing the data layer
   Nasty details, populating the data store.
8. Business Logic
   The facade pattern and stateful/stateless design.
9. Messaging and packaging
   JMS on the client and server. Packaging.
10. Beyond flexibility
    The wrap-up chapter, covers the major design points, discusses adapting the material to your own projects, and hints and what presentation layers may be added as a teaser for Vols. II and III.

As you can see there are no surprises in the contents. Once the high-level problem and solution is laid out, there's just a sensible progression through the layers. I particularly liked the practice of stopping and reviewing at regular checkpoints -- it helped tie the material together and emphasize the layering in the design.

There are some detailed appendices giving vendor specific instructions for databases, containers etc. This section also contains all the non-unique code for each layer, e.g., all the entity beans that weren't discussed in detail.

• SQL Scripts
  Cloudscape, InstantDB, MySQL, Oracle, PostgreSQL.
• SQL Deployment
  Ditto.
• Directory server setup
  iPlanet, OpenLDAP.
• Application server setup
  BEA Weblogic only.
• Supplemental code listings
  All code also available in completed final form on the associated web-site.

Sounds wordy... It's not. This is a short book, only about 300 pages including appendices and index. (Compare that to something like Roman's classic EJB book ...) Chapter content is only 200 pages. Fully a third of the content of the book is code; this is definitely one for the programmer, those of you who delight in detailed breakdowns of requirements, user stories, schedules, etc will find little or nothing of interest here.

Equally, there is little in the way of explicit (non-coding) high-level design discussion -- all the code is evolved directly from the well-written text. This is not a bad thing at all -- the design seems sensible and straightforward, always a good sign, and mostly presents an admirable example to any young programmers watching.

All this doesn't mean you are reading a listing though. As on any project involving EJBs, there is a lot of more-of-the-same code between beans -- most of this code is concentrated in the appendices, and only the material under discussion is presented. New code is always presented in full, from package declaration to closing brace. This is refreshing and permits you to actually get something working as you read through the text, although you'll need to be prepared to set up app servers, databases etc to get maximum benefit.

Target audience? Experienced Java programmers who have started using the J2EE platform and are fairly comfortable with all the bean types, JMS, JNDI etc. This book states several times that it is not a primer on any one technology, and provides ample references to more detailed texts when appropriate.

This is very much a book for a wannabe J2EE developer who can't quite figure out how to fit the pieces together, or, like me, just has a gap in his/her skillset when it comes, to, say, LDAP.

What's good? Lots of it. Mainly, the best thing is the clear presentation of a LOT of code via a well partitioned example application (which will also be re-used in Vols II and III). The code is of good quality too, and presents several idioms that while obvious now, were unknown to me when I started EJB work... with the usual reworking-over-a-weekend later on. In particular, there are some commonsense pieces of code -- like a nested exception class for those of us still using pre-1.4 (and remember, you're tied to what your app server supports), some simple session and entity bean Adapter classes, simple Value Object classes etc. As I said, nothing earth-shatteringly novel, but it's nice to see a lot of these idioms used together to simplify the code.

Another admirable thing about the book is the handling of the detail. I've read several books which follow the practice of putting in Gotcha! box-outs, and to be honest, few of them are that useful unless you are a novice. I'm been programming for a few years now, and was amazed at the silly difficulties I've had with my first EJB project -- as a result I'm pleased to say that the box-outs indicating problem areas sound like the voice of bitter experience. For example, there is discussion on following the correct style for accessors/mutators under CMP (getId works, getID cheerfully fails), advice on the very fixed order in the deployment descriptor XML, problems with case-sensitive searches in JNDI, etc. Those of you who've worked with, particularly, EJB1.0/1.1, will undoubtedly have groaned as you realised the problem de jour was something simple-but-outside-your-code like those examples.

Admittedly it's not my area really, but I also found the whole treatment of directory servers very clear and useful. For the first time I understood (a) how they work (b) when they complement databases (c) how to use them easily from my code. Again, I admire the level of detail achieved without being confusing -- I don't see many introductory books include things like the default port number for directory servers using SSL (636 - well, I didn't know that!).

What's bad?

Not much. By nature of the book it doesn't go into huge detail on all technologies used -- there were a few areas where I wanted more. In particular I would have liked to have seen more on testing; now that XP is pretty much mainstream, no one can deny that unit testing is vital on production projects. (When I started using EJBs I had to kludge together a nasty version of JUnit which fitted into the sub-optimal build and client-server framework we were using. I've since found that there are better ways to test EJB layers, but I can still only think of one book, by Richard Hightower, which walks you through examples.) Although the build files in the example use Ant, which makes JUnit and other tools very easy to integrate, there is no mention of unit testing. This is a pity.

The only other things that caught my eye were minor -- coding style in particular. The coding style in the book is very straightforward and Sun-standard, but I have to admit that I'd have liked more JavaDoc'ed code. The code on the website is much more fully commented. I understand that printing this means more paper, and thus a thicker and more expensive book, but on some of the custom methods it would have clarified things for me.

In particular, and I'm being picky here, I didn't find that the authors practice on handling nulls and errors fitted with my own -- admittedly I don't so much practice "defensive coding" as "paranoid coding." Most methods were not null safe, and that can be a nightmare to debug in an n-tier system. Also, he took the line of returning null to indicate failure or error. I understand it's a valid design decision -- my experience says to go with more explicit errors in a larger project, and I would have liked a page or two on the choices here.

Another area where I feel there is room for improvement in the presented style is in the use of hard-coded Strings for lookups - for example, in the AccountManager object there are several lookups of the AccountHome, e.g.:

    AccountHome accountHome = (AccountHome)context.lookup(

        "java:conp/env/ejb/AccountHome";  // Whoops, finding this can be tough!

From experience code reviewing EJB based projects, it's going to save a lot of pain looking for typos if this repeated hard-coded String is (a) extracted as a constant so it can only be mistyped in one place and (b) refactored into a lookup method. It's a fairly minor point, but useful to do right from the start on an EJB project and worth pointing out to someone starting their first one. (Mis-typed meta-data like this is a bit of a weakness in the J2EE framework in my opinion - I always feel that I'd save a lot of time if the compiler or some J2EE aware verifier could check over those Strings to see if they match anything else in the build... I've used vendor tools which claimed to do so, but as they didn't even check that methods/lookup names were in the bean source I wasn't sure what was being verified!)

One last thing: I know it's minor, but why the insistence on importing explicitly? I feel it makes maintenance more difficult -- change one LinkedList to an ArrayList and you're off fiddly with minor imports again. I also didn't find this:

import javax.jms.JMSException;
import javax.jms.Message;
import javax.jms.MessageListener;
import javax.jms.ObjectMessage;
import javax.jms.Session;
import javax.jms.TextMessage;
import javax.jms.Topic;
import javax.jms.TopicConnection;
import javax.jms.TopicConnectionFactory;
import javax.jms.TopicSession;
import javax.jms.TopicSubscriber;

as appropriate for a printed book as this:

import javax.jms.*;

It would have been nice to trade those 10 lines wasted for some custom JavaDoc. However, all told there is remarkably little to grumble about in this book -- I couldn't even spot the obligatory editorial mistake. (That really annoyed me.)

Alternate titles?

Can't think of a good one. (Either a sign that this book is one you might want to look at or else so completely specialised as to be of use to only one person in the world, and that person is probably the author. Luckily, I think it's the former in this case.)

It is however worth a trip to the bookstore for companion, as opposed to alternate, titles before reading this - it assumes detailed knowledge of several J2EE areas, but provides suggested (O'Reilly) titles for reference.

Sounds good -- but what do you know anyway?

Time for the disclaimers. Some material in the book I found useful because I lack experience -- in particular, some database and LDAP stuff.

However, 5 years of getting paid to play^H^H^H^Hcode, and a personal reference library of some 120+ books has made it easier to spot the rare decent title! Most of my J2EE books are from my experience of EJBs for the last year or two, so I know what mistakes are easy to make, as I've made 'em. [I'm actually catching up on my reading, and hence reviewing, due to the Great Telecomms Downturn finally affecting me - anyone want a J2EE developer? :-) ] Finally, I paid for this book (which isn't the case for some of my other reviews).

You can purchase Building Java Enterprise Applications, Volume I from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

(* Bonus mini-review: a useful book, but not easy reading, I found it hard to slog through, but managed my first XLST work in about 10 minutes using it.)

Welcome to Slashback, with updates (below) on a handful of recent Slashdot posts. Most importantly, a message regarding OpenSSH 3.3 could save your system from attack -- read it; you might need to pass the word on to your vendor, too.

Things that make you want to bring back thumbscrews. A few days ago, we mentioned the release of OpenSSH 3.3; compared to previous versions, the biggest change in 3.3 is increased emphasis on privilege separation. Today, Theo de Raadt sent word of an OpenSSH vulnerability being worked on by ISS and the OpenBSD team, details of which are expected to be published early next week.

In an announcement sent to bugtraq, he wrote: "However, I can say that when OpenSSH's sshd(8) is running with priv separation, the bug cannot be exploited.

OpenSSH 3.3p was released a few days ago, with various improvements but in particular, it significantly improves the Linux and Solaris support for priv sep. However, it is not yet perfect. Compression is disabled on some systems, and the many varieties of PAM are causing major headaches.

However, everyone should update to OpenSSH 3.3 immediately, and enable priv separation in their ssh daemons, by setting this in your /etc/ssh/sshd_config file:

UsePrivilegeSeparation yes

Depending on what your system is, privsep may break some ssh functionality. However, with privsep turned on, you are immune from at least one remote hole. Understand?

3.3 does not contain a fix for this upcoming bug.

If priv separation does not work on your operating system, you need to work with your vendor so that we get patches to make it work on your system. Our developers are swamped enough without trying to support the myriad of PAM and other issues which exist in various systems. You must call on your vendors to help us."

Theo emphasizes the role of vendor cooperation in making privilege separation work on the full range of systems on which OpenSSH runs. "If the vendors don't start pulling their part," he says in an email, "by the time the bug is posted their customers will be left unprotected. These vendors who do not do the right job and instead just 'sell sell sell' are starting to become annoying. On a lot of systems today, privsep does NOT work well at all. The vendors have not been helping!"

A patched version of OpenSSH could be released as soon as Friday, incorporating vendor patches received by this Thursday.

Read More on Stallman. Vamphyri writes: "Sam Williams, author of 'Free as in Freedom', biography of GNU/Linux founder Richard M. Stallman has gone live with the online free version 1.0 of FAIFzilla.org. The paper pulp version publishers O'Reilly & Associates agreed under the terms of the GNU Free Document License and have their own version up at their site. Williams' site allows for content and corrections to be submitted by readers. He hopes for contributions to be included in later editions of the O'Reilly bio. Also: CGI coders wanted for site enhancement, paragraph and line numbering, searches etc. Maybe a CVS Tree is in order? :)"

"Urpmi Norton" doesn't work for some reason. MrResistor writes "Upon logging in to my computer at work this morning, I was greeted by a virus update notice from McAfee SecurityCenter. The update for today includes W97M/Melissa@MM, and of course McAfees newly manuf^H^H^H^H^Hdiscovered threat, the W32/Perrun JPEG virus (which was also highlighted in yesterdays update). All of the updates in the last week or so have been rated Low or No Threat (except for Perrun, which is "Low On Watch". It seems that in addition to manufacturing new threats, they're also rehashing old threats to keep subscription renewals up. Perhaps it's time for Slashdot to add an Ethics topic?"

Reader cpfeifer contributes the review below of O'Reilly's Programming Jabber: if your job (or hobby) includes instant messaging in all its glory, Jabber is a free-beer, free-speech framework for setting up instant messaging systems not bound to a single server in the middle. As cpfeifer points out, instant messaging can mean a lot more than popping an on-screen note to your friend in Des Moines -- machines and programs can use a general purpose communication system like this, with no human middleman required. Programming Jabber author D.J. Adams pages 4555 publisher O'Reilly rating 9 reviewer http://cpfeifer.blogspot.com ISBN 0596002025 summary A detailed guide for developers to understanding and extending the Jabber messaging framework. Examples in Perl, Python and Java. The Scenario

Jabber was first conceived by Jeremie Miller (pic) in early 1998 in an effort to unify the disparate instant messaging networks. Instant Messaging networks rely on the network effect to gain and retain marketshare. The concept is the same when applied to any sort of participatory network whether it's a junk exchange, or content exchange, the value of the network increases with the square of the number of participants.

If this is true, then doesn't it follow that it is in the best interests of the IM networks to establish peering agreements with each other so that their users can directly contact users on other networks without having to install each client?

Hello, Jabber.

When I first picked up this book, I expected to understand the Jabber protocol in sufficient depth to implement my own IM client. Instead, the approach this book takes is that Jabber isn't just an XML-based protocol strictly for IM, rather it is a general purpose event notification protocol that has some very nice message routing and user management features built into it. While i was reading about the messages that Jabber has defined as part of the protocol, I could easily see other applications/devices generating Jabber messages to notify subscribers (either other systems, or people) of events.

Part 1 of the book focuses on getting you up to speed on the basics of Jabber technology: motivation, major features, XML protocol sample and compiling/configuring your own Jabber server. Chapter 2 presents the "10,000 foot view" of Jabber technology. In here you will find a sample client-query request/response flow with full HTTP headers, discussed step by step. The next two chapters are a very in-depth discussion of installing and configuring your own Jabber server. When you dive into a custom configuration of a fleet of Jabber servers (a "constellation" in Jabber terminology), it really starts to hit home that the real problem Jabber solves is far deeper than just IM.

From there, part 2 kicks off with a detailed discussion of the most basic building blocks of Jabber technology: resource identifiers, XML handling mechanism and the set of XML elements/attributes that make up the vocabulary of the Jabber protocol. Each element/attribute is presented with an annotated example and sample client/server interactions where appropriate. Examples can make or break a technical book, and these examples do a good job of illustrating how the element/attribute is used.

The following chapters take you through using standard Jabber features, user registration/authorization, messages, presence, groupchat, components and the event model to enable new applications. One very interesting application presented is enabling developers to receive CVS commit notifications via Jabber.

What's Bad?

I know the /. community is suspicious of glowing book reviews where everything is wonderful and nothing could be done to improve the book, so I'll nitpick. My major problem with this book is that the overwhelming majority of the sample applications are written in PERL/TK. This isn't a problem in and of itself, but I'm not a PERL/TK developer. If I build a Jabber solution, it will be in java, so PERL/TK samples don't do me a lot of good. I think equal time should be given to implementing Jabber using the two most-used languages, as defined by the number and activity of open source projects using Jabber technology.

What's Good?

This book covers everything relevant to Jabber technology, from lowest level inner workings and extensibility examples for developers to configuration and deployment for admins. Most of the book is spent looking directly at the Jabber XML protocol, instead of a specific API implementation. This way, the book covers the technology and doesn't get lost in how one particular API models the protocol.

So What's In It For Me?

If you want to implement an inside-the-firewall IM solution for your company/group/tribe or investigate integrating event notification into an application, this is a great starting point. If you're just curious about Jabber and want to know how it works, then this will give you enough information to get you hooked.

Table of Contents

PART 1: Getting Started with Jabber

• Chapter 1. Introducing Jabber
• Chapter 2. Inside Jabber
• Chapter 3. Installing the Jabber Server
• Chapter 4. Server Architecture and Configuration

PART 2: Putting Jabber's Concepts to Work

• Chapter 5. Jabber Technology Basics
• Chapter 6. Jabber Namespaces
• Chapter 7. User Registration and Authorization
• Chapter 8. Using Messages and Presence
• Chapter 9. Groupchat, Components, and Event Models
• Chapter 10. Pointers for Further Development

Appendix A. The Jabber.xml Contents

Appendix B. The IQRPC Classes for JabberRPCResponder

Index

O'Reilly has posted other reviews of the book on their site. You can purchase Programming Jabber from bn.com. Want to see your own review here? Just read the book review guidelines, then use Slashdot's handy submission form.

Slashdot reader rw2 (aka Rich Wellner) writes: "I was excited about this book because rarely does one come out that so directly applies to what I do day to day. I work at a national research lab, help out at a web hosting facility and run poliglut in my spare time. So, I'm used to dealing with the cleanup that occurs after a successful attack." The book is O'Reilly's updated Web Security, Privacy and Commerce. Read on for more of Rich's take on it. Web Security, Privacy and Commerce author Simson Garfinkel, Gene Spafford (Contributor), Debby Russell pages 800 publisher O'Reillly & Associates rating 10 reviewer rw2 ISBN 0596000456 summary A needed update to a reliable classic by well respected security experts.

My single biggest problem is typically that, while highly technical , I don't do security as a full time job. Reading the literature needed to become really expert just isn't in the cards. It's enough to keep up with Java, Python, C++ and grid computing stuff. Even though there is substantial overlap between grids and security, much of grid thought is separate from the implementations that are dealt with in this book. Besides, my group does large-scale data storage. We leave the security infrastructure to specialists.

Garfinkel's book is great for a guy like me. They take every subject from a level that is trivial to understand down to as much detail as you need. Even in areas that I understand pretty well, I found this book taught me new stuff. For example, in their section dealing with the history of browsers I had a handful of false memories corrected, despite having been around for longer than the web.

They've broken the book down into four sections, Web Technology, Privacy and Security for Users, Web Server Security and Security for Content Providers.

Web Technology

This section deals with the pieces that all the other sections depend on. Particularly interesting are the parts about the different kinds of cryptographic systems. They talk about symmetric and public key systems and message digest functions. These building blocks are then put to use in chapters on SSL/TLS and digital identification. This section also gives a brief history of the web and how it was assembled.

