The Mythical Man-Month: Essays on Software Engineering Review

Average Reviews:

(More customer reviews)There really are very few software engineering books written in 1975 that are worth reading today. Brooks remains powerful stuff because large system projects are still often disastrous. We are not often bothered by the flowcharts that Brooks dislikes, but the disorganized projects, endless meetings, problems of scaling, unhelpful documentation and inflexible systems are certainly still with us.
I was struck recently by the parallels with Kent Beck's Extreme Programming: Brooks had in his way foreseen much of what this recent movement has been urging.
Brooks' classic book underlies much systems engineering thinking, and his example along with the frightening story of OS/360, enlivened with Brooks' inimitable anecdotes and illustrations, remains essential reading.

Click Here to see more reviews about: The Mythical Man-Month: Essays on Software Engineering

Click here for more information about The Mythical Man-Month: Essays on Software Engineering

Read More...

Writing Secure Code, Second Edition Review

Average Reviews:

(More customer reviews)The title of the book is misleading to begin with. The book is not about writing secure code. It's about (1) not writing non-secure code and (2) using Windows specific security APIs.
(1) Not writing non-secure code. Covers several issues, some more obvious, like buffer overruns and validating user input, some more complex, like escaping URLs and socket security. I thought the book would teach me best practices about organizing code, as in "do like I do". Instead it goes like "don't do like I'm telling you".
(2) Using Windows security APIs. This is THE BEST part of the book. Gives you a very good overview about several different APIs, including ACLs, protecting sensitive data, securing DCOM and .NET code, excellent tips on installing programs etc. etc.
Keep in mind that this book is said to be used internally within Microsoft with "security pushes", with the audience of 8000 people, including not only developers of all levels, but managers as well, therefore the book is by definition a high level overview.
Sometimes the book feels like MS educational course. Ex. (tip on p.77) "I created the ... diagrams ... using ... Microsoft Visio Professional 2002". That's cool, but what does it have to do with security ?
Some topics should never be there. How about 3 pages of tips for a kernel driver writer ? It's a huge topic in itself and how many readers outside MS do this anyway ? Privacy issues are covered idealistically. Yeah, sure, if you put a specially crafted XML to the special place on your site, the users magically start trusting you... I'd better read about real situation with privacy, not how the government rules it to be. Oh, and how about 40 pages about cryptography ? Please...
The book tries to show you the security process with development and testing. I can easily see they use this process in Microsoft, with 8000 people. For a small team it's completely useless. How about using 4 (!) people for a code review ? Sure, upon reading this book you will know that security code review is a must (if you have enough resources). Didn't you know that before ?
The code samples are ugly. How about this: "... X is cool ... several pages of Perl (!) ... see what I mean ?". Ok, one of the authors admits to be a Perl fan, but how am I supposed to read through all this gibberish ? C(++) samples are not much better. May be they are fully functional and compilable and all, but please, they are huge and inconsistent in themselves.
All in all, 5 stars for Microsoft, 3 stars for the rest of the world.

Click Here to see more reviews about: Writing Secure Code, Second Edition

Get 43% OFF

Click here for more information about Writing Secure Code, Second Edition

Read More...

J2EE Best Practices: Java Design Patterns, Automation, and Performance (Wiley Application Development Series) Review

Average Reviews:

(More customer reviews)This is the best J2EE helper book period. I've been developing J2EE based applications for 2 years now and have read many books on the subject. Most of the J2EE books just repackage the specifications and write about common sense approaches.
J2EE Best Practices, will give you concrete information on how to use EJB 2.0 for the "real" world now!. You can and will use this book to ensure the success of your current EJB 2.0 project.
The material on CMR Entity beans is extremely valuable for anyone trying to implement Business Objects based on J2EE.
I use Cocoon for my Web Interface, but this book has some good info for Struts users as well.
Go to your nearest book store and get that edge you've been looking for. While your buddies are reading "Core J2EE', "Bitter EJB', "Expert One on One J2EE Design..", "Mastering J2EE..", etc...

Click Here to see more reviews about: J2EE Best Practices: Java Design Patterns, Automation, and Performance (Wiley Application Development Series)

Get 24% OFF

Click here for more information about J2EE Best Practices: Java Design Patterns, Automation, and Performance (Wiley Application Development Series)

Read More...

Web Application Architecture: Principles, Protocols and Practices Review

Average Reviews:

(More customer reviews)Have to disagree with prior reviewer's complaint that the book doesn't cover Java EE 5. It's not supposed to, it's not a Java book, it's a book on the principles and protocols of web application development. Authors say upfront they don't focus on a specific API, toolkit, or framework. They cover HTTP, XML and HTML through HTML5, core protocols and languages of the web. In discussing server-side web application frameworks and client-side techniques using Javascript and Ajax, they have an agnostic attitude that doesn't endorse one approach. Instead they survey the many available options contrasting their benefits and shortcomings. The end result is that you learn what all approaches have in common, reliance on underlying standard protcols. The new material improves on what was already a great text book. Coverage of new frameworks since the last edition has been added. Two new chapters on search engines and on Javascript/Ajax are excellent. The administrative interface sample application is the most objective tutorial on Rails I've read. There's also expanded coverage of semantic web and web services, both SOAP and REST.

Click Here to see more reviews about: Web Application Architecture: Principles, Protocols and Practices

In-depth examination of concepts and principles of Web application development
Completely revised and updated, this popular book returns with coverage on a range of new technologies. Authored by a highly respected duo, this edition provides an in-depth examination of the core concepts and general principles of Web application development. Packed with examples featuring specific technologies, this book is divided into three sections: HTTP protocol as a foundation for Web applications, markup languages (HTML, XML, and CSS), and survey of emerging technologies. After a detailed introduction to the history of Web applications, coverage segues to core Internet protocols, Web browsers, Web application development, trends and directions, and more.
Includes new coverage on technologies such as application primers, Ruby on Rails, SOAP, XPath, P3P, and more
Explores the fundamentals of HTTP and its evolution
Looks at HTML and its roots as well as XML languages and applications
Reviews the basic operation of Web Servers, their functionality, configuration, and security
Discusses how to process flow in Web browsers and looks at active browser pages
Addresses the trends and various directions that the future of Web application frameworks may be headed

This book is essential reading for anyone who needs to design or debug complex systems, and it makes it easier to learn the new application programming interfaces that arise in a rapidly changing Internet environment.

Click here for more information about Web Application Architecture: Principles, Protocols and Practices

Read More...