Saturday, October 25, 2003

So Many Books, So Little Time

This article appears in slightly different form in the September/October 2003 issue of IEEE Micro © 2003 IEEE.

I try to write in depth reviews of a few worthy items in each column, but sometimes the flow overwhelms the system. Here are short reviews of some books I wish I had more time to examine.

General Interest

How the Internet Works, Seventh Edition by Preston Gralla (Que, Indianapolis IN, 2004, 368pp, ISBN 0-7897-2973-3,, $29.99)

Preston Gralla is a well known technology columnist and author. In this large format book, lavishly illustrated by Michael Troller, Gralla explains all of the concepts that most people are likely to encounter in connecting to the Internet. The explanations are not deep, but they systematically cover the basics. Most people, even experts, will probably find at least some of the explanations helpful. For example, I feel that I know quite a bit about the Internet, but Gralla's explanation of proxy servers clarified the subject for me.

The illustrations are colorful and attractive, but in many cases they are merely decorative. Visual learners may find them helpful, though I doubt that anyone could get much from the book just by looking at the pictures. The text, on the other hand, can probably stand alone.

If you know someone who is just starting to use the Internet and email, consider giving them this book. It may save you from some difficult questions. 

Firewalls and Internet Security - Repelling the Wily Hacker, 2d ed by William Cheswick, Steven Bellovin & Aviel Rubin (Addison-Wesley, 2003, 456pp, ISBN 0-201-63466-X,, $49.99)

In the interest of full disclosure, I need to say that I know Bill Cheswick and have heard him speak on many occasions. He is a remarkably charming, inventive, enthusiastic, boyish person with a wonderful sense of humor. His personality comes through as you read the book.

The 1994 edition of this book quickly became the standard reference for security professionals. The long awaited new edition brings the work up to date. Some of the issues in the book are of interest only to security professionals, but many of us nowadays have home networks for which we have to provide the security ourselves. We rely on off the shelf virus protection and firewalls, but most of us have no idea how to provide effective security. This book can help.

One of the great strengths of this book is that anyone with a general knowledge of computers and the Internet can read most of it. The Security Truisms section at the start of the book contains aphorisms like An attacker does not go through security, but around it. Sun Tzu could have written this 2500 years ago.

If you read this book, you'll come out knowing a great deal about security, and you'll have fun doing it. 

Windows XP Hacks - 100 Industrial Strength Tips and Tools by Preston Gralla (O'Reilly, Sebastopol CA, 2003, 412pp, ISBN 0-596-00511-3,, $24.95)

Preston Gralla has apparently been busy! In addition to figuring out how the Internet works, he has assembled a useful collection of ways to make Windows XP behave better. The O'Reilly Hacks series (and the associated site, uses tools, configuration options, and even unpublicized registry settings to make your life easier. This book tells you how to get your old programs to run under XP, even if they are nominally incompatible with XP. It tells you where to find free tools to convert files from one graphics format to another. It helps you remove unwanted icons from your desktop. It provides strategies for reducing spam.

I love books like this. I don't think it is as thorough or detailed as Windows XP Annoyances (Micro Review, Jan/Feb 2003), but it's worth looking at.

From Gutenberg to the Global Information Infrastructure by Christine L. Borgman (MIT, Cambridge MA, 2003, 344p, ISBN 0-262-52345-0,, $21.95)

This book is a paperback reissue of a work that won the 2001 Best Book Award from the American Society for Information Science and Technology. Borgman looks at how well the global information infrastructure does, or might in the future, fit into our daily lives. She views this as the main criterion of its success.

Though Borgman comes to the subject from a background in information studies, she takes a holistic approach that considers sociological factors as well as technical and implementation details. She views digital libraries, electronic publishing, and the life cycle of electronic information in terms of their effects on humans.  

Borgman's presentation is in the academic style, with many references and a dry, impersonal voice. Nonetheless, it is not difficult reading. It provides a valuable and nuanced perspective on a technology that most people see in black and white. If you have not thought much about the human consequences of the global information infrastructure, Borgman's book is a good place to start.

Adobe Acrobat 6.0 Standard Classroom in a Book by Adobe Creative Team (Peachpit, Berkeley CA, 2004, 456pp plus CD, ISBN 0-321-19374-1,, $45.00

The Adobe Classroom in a Book series has a well deserved reputation for being thorough, accurate, easy to use tutorials. Adobe Acrobat 6.0 Standard is the latest version of Adobe Acrobat software. I haven't had a chance to look at Acrobat 6 in detail, but it seems to be a lot like Acrobat 5.

If you are new to Acrobat, this tutorial is an excellent way to cover all of the main features in a thorough and authoritative way.

Open Source

Tomcat - The Definitive Guide by Jason Brittain & Ian F Darwin (O'Reilly, Sebastopol CA, 2003, 412pp, ISBN 0-596-00318-8,, $39.95)

Tomcat began life as part of the Sun Microsystems development kit for JSP and servlets. A few years ago Sun donated Tomcat to the Apache Foundation, where it became an open source product. It is the most widely used platform for JSP and servlets. If you are going to develop J2EE web applications, you will probably use Tomcat.

This book tells you everything you need to know about the theory and the details of all of the Tomcat features you're likely to use, including security.

Code Reading - The Open Source Perspective by Diomidis Spinellis (Addison-Wesley, Boston MA, 2003, 526pp plus CD, ISBN 0-201-79940-5,, $49.99)

This book has a simple premise. Programmers need to be able to read code. There are two main reasons for this. The first is to help learn how to write good code. As with prose writers, reading excellent examples of others' works helps programmers find their own voice and develop their own excellent styles.