Privacy and Security for Users

These chapters are split between mobile code, Java, ActiveX, Flash and such and all other safety/privacy issues. In the chapter on backups, the authors tell an amusing story about backups that were being done by someone who hadn't been properly trained. She would start the job, then go and read a book. The backup would throw errors, but when the session timed out the errors were lost and the screen looked like a normal termination when she returned. This apparently went on for quite some time before being caught. So check your backups, kids!

This sections also has an interesting chapter on email privacy and a couple different services/methods for using encryption to secure your mail and, better yet, send email that cannot be read after a certain date.

Web Server Security

Every sysad in the business should make sure to read this section, which starts out talking about physical security (because if you don't have that the rest may not matter), and continues all the way down to deploying certificates.

Security for Content Providers

Finally, the book finishes up with a few chapters that are mostly about the legalities of running a site. This combines client authentication with privacy policies, digital payments and intellectual property into a good if less technical ending.

Overall

One interesting aspect of the authors' overall approach is that they are so platform neutral. I didn't expect this from a team that wrote books on Unix security, but they have chapters on ActiveX issues and it isn't dealt with in the flip manner that Unix people often use toward other OSes. Even their screen shots are in Windows. You definitely get the feeling these guys know there stuff from more than one perspective.

We happen to be talking a lot about public key infrastructures at work lately, and the chapters on digital certificates were quite handy in getting up to speed on the different issues. As with other sections, they deal not only with the bit twiddling involved but also with history and policy. The human issues. Very useful stuff about an area that not many think about and about which the existing writing is fairly opaque.

So, if you're needing to learn more about this subject I can't think of another book I would recommend before it. I've been motivated enough to write a review on it, and for most of us that's probably a ringing endorsement by itself!

You can purchase Web Security, Privacy and Commerce at Fatbrain.

hv writes "I reside in a 10' x 10' space better than 12 hours a day... as do a lot of you. How do you make the most of the space? I'm looking for creative ways to add storage and unclutter the stacks of lab notebooks, USB peripherals and the O'Reilly Zoo that also inhabits my space."

There's a great Dan Gillmor article, from his blog ^[?] regarding the challenge issued by Tim O'Reilly and Clay Shirky to the computer OEMs, asking them to include the latest Java JRE. As Microsoft has said they won't be including Java in WinXP, but are cool with "letting" OEMs put in other programs, let's see the manufacturers strike a blow for competition, and compatibility, and including a non-"extended and embraced" JRE.

There's a news article up at O'Reilly that hypes their upcoming Open Source Convention and also sets up a forum to submit questions to potentially be asked to Mundie when he gives a keynote at the convention. Should be an interesting, perhaps vitriol-filled morning there.

Simone from O'Reilly pointed out the continuing developments with Rob Flickenger & Co's efforts with 802.11. This time around they're trying to make a five mile to homes, via a 20.9 mile boost antennae. Fun for the whole wireless family.

Craig Pfeifer wrote this review of Server-Based Java Programming, and in a world of books loaded with buzzwords, and sometimes volume at the expense of clarity, he claims that this volume suffers neither fault. (Even if you're sick of the word "Enterprise.")

Server-Based Java Programming author Ted Neward pages 556 publisher Manning rating 10 reviewer Craig Pfeifer ISBN 1884777716 summary From designing and building the nuts and bolts of your own java application server, to understanding and integrating common middleware technologies and patterns, this book covers it all.

The Scenario

Whether you're building your own Java application server, or evaluating your options when it comes to building an enterprise class application, there's an awful lot to consider. Everyone likes to throw around the adjective 'enterprise'; 'enterprise class,' 'enterprise information system,' 'enterprise solution' but what does this mean? What is an enterprise solution? And more importantly how do you build one? This book cuts through the J2EE hype and gives you the straight dope on desiging/implementing realistic java based distributed systems.

What's Bad?

If you are looking for a Java2 Enterprise Edition (J2EE) overview (Enterprise Java Beans (EJB), Servlets, Java Server Pages (JSP)...) or an intro to Java fundamentals, this book is not for you. This book covers some fundamentals of threads, classloaders and sockets, but the bulk of the text is the application of these concepts. If you aren't already familliar with how these features are commonly used, you might find yourself doing a little prerequisite work to get the full value out of the material in these chapters.

Additionally, several code samples span multiple pages and it can be tough to keep this sample (along with all of the previous samples, as they build on each other) in your head when you read it in more than one sitting. This could be remedied by presenting a series of UML diagrams to show how the current example extends or interfaces with the previous examples, and the existing classes in the Java SDK.

What's Good?

This book goes from narrow to broad in it's coverage of different aspects of enterprise systems. Ted starts off chapter 1 with a wonderful overview of what characterizes 'enterprise development,' and 'enterprise systems.' According to Ted, enterprise development projects:

• get less QA time
• have shorted development cycles
• typically require expert administration
• must work within an existing architecture

From here, he goes into a discussion of key build vs. buy decision criteria and a justification/defense of using Java on the server side. This first chapter should be torn out and given to every development manager in every internal IT department in every company everywhere. Many managers feel that any project dealing with 'enterprise' and 'java' require a product like IBM's webSphere or BEA's webLogic, but this is simply not the case. These are excellent products, but for most of the projects out there, basing a solution around a full blown J2EE appserver only makes building, deploying and maintaining the system more far more complicated and expensive that it really needs to be.

Just as I started to worry that this book would be all talk and hand-waving, the next two chapters (approx 60 pages) were a gloves-off, down and dirty discussion of Java's classloader functionality. Many developers take the classloader for granted (including myself), and don't fully understand/exploit its power. Ted shows all of the rules that a Java classloader must follow, and the role it plays in the application lifecycle. He builds sample classloaders that can load classes from an HTTP server, an FTP server and even from an internal hashtable. The most impressive part of these two chapters is Ted's explanation of how the differences between the Java 1.1 and the Java2 classloader. This illustrates Ted's depth of the Java platform, and is just one example of the knowledge (not just information) that this book is chock full of. Ted's sample classloaders are the foundation of the Generic Java Application Server (GJAS) that you build as you progress through the book.

In the next few chapters Ted takes on his two other major topics for the book: threading, and sockets. These topics are worthy of entire books on their own, but Ted keeps it focused and talks primarily about how they are applied in the context of an enterprise application server. He doesn't just rehash the threading and sockets APIs, but provides common usage patterns for each and even provides implementations for useful new primitives. Some of these primitives include an implementation of a PollingThread, a ScheduledThread, an HTTPSocket and a SocketServer. For all of the examples in the book, Ted lets you in on his design process as the GJAS evolves. He lays out the alternatives, makes a selection, and then justifies it. When he applies design patterns from the Gang of Four (GoF), he tells you why he is applying that particular pattern, and how it solves the problem at hand. This is the core of this book, and it's strong point.

Interspersed in the threading and sockets chapters are about server configuration and control structures for services that get executed on the server. Ted discusses different implementations of user services running in their own thread (so as not to interrupt other processes on the server), and in doing so makes use of the thread primitives he laid out in a previous chapter.

The later chapters are typical server programming fare: business objects, business object models, persistance and middleware. However, Ted covers them in a style consistant with the rest of the book: copious code examples, design justifications, and years of valuable on the job experience communicated in a scant 160 pasges.

So What's In It For Me?

As a Sun Certified Java 2 Developer, I've read more than my fare share of bad java books. The good thing is that they are very easy to spot: they are typically extremely thick books with trivial examples and a huge API reference (that you can download from Sun's Java Developer Connection) for filler. This book is a voice of reason in Sun's flood of J2EE (especially EJB) hype. It's a wholly remarkable Java book. Ted Neward should be rewarded and congratualted for this book, it sets a new standard in content quality for Java books.

Based on this book, and the review of the Manning Swing Book, Manning now ranks right up there w/O'Reilly in my list of top-quality technical book publishers.

Table of Contents

1. Enterprise Java
2. ClassLoaders
3. Custom ClassLoaders
4. Extensions
5. Threads
6. Threading Issues
7. Control
8. Remote Control
9. Configuration
10. Sockets
11. Servlets
12. Persistance
13. Business Objects
14. Business Object Models
15. Middleware
16. Java Native Interface
17. Monitoring

You can purchase this book at Fatbrain.

Thanks to Simone for pointing out this article by Andy Duncan regarding Oracle and its relationship to Open Source. The article starts out with background, and the metaphor to the Italian Renaissance is a bit odd, but I do think that this is a path Oracle is looking to walk down - what do you all think?

Well, we try to avoid posting stories about Slashdot, but I figured at least a couple of people would want to know that we'll be speaking at the O'Reilly P2P conferences. For those of you registered, we'll be speaking at the collaborative journalism panel along with Dan Gillmor (Hi Dan) and Dave Winer (Hi Dave) and moderated by Katie Hafner from the NYT (can you fix that required login thing?). Anyway, it's on Thursday, Feb. 15, 11:15-12:00, in San Francisco. Come on by if you are attending the conference.

Reader John Regehr contributed this review of O'Reilly's Understanding the Linux Kernel, which goes into greater depth than most people have ever seen of the kernel source itself. (I wonder what it costs to look at the Windows source.)

Understanding the Linux Kernel author Author: Bovet, Daniel P. / Cesati, Marco pages 684 publisher O'Reilly & Associates rating 8.5 reviewer John Regehr ISBN 0596000022 summary The guts of the kernel, labeled and explained.

Although isolated pieces of operating system internals are usually not difficult to understand, learning how a significant portion of a real OS works is a daunting task: there's a lot of code, some of it is complicated, and some of it operates under obscure assumptions that can be difficult to figure out by reading the sources. Two of the best existing books about OS internals have explained either a simplified but working OS (Tanenbaum's Minix book) or a real, but very small OS (Lions' book on Unix v6). Although these systems have the advantage of being easier to understand, there's an important reason why one might want to study Linux internals instead: Linux is currently relevant, it's likely to be around for a while, and any code you write can potentially be used by thousands of people the day after tomorrow. So, taking it as a given the a book about Linux internals is a good thing, how good is this one? Happily, it's very good - better than any previous such book that I've seen (Rubini's Linux Device Driver book is also excellent, but it has a limited scope).

Understanding the Linux Kernel is good for several reasons. First, the authors have included quite a bit of explanatory material that isn't specifically about Linux - it's the kind of thing one would find in a good undergraduate OS textbook. This helps the reader link explanations of pieces of code to the abstract OS functions that they implement. Second, the authors have chosen a good level of abstraction: core kernel algorithms are explained in text, supplemented with short code sequences (simplified to remove optimizations) for important routines. Flowcharts are used to explain components with complex control flow, and tables and other diagrams are used when appropriate. Finally, the book is well arranged and well written, and there's an auxiliary index at the end that maps symbols mentioned in the book to source code files.

There are a few things I don't like about this book. Most importantly, there is no discussion of the network stack. As the authors say, this is a subject for another book, but by leaving out one of the most interesting and relevant parts of the kernel they are limiting their audience. A second drawback of this book (and of any Linux kernel book) is that since it seems to take about as long to write a good book as it does to write a major version of the Linux kernel, as I write this review it's about to become obsolete - it describes Linux version 2.2. However, at the end of each chapter there's a short note about things that are done differently in version 2.4. This will help preserve the relevance of the book after 2.4 comes out and, maybe more importantly, it gives the reader a sense of what parts of the kernel are under active development and what parts have become mature and stable.

Although Linux is very much in the Unix tradition, many details have changed. For example, early Unix kernels used simple algorithms (such as linear searches) and fixed table sizes. Modern Linux kernels, on the other hand, avoid arbitrary limits on the numbers of many kinds of internal OS objects, do not use linear searches when the number of objects to be searched is potentially large, and use amortized algorithms in many places. In all parts of the kernel, any special knowledge about the way that OS services will be used is exploited in order to improve average-case performance. For example, the slab memory allocator makes use of the fact that kernels often allocate many objects of the same size in order to reduce memory fragmentation and to avoid creating hot spots in the data cache. These algorithmic optimizations are much more pervasive (and much more effective) than micro-optimizations such as tuning register allocation or packing flags into the bits of a memory word - they're what make Linux useful in large-scale server environments where high throughput is critical. However, they also make the kernel code quite a bit more difficult to understand.

Given this complexity, it seems reasonable to ask who needs to read this book and how well does it suit their needs. Three groups of people come to mind. First, potential kernel hackers will find this book to be a good overview of different parts of the kernel. Of course, for people like this a book is no substitute for lots of code reading, but it's a good start. Another potential audience is the group of people who need to understand the kernel in order to extract high performance from it; for example, authors of databases or network servers. This group's needs are well served by this book: the authors often point out why certain heuristics were chosen - this may help people whose applications have run afoul of a resource allocation policy that was designed to serve a different class of applications. Finally, computer science students interested in the internals of a real OS would do well to read this book. It would make a good supplement to a standard OS textbook in an introductory class on operating systems. However, Linux appears to be far too large to understand in its entirety in a single semester: classes that attempt to do this should use a teaching OS like Minix. To benefit from this book, readers should have knowledge equivalent to a couple of semesters of computer science: a basic understanding of programming, of the services an OS provides to user-level programs, and of the hardware mechanisms used by an OS.

This is a good book. The authors have cracked open a large collection of code that's currently very relevant. If they are in for the long haul and release revised books in a timely way, then this will likely become and remain the definitive explanation of Linux internals.

The web site for the book is here.

You can purchase this book at Fatbrain.

There's a good article from Clay Shirky talking about the similarities between umbrellas, taxis and distributed computing. And if you really want more P2P than you can shake a fork at, the folks at ORA have also released an excerpt from the upcoming Dornfest and Brickley book.

Lets start this off with some homework: we were nominated for a 2000 Webby in Community. Please go vote for us (requires annoying login, but please do it anyway! I want a crappy little trophy!) Now with the 'biz outta the way, brainsik pointed us to the Brainshaker: a headmounted subwoofer that looks like it would make Quake a bit to real. Plastik noted a web filter guaranteed to offend the conservative and humorless. But it makes reading Slashdot damn entertaining. And if you're interesting in violating most religions, vkulkarn found an "Escort" who apparently reads Slashdot (will she go out with CowboyNeal?) Speaking of religion, Zippy noted that I am apparently a prophet in the Church of The Enlightenment , along with Jay Stile of Stileproject . Illiad, from Userfriendly.org is a bard. webword sent us CalculusGirls.com which combines 2 of the many things I don't understand. Andy Lester noted that Brunching Shuttlecocks has a book on "Fuzzy Logic Functions", in the style of O'Reilly. yek401 noted that his english professor builds barbie doll cyborgs: god bless tenure ;) Trenchcoat Steve warned us about Moon Land Registry which claims to be selling land on the moon for $10/acre: you even get a deed and mineral rights... and it might be legal! Gravey noted that their are two new Reboot movies going into production. For you conspiracy theorists, backtick noted that everyone's favorite software monopoly might be getting into the furniture biz along with Lazyboy. SgtPepper pointed us to RFC 2795 which "describes a protocol suite which supports an infinite number of monkeys that sit at an infinite number of typewriters" ucsimon noted that LegoLand in California just gota liquor license. Mind you after a few shots of vodka, finding a 2x2 blue block takes a lot longer. Let's wrap up with jyuter's note that Comedy Central has vid clips of the south park kids doing Python's parrot sketch in Quicktime or Real.

Thanks to Greg Smith for his review of O'Reilly and Associates' Unix Backup and Recovery. Not suprisingly, the book is complete coverage of Unix backup and recovery. Huh. Truth in advertising. Whodathunkit? Unix Backup & Recovery author W. Curtis Preston pages 709 publisher O'Reilly, 1999 rating 10/10 reviewer Greg Smith ISBN 1-56592-642-0 summary Complete coverage of Unix backup and recovery, just like the title says

Cover Image

The Scenario You're a system administrator suddenly tasked with handling the backup of all your employer's mission-critical data. Or maybe you've been handed a tape of questionable origin with the instructions "I need all the files off of this." Perhaps you're working on your company's disaster-recovery plan and are looking for advice about how to restore all the computers to operation in the event of catastrophe. Unix Backup & Recovery is a comprehensive volume designed to help with all of these tasks and many others. What's Bad While the organization of topics is clear, the sheer scope of the book prevents easy digestion of the material by the casual reader. Those expecting to read a chapter or two at random may find some of the concepts hard to follow unless they first read the full 65 pages of introductory material. Also, I would have liked to see a clearer discussion of the differences in procedure and general philosophy between a typical small shop (where tapes are organized based on the day the backup was made) and the kind of unique-volume labeling that tends to accompany larger systems or commercial backup products. Since a lot of Unix systems are being managed lately by people whose background is in smaller systems, making this kind of transition is a very important topic.

One part of the book's design may be good or bad depending on how you intend to read it. Areas deemed especially time-sensitive, like what features are included with which commercial backup system, are not addressed in the book. Instead, readers are referred to the author's backupcentral.com site for the latest information. While assuming that any Unix administrator has Internet access is probably not unreasonable, I found myself reading a lot of this book during spare moments while waiting for routine chores to complete. It was not helpful that I needed to access the Web site in order to follow the chapter I was reading while I waited for my car's oil to be changed.

