Posts Tagged ‘so so’

Book:Foundations of Security

juillet 30, 2010 Laisser un commentaire

I have finally finished Foundations of Security: What Every Programmer Needs to Know. Yep, finally: it wasn’t done too easily.

Indeed, the book felt really dry. Nothing in it gives this willingness to read late into the night. Rather the other way around, it would make me fall asleep quicker.

However, it doesn’t say much about the content of the book. And there, this book clearly aims to be kind of exhaustive. Pushing it even a bit too far, like enumerating all the devices able to store a password, from PDA to file or code source. Still, this kind of completeness is a nice refresher.
It helped as well to have a deeper understanding of facts I knew about security, like precisely why/how Javascript is bound to the page domain.
Similarly, the book pointed out some potential issues I could have overlooked. Info leakage, esp credential, wasn’t present enough in my mind, notably through referer headers.

Regarding security practices themselves, I felt like this book was either too technical for a non IT guy or too simple for an IT guy. My case being more of the latter, I often felt frustrated by the lack of technical depth, the suggested solutions being quite often already known. Furthermore, this kind of enumerative text used made technical bits quite repetitive. I sometime asked myself is some stuff wasn’t already described earlier, or if I hadn’t already read it. It wasn’t the case, but the commonalities in presentation, description and structure really didn’t help.

At the end of the day, I don’t regret having read this book. My knowledge on security is now firmer. Yet I’m pretty sure some other security books exist which are more instructive and/or enjoyable to read.


Étiquettes : , , ,

Book review : Pragmatic Unit Testing

septembre 4, 2009 Laisser un commentaire

During my holidays, I notably read Pragmatic Unit Testing In Java with JUnit.

Basically, this book might be nice for beginners and new comers to unit test. If you’ve never done any and are fearful of starting on your own, then consider it. Otherwise, it doesn’t bring much. It’s an easy book to read but the noise/info ratio is too much in favour of noise : I sometime had the feeling the authors were trying to fill the space.

In fact, I do like the Summary Card offered, it sums up nicely what is to be known, and what I could say is of interest in the book.

Furthermore, the book shows its age : late 2003 is like prehistory ;). So the code samples are a bit outdated and, worst, maven wasn’t popular at the time : lost of lines are lost explaining out to setup the tests’ folders, which is pointless with maven.

In case of questions/comments, do not hesitate.


Étiquettes : , , , ,

Book review : Learning JQuery

juillet 17, 2009 Laisser un commentaire

I recently read Learning JQuery, the version of 2007. I was reading it as a casual reader, just to get a better hand on JQuery.

My feeling about it is the following : it seems good at providing technical details but fails at « empowering » the reader and providing the big picture. I say « it seems » because I had difficulties to keep reading it, since I didn’t feel it attractive. So I’ve finished it through « scanning »… From an avid reader like me, that’s really an unusual move. Furthermore, I didn’t find advices/best practices about plugin usage and integration, which I was especially looking for.

Conclusion : grab it only if you’re an avid javascript developer willing to develop plugins and not afraid of connecting the chapters together yourself…

Ps : With further use of JQuery and hence of this book, I now realize that its index is very poor 😦

Étiquettes : , , ,
%d blogueurs aiment cette page :