The second reason to learn to read code is to be able to modify or augment existing programs. Programmers spend large portions of their lives in just such activities.

Spinellis notes that the open source movement has made a great deal of excellent code available. His book uses this resource to help you become a good code reader and writer. Using numerous examples from actual code, Spinellis discusses a wide variety of programming topics. In the end he has written a computer science textbook with all of the examples taken from real life.

PHP and MySQL for Dynamic Web Sites Visual QuickPro Guide by Larry Ullman (Peachpit, Berkeley CA, 2003, 590pp, ISBN 0-321-18648-6,, $24.99

Because they are open source products and are widely available, PHP and MySQL are widely used tools for server side scripting and database access for personal or small business websites. Ullman systematically covers all of the tasks a web developer might wish to perform and presents procedures for them, with complete code examples and visual representations of screens and output.

The Peachpit visual guides are all very well done, and this one fits right into that mold. If you're developing a website with any sort of server side component, you should read this book.

Extreme Programming With Ant by Glenn Niemeyer & Jeremy Poteet  (Sams, Indianapolis IA, 2003, 456pp plus CD, ISBN 0-672-32562-4,, $34.99)

I have reviewed many books on extreme programming (XP) in this column over the years. For example, I reviewed Kent Beck's Extreme Programming Explained in the Nov/Dec 1999 Micro Review. Beck is essentially the inventor of XP, and his book explains its principles and the reasons behind them.

Ant is an open source extensible scripting language that many people use to automate processes for building and deploying software. XP relies on automated testing and frequent builds, so Ant is an ideal tool. The authors show how to use Ant to automate testing and builds, but that's just the beginning.

XP relies on coding standards, because everybody is always free to change any code at any time. Without standards, chaos would reign. Ant can help to enforce standards. Similarly, the authors proceed to automate every aspect of the XP development cycle.

If you're doing XP, or if you just want some good ideas for how to use Ant to help with whatever development process you follow, check out this book. 

Java and JSP

The next two books total close to 2400 pages. They are part of a series for developers. If you know everything in them, you should have no trouble developing enterprise applications, including web services, in Java.

J2EE Developer's Handbook by Paul J. Perrone, Venkata Chaganti & Tom Schwenk (Sams, Indianapolis IA, 2003, 1536pp plus CD, ISBN 0-672-32348-6,, $59.99)

The authors spell out their mission right away: 
Provide a comprehensive, cohesive, and practical guide for building scalable, secure, assured, Web-enabled, and distributed enterprise systems with the Java 2 Platform, Enterprise Edition (J2EE). The technologies presented in this book can be used to rapidly build any enterprise system and integration solution that you can imagine. We describe these enterprise technologies from the ground up, leaving you with a thorough and in depth understanding of the Java enterprise application stack.
That's a pretty tall order, but from what I can tell (I haven't read every word), they do a pretty good job. Nonetheless, if you finish the sections on application servers, servlets, JSP, and web services (about 200 pages) and you still haven't had enough, you can read the next book.

JavaServer Pages Developer's Handbook by Nick Todd & Mark Szolkowski (Sams, Indianapolis IA, 2003, 838pp, ISBN 0-672-32438-5,, $49.99)

JavaServer Pages (JSP) is a way of enhancing HTML with server side Java code to make web pages more interactive and to help them deliver access to databases and other server capabilities. If you don't really need to understand the entire J2EE architecture, this book can provide everything you need to know about JSP. The book contains a huge amount of sample code, which you can download from the book's website. 


Measured by weight or by number of pages, the two books in the Java and JSP section beat the two in this section by about two to one. Nonetheless, these two can hold their own.

Microsoft's .NET is relatively new and corresponds approximately to J2EE. The ASP.NET facility corresponds approximately to JSP.

.NET Framework Essentials by Thuan Thai and Hoang Q. Lam (O'Reilly, Sebastopol CA, 2003, 380pp, ISBN 0-596-00505-9,, $29.95)

The .NET framework is the basis for all new Windows development. In it Microsoft responds to the major trends of the last few years: distributed computing, component based development, enterprise services, and sharing of functionality across the web. It also responds to the maturity of information technology, which creates an expectation of interoperability, scalability, availability, security and manageability.

The .NET common language runtime (CLR) is analogous to a Java virtual machine (JVM), but there are important differences. Rather than the interpreted bytecodes of the JVM, the CLR works with compiled code. All languages compile into the same object format, use a common library, and interoperate. This means that methods written in different languages can inherit from each other, catch each other's exceptions, and so forth.

The .NET framework eliminates the notorious DLL Hell by drastically reducing the reliance on registry entries and by not using file names to bind programs together. For many programs (not all), you can install them by copying their files to the disk and uninstall them by deleting the files.

This book describes these and many other features of the .NET framework in enough detail for you to feel comfortable using them. It gives you a sufficient overview to make it easy for you to use more detailed reference works.  

ASP.NET in a Nutshell by G. Andrew Duthie and Matthew MacDonald (O'Reilly, Sebastopol CA, 2003, 998pp, ISBN 0-596-00520-2,, $44.95)

While the previous book provides a detailed overview, this one gets right down to the nitty gritty. If you are familiar with O'Reilly books in the Nutshell series, you know what to expect with this one. It provides a small amount of overview information, but a great deal of detail about the properties, methods, and events of the main ASP.NET classes. The format of the book and the detailed table of contents and index make it easy to find what you're looking for.