What's Good With many years' worth of practical experience, several specialist contributors, and dozens of technical reviewers, this book leaves few stones unturned. No matter how experienced you are at managing backups, you could probably learn at least a few tricks from Curtis Preston and his crew. Normally discussions about backups are relegated to, at best, a single chapter in a Unix administration book. Unix Backup & Recovery is the first title I've ever seen that covers this territory in full detail. In fact, even if you aren't specifically a Unix administrator, the discussion of topics like the most common causes of system failure and how to pitch a more reliable backup scheme to management are very cross-platform. They're worth reading no matter what type of computer system you rely upon. So What's In It For Me? The first two chapters of the book provide a real-world approach to backups that include often-unaddressed topics like the availability of the backup hardware in the future, dealing with off-site storage, and exactly how high the cost of poor backups can be. With that basis, the native Unix utilities (dump, cpio, and tar) are evaluated. One particularly good part of that coverage is a discussion of tape portability, and notes on how the GNU versions of those utilities stack up in that and other contexts. Even Unix administrators who aren't involved with backups regularly might find this chapter interesting, as the information about how to read an unfamiliar tape you've been given is alone is worth the price of the book if you're ever stuck in that situation.

For those looking to back up systems without much of a budget, a discussion of free backup tools ranges from writing scripts to automate the built-in Unix tools to coverage of the popular AMANDA backup system. The third section covers what to look for in a commercial backup product. This is light on specific recommendations, instead trying to educate the reader well enough to perform his or her own product selection. A somewhat related chapter covers the main ideas behind High Availability, which is obviously too big of a topic to cover fully in a 15-page section.

The next few chapters cover bare-metal backup and recovery, where the goal is to make a backup of the system capable of being used to create a new system in the event of a total failure. Many traditional solutions to this problem involve first re-installing the operating system, then restoring the backup. The author maintains this is a bad approach, and instead focuses on constructing a small bootable system (i.e. a Linux rescue floppy) capable of partitioning the drive and restoring the backup without laying down the OS first. SunOS/Solaris, Linux, Compaq True-64 Unix, HP-UX, IRIX and AIX are all covered.

Four chapters on database backup and recovery suggest how to integrate your backup solution with the database vendor's tools. Along with a general discussion aimed at bringing non-database administrators up to speed on DB lingo, separate chapters cover Informix, Oracle and Sybase. Finally, the three closing chapters to the book include miscellaneous information like backing up Rational's ClearCase product and selecting backup hardware, as well as some notes on upcoming trends.

Competent system administrators, either through forward thinking or past battle scars, develop a level of paranoia about their computers and how strongly their data should be protected that people outside the field find it hard to fathom. If you'd like to hone your own sense that everyone is out to get you, and know how to stop them, Unix Backup & Recovery is as good of an introduction to that topic as you'll find anywhere.

Buy this from ThinkGeek.

Table of Contents

1. Preparing for the Worst
2. Backing It All Up
3. Native Backup & Recovery Utilities
4. Free Backup Utilities
5. Commercial Backup Utilities
6. High Availability
7. Bare-Metal Backup & Recovery Methods: SunOS/Solaris
8. Bare-Metal: Linux
9. Bare-Metal: Compaq True-64 Unix
10. Bare-Metal: HP-UX
11. Bare-Metal: IRIX
12. Bare-Metal: AIX
13. Backing Up Databases
14. Informix Backup & Recovery
15. Oracle Backup & Recovery
16. Sybase Backup & Recovery
17. ClearCase Backup & Recovery
18. Backup Hardware
19. Miscellanea

Several people, including Tim O'Reilly, the progenitor of this Amazon Letter Patent Discussion wrote to point out that Jeff Bezos has written an open letter on patents. It's a pretty cogent and intelligent letter which gives a defense of their patents, but also calls for software patent reform. Tim has written a follow-up letter already.

Several people, including Tim O'Reilly, the progenitor of this Amazon Letter Patent Discussion wrote to point out that Jeff Bezos has written an open letter on patents. It's a pretty cogent and intelligent letter which gives a defense of their patents, but also calls for software patent reform. Tim has written a follow-up letter already.

We've got a double-headed review of Simson Garfinkel's new book Database Nation: The Death of Privacy at the End of the 21st Century. It's a thought-provoking vision of the future which frankly scares the heck out of me. Database Nation: The Death of Privacy at the End of the 21st Ce author Simson Garfinkel pages 312 publisher O'Reilly & Associates rating 7/10; 9/ reviewer Matthias Wenger, Kurt Gray ISBN 1-56592-653-6 summary Thoughtful look at threats to privacy, and appropriate responses

Review 1: Matthias Wenger

Personally, privacy has been a big issue lately -- hearing about DoubleClick and Real Networks customer tracking made the issue a bit of a sore point for me. Then a friend of mine bought a shredder after her credit card fell victim to a Dumpster diver, and I started getting paranoid. Reading Database Nation hasn't helped, but it brings up some possible solutions and provides a good deal to think about as we march blindly on towards Big Brother, Inc.

Database Nation starts out strong, with a hypothetical day in the life of someone with no privacy -- cold-call telemarketing at 6:30 in the morning, surveillence cameras all around, veiled blackmail for a hospital in desperate need of cash and plenty of medical histories, still more cameras at work, etc. This story ends up being a rough outline for the book, which also covers electronic footprints (ATM and credit card records and the like), private databasing a la DoubleClick, identity vs. body, and surprisingly enough, AI and intelligence agents. Each of the major topics covered has at least a full chapter devoted to it -- explaining the specific issues at hand, what sort of data is at risk, who would be interested in such data, and how data can be protected.

The biggest flaw in the book is that it is too ambitious -- how can you cover the sanctity of medical records in 30 pages? It would be difficult to do a better job with such space limitations, certainly, but it does make for a more general view of privacy rather than dealing with specifics. The result is "Privacy in a Nutshell," to steal a turn of phrase from O'Reilly. Given the subject matter, the Nutshell approach might even be preferable, since the theory can be applied in any situation once the awareness is there. Still, each topic felt like it could be expanded much further.

The over-eager breadth of the subject matter is also wonderful. Enough particular concerns are illustrated in each topic that there is an outline of the larger picture of information management even though a good deal remains to be filled in. Covering so many topics makes it easier to see just how much information can be collected about an individual while they remain unawares, and just how much that information can be abused or misused. To illustrate this very point, Garfinkel relates the story of an Internet-based scavenger hunt where the end result was to find out as much as possible about a particular "target," working only with a name. The information collected in 1993 included his place of employment, parents' names, home address, degrees earned, doctoral dissertation, the operating system he used, what his fiance's name was, and more. I found out five minutes ago, with the help of google, that he's now married and that he and his wife hyphenated their last names together. That was just the first hit. And that was a very casual search -- if someone was really interested in finding information, what are the limits?

Database Nation is, in a way, the ultimate discussion of information security. Garfinkel covers an amazing range of topics in exploring privacy and personal information today and into the 21st century. This is both a blessing and a curse -- there are so many things to be aware of, so many topics and points of view to consider, yet each one is worthy of more attention. At the opening of the book, Garfinkel expresses hope that Database Nation will do for privacy what Silent Spring did for environmentalism -- if something doesn't do it soon, there wont be any privacy left to save.

Review 2: Kurt Gray

If Simson Garfinkel's name doesn't ring a bell, check the computer section of your local bookstore or library: Garfinkel co-authored the O'Reilly Practical UNIX Security book, the O'Reilly Stopping Spam book, and some six other books. Before I was a Slashdot addict I enjoyed reading Garfinkel's columns in Packet and the Boston Globe , where his talents for technology journalism and futurist projections make informative reading for geeks and lay persons alike.

Just as Upton Sinclair's The Jungle led to sweeping reforms in the meat-packing industry (and probably turned a lot of people to vegetarianism) Garfinkel's latest book, Database Nation, should draw some much-needed attention to the manner in which everyone's personal information is being captured, cataloged and sold as commodity, and how each aspect of this process detracts from our civil liberties. If you're an American, you certainly know what the IRS is, but have you ever heard of TRW? Equifax? Experian? Or the DMA? Or the MIB, the Medical Insurance Bureau? Each of these corporate entities keeps records on you that determine your eligibility for bank loans, lines of credit, and medical insurance. Are you allowed to see your own record? Well, it's their data, so it doesn't belong to you -- but maybe if you ask them nicely and have due cause, they'll make an exception. Suppose you discover an error in the records they keep on you; are you allowed to demand corrections? Now you're asking subversive questions so we're putting an CM31 flag on your file ... George Orwell warned that the march of technology could allow a monolithic, tyrannical Big Brother to emerge. Database Nation points out that it's the thousands of unsupervised "kid brothers" that have a far greater potential to disrupt your life, and in ways you never expected.

I find the best way to summarize this book is chapter-by-chapter, so here are my own brief reviews of each chapter:

Chapter 1: Privacy Under Attack: Garfinkel opens with his own futurist vision: a day in the life of a typical working American. This hapless near-future dweller is continuously surrounded by targeted advertising, monitored at home and even in his car, and works in an office where constant politeness is enforced by the company surveillance cameras that are programmed to recognize facial expressions and sound an alarm whenever an employee appears disgruntled. Garfinkel explains that this book is not about Big Brother, but rather how the widespread capture and exchange of our personal information has been eroding our civil liberties already and goes largely unnoticed. Garfinkel makes the positive point that no threat to our privacy that exists today is beyond our control, and that we can develop robust, built-in systems of privacy protection rather than allow them to be only loosely guaranteed by the legal equivalent of patchwork.

Chapter 2: Database Nation: Chapter 2 starts with a historical perspective, answering the question "How did we get here?" In short, via the national census, the Social Security Board (leading to the creation of the National Data Center) and the widespread adoption of the Social Security Number and its inherent flaws (limited data capacity and lack of a checksum digit to avoid clerical errors). Page 26 launches into the disturbing episode of Steve and Nancy Ross, whose lives were shattered when the IRS botched their tax returns in 1983 and put a lien on the Ross' house for $10,000. That lien was noted in their credit records at TRW and Equifax, which in turn sold this data to 187 other independent credit bureaus. Here Garfinkel makes an interesting observation: the Ross' bad credit data spread "like a computer virus that kept reinfecting TRW's computer with incorrect information," and it took over seven years for the bulk of their credit problems to subside. Chapter 2 then explains how simple identity theft can be, whether Dumpster diving for credit statements (hint: buy yourself a cross-cutting shredder), or using Equifax's quickie credit report service to find chumps with good lines of credit, then applying for new credit cards in the victims' names. Equifax provides such thieves with everything they need: mother's maiden name, previous addresses, SSN -- it's all there. The victim's credit rating is ruined for years while bill collectors harass them day and night, and the credit card company writes off the charges and flags the victim's file. Frequently, the credit thief gets a slap on the wrist if anything at all. Page 33 lists at least 30 government agencies that are hardwired to track you only by your SSN. Chapter 2 definitely had me sitting up and paying attention.

Chapter 3: Absolute Identification: Chapter 3 is about biometrics and unambiguous identification of every member in a society, a seductive idea that has tantalized policymakers for centuries. Garfinkel argues, however, that this idea is fundamentally flawed. Garfinkel again provides historical perspective, pointing out that using biometrics is an old idea that only appears new as the technology matures. Garfinkel reminds us that even DNA testing is flawled. When a person's name is linked to a given DNA profile, for example, how hard would it be to modify that database record and change the name attached to that profile? (And did you know that 99% of DNA from any two people is identical, so DNA tests actually compare only regions of the genome that are nonessential to cell life? Hmmm ...) Garfinkel then lists various other biometric technologies such as face, voice and iris recognition; even your signature can be used as a biometric identifier. Some of these systems are already in use: Have you signed for a UPS delivery lately, or signed for credit-card purchases on an electronic touch pad? Biometrics. So here's a near-future scenerio: suppose all children need to have a DNA test shortly after being born "for the baby's health." Then the FBI warehouses the DNA fingerprints of every citizen in the U.S., and sells the data to the insurance industry, which can then compare it to the human genome map to weed out the "at risk" people, then target healthy prospects for profitable health plan solicitations... big ol' cluestick being waved around here.

Chapter 4: What Did You Do Today?: Maybe you went shopping, got some cash from the ATM, racked up some more frequent flier miles? Even the most mundane events in your daily life are recorded and archived somewhere -- from how often you withdraw cash from an ATM, to your entire purchasing history at the neighborhood grocery store, even the movies you rent at the video store. Dramatic developments in data-storage technology make it easier for businesses to keep what Garfinkel calls "hot files" on every customer transaction from day one, and then describes how we are creating the Earth's "datasphere." Nearly every durable product you buy has a serial number. Often that serial number becomes attached to your name and personal information (ever filled out a warranty card?) which can then be sold on the open data market, Garfinkel argues that even seemingly mundane information needs to be treated with respect for privacy.

Chapter 5: The View From Above: Chapter 5 is about surveillence technology and the growing private market for satellite photos and Webcams. Does it bother me that right now someone can buy a grainy aerial photo of my neighborhood taken sometime in 1987? No, sorry, that doesn't bother me. City police departments are installing surveillance cameras in public places. I still don't care. Garfinkel then explains how he set up a QuickCam to time-lapse record his Realtor while allowing prospective buyers to browse through his home without supervision. At this point I can't tell if the chapter is supposed to a condemnation or an endorsement. I suppose Garfinkel is pointing out that it's technically possible that are being watched and recorded in places when you assume you're alone. At the very least, it should change your ideas about expectations of privacy.

Chapter 6: cite> To Know Your Future: So who is the MIB? Men in Black right? No, the MIB referred to here is the Medical Information Bureau, which happens to be the secretive data warehouse of the American medical insurance industry's "customer profiles." Think you have a God-given right to medical coverage? Well, if you like Kafka novels then you'll definitely enjoy the hijinks that erupt around page 139, where Garfinkel tells us of more than a few people who've been refused medical insurance because of clerical errors in their MIB records -- records which they never knew exisited. But wait, isn't it illegal in many cases to deny medical coverage to someone with preexisting conditions? Yeah, sure it is, so what's your point? Garfinkel points out that only 23 of the 50 states actually have laws that require citizens be allowed to view their own medical histories. My only complaint with this chapter is that it pursues flaws in existing policies rather than staying with the theme of technology marching faster than prudent policy.

Chapter 7: Buy Now!: The DMA is the Direct Marketing Association. They lobby lawmakers at the state and federal level to further what they consider a God-given right to own and sell any piece of information they can attach to you. One of the nation's largest direct marketing list resellers is Metromail, now owned by the credit bureau giant Experian. Ever apply for a shopping card or magazine subscription, or fill in a product bingo card? Ever fill out a change of address form at the post office? Direct marketers get an automatic notification of your new address from the U.S. Postal Service, which causes your name/address to be copied into a hot prospect list called "New Movers," one of many direct-mailing lists sold by Metromail at the rate of $60 per thousand names. Garfinkel lists some 50 products Experian sells to businesses, like AutoCredit for quickie loan approvals, Bankruptcy candidates, Business Owner Profiles, and Property Link which provides a details of a subject's property holdings. He then argues against the opt-out clause the DMA offers to whiners (arguing instead for a more consumer-oriented opt-in approach), and lists preventative steps you can take to keep your name on as few lists as possible. This chapter left me with a question: if you complain to a direct marketing firm about what they've been doing with your personal information and then they flag you as hostile, and that direct marketer happens to be owned by a major credit bureau, what would that to your credit rating? Food for thought.

Chapter 8: Who Owns Your Information?: Take the case of Ram Avarahmi, who tried to sue a magazine publisher for selling his name, which was in their list of subscribers, to other magazine publishers. Mr. Avarahmi argued that Virginia law states that his name and his image are his property which can not be used in advertising or trade without his consent, and guess what the courts told him? "Sorry Charlie, or Ram, whatever your name is." Information is basically owned by those who gather the information and personal information is a commodity. Medical information is also a commodity owned by medical insurance providers. But can all this medical information be abused? Or let me ask it like this: are we evolved enough to not attach genetic defects to say, a person's ethnicity? Garfinkel excerpts an ad he found in the New York Times: "Ashkenazi Jewish Families Are Needed to Help Scientists Understand the Biological Basis for Schizophrenia and Bipolar Disorder" -- a 1998 John Hopkins University study, right here in America in 1998. Certainly, some medical disorders are confined to certain populations; the question is, what if someone wants to abuse such links? So do you own the books you read or the software you use? No, thanks to copyright laws. Garfinkel makes the point that you can't use the concept of ownership to protect your privacy, because you don't own data about you, however I'm not convinced. Maybe I can't force you to take my name out of your address book, because you own your address book, but I think I do have the right to demand that you not send me mail or sell my address to other businesses without my consent.

Chapter 9: Kooks and Terrorists: This chapter argues that individual terrorists deploying low-tech explosive and biological contaminants have spooked us into accepting ever more surveillance of our everyday activities. True to his style, Garfinkel dismisses some well-known urban terrorist acts as amateur-night material, then describes two fairly effective methods of introducing anthrax into an unsuspecting office building. Further pages show how terrorists might gain access to nuclear and biochemical devices. Garfinkel's point here is that constant surveillance cannot save us from a determined kook. The chapter then moves into the Big Brother question: what constitutes thoughtcrime? Didn't our benevolent goverment inter over 100,000 Japanese-Americans at the start of World War II? Didn't J. Edgar Hoover's FBI spend much of 1950's investigating "Communists" and "homosexuals"? So could our government be trusted with "brain wiretapping" technology? Sounds far-fetched? We're already using polygraphs and experiments involving fast sucessive MRI scans. Garfinkel makes the point that if we are truly concerned about public safety, we should track dangerous materials rather than try to identify potentially dangerous people.

Chapter 10: Excuse Me, But Are You Human? Imagine you're on an electronic mailing list, and you strike up an e-mail dialog with another member of the list. He tells you some things bout himself and you share something about yourself in return. Turns out "he" was actually an AI conversationalist programmed by a marketing agency to gather personal information to be sold in the form of marketing lists. Garfinkel then describes various intelligent agents that can parse natural language. But how is this useful for marketing? It is technically feasible for a marketer to scan the entire datasphere for everything that can be found about you in order to create a predictive model of your behavior: When will you buying a new car? When you will be on vacation? Valuable stuff for direct marketers to know. Might it be possible in 50 years to create a complete AI behavorial copy of you, and test various marketing schemes against it? Garfinkel actually argues that avatars should be afforded the same privacy rights as humans.

Chapter 11: Privacy Now!: Is technology neutral in the war on privacy? Garfinkel's answer is no, technology permits the greater cataloging and measuring of the world around us, and therefore technology is inherently intrusive. He argues that for the cost of around $5 million added to the annual budget, a Federal oversight agency could be created to monitor and regulate the flow of personal information throughgovernment and business data channels. Further, he proposes a list of reasonable amendments to the Fair Credit Reporting Act of 1970, such as giving consumers the ability to sue for damages resulting from the addition of erroneous information to their credit reports. Garfinkel argues that better laws and policies will be more effective than cryptography in protecting one's privacy, and warns that when some have their privacy violated, you can expect retaliation such as deliberate pollution -- and disruption to -- the datasphere. Overall, Garfinkel concludes that we need laws and policies that repect our personal information, not just a technological picket fence.

Before reading Database Nation, I had the typical "nothing-to-hide" attitude regarding my own privacy. I didn't care if some government agency or large corporation was able to read my academic records, my medical records, my magazine subscriptions, my credit-card purchases, my phone bill. "Let them read it all for all I care," I thought, "I'm sure it would bore them to tears." After reading this book, I realize it's not so much about Big Brother, it's about how the spread of your personal information can bite you in the ass someday.

My assessment: Garfinkel jam-packed this book with information every American ought to be aware of -- enough to think about to make your head spin. Thankfully his tone is not hopeless gloom-and-doom; he does remind you that 30 years ago the Cuyahoga River was an environmental disaster, but today it's safe to eat fish caught there. Overall, it's a great book. Yet another reason for me to give a favorable review to anything Simson Garfinkel writes.

Purchase this book at ThinkGeek.

Bringing a little competition to O'Reilly, this Manning Publications book Elements of Programming with Perl seems to be have struck a nerve with reviewer chromatic. Click below to find out how - and possibly add a new book to your library. Elements of Programming with Perl author Andrew L. Johnson pages 352 publisher Manning Publications, 09/1999 rating 8/10 reviewer chromatic ISBN 1884777805 summary New to programming, and think Perl may be up your alley? Andrew Johnson's excellent Elements of Programming with Perl will teach you both disciplines. What's the Purpose? Hundreds of books teach programming. Dozens of good books teach Perl. Where's a book for someone who wants to learn Perl and programming, at the same time? Thankfully, that's just what Elements of Programming with Perl does. What's Good? From the start, Johnson's explanations are clean and clear. It's obvious that he's polished his didactic style through years of real world teaching. Also from the start, good programming practices receive due emphasis. Though it's not specifically mentioned until chapter 9, Johnson advocates and demonstrates good program design through a mixture of Donald Knuth's Literate Programming and his own code tangling style (mingling documentation, design notes, and code in a single source file, similar to POD on steroids).

The teaching flow is logical and consistent, with chapters dividing the material into logical divisions. By the end of chapter flow, students should be capable of writing moderately complex programs. Subsequent chapters build on that foundation, and most provide a specific example program to tie things together. These programs all have a practical concentration.

On the Perl-specific side, Johnson does not shy away from recommending the copious Perl documentation, CPAN, other books like the Camel, and many other excellent resources. Much of the value of an education is learning where to go for further information.

What's not Great? Some of Johnson's focus is on mathematical applications, which may distract some readers. Also, this book may not serve as a future reference after you've become more comfortable with the language. Look to the Camel or Perl in a Nutshell for that -- Johnson concentrates on teaching the basics rather than documenting the iotas and tittles of internal Perl functions.

Finally, the example program in Chapter 19 may be hairy for novice programmers. Sit down in a very quiet room with a pad of note-paper and your beverage of choice. Consider it a final exam after you're familiar with everything preceding it.

Summary This is a good introduction to Perl, and a very good introduction to programming in general. Johnson promotes good habits and discipline. Elements may not sit on your shelf as a reference, but it will help you to become an effective programmer. It's a rare book that teaches as well as it informs, so take the plunge and teach yourself Perl and programming.

Pick this book up at ThinkGeek.

Table of Contents

• preface
• acknowledgments

1. Introductory elements
2. 1. Introduction
   2. Writing code
   3. Writing programs
3. Essential elements
4. 1. Data: types and variables
   2. Control structures
   3. Simple I/O and text processing
   4. Functions
   5. References and aggregate datastructures
   6. Documentation
5. Practical elements
6. 1. Regular expressions
   2. Working with text
   3. Working with lists
   4. More I/O
   5. Using modules
   6. Debugging
7. Advanced elements
8. 1. Modular programming
   2. Algorithms and data structuring
   3. Object-oriented programming and abstract data structures
   4. More OOP examples
   5. What's left?

• appendix A Command line switches
• appendix B Special variables
• appendix C Additional resources
• appendix D Numeric formats
• glossary
• index

chromatic has returned with yet another review. For this time around, he's taken a look at O'Reilly's Practical Internet Groupware. As you would imagine, the book focuses on using software to better enable groups to work together. Jon Udell, the author, does a great job of exploring how to use technology to better work together. Practical Internet Groupware author Jon Udell pages 497 publisher O'Reilly, 10/1999 rating 8/10 reviewer chromatic ISBN 1565925378 summary A detailed discussion of how and why to connect your users and customers to information and to each other using common Internet protocols and applications. Problem Space Successfully managing the flow of information depends answering a few questions. How do people communicate? How do they find information? How can businesses provide information links between their employees and customers?

Even if you do provide them with tools to collaborate and to manage data more efficiently, how can you ensure that they will use them? What will the future of business and personal computing look like?

The Solution Practical Internet Groupware argues that we already have the blocks we need to build rich communication tools -- open Internet protocols, ubiquitous web browsers, e-mail clients, and newsgroup readers, and quick and dirty scripting languages. By understanding and applying the various technologies appropriately, you can not only reduce the burden of creating, aggregating, and retrieving data, but also enhance its availability and utility. What's Good? Take the word 'Practical' very seriously. While the bulk of the programming examples are Perl, there's JavaScript, VB, Java, and XML thrown in the mix. Udell also stresses working within your existing environment -- whether that means activating the NNTP server included with IIS 4.0 on an NT server or installing INN on the Linux box in the corner. He's also very pragmatic. While XML is poised to be a much cleaner tool, its still-limited availability means that the book spends time presenting solutions which work in the here-and-now heterogenous quick and dirty landscape. Of course, there's also information about shiny new (and mature-but-not-yet-widespread) standards such as LDAP.

Also, Udell's experience in the field of collaboration includes years developing and polishing groupware solutions at Byte magazine. Clearly, he has a passion for the subject as well as a deep understanding of the issues involved. Both shine through in his writing.

Through the pages, Udell develops a handful of interesting and useful applications. One is a Docbase system, which blends together a newsgroup, a database, and a web site with indexed searching, various levels of access, and data entry capabilities. Another grabs content from various web sites and merges it into a consistent whole.

The most interesting project in the whole book is something called Distributed HTTP. It's a Perl-based web server that actually runs on client machines. It's easily extensible (with Perl), supporting authentication, modular database access, and replication with other servers. It's really a clever piece of work. (Just imagine remote data entry from field technicians equipped with laptops, or browsing reports from other locations, and that's the tip of the iceberg.)

What's Not So Good? Like most trailblazing works, the biggest frustration is realizing that there are great ideas here that few people have realized yet. As such, expect to be one part cheerleader, one part trainer, one part pariah, and one part referee if you're implementing things. Also, if you're not somewhat familiar with common Internet protocols such as HTTP, NNTP, and SMTP, or with the concepts and execution of HTML and XML, or with general Perl, you'll have to play catchup through the later chapters. Summary It's hard not to believe that Practical Internet Groupware is a year ahead of the curve -- Udell's approach to technology and the seamless integration of various information stores is a tempting vision. If you're directing rivulets data, get this book, let your boss read the first section, and then set about transforming the way you do business. If you're interested in where the Internet and business are headed, get this book.

The cover animals are seals and sea lions.

Table of Contents

Purchase this book at fatbrain.

1. Using Internet Groupware
2. 1. The Conferencing Dimension
   2. Public Online Communities
   3. Intranet Collaboration with NNTP and HTML
   4. Information Management Strategies for Groupware Users
3. Groupware Docbases
4. 1. Docbases as Groupware Applications
   2. Docbase Input Techniques
   3. Docbase Navigation
   4. Organizing Search Results
5. Groupware Applications and Services
6. 1. Conferencing Applications
   2. Groupware Servlets
   3. Membership Services
   4. Authentication and Authorization Techniques
   5. Deploying NNTP Discussion Servers
7. Advanced Internet Groupware
8. 1. Automating Internet Components
   2. Distributed HTTP
   3. Epilogue
9. Appendixes
10. 1. Software Developed for this Book
    2. Internet RFCs: A Groupware Perspective

John Regehr sent us an excellent review of Mastering Algorithims with Perl, another O'Reilly & Associates effort. Written by Jon Orwant, Jarkko Hietaniemi, and John Macdonald, this is a book designed to take your Perl to a new level of wizardery. Mastering Algo author Jon Orwant, Jarkko Hietaniemi, and John Macdonald pages 704 publisher O'Reilly, 08/1999 rating 8/10 reviewer John Regehr ISBN 1-56592-398-7 summary The intended audience is programmers who don't have a background incomputer science, who know at least some Perl. However, experiencedprogrammers who don't know Perl should have no trouble picking up thebasics of the language with this book and a copy of ProgrammingPerl. In The New Hacker's Dictionary under "superprogrammer," we read that "productivity can vary from one programmer to another by three orders of magnitude." I would argue that at least one of these factors of ten comes from the ability to quickly recognize what algorithms should be used to solve different parts of a problem and to find or write implementations of those algorithms that will result in an efficient program, given the available time and the characteristics of the problem. This ability is developed through experience and by understanding the highlights of the large body of algorithms and analysis of algorithms that has been developed to solve problems that occur over and over again in computer programs.

Mastering Algorithms with Perl is designed to provide the necessary background. It's structured like a traditional algorithms textbook: after describing some basic and advanced data structures (linked lists, trees, heaps, etc.), it has chapters about searching, sorting, sets, matrices, graphs, strings, and some related topics. After the introduction and discussion of data structures, the chapters are relatively independent and could be read in any order. The authors provide plenty of cross-references as well as pointers to books that describe individual subjects in more detail.

The intended audience is programmers who don't have a background in computer science, who know at least some Perl. However, experienced programmers who don't know Perl should have no trouble picking up the basics of the language with this book and a copy of Programming Perl. Also, computer scientists can often use a review of algorithms, and the CPAN pointers are very useful. So, I would go so far as to say that this book would enrich any programmer's bookshelf. A stringent test of the merit of a new technical book is to ask if it adds some value, given the best existing books in its area? I think that Mastering Algorithms with Perl definitely does. It is a well-written introduction to algorithms that is more accessible, practical, and entertaining than standard algorithm books. It leverages off of the strengths of a powerful language and a large base of reusable code.

The rest of this review will evaluate the strengths and weaknesses of Mastering Algorithms with Perl in more depth. The central issue that I will consider is why the reader might or might not prefer an algorithms book that concentrates on a single language, as opposed to a general algorithms book. I will try to be up-front about my biases: as a computer scientist, I consider this book to be a compromise between an algorithms book and a how-to manual. This compromise makes it much more useful to Perl programmers, but it sometimes causes the algorithms content to be too watered down.

It is traditional in algorithms books to describe algorithms in pseudocode, which often superficially resembles Pascal. The difference between pseudocode and real code is that pseudocode is not compilable - it ignores implementation details that are not helpful to understanding a particular example. This is considered to be an advantage: without the clutter, the core of the algorithm is easier to see and understand. At the beginning of the book the authors make the point that the Perl code for a binary search is actually shorter than the corresponding pseudocode. And it's true! The advantage of the Perl program is that we have a readable description of the algorithm, and it's executable too. (Unfortunately, it's often nontrivial to convert pseudocode into real source code - the devil is in the details.) The binary search example is slightly misleading, however, because in this case a native Perl data structure (the array) matches the semantics of the problem extremely well, leading to a clear and concise implementation. Later in the book, particularly in the chapter on graphs, we see examples where Perl's built-in data structures are less well suited to the problems. The executable Perl code for graph operations are much longer than the corresponding pseudocode, and are often so syntactically cluttered that they are difficult to read. Is this a flaw in the book or in Perl? No - it's a consequence of giving examples in runnable code instead of pseudocode. Is the tradeoff worth it? Probably, but it depends on what you're trying to get out of the book.

Another consequence of basing an algorithms book on a real language is that the authors can point readers to existing implementations of the algorithms, in CPAN. It's hard to overstate how big of a win this is. Perl is a powerful language to begin with, but it becomes far more powerful when programmers are able to take advantage of the large body of existing code modules. An unfortunate side effect of the fact that the book talks about specific versions of Perl and about specific CPAN packages is that this information will become outdated much more quickly than the algorithms will. Unless the Perl language and CPAN are exceptionally stable in the future, I would not expect most of this information to be valid for more than a few years - hopefully a new version of the book will be available before this one becomes too out of date.

Because the book provides executable code for the algorithms, it's possible to evaluate the performance of the example code (which is available at the O'Reilly site). The authors benchmark a number of the algorithms that they present, and compare the results. This is a nice change from the discussion of asymptotic running times found in traditional algorithm books, which generally ignore the constant factors that often make the difference between an algorithm being useful in practice or not.

The design and analysis of algorithms is a highly mathematical discipline. A sophisticated set of tools has been developed to evaluate the tradeoffs between various algorithms: How efficiently do they use memory and processor cycles? What is the best, average, and worst case running time of various operations? How does the algorithm scale as the size of the input grows? As it turns out, programmers need to understand a few of these formalisms, particularly the "big O" notation for describing asymptotic running time. I think that Mastering Algorithms with Perl uses theory in just the right way: as an aid to programmers' intuition about algorithms, rather than beating us over the head with formulae and proofs. That said, I think there is one area of theory that this book should have spent more time on: NP completeness. NP-complete problems are solvable, but are believed to be inherently hard: no efficient algorithm has been discovered to solve them. There are a wide variety of NP-complete problems, and they do come up in practice. For programmers, the important thing is first to recognize that an NP-complete problem has been encountered, and that it cannot be solved exactly except in small instances. Then, a heuristic that comes up with a good enough approximation of the solution needs to be found and implemented. This is a practical and well-studied part of algorithm design, and in a 650-page book I would expect more than a page or two to be devoted to it.

Several chapters of Mastering Algorithms with Perl are too shallow to be considered good introductions to the associated areas of algorithms. For example, the chapter on matrices only shows code for some of the more trivial matrix operations; for complex tasks, it tells the reader how to use PDL - the Perl Data Language. Although PDL looks like a useful and powerful package, readers should not confuse knowing how to use it with understanding matrix algorithms. In other words, the matrix chapter is too much of a how-to manual. Other chapters such as the ones on searching and sorting are excellent and avoid falling into this trap. Algorithms is a huge area, and it can't all be covered well in 650 pages. The later chapters are a lot of fun to read, but some of them should probably have been scrapped in favor of more depth in core areas.

In conclusion, this is a well-written, useful book. Viewed as a Perl book it's superb; it complements the strengths of Programming Perl and The Perl Cookbook, and I think most or all Perl programmers would benefit from having a copy. Viewed as a computer science book, it has made a number of compromises in order to focus on a specific language; this is not necessarily a problem but it is something that readers should be aware of.

Acknowledgments: Thanks to Tom Christiansen, Dave Coppit, Bill Pearson, and Jamie Raymond for helpful comments on previous drafts of this review.

Purchase this book at fatbrain.

Thanks to Arjen for sending a review of O'Reilly's Perl CD Bookshelf. The bookshelf is a collection of O'Reilly's well-known Perl books, complete with searchable information. Perl CD Bookshelf author Multiple Authors pages 406 publisher O'Reilly, 08/1999 rating 8/10 reviewer Arjen Laarhoven, Murphy Software ISBN 1565924622 summary This CD is a very handy collection of a number of well-knownO'Reilly Perl books. If you work on Perl-related stuff on various sites, a CD with the content of 6 books is much easier on your backto carry around with you. Overview This is kind of a weird review. Sort of a meta-review if you like. O'Reilly's Perl CD Bookshelf is a CD with 6 of O'Reilly's Perl books on them, in HTML format. To enable searching of the complete contents of the CD, a Java-based search engine is included, as are a number of Java Runtime Environments for various platforms.

I didn't read all 6 books on the CD 'cover to cover'. In my opinion, books in electronic form don't really lend themselves for relaxed reading. But as reference material, it's more appealing to carry around a single CD than lugging around almost 3200 pages in book form.

What's in it for me? Lots. Most importantly: the complete contents of the following books in HTML format:

• Perl in a Nutshell (review)
• Perl Cookbook (review)
• Learning Perl
• Learning Perl on Win32 Systems
• Programming Perl (review)
• Advanced Perl Programming (review)

Each book has its own index, but a master index spanning all 6 books is also provided.

With this much information, you want to be able to search for a nugget of information hidden somewhere in the equivalent of almost 3200 bookpages of information. Perl runs on a variety of platforms, so this CD contains a (proprietary) Java-based search engine. This engine supports a number of basic search capabilities, like wildcards and boolean operators. The engine isn't very sophisticated, and I don't use it much, as I generally know where to look for specific things, and the master index is very complete.

The search engine requires installation of a Java Runtime Environment (JRE) if you don't already have a JRE or a JDK (Java Development Kit). The Windows users have it easy; put in the CD and the search engine and a browser with the CD homepage start automagically. The Windows JRE is installed automatically. UNIX/Linux users have to do some handywork to install a JRE if they don't have installed one already. Binary JRE's for the following platforms are provided:

• FreeBSD 2.2.* with a.out binary format
• FreeBSD 3.* with ELF binary format
• HP-UX 10.20
• HP-UX 11
• Linux with glibc
• Older JRE for Linux with glibc (try if the other glibc JRE doesn't work)
• Solaris
• SunOS 4.1.3

JRE's for other platforms, like AIX, Digital UNIX (Tru64) and SCO are not on the CD because of license issues. Information about where to get a JRE for these platforms is provided on the page about UNIX JRE installation instructions.

I had some problems with installing the Linux JRE on my Debian GNU/Linux system, but after some headscratching and trying another package it worked well. The documentation on installing and using the JRE's and the search engine on the various platform is sparse, but sufficient for most cases.

What's good? The size and price. For about $54 (price at Amazon) you get 6 books which would add up to about $138 at only a fraction of the weight. Quite a bargain, if you ask me.

With the CD comes a dead-tree version of Perl in a Nutshell (or the other way around :-), so for that ``I know what I want to do, but what where the details again?'' questions, you can just reach to your bookshelf which is very handy. For in-depth discussions and explanations, you can refer to the content on the CD.

What's bad? Hmm. Tough one. IMHO, only some small details. The JRE installation for UNIX can be a bit hairy for novice UNIX/Linux users. Paper books read more easily than computer screens (but that's not O'Reilly's fault). The limited and proprietary search engine (maybe O'Reilly should have included a search CGI (written in Perl ;-) for those of us who run a Webserver on their systems). Conclusion If you're a programmer which works on different client sites, this is great replacement for a stack of good Perl books. For a reasonable price, you get a truckload of information on a handy portable medium. Links to Web pages related to The Perl CD Bookshelf

• O'Reilly's page on The Perl CD Bookshelf

Purchase this book at fatbrain.

Quite a number of you out there are into Lego Mindstorms, as evidenced by the number of book reviews that have been sent my way. Below are a couple of reviews, one from Kurt DeMaagd and the other from Will Ware. Click below to get their take on the O'Reilly book The Unofficial Guide to Lego Mindstorms Robots. The Unofficial Guide to Lego Mindstorms Robots author Jonathan B. Knudsen pages 247 publisher O'Reilly & Associates rating 9/10 reviewer Will Ware & Kurt DeMaagd ISBN 1-56592-692-7 summary Get the most out of your Lego Mindstorms The Unofficial Guide to Lego Mindstorms Robots Review by Will Ware

Last year, Lego released their Mindstorms Robotics Invention System. Using this, children and adults can build simple robots whose behavior can be programmed. The Mindstorms system is a major contender for Coolest Toy on the Planet.

The system contains a RCX programmable brick containing an H8/300 microcontroller, some pushbuttons, a little LCD display, and connectors for motors and sensors (light and physical contact). The user writes a program using a graphical programming language on his Windows box, and downloads it to the RCX via infrared.

Not surprisingly, substantial reverse engineering (1, 2) has been done by hobbyists, and it is possible to develop Mindstorms programs on a Linux box and to download the RCX brick from Linux.

Now O'Reilly has joined the Mindstorms fray, with a book full of fun and useful information about how to build and program Mindstorms robots. The book describes four different robots: Hank is a bumper car robot, Trusty uses light sensors to follow a line along the floor, Minerva has a movable arm, and two identical robots play a game called RoboTag. Along the way, the author discusses the physics and mechanics of robots, programming issues, and the available development environments for Mindstorms.

What's Good? There are detailed building instructions for each of the robots, showing photos at various stages of construction. The designs are simple and appear mechanically sound. There are discussion of the physics and mechanics of tank treads, steering, gears, and other things.

The book's chapters sequentially step through several different software development environments. The first chapter starts with the Windows-based RIS environment that comes on the Mindstorms CDROM. Later chapters give programming examples for NQC (Not Quite C), pbFORTH, Visual Basic, and the legOS operating system, which uses an EGCS cross-compiler to target the H8/300. There are more development platforms available, but these give a good sense of what's possible in Mindstorms programming.

The book has dozens of useful URLs, for both official Mindstorm sites and unofficial hobbyist sites. I particularly liked the fact that the author was aware of some of the recent research in robotics. For instance there is some discussion of Rodney Brooks' subsumption architecture, which is used for the RoboTag robots.

Later chapters of the book often expand on designs from earlier chapters, building more sophistocated robots in an accessible, incremental fashion. For the more adventurous hobbyist, the final chapter talks about building your own sensors and actuators, and how to connect them to the RCX.

What's Bad? Some of the photos are too dark and lack contrast. It would also have been nice if the photography had been in color, but black-and-white photos kept the book more affordable.

This book is for the casual weekend robot-building tinkerer, and it never promised to discuss real-time embedded issues in depth. Still, a few topics might have merited at least brief mention. Systems with real-time multitasking must frequently arrange for synchronization and communication between tasks, using mutexes and mailboxes and the like, which brings the possibility of deadlocked processes. Another danger is that an aggressively efficient compiler will sometimes optimize away reads and writes to hardware registers. The fix is to declare such registers with the volatile keyword.

Review by Kurt DeMaagd

While Lego Mindstorms were officially released for a teenage crowd, they have become popular with a wide variety of technically competent people in many age groups. This widespread fascination has opened up a whole new world of opportunities for using Mindstorms. At the same time, the documentation and tutorial included with the Lego kits provide very little information about how to get the most out of the sets. This book fills the void by providing several start-to-finish robot designs, software to run them, and a wealth of other tips and tricks.

After a brief introduction to robotics and how Legos fit in, the author discusses the basics of using Mindstorms to create them. Both chapters present a problem, provide step by step building instructions, provide the necessary information to program the solution, and finally go into greater detail about the Lego features used to solve the particular problem.

While the chapters did an excellent job of presenting this information in general, they fell victim to a problem that would plague the entire book: some of the building diagrams were nigh unto unreadable. Attempting to build a robot based on fuzzy black and white photographs can be quite a chore. Fortunately, none of the robots were so complex that they robots were completely unbuildable.

The first few chapters presented robots programmed with the default RIS programming environment. In chapter four and following, he shows how to program using languages such as Not Quite C, Forth, Sprit.ocx for Visual Basic--or optionally Visual C++ or another ActiveX-aware language--and legOS. Since much of these sections was documenting API's, it was certainly not the most exciting read, but it does provide concise, easily to reference documentation.

Not Quite C, as the name implies, is a C-like language that can be used to program Mindstorms robots. It overcomes many of the limitations of the default RIS programming environment, most notably the lack of variables. One of its biggest advantages is that it does not require the user to install a new version of the firmware on their RCX unit. In general, it provides an excellent balance between power and usability.

The remaining three means of programming presented in the book are fairly mediocre options. PbForth requires the user to download a new firmware version, and the language itself is very archaic in modern software development terms. Using Sprit.ocx is a viable option for people used to programming in Visual Basic or Visual C++, but the control structures are very clunky and non-intuitive. legOS, while it is probably the most powerful option, takes a significant amount of time to set up and develop applications with.

Two of the projects referenced while discussing the various programming languages were particularly interesting, both of which outlined infrared communication. The first program creates a simple remote control for controlling a robot via the IR port on the RCX. The other example, perhaps the most interesting in the book, was creating two robots who played tag with each other. These two robots also communicated with each other via their IR ports.

The last chapter, targetted toward the hard core Mindstorms users outlined how to create additional sensors for Mindstorms. It sketched out such possibilities as a passive light sensor, a Hall effect sensor (magnetic fields), and a touch multiplexor (allowing you to have more touch sensors than normally allowed on the RCS unit).

In general, the book provides a vast array building and programming tips, tricks, and methods. He gives basic information for the person who is just starting, and introduces the advanced user to the vast network of people and product that have made Mindstorms far more than a child's toy.

Purchase this book at fatbrain.

Table of Contents

• Preface

• 1. Welcome to MINDSTORMS
• What is a Robot?
• Mobile Robots
• What is MINDSTORMS?
• What Now?
• Online Resources

• 2. Hank, the Bumper Tank
• About the Building Instructions
• Building Instructions
• A Simple Program
• Wheels
• Bumpers and Feelers
• Gears
• Multitasking
• Online Resources

• 3. Trusty, a Line Follower
• Building Instructions
• Some Tricky Programming
• The Light Sensor
• Idler Wheels
• Using Two Light Sensors
• Online Resources

• 4. Not Quite C
• A Quick Start
• RCX Software Architecture
• NQC Overview
• Trusty Revisited
• Online Resources

• 5. Minverva, a Robot with an Arms
• Building Instructions
• Programming
• Directional Transmission
• Pulleys
• Mechanical Design
• Two Sensors, One Input
• Where am I?
• Online Resources

• 6. PbFORTH
• Replacement Firmware
• pbForth Overview
• About Forth
• pbFORTH Words
• An Expensive Thermometer
• Minerva Revisited
• Debugging
• Online Resources

• 7. A Remote Control for Minerva
• Two Heads are Better Than One
• The Allure of Telerobotics
• Building Instructions
• Programming the Remote Control
• Programming Minerva
• Online Resources

• 8. Using Sprit.ocx with Visual Basic
• You May Already Have Visual Basic
• About Spirit.ocx
• Calling Spirit.ocx
• Immediate and Delayed Gratification
• Programs, Tasks, and Subroutines
• Tips
• Retrieveing the Datalog
• Online Resources

• 9. RoboTag, a Game for Two Robots
• Building Instructions
• Subsumption Architecture
• Online Resources

• 10. LegOS
• About legOS
• Development Tools
• Hello, legOS
• Function Reference
• New Brains for Hank
• Development Tips
• Online Resources

• 11. Make Your Own Sensors
• Mounting
• Passive Sensors
• Powered Sensors
• Touch Multiplexer
• Other Neat Ideas
• What About Actuators?
• Online Resources

• A. Finding Parts and Programming Environments

• B. A pbFORTH Downloader

• C. Future Directions

• Index

chromatic, another of our fine group of book reviewers, took some time with a draft copy of the new O'Reilly and Associates book Using Samba. Written by Robert Eckstein, David Collier-Brown & Peter Kelly, this book helps you learn how to setup Samba, as well as information on the protocol itself. Click below to learn more. Using Samba author Kelly, Peter / Collier-Brown, David / Eckstein, Robert pages 416 publisher O'Reilly & Associates, 11/1999 rating 8/10 reviewer chromatic ISBN 1565924495 summary Using Samba takes you from heterogenous network purgatory into manageable bliss by helping you install, configure, and maintain Samba installations.

Overview

Samba is a suite of software tools implementing the SMB protocol. With Samba, you can share files and printers from a Unix-based server to Windows-based clients. You can even control a Windows NT based domain with a Unix server, potentially saving thousands of dollars in software licensing fees and administration costs.

Using Samba takes you from your initial need for Samba in a heterogenous network to installation, through configuration, and ending up with performance tweaking. Most of the focus is on the server side, but there's information about the SMB protocol itself and client setup.

Note: This review is based upon a draft copy of the book. The final copy has been reorganized and some parts have been rewritten. Most of the information still applies.

What's Good?

As is Samba, Using Samba is Unix-variant agnostic, with installation tips for multiple OS's. This covers download sites, compilation, and even SWAT, the web-based configuration interface in Samba 2.0.x. The authors have a clear, clean style (as you'd expect from O'Reilly) and take a common-sense, practical approach to various issues such as security and configuration. The authors also focus on additional Samba utilties like smbclient and smbmount, which are useful for troubleshooting.

The chapter on tweaking for performance is excellent. More books deserve chapters like this. The authors go through the various bottlenecks and demonstrate how modifying one parameter affects the others. (I suspect the general principles are applicable elsewhere.)

The real gem of this book is chapter nine, the troubleshooting tree. If you're stuck with weird behavior and you have a deadline to meet, this chapter alone may be well worth the cover price. It starts by discussing Samba logs, moves into trace and tcpdump, spends pages and pages on an extremely detailed Fault Tree, and ends up with pointers to other resources.

What's not so good?

(These are really minor points. My recommendation is that if you're looking at Samba, you should read the sample chapter and then buy this book.)

The chapter on configuring Windows clients seemed a little out of place, given that this book promotes Samba as a replacement or alternative to a Windows server. That's pretty straightforward, and probably not why you'd buy a book about Samba. The NT Domain model discusison is valuable, though, given that a Samba server may have to act as a Domain Controller or a Master Browser, and that can have big implications.

Using Samba covers both versions 1.9.x and 2.0.x. It would have made more sense to me to stick with the latest stable version and cover it in detail. However, most of the options are the same between the two, and the differences are clearly marked. There are only a handful of places where this comes up. As I said, it's only a minor issue.

The Bottom Line

If you know you need Samba and want some help setting it up and configuring it, this is your book. If you're curious about what Samba can do for your network, flip through the first chapter and rest assured that this book will help you get things under control.

Purchase this book at fatbrain

Table of Contents

Preface

1. Learning the Samba
What is Samba?
What Can Samba Do For Me?
Getting Familiar with a SMB/CIFS Network
Microsoft Implementations
An Overview of the Samba Distribution
How Can I Get Samba?
What's New in Samba 2.0?
And That's Not All...

2. Installing Samba on a Unix System
Downloading the Samba Distribution
Configuring Samba
Compiling and Installing Samba
A Basic Samba Configuration File
Starting the Samba Daemons
Testing the Samba Daemons

3. Configuring Windows Clients
Setting Up Windows 95/98 Computers
Setting Up Windows NT 4.0 Computers
An Introduction to SMB/CIFS

4. Disk Shares
Learning the Samba Configuration File
Special Sections
Configuration File Options
Server Configuration
Disk Share Configuration
Networking Options with Samba
Virtual Servers
Logging Configuration Options

5. Browsing and Advanced Disk Shares
Browsing
Filesystem Differences
File Permissions and Attributes on MS-DOS and Unix
Name Mangling and Case
Locks and Oplocks

6. Users, Security, and Domains
Users and Groups
Controlling Access to Shares
Authentication Security
Passwords
Windows Domains
Logon Scripts

7. Printing and Name Resolution
Sending Print Jobs to Samba
Printing to Windows Client Printers
Name Resolution with Samba

8. Additional Samba Information
Supporting Programmers
Magic Scripts
Internationalization
WinPopup Messages
Recently Added Options
Miscellaneous Options
Backups with smbtar

9. Troubleshooting Samba
The Tool Bag
The Fault Tree
Extra Resources

A. Configuring Samba with SSL

B. Samba Performance Tuning

C. Samba Configuration Option Quick Reference

D. Summary of Samba Daemons and Commands

E. Downloading Samba with CVS

F. Sample Configuration File

Stern reviewed one of the most gimme books of the year: O'Reilly's User Friendly. The whole gang is gathered together in a dead tree version, which means you can finally take UF where ever you want to be. User Friendly author J.D. "Illiad" Frazer pages 126 publisher O'Reilly & Associates, 1999 rating 9/10 reviewer Stern ISBN 1565926730 summary "Launch marketing drones!". Linux comics come of age

Stern is the president of Information Markets Corp.
Register; answer questions; get paid.

The Scenario

In the 1950s, Charles Schultz taught the world that cartoon art doesn't matter, characters do. So who are the characters of User Friendly, the greatest open-source-savvy comic strip?

Pitr and Mark: the technicians at Columbia Internet Greg: the Columbia Internet tech support guy Miranda: patronized sysadmin and tech support woman Stef: the marketing guy with slow reflexes and a cute tush Dust Puppy: a fuzzy thing which programs well and plays a mean game of quake Crud Puppy: his evil twin Erwin: the AI

Together, they have the sorts of adventures you would expect: supporting stupid clients, fighting evil corporate acquisitions, and thwarting Windows NT installations. The also cross into adventures you might not expect, including SWAT attacks on Microsoft headquarters. The collection wisely ends with User Friendly's legendary satire of the original Star Wars movie.

The naive might compare User Friendly to Dilbert, since they're both set in technology industry offices, but it's really more like Doonesbury. Illiad relies on big talking coke cans the same way Gary Trudeau brings in "Mr. Butts," the big talking cigarette. Where Trudeau has cameo appearances by Donald Trump, Richard Stallman and Eric S. Raymond pop into User Friendly. Most importantly, both cartoons are always topical. Readers of User Friendly do well to keep up with their technology and share certain technical opinions if they want to get the jokes. Among these opinions, that

• Microsoft sucks, and
• Linux is good

The cartoon assumes certain other shared beliefs as well,

• Marketing people are not particularly bright
• People who smile too much should not be trusted
• Quake is good
• Programmers work best when eating junk food and drinking caffeinated beverages

Anybody reading this review at Slashdot is probably well equipped to enjoy User Friendly. In fact, most people reading this review have probably already enjoyed the cartoon, since it is available for free over the web.

What's Bad?

Illiad from time to time pulls out a very old joke, such as the customer who can't find his power switch. The graphics are crude, but frankly that's part of the strip's charm.

What's Good?

The strip is very, very funny, especially when Illiad allows himself to daydream and the storylines become more bizarre. Follow Erwin the AI, as he suffers the successive indignities of being ported to Windows NT, then over to an iMac and a Palm III. Picture Pitr furtively buying "Evil Geniuses for Dummies." The Star Wars satire is brilliant. However strange the story grows (a fuzzball in a hockey mask attacking the marketing staff with a knife?) it never becomes unmoored, and by reading it, you will always feel like a member of the open source club.

So What's In It For Me?

Unless you have a flat panel display in every room and the bathroom, there's probably space in your life for a User Friendly collection. Leave it on the coffee table to impress your guests and to signal your membership in the Open-Source-erati. Leave it in the bathroom and you'll never lack for toilet paper.

Purchase this book at fatbrain.

Thanks to Janice Wright for returning with a review of O'Reilly's PalmPilot: The Ultimate Guide (2nd Edition). It's the 2nd edition, written by David Pogue and Jeff Hawkins - click below to learn how to make the most of your PalmPilot. PalmPilot: The Ultimate Guide (2nd Edition) author David Pogue, Jeff Hawkins pages 597, publisher O'Reilly rating 9/10 reviewer Janice Wright ISBN 1565926005 summary An excellent book to teach you how to make the most of your Pilot Wow - I'm impressed. With my Pilot that is. I bought a Pilot 6 months ago so that I could carry my agenda (which I keep in MSOutlook on my desktop computer) to meetings with me. For six months I used it essentially as an electronic version of my filofax that I could also play backgammon or Sokoban on; and that was all. Then I read David Pogue's "well-written, nicely designed exploration of the Palm" (to quote Jeff Hawkins in the 'Forward').

Now I think of my pilot as a computer, one that will provide almost as much hackish enjoyment as my Linux box... as a matter of fact I'm now following the microLinux project with great interest and wondering how long it will be before I can upgrade to a Palm/Handspring device that will run Linux, a POP3 client and support a wireless modem. In the preface, Pogue says "Taking your Palm further: that's what this book is about." He delivers on that one-hundred percent.

David Pogue's "Palm Pilot - The Ultimate Guide" is absolutely excellent. It did take forever to read, though, because I kept stopping every few pages to optimize my Pilot with the tricks I had just learned, or to turn an easter egg on (yes, the book tells you where all(?) of the easter eggs are). The book has everything from office productivity tips for suits (when transferring lots of data from the expense program to Excel, you can end up with multiple spreadsheets which you have to total seperately, p. 228) to great hackish tidbits for hardcore geeks (like how to turn on verbose hot-sync logging, p.142).

Like many people I completely ignored the manual that came in the box with my Pilot, so some of the stuff Pogue covers, like ferinstance the Ronomatic stroke, is probably actually in the manual (l've only ever looked at it once - to try to solve an installation failure problem. The manual was unhelpful, and I found the information I needed to solve the problem in the FAQs at PalmCentral.com. The problem and solution are on page 181.

What's good and/or my favorite bits:

• the musical notation for the palm chimes on p.137
• the official solution vs. the better solution to upgrading
• the way it explained why a backgammon game I had installed and then deleted kept 'coming back' every time I HotSynched
• even though I will probably never surf the web on my pilot the explanation of how ProxiWeb works is mega cool.

What's bad:

• didn't really need four pages on the various classic games that you can download from 3Com
• doesn't mention quickwrite in the 'graffiti alternatives' section

Table of Contents
I. This Is Your PalmPilot Speaking

The 3x5 inch powerhouse

Setup and guided tour

Typing without a keypad

The four primary programs

Other built-in programs
II. Palm Meets PC

HotSync, step-by-step

Installing new palm programs

Palm desktop (win&mac)
III. The Undiscovered PalmPilot

The electronic book

The secret multimedia world

Database and number crunching
IV. The PalmPilot Online

Email anywhere

The web in your Palm

Paging, faxing, printing, and beaming

Palm VII: wireless email, wireless web
V. Troubleshooting and Upgrading

Troubleshooting

The Palm family, model by model
VI. Appendixes

CD-ROM
A few notes about the CD-ROM that comes with the book: Though it was obviously outdated by the time the book went to press, it will save you hours of hunting for the best software and, depending on the speed of your modem of course, a significant amount of download time (for those of us unfortunate enough to live in corners of the world with metered phone calls, you will probably save yourself the price of the book within weeks). I've been working my way through a variety of 'world' clocks (ones that show multiple timezones), trying to find one that I like; because there are half-a-dozen on the CD, this is pretty painless. The Catalog software resident on the CD makes it easy to find what you are looking for, and in many instances, shows you what the program is going to look like. I've 'trialed' a lot more software on my PalmPilot than I would have ever been bothered to download.

And yes - I did write this review on my Pilot, mostly on trains & on the London Underground. Speaking of which: as soon as I get the time, I'm gonna figure out how to make ImageViewer docs, so that I can update the London Underground map for the Pilot - the one that's currently available still has Mornington Crescent crossed out!

Purchase this book at Amazon.

Janet, please send your name, address, t-shirt size, and this article's URL to roblimo so we can send you your t-shirt. (Everyone who writes a Slashdot review or feature now gets a free t-shirt!)

Thanks to Janice Wright for returning with a review of O'Reilly's PalmPilot: The Ultimate Guide (2nd Edition). It's the 2nd edition, written by David Pogue and Jeff Hawkins - click below to learn how to make the most of your PalmPilot. PalmPilot: The Ultimate Guide (2nd Edition) author David Pogue, Jeff Hawkins pages 597, publisher O'Reilly rating 9/10 reviewer Janice Wright ISBN 1565926005 summary An excellent book to teach you how to make the most of your Pilot Wow - I'm impressed. With my Pilot that is. I bought a Pilot 6 months ago so that I could carry my agenda (which I keep in MSOutlook on my desktop computer) to meetings with me. For six months I used it essentially as an electronic version of my filofax that I could also play backgammon or Sokoban on; and that was all. Then I read David Pogue's "well-written, nicely designed exploration of the Palm" (to quote Jeff Hawkins in the 'Forward').

Now I think of my pilot as a computer, one that will provide almost as much hackish enjoyment as my Linux box... as a matter of fact I'm now following the microLinux project with great interest and wondering how long it will be before I can upgrade to a Palm/Handspring device that will run Linux, a POP3 client and support a wireless modem. In the preface, Pogue says "Taking your Palm further: that's what this book is about." He delivers on that one-hundred percent.

David Pogue's "Palm Pilot - The Ultimate Guide" is absolutely excellent. It did take forever to read, though, because I kept stopping every few pages to optimize my Pilot with the tricks I had just learned, or to turn an easter egg on (yes, the book tells you where all(?) of the easter eggs are). The book has everything from office productivity tips for suits (when transferring lots of data from the expense program to Excel, you can end up with multiple spreadsheets which you have to total seperately, p. 228) to great hackish tidbits for hardcore geeks (like how to turn on verbose hot-sync logging, p.142).

Like many people I completely ignored the manual that came in the box with my Pilot, so some of the stuff Pogue covers, like ferinstance the Ronomatic stroke, is probably actually in the manual (l've only ever looked at it once - to try to solve an installation failure problem. The manual was unhelpful, and I found the information I needed to solve the problem in the FAQs at PalmCentral.com. The problem and solution are on page 181.

What's good and/or my favorite bits:

• the musical notation for the palm chimes on p.137
• the official solution vs. the better solution to upgrading
• the way it explained why a backgammon game I had installed and then deleted kept 'coming back' every time I HotSynched
• even though I will probably never surf the web on my pilot the explanation of how ProxiWeb works is mega cool.

What's bad:

• didn't really need four pages on the various classic games that you can download from 3Com
• doesn't mention quickwrite in the 'graffiti alternatives' section

Table of Contents
I. This Is Your PalmPilot Speaking

The 3x5 inch powerhouse

Setup and guided tour

Typing without a keypad

The four primary programs

Other built-in programs
II. Palm Meets PC

HotSync, step-by-step

Installing new palm programs

Palm desktop (win&mac)
III. The Undiscovered PalmPilot

The electronic book

The secret multimedia world

Database and number crunching
IV. The PalmPilot Online

Email anywhere

The web in your Palm

Paging, faxing, printing, and beaming

Palm VII: wireless email, wireless web
V. Troubleshooting and Upgrading

Troubleshooting

The Palm family, model by model
VI. Appendixes

CD-ROM
A few notes about the CD-ROM that comes with the book: Though it was obviously outdated by the time the book went to press, it will save you hours of hunting for the best software and, depending on the speed of your modem of course, a significant amount of download time (for those of us unfortunate enough to live in corners of the world with metered phone calls, you will probably save yourself the price of the book within weeks). I've been working my way through a variety of 'world' clocks (ones that show multiple timezones), trying to find one that I like; because there are half-a-dozen on the CD, this is pretty painless. The Catalog software resident on the CD makes it easy to find what you are looking for, and in many instances, shows you what the program is going to look like. I've 'trialed' a lot more software on my PalmPilot than I would have ever been bothered to download.

And yes - I did write this review on my Pilot, mostly on trains & on the London Underground. Speaking of which: as soon as I get the time, I'm gonna figure out how to make ImageViewer docs, so that I can update the London Underground map for the Pilot - the one that's currently available still has Mornington Crescent crossed out!

Purchase this book at Amazon.

Janet, please send your name, address, t-shirt size, and this article's URL to roblimo so we can send you your t-shirt. (Everyone who writes a Slashdot review or feature now gets a free t-shirt!)

O'Reilly's Running Linux is something of an established textbook on learning Linux from the beginning to getting deeper in the innards. The latest version is written by Lar Kaufman, Matt Welsh and Kalle Dalheimer. Click below to read the review of the newest edition of the book. Running Linux, 3rd Edition author Lar Kaufman, Matt Welsh, and Matthias Kalle Dalheimer pages 752 publisher O'Reilly rating 9/10 -- reviewer chromatic ISBN 156592469X summary This book tells you what you need to know to install, configure, and begin mastering Linux. Note: this review is based on a Draft copy of Running Linux.

Overview You've decided to take the Linux plunge. You have a computer all set up and you have your shiny new CD in hand. You're excited and nervous all at the same time. You've put in some time on your shell account at work, but you're not a power user. This dual-booting thing might be for you. But the CD just sits there next to the black screen... where do you go from here?

"Running Linux" seeks to take you from that first icy shock of installation to the deep end of recompiling kernels, upgrading system libraries, and tweaking your X configuration.

The intended audience is people with some previous Unix experience who are willing to get their hands dirty under the hood of their installations. There are frequent references to man pages and HOWTOs for gory details.

What's good? The authors take an early distribution-neutral stance, glossing over some of the slick configuration utilities in favor of editing text files. While that may dissuade some users, it has the benefits of being universally applicable as well as more educational.

The section on installation is particularly good, discussing common pitfalls, partitioning techniques (and preferences), and various configurations, including dual booting. The Samba information is also quite good.

"Running Linux" covers a wide scope of other utilities, from Apache to gdb, Tcl/Tk to the GIMP.

What Might Bite Back? There's a lot of material covering a lot of subjects. This means that there's not much fat here -- just the bare essentials. Consider this your roadmap and be ready check the references provided when you need to know more.

Some of the applications covered appear only by personal preference. For example, fvwn, elm, and smail are discussed, while WindowMaker, pine, and sendmail are not. That's not a big issue, however.

Feel free to jump around between the chapters -- the arrangement is more encyclopedic than progressive. Common tools such as vi or Emacs appear in chapter 9, while kernel upgrades and modules show up in chapter 7.

One of the larger limitations in the draft copy was the conspicuous absence of GNOME-related material. Thankfully, the final version includes an appendix written by members of the GNOME team. (One of the authors, Matthias Dalheimer, develops KDE.)

The Bottom Line If you're the curious type, looking to play around with Linux, and you need a little friendly advice and some suggestions on where to look for further information, this is the place to start. If you've used Linux for a while, and want to start understanding your system, this is also the book for you.

Pick this book up at Amazon.

Table of Contents (abbreviated) Preface
Chapter 1. Introduction to Linux
Chapter 2. Preparing to Install Linux
Chapter 3. Installation and Initial Configuration
Chapter 4. Basic Unix Commands and Concepts
Chapter 5. Essential System Management
Chapter 6. Managing Filesystems, Swap, and Devices
Chapter 7. Upgrading Software and the Kernel
Chapter 8. Other Administrative Tasks
Chapter 9. Editors, Text Tools, Graphics, and Printing
Chapter 10. Installing the X Window System
Chapter 11. Customizing Your X Environment
Chapter 12. Windows Compatibility and Samba
Chapter 13. Programming Languages
Chapter 14. Tools for Programmers
Chapter 15. TCP/IP and PPP
Chapter 16. The World Wide Web and Electronic Mail
Appendix A. Sources of Linux Information
Appendix B. The GNOME Project
Appendix C. Installing Linux on Digital/Compaq Alpha Systems
Appendix D. LinuxPPC: Installing Linux on PowerPC Computers
Appendix E. Installing Linux/m68k on Motorola 68000-Series Systems
Appendix F. Installing Linux on Sun SPARC Systems
Appendix G. LILO Boot Options
Appendix H. Zmodem File Transfer

O'Reilly's Running Linux is something of an established textbook on learning Linux from the beginning to getting deeper in the innards. The latest version is written by Lar Kaufman, Matt Welsh and Kalle Dalheimer. Click below to read the review of the newest edition of the book. Running Linux, 3rd Edition author Lar Kaufman, Matt Welsh, and Matthias Kalle Dalheimer pages 752 publisher O'Reilly rating 9/10 -- reviewer chromatic ISBN 156592469X summary This book tells you what you need to know to install, configure, and begin mastering Linux. Note: this review is based on a Draft copy of Running Linux.

Overview You've decided to take the Linux plunge. You have a computer all set up and you have your shiny new CD in hand. You're excited and nervous all at the same time. You've put in some time on your shell account at work, but you're not a power user. This dual-booting thing might be for you. But the CD just sits there next to the black screen... where do you go from here?

"Running Linux" seeks to take you from that first icy shock of installation to the deep end of recompiling kernels, upgrading system libraries, and tweaking your X configuration.

The intended audience is people with some previous Unix experience who are willing to get their hands dirty under the hood of their installations. There are frequent references to man pages and HOWTOs for gory details.

What's good? The authors take an early distribution-neutral stance, glossing over some of the slick configuration utilities in favor of editing text files. While that may dissuade some users, it has the benefits of being universally applicable as well as more educational.

The section on installation is particularly good, discussing common pitfalls, partitioning techniques (and preferences), and various configurations, including dual booting. The Samba information is also quite good.

"Running Linux" covers a wide scope of other utilities, from Apache to gdb, Tcl/Tk to the GIMP.

What Might Bite Back? There's a lot of material covering a lot of subjects. This means that there's not much fat here -- just the bare essentials. Consider this your roadmap and be ready check the references provided when you need to know more.

Some of the applications covered appear only by personal preference. For example, fvwn, elm, and smail are discussed, while WindowMaker, pine, and sendmail are not. That's not a big issue, however.

Feel free to jump around between the chapters -- the arrangement is more encyclopedic than progressive. Common tools such as vi or Emacs appear in chapter 9, while kernel upgrades and modules show up in chapter 7.

One of the larger limitations in the draft copy was the conspicuous absence of GNOME-related material. Thankfully, the final version includes an appendix written by members of the GNOME team. (One of the authors, Matthias Dalheimer, develops KDE.)

The Bottom Line If you're the curious type, looking to play around with Linux, and you need a little friendly advice and some suggestions on where to look for further information, this is the place to start. If you've used Linux for a while, and want to start understanding your system, this is also the book for you.

Pick this book up at Amazon.

Table of Contents (abbreviated) Preface
Chapter 1. Introduction to Linux
Chapter 2. Preparing to Install Linux
Chapter 3. Installation and Initial Configuration
Chapter 4. Basic Unix Commands and Concepts
Chapter 5. Essential System Management
Chapter 6. Managing Filesystems, Swap, and Devices
Chapter 7. Upgrading Software and the Kernel
Chapter 8. Other Administrative Tasks
Chapter 9. Editors, Text Tools, Graphics, and Printing
Chapter 10. Installing the X Window System
Chapter 11. Customizing Your X Environment
Chapter 12. Windows Compatibility and Samba
Chapter 13. Programming Languages
Chapter 14. Tools for Programmers
Chapter 15. TCP/IP and PPP
Chapter 16. The World Wide Web and Electronic Mail
Appendix A. Sources of Linux Information
Appendix B. The GNOME Project
Appendix C. Installing Linux on Digital/Compaq Alpha Systems
Appendix D. LinuxPPC: Installing Linux on PowerPC Computers
Appendix E. Installing Linux/m68k on Motorola 68000-Series Systems
Appendix F. Installing Linux on Sun SPARC Systems
Appendix G. LILO Boot Options
Appendix H. Zmodem File Transfer

The return of Doc Technical is marked by his review of the upcoming O'Reilly book Mastering Algorithms with C. Click below if you wish to learn more about this Kyle Loudon book. Mastering Algorithms with C, 1st Ed. August 1999 author Kyle Loudon pages 560 publisher O'Reilly and Associates, ISBN= rating 6.5/10 reviewer Doc Technical ISBN summary A flawed but wide-ranging book for intermediate toexpert programmers. [Reviewers Disclaimer: This review is based on a pre-publication copy of the book, so some changes may have occurred in the published copy. Most of my comments relate to structure and content, and I expect they'll remain valid.]

There are many books on programming algorithms, and quite a few of them use C for their examples, but even so, I was looking forward to this new book from O'Reilly.

Most of the existing algorithm books were designed as college text books. While they have their place, there is certainly room for a book that approaches the subject matter in the informal, clear writing style and practical focus that is O'Reilly's trademark. Unfortunately, for me at least, Mastering Algorithms in C was not that book.

My Problem with Algorithms One of O'Reilly's strengths has always been their attention to the structure of their books. O'Reilly books are usually well designed, with logical and reader-friendly layouts. But Mastering Algorithms with C has a layout that I found somewhat vexing.

The chapter on linked lists serves to illustrate. An introductory section describes three kinds of lists, then briefly describes several applications for them (mailing lists, memory management, scrolled lists in GUIs, etc.). This is followed by a brief section describing the basic concepts of linked lists.

>From there the chapter moves directly to an implementation of linked lists, starting with a section called "Interface for Linked Lists". This section enumerates each function in a linked list library. For each function we are given its function prototype, followed by its return value, a brief description of the function's purpose, and finally, its algorithmic complexity in O-notation.

The next section is called "Implementation and Analysis of Linked Lists". After a paragraph describing some data structures, we are presented with a listing of the C header file, list.h, followed by a lengthier description of each of the functions described in the previous section. Finally, we are presented with a code listing of list.c.

And this is where I started having a problem.

First, I feel the author plunges much too quickly into implementation before providing a proper context. Let's assume that the reader knows nothing about linked lists (that's why, after all, they bought the book). Before describing a specific implementation, shouldn't the reader be clued in on the basic operations (independent of the implementation language) performed on linked lists: adding a node, deleting a node, etc.? While a little of this is given early on, the author seems in a rush to move on to the implementation.

And when we have the implementation described, the information is spread across (at least) three locations. For example, the function list_ins_next is first introduced in the "Interface" section, its prototype is shown in the list.h file, a more detailed description is provided in the "Implementation" section, and finally the actual code is presented in the list.c code listing. This forces the reader to jump around quite a bit to get all the info about each function.

How Much Should the Reader Know? How much should the writer assume you know about linked lists (or any of the other algorithms described in this book)? If the reader already understands the basic concepts of linked lists, and if they're already a C programmer, they most likely wouldn't need this book. So let's assume the reader is starting at ground zero (or its general vicinity) when it comes to linked lists.

If that's the case, then I would expect the writer to present a relatively "bare bones" implementation, at least for basic algorithms like lists.

Instead, what is presented is an almost object-oriented implementation with init and destroy functions, function pointers, and other details that may provide a clean implementation but may be an impediment to the authors primary duty: teaching the reader the algorithm.

For much the same reasons, I found many of the examples out of sync with what was being taught. While virtual memory paging schemes are a lot of fun, they're a hell of a thing to spring on some poor sucker trying to grasp the concept of linked lists.

Finally, I had some problems with the author's prose style. This may be more my preconception of how an O'Reilly book should read. Luckily, you can (and should) make your own decision. O'Reilly has Chapter 13, Numerical Methods, available at their web site.

But Wait While I have problems with this book, I don't mean to imply the book is bad. It's a fair book, I just don't think it's great book. It covers a lot of territory. For me, its main fault is that it fails to explain concepts clearly and basically enough before diving into the code.

On the plus side, I found the figures that illustrate concepts throughout the book to be clear and helpful. The selection of which algorithms to cover is also quite good, as these are all areas that a wide variety of programmers will face at some point in their work.

If you already have a moderate understanding of the algorithms, and want a text that presents a clear and documented implementation of them, then you may want to consider this book.

Pick this book up at Amazon.

Table of Contents:

Preface

1. Preliminaries
   1. Introduction
   2. Pointer Manipulation
   3. Recursion
   4. Analysis of Algorithms
2. Data Structures
   1. Linked Lists
   2. Stacks and Queues
   3. Sets
   4. Hash Tables
   5. Trees
   6. Heaps and Priority Queues
   7. Graphs
3. Algorithms
   1. Sorting and Searching
   2. Numerical Methods
   3. Data Compression
   4. Data Encryption
   5. Graph Algorithms
   6. Geometric Algorithms

The first White Camel awards were presented to some well-deserving folks at the Perl Conference 3.0. Tom Christiansen, Kevin Lenzo and Adam Turoff were the three winners. Click below for details.

The awards were sponsered by Perl Mongers, O'Reilly and sourceXchange-so hats off to them for good work.

Tom Christiansen won the Perl Advocacy award for his work on the documentation, while Kevin Lenzo won the Perl Community Award for his work in "Yet Another Perl Conference" creation/design. Adam Turoff won the Perl User Group Award, for his efforts in making the first group, helping in Perl Mongers and encouraging formation of many other user groups.

Keep up the good work, guys.

Thanks to both danimal and Doc Technical for reviews of the latest and greatest O'Reilly book, Randy Jay Yarger, George Reese, and Tim King's MySQL and mSQL. An excellent book for those who are looking to do database development (and MySQL powers Slashdot!), click below for more details. MySQL & mSQL author Randy Jay Yarger, George Reese, and Tim King pages 506 publisher O'Reilly rating 8.5/10 reviewer Dan Weeks & DocTechnical ISBN summary A good introduction to the world of relational databases and an excellent reference for MySQLand mSQL. First Review: Doc Technical

This is certainly one of the more orthogonal books I've read of late. Besides the obvious axis of MySQL and mSQL, the book also covers the implementation of these databases on Unix, Windows 95 and Windows NT. And it covers a wide variety of programming languages, including perl, Python, PHP, Java, C, and C++.

While this is certainly a good book, in fact a very good book, this wide coverage means that the average reader may need to skip around a bit to get to the parts of the book they need. A Linux perl mSQL programmer will necessarily take a different path through the book then, say, a Windows NT mySQL database administrator.

Not that straying down the wrong path is always a bad thing. It was interesting to read about the quirky differences between different OS implementations.

"Windows 95 leaks about 200 bytes of main memory for each thread creation." [page 41]

"...[D]atabase and table names are case-sensitive under Unix and case-insensitive under Win32." [page 43]

The book is divided into three broad sections: "Getting Started with MySQL and mSQL", "Database Programming", and a final "Reference" section which spans fully half the book. O'Reilly's high standards for editing, layout, writing, and clarity are all evident throughout.

What I Liked Best For MySQL users, this book may appear to present a bit of a quandary. MySQL already comes with a 400+ page reference manual, and a quite nice one at that. But actually, the O'Reilly book covers much material the manual doesn't.

Chapter 2 covers relational database design, and serves as an excellent introduction for the uninitiated. Some college texts could learn a lesson on clarity from the authors' explanation of normal forms.

Chapter 6 has an interesting, short history of the development of SQL.

Chapter 7 describes some of the other free SQLs available, and also provides some insight into those features that MySQL/mSQL don't provide: things like stored procedures, triggers, transactions, and subselects. This chapter is useful for people trying to decide which SQL engine they need. If your sitting on the fence, trying to decide on MySQL/mSQL versus a commercial SQL offering, this chapter may help you decide.

The book's cover declares "Databases for Moderate-Sized Organizations & Web Sites", and the book delivers on this promise by including web-oriented sections on general CGI programming, Perl, and PHP.

The second half of the book provides a good reference to the MySQL/mSQL API's for several languages, as well as the MySQL/mSQL utilities, and a good reference for SQL itself. Most of this information is available elsewhere, and in more detail, but it's useful seeing the various language APIs presented side-by-side, particularly if you're not sure what language you might want to use. I've been contemplating Python programming for a while, and the simplicity of its MySQL API is certainly seductive.

What's Missing It's hard to find fault with the material included in the book, but I was surprised by some of the things that were left out.

There really is no ground-zero, simple mySQL/mSQL tutorial. For people beginning with a new SQL engine, it would be helpful to have a chapter that holds their hand, showing them how to create a database, then create a simple table, the insert records into the table, using the mysql utility. Tutorials are available for MySQL on the net (see www.mysql.com) and one is provided in the MySQL Reference Manual.

The book covers programming using a wide range of languages, but arguably one of the most popular languages, C, seems to get comparitively little coverage. There are only about six pages devoted to C programming, and one of those is a list of API functions. I would have welcomed more. [Admittedly, there is more on C in the book's Reference section, but this covers individual API calls, and doesn't provide any longer examples.]

There were a few rare cases in the book where I disagreed with the authors, or at least thought they needed to add a bit of additional amplification. On page 109, they state that:

"If you know that a lot of clients will be asking for the same summary information often... just create a new table containing that information and keep it up to date as the original table changes."

I have a bit of a nit to pick with this, as seven pages later they discuss the lack of a feature called triggers that would greatly simplify keeping a summary table in sync. Without a trigger, you'll have to devise your own method for keeping a summary table in step with the original table, which may be non-trivial depending on how often the original table changes and how often the summary table is accessed.

Summary This book tries to cover a lot of ground, and so it necessarily hits turf that some subset of readers won't care about.

For the seasoned MySQL programmer or database administrator, this book is a fine companion to the Reference Manual. With its clear introduction to SQL and relational database design, it also makes a good introduction to new SQL users in general.

Second Review - Dan Weeks

The Scenario There comes a time in every project when storing and retrieving data from flat files or proprietary formats (i.e., MS Excel) is no longer feasible. A Relational Database Management System (RDBMS) would be great, but Oracle, Sybase, and Informix can't be justified because of the cost. Along comes MySQL and mSQL, two of many freely available Database Management Systems. While neither of these DBMS's are as full featured and robust as their more mature brethren, they can definitely hold their own in the world of databases. For small and medium sized organizations and web sites either of these DBMS's can provide a sufficient level of functionality and flexibility to store and retrieve your data. What's Bad? The only shortfall I could find is the lack of references to other, more advanced books on the subject of database design and normalization (although that probably doesn't fit in with the publishers motives, but it would be nice). The book is well rounded and all of the authors are very knowledgeable and well written. What's Good? The first thing that struck me as absolutely wonderful about this book is the structure. By breaking the book into three sections the authors have allowed for many different database users to find this book valuable. Getting Started with MySQL and mSQL The first section, Getting Started with MySQL and mSQL has everything the novice needs to at least get one of the packages up and running so that they can experiment with a database system. The authors do a great job of making sure that the reader can skip sections if they don't pertain to them. Introductory topics like What is a Database? and History of MySQL are essential in making sure the subject matter is well rounded and accessible to everyone (especially to people like myself that did not take database classes at university). Later chapters explain and detail database design and normalization in a manner that is easy to understand so that the first databases you build won't suffer from repetition and data inconsistencies. The authors also do a good job of explaining SQL and specifically the variants that MySQL and mSQL use.

One of the high notes is the single chapter, Other Mid-Range Database Engines. Not only do the authors recognize that there are other database engines out there, they also point out what features MySQL and mSQL lack.

Making it Go The second section of the book, Database Programming, is a well written set of chapters that start off with the architecture of databases and client-server application and how they relate to data processing. The authors then quickly take you into the guts of interfacing with the database. They cover CGI, Perl, Python, PHP and other embedded HTML styles, C/C++, and Java. While I have only ever used Perl, Python, and C to interface to a database I can say that the chapters on the other API's seem to do just as good a job and at least allowed me to understand (if even in the most simple of terms) how those languages function in relation to your database engine of choice.

We all love our nutshell books, especially the XXX In A Nutshell series because they are great references. The foresight of the authors is incredibly prevalent in the third section, Reference. The authors actually took the time to make a ...In A Nutshell type of reference and then stick it into the book. Reference chapters that i have found invaluable so far are SQL (which includes separate sections for MySQL and mSQL's variations), and MySQL and mSQL System Variables. Other sections include C, PHP and Lite, Python, Perl, JDBC, and programs and utilities associated with MySQL and mSQL.

So What's In It For Me? If you are at all interested in database programming or you run a database at a small- to mid-sized organization or web site then this book is a must have. For those people that are in need of a little instruction on database design and normalization this book would be a good start. If you have been working with either MySQL or mSQL for a while then this book may be a bit basic for you, but the reference chapters will more than make up for the cost of the book.

Purchase this book at Amazon.com

Table of Contents

Preface
I. Getting Started with MySQL and mSQL
   1. Introduction to Relational Databases
   2. Database Design
   3. Installation
   4. MySQL
   5. mSQL
   6. SQL According to MySQL and mSQL
   7. Other Mid-Range Database Engines
II. Database Programming     121
   8. Database Application Architectures   9. CGI Programming
   10. Perl
   11. Python
   12. PHP and Other Support for Database-driven HTML
   13. C and C++
   14. Java and JDBC
III. Reference     229
   15. SQL Reference
   16. MySQL and mSQL System Variables
   17. MySQL and mSQL Programs and Utilities
   18. PHP and Lite Reference
   19. C Reference
   20. Python Reference
   21. Perl Reference
   22. JDBC Reference
Index

Brian Behlendorf, of Apache fame (and all around nice guy!), talked to Forbes.com about O'Reilly's new project, sourceXchange Read the interview for the full details.

Jason Bennett has sent us a review of one of the O'Reilly staples, UNIX in a Nutshell. Click below to read more. UNIX in a Nutshell author Daniel Gilly pages publisher O'Reilly rating 9/10 reviewer Jason Bennett ISBN 1-56592-001-5 summary One of the most comprehensive UNIX handbooks on the market, and certainly one of the favorite. The ultimate reference, although not recommended for learning UNIX. Background

Greetings, all. This week I'll be "reviewing" one of the books that made the O'Reilly name, UNIX in a Nutshell, although I admit to feeling a little silly passing judgement on a book that has already been judged quite well by the community at large. The first edition of this book was published in December 1986, and has been a mainstay ever since. This particular version is dated June 1998, and professes to include typographical fixes and a new index. For reference, in December 1986 I was working on an IBM PCjr expanded to 640k of RAM and dual 360k floppy drives. My favorite games were Karateka, Flight Simulator II and F-15 Strike Eagle (the first one). How far we've come....

What's the book about?

Simply put, this book is a dictionary of UNIX. It lists every command available with a standard System V, Release 4 or Solaris 2.0 UNIX. This included everything from grep to ed to cc to troff. If you know a command exists, it's listed here along with all its options. That, however, is but a small part of the book. In addition, there are various specific sections covering shells (including sh, ksh and csh), EMACS, vi, ex, awk, sed, nroff/troff, mm/ms/me, various nroff/troff preprocessors, RCS/SCCS, make, sdb/dbx, plus a small beginner's list of important commands. In other words, this is the jack of all trades reference for UNIX (and by extension, the master of none, although I'll cover that later). There is also a transition guide (or at least a small blub) for those used to BSD instead of SysV (of which Linux is a decendent of the later). Many BSD commands included in /usr/ucb on Solaris are listed in the guide as well. In short, if it's standard UNIX (and then some), it's here.

What's Good?

If you want a kitchen-sink reference to UNIX, this is it. Any command that you have a question about is in here. Anytime you have a question about which vi command is needed, it's in here. Shell scripting is covered. Regular expressions are covered, for when you forget when to use "?" and when to use "*" (or "^" or "$"). Want a quick overview to RCS for your web files? It's right here. This is the short, short version of all your man pages that you can put under your pillow at night.

What's Bad?

If you don't know much or anything about UNIX, don't buy this book. Or at least buy an introductory one along with it. Trying to learn UNIX from this book is like trying to learn English by reading the dictionary. Not only is there not much context, you can't do a reverse lookup. If you can't guess at the command you want, you won't be able to find it. That's not necessarily a flaw, this book just wasn't designed to do that. You don't buy the OED for a Spanish speaker, and you don't buy UNIX in a Nutshell for a newbie. In addition, don't buy this book just for its EMACS or vi or RCS section. Those sections are nice, but they are more command lists than guides. O'Reilly has an excellent selection of books dedicated to helping you with one of the above programs. They're great, and I recommend them.

What's In It For Us?

Long-time UNIX fans will love this book, and probably already own a copy. Same with sysadmins. If you've been around enough to know what you're doing, but still have to look up commands, this is also a great book for you. I know I can never remember half the EMACS or vi commands when I need them. The community has voted, and this reference is it. If you need it, buy it.

Buy the book at Amazon.

CowboyNeal has taken some time out of his busy schedule to review Java Servlet Programming, a new ORA book out, written by Jason Hunter with William Crawford. Full of tips to extend the usage of the servlets, click below for more informatiion. Java Servlet Programming author Jason Hunter & William Crawford pages publisher O'Reilly & Associates rating 8 reviewer CowboyNeal ISBN 1-56592-391-X summary O'Reilly is known for it's in-depth, tell-all approach to computer related topics. This book doesn't disappoint and features many different ways to use Java Servlets, many of which may not occur to the average CGI scripter. What's Good?

I used Java Servlets almost immediately after their release, and always liked the idea of platform-indepent scripts that could give one the same functionality as CGI scripts. It didn't take long for me to discover that servlets aren't limited to returning only web pages, but this book explores several options that one may not think of right off.

The examples given are of use in practical real-world situations, whether it's connecting to a database to generate pages, editing images on the fly, or writing applets that connect to servlets. After reading the examples, you can easily see where you could utilize the concepts in server-parsed web pages.

Having written countless web scripts in Perl, I was pleased to see all of the major concepts of web scripting covered within the context of servlets. Java Servlet Programming includes a JDBC primer, as well as sections on session tracking and security issues.

What's Bad?

Not much. Seriously, O'Reilly books make up a large part of my personal library because they don't disappoint. The entire Java series is full of great books, and this one continues the trend. If you don't know much Java, this book isn't going to hold your hand through it, as it assumes that you're fairly secure in your knowledge of Java, and that you're comfortable using objects in Java.

Who should buy this book?

If you like Java and think that everything should be written in it, including your web scripts, then this is the book for you. I would consider this the best reference for servlet programming to date, and it beats the hell out of the standard documentation. If you're thinking about brewing up a Java servlet, this is the reference you want.

If you want to buy this book, head over to Amazon.

Table of Contents

Preface

1. Introduction
2. HTTP Servlet Basics
3. The Servlet Life Cycle
4. Retrieving Information
5. Sending HTML Information
6. Sendind Multimedia Content
7. Session Tracking
8. Security
9. Database Connectivity
10. Applet-Servlet Communication
11. Interservet Communication
12. Internationalization
13. Odds and Ends

Appendix A: Servlet API Quick Reference

Appendix B: HTTP Servlet API Quick Reference

Appendix C: HTTP Status Codes

Appendix D: Character Entities

Appendix E: Charsets

Index

After a bit of a hiatus, Jason Bennett has returned with a review of Nancy Walsh's Learning Perl/Tk. As the title of the book would indicate, this is an ideal book for those looking to learn the Tk tool kit and Perl. This book assumes a level Perl background, and a little GUI, but is a good intermediate step-click below if you want to know more. Learning Perl/Tk author Nancy Walsh pages publisher O'Reilly rating 8/10 reviewer Jason Bennett ISBN 1-56592-314-6 summary A solid introduction to using the Tk toolkit with Perl. If you have a reasonable Perl background, and a little GUI on the side, you'll pick it up in no time. Background

Greetings, all. This will be the first in a series of reviews dealing with some Tcl/Tk books I've recently acquired. Since I already have some Perl in my background, I took this one first, both to sharpen my Perl skills, and to find out what this Tk thing is all about. Given that my GUI experience is limited to Smalltalk and Java, Tk is quite easy to use. With Smalltalk, I was too busy wrapping myself around OO theory to enjoy the interface, and Java always seemed to make GUI stuff more difficult than it needed to be (although I still love it). Perl and Tk are strong partners, because they share a philosophy of getting things done without a lot of fuss. Perl and Tk are excellent replacements for any GUI scripting language you might use (read: VB). Read on to see how to jump in!

What's the book about?

This is another book in O'Reilly's Learning series (of which Learning Perl really saved my butt in college), which is dedicated to teaching the fundamentals of a certain topic. I want to compare this series with the Learn XY in 21 days type of books, although I believe that would generally be an insult to the quality of O'Reilly. Once you finish this book, you will have enough of an understanding of Tk to be able to do most small projects. You will know most widgets (although I'll admit my own knowledge is limited here), and will generally be prepared to be productive with Tk in Perl.

What's Good?

In order for you to be able to evaluate the usefulness of this book, it will probably help to understand where I'm coming from. I have a BSCS from Georgia Tech, and have enough languages under my belt to do some damage (Lisp is cool!). In fact, I learned Perl originally for a networking project using Learning Perl. It gave me enough to do what was needed. Having said that, I don't live to program, and in fact I'm not big on reading language books. I don't know every language under the sun, and I don't necessarily learn them with the greatest of ease. In other words, my results should be duplicable by most programmers. The most important thing when reading this book is to know Perl (at least have written some stuff in it), and probably have an idea of what to expect when writing GUI code.

Going into this, my Perl was definitely rusty (having not touched it in a while). I didn't have any trouble diving straight in, however. The Perl constructs used are not overly complicated, and my knowledge was sufficient. (NOTE: make sure you have a very recent version of Perl installed. My Redhat 5.2 needed to be upgraded to m4 before the examples would work. Also, get the errata from O'Reilly.) The early chapters deal with basic constructs and widgets, and spend a great deal of time on the geometry managers (go figure). Each chapter introduces a new widget, although some are used before they are introduced (just nod and smile when you see those and don't worry). There are plenty of examples, code fragments, and exercises to keep anyone busy. I tried to work as many as I could, to get a feel for the language, and generally felt like they were helpful. I never felt completely lost or confused, and generally followed things without much trouble. Having finished the book, I feel confident that, given a little work on my Perl, I could write a useful application with Tk, especially given some research on CPAN for various contributed modules. For me, the book worked.

What's Bad?

Nothing in this book is particularly bad, although there are a few nits I'd like to pick. First, the early emphasis on geometry was somewhat interesting. I'm not sure why I care about grid vs pack when I can barely create a button to put on the screen. For that matter, frames are referenced in a short chapter late in the book, after being used all throughout. If the concept is so basic, why not put it toward the beginning? Also, there were times when the author mentions that an option is esoteric, or generally unused, and then spends much more time than necessary on that point. If it's so esoteric, why is it being covered in a basic book like this one? Finally, there were a few times that the book did not explain a point well enough to me, and I had to divine the answer down the road (like configuring scrollbars). It was not a major issue, but there were some things that could have been clearer.

What's In It For Us?

If you want to learn Tk using Perl, this book will let you do that. It gives a solid introduction to the topic, and on completion, you will be a useful Perl/Tk programmer. Just know your Perl going in, and you will be fine.

Purchase the book over at Computer Literacy.

1. Preface
   
2. Introduction to Perl/Tk
3. Geometry Management
4. The Basic Button
5. Checkbuttons and Radiobuttons
6. Label and Entry Widgets
7. Scrollbars
8. The Listbox Widget
9. The Text Widget
10. The Canvas Widget
11. The Scale Widget
12. Menus
13. Frames
14. Toplevel Widgets
15. Binding Events
16. Composite Widgets
17. Methods for Any Widget

1. Configuring Widgets with configure and cget
2. Operating System Differences
3. Fonts
   Index

The critical companion to the Camel/Llama books, the Ram book, published by O'Reilly, Perl Cookbook: Solutions and Examples for Perl Programmers has been reviewed by Reviewed by: Eugene Sotirescu. This piece of art has been written by Tom Christiansen and Nathan Torkington-and if you want the scoop on the book, click below. Perl Cookbook: Solutions and Examples for Perl Programmers author Tom Christiansen and Nathan Torkington pages publisher O'Reilly & Associates rating 10 reviewer Eugenia Sotirescu ISBN summary An indispensable compendium of Perl programming problems with expert solutions and commentary. The ScenarioThe first Perl book, "Programming Perl", (Larry Wall and Randal Schwartz, 1990; aka the Red Camel) included 2 chapters, "Common Tasks with Perl" and "Real Perl Programs", that were left out of the second edition of the book ("Programming Perl", by Wall, Tom Christiansen and Schwartz, 1996; aka the Blue Camel). Many people bemoaned the omission of all these Perl-at-work gems and one of the authors, Tom Christiansen, undertook to expand the 2 orphan chapters into a separate book. Two years later, with the help of fellow Perl programmer and Perl FAQ maintainer, Nathan Torkington, Christiansen gave us the "Perl Cookbook" (aka the Ram book).

While no review can even get close to summarizing the wealth of information in this book, its structure is easily described: the organizing metaphor is the cookbook and therefore the bulk of each chapter contains recipes designed to address specific programming problems.

A Code FeastHere's a brief list of other goodies you can find in this book:

• a juicy regex grabbag, that shows how to match HTML links, IP addresses, all-caps words and key=value pairs among many other patterns.
• A full chapter on Database access that in addition to DBI also includes the most extensive discussion of DBM files in Perl literature.
• 40 pages on UNIX processes from the point of view of Perl.
• Examples on how to write demon and non-forking servers in the chapter on sockets and code to create robots, parsing server logs and automating form submission in the chapter on web automation.
• Numerous tips and examples of safe and efficient CGI programming in the chapter devoted to this.
• How to keep your modules separate from the system-wide ones and how to prepare modules you've written for CPAN distro
• Everything you ever wanted to do to dates/time but didn't quite know how .

At times, though, the authors can't keep themselves to just code snippets and cook a full ready-to-eat meal in the form of a complete program to cap the solutions presented in a chapter.
At the end of the Pattern Matching chapter, for example, you can find 'tcgrep', Tom Christiansen's cross-platform supergrep that "ignores anything not a plain text file, automatically expands compressed or gzipped files, recurses down directories, searches complete paragraphs or user-defined records . . . and adds underlining or highlighting of the matches". A program called 'hopdelta' caps the "Dates and Times" chapter and shows the time an email message took to reach each destination based on an analysis of its header.

Anatomy of a ChapterAfter an introduction that tries to present the history and general outline of the topic of the chapter come the numbered recipes. Each recipe is divided into 4 parts: a brief statement of the Problem, followed by the code of the Solution and a detailed Discussion with further comments, code examples and pitfalls. The recipe ends with a See Also paragraph that sends the reader to the relevant man pages and further references.

Chapter 7, for instance, deals with File Access. It opens with a 4-page discussion of the basic concepts of file handles and I/O. It then quickly moves into the recipes, which range from the basic (opening a file, covered in depth, output flushing) to the often used and asked about (writing a filter, modifying a file) and ends with a longish complete program that implements lock control over a designated region of a file. Changing a file has 3 sections devoted to it: in-place modification using a temp file, doing it from the command line and the less common in-place modification without a temp file.

(Note: if you've been modelling your file locking on the flock() example on pp.166-7 of the Camel book, make sure you check out recipe 7.11, "Locking a File", to see what you may be doing wrong).

What's Bad?I'd say: nothing. A caveat is in order, though.
Good recipes do not a gourmet cook make. A handy compendium of code snippets like the ones in this book will help solve the problem at hand, but won't help you design better programs. I don't mean to detract from the book's value (after all its purpose is not to teach program structure), just to deflate a little the beginning Perl programmer who uses this book to get unstuck: he's solved the problem at hand and that's great, but he's not necessarily a better programmer for it. The authors are probably aware of this, hence the complete programs at the end of the chapters. I only wish there were more of these.

What's Good?Lucid presentation and clear organization make this book not only useful to refer to, but also pleasant to read through. And the code in it comes not only from experienced authors, but has also been polished by the feedback from scores of Perl gurus, which is a pretty good guarantee of its quality.

Do YOU Need the Ram book?To make it short, let's actually ask: "who doesn't need the Ram book?"
If you're Larry Wall, you probably don't need it . That's it. For the rest of the Perl crowd this book is pretty much an essential companion to the Camel, as both resource and learning tool.

(Note: If you use Perl to teach yourself programming, use the Llama ("Learning Perl," by Randal Schwartz) to get going, but keep the Ram in mind: if you get anywhere with Perl you too will want it).

Buy this book here.

Errata

Table of Contents

1. Strings
2. Numbers
3. Dates and Times
4. Arrays
5. Hashes
6. Pattern Matching
7. File Access
8. File Contents
9. Directories
10. Subroutines
11. References and Records
12. Packages, Libraries, and Modules
13. Classes, Objects, and Ties
14. Database Access
15. User Interfaces
16. Process Management and Communication
17. Sockets
18. Internet Services
19. CGI Programming
20. Web Automation

Pater has given us a write up on the famous panther book, Advanced Perl Programming. So, if you just can't get enough Perl, and who can, check it out. Besides, Slashdot is programmed in Perl, and we all love Slashdot, right? Riiigght. REVIEW: Advanced Perl Programming by Sriram Srinivasan (O'Reilly & Associates)

Reviewed by Pater.

Nutshell Review: More in-depth than Programming Perl, this book shows how powerful Perl can be whether designing solutions for the enterprise, or just trying to automate difficult tasks on your own system.

Rating: 7/10

What's Good?

After getting my feet wet programming in Perl (and reading the Camel Book) I wanted more, and a quick paging through this book showed me windows interfaces, networking calls, and more. When reading the book, I found some of the same topics addressed in Programming Perl, but the topics covered in both books are quite possibly the toughest Perl concepts to master. After reading the section on object orientation, I finally felt comfortable enough to due object-oriented programming in Perl. Advanced Perl Programming is, at it's very worst, a quick tour of several modules available for Perl. The book spends a considerable amount of time on Perl/Tk, with an appendix dedicated to Perl/Tk as well.

These sections alone justified the cost of the book to me, but it also contains instructions on embedding Perl into C and using C within Perl. The book also takes time out to compare and contrast Perl with other langauges. This helps those who may be making a transition to Perl from C/C++, Java, or Python. All in all, this book is a good reference for the power Perl programmer.

What's Bad?

One major downside is that many modules upon which Advanced Perl Programming is written are not part of the standard Perl distribution. Granted, most of the CPAN (Comprehensive Perl Archive Network) modules are accepted as "the ones to use," but they are not guaranteed to be on every machine that has Perl. My other biggest irritation is that often an extremely powerful module would recieve little attention, and the book acts as one giant pointer to CPAN. However, this isn't much of a problem to anyone with good internet access.

Why should I buy this book?

If you are a Perl programmer who wants to use Perl to it's fullest, this book is definitely for you. I don't know of a more advanced book on Perl that covers the same material. Advanced Perl Programming is not a book for the Perl hacker (no fancy one-liners here), but more of a guide to help an application developer get the most out of Perl.

So, if you'd like to pick this up, check out Amazon. Also, O'Reilly is doing a Linux survey about their books. Head over there and help them out.

Table of Contents

Preface

1. Data References and Anonymous Storage
2. Implementing Complex Data Structures
3. Typeglobs and Symbol Tables
4. Subroutine References and Closures
5. Eval
6. Modules
7. Object-Oriented Programming
8. Object Orientation: The Next Few Steps
9. Tie
10. Persistence
11. Implementing Object Persistence
12. Networking with Sockets
13. Networking: Implementing RPC
14. User Interfaces with Tk
15. GUI Example: Tetris
16. GUI Example: Man Page Viewer
17. Template-Driven Code Generation
18. Extending Perl: A First Course
19. Embedding Perl: The Easy Way
20. Perl Internals

Appendix A: Tk Widget Reference
Appendix B: Syntax Summary

Pater has given us a write up on the famous panther book, Advanced Perl Programming. So, if you just can't get enough Perl, and who can, check it out. Besides, Slashdot is programmed in Perl, and we all love Slashdot, right? Riiigght. REVIEW: Advanced Perl Programming by Sriram Srinivasan (O'Reilly & Associates)

Reviewed by Pater.

Nutshell Review: More in-depth than Programming Perl, this book shows how powerful Perl can be whether designing solutions for the enterprise, or just trying to automate difficult tasks on your own system.

Rating: 7/10

What's Good?

After getting my feet wet programming in Perl (and reading the Camel Book) I wanted more, and a quick paging through this book showed me windows interfaces, networking calls, and more. When reading the book, I found some of the same topics addressed in Programming Perl, but the topics covered in both books are quite possibly the toughest Perl concepts to master. After reading the section on object orientation, I finally felt comfortable enough to due object-oriented programming in Perl. Advanced Perl Programming is, at it's very worst, a quick tour of several modules available for Perl. The book spends a considerable amount of time on Perl/Tk, with an appendix dedicated to Perl/Tk as well.

These sections alone justified the cost of the book to me, but it also contains instructions on embedding Perl into C and using C within Perl. The book also takes time out to compare and contrast Perl with other langauges. This helps those who may be making a transition to Perl from C/C++, Java, or Python. All in all, this book is a good reference for the power Perl programmer.

What's Bad?

One major downside is that many modules upon which Advanced Perl Programming is written are not part of the standard Perl distribution. Granted, most of the CPAN (Comprehensive Perl Archive Network) modules are accepted as "the ones to use," but they are not guaranteed to be on every machine that has Perl. My other biggest irritation is that often an extremely powerful module would recieve little attention, and the book acts as one giant pointer to CPAN. However, this isn't much of a problem to anyone with good internet access.

Why should I buy this book?

If you are a Perl programmer who wants to use Perl to it's fullest, this book is definitely for you. I don't know of a more advanced book on Perl that covers the same material. Advanced Perl Programming is not a book for the Perl hacker (no fancy one-liners here), but more of a guide to help an application developer get the most out of Perl.

So, if you'd like to pick this up, check out Amazon. Also, O'Reilly is doing a Linux survey about their books. Head over there and help them out.

Table of Contents

Preface

1. Data References and Anonymous Storage
2. Implementing Complex Data Structures
3. Typeglobs and Symbol Tables
4. Subroutine References and Closures
5. Eval
6. Modules
7. Object-Oriented Programming
8. Object Orientation: The Next Few Steps
9. Tie
10. Persistence
11. Implementing Object Persistence
12. Networking with Sockets
13. Networking: Implementing RPC
14. User Interfaces with Tk
15. GUI Example: Tetris
16. GUI Example: Man Page Viewer
17. Template-Driven Code Generation
18. Extending Perl: A First Course
19. Embedding Perl: The Easy Way
20. Perl Internals

Appendix A: Tk Widget Reference
Appendix B: Syntax Summary

Leonard Richardson writes "Just when you thought all the Netscape hoopla had died down, along comes Internet Outlook with an article on the subject. The major source is a telephone interview with Tim O'Reilly, who also speaks out on Linux and the value of free software in general. Compare ORA's recent press release" .