Review - Applied Software Project Management

Sean — Tue, 03 Jan 2006 18:39:00 +0100

O’Reilly has recently begun a new line of books called ”/Theory/In/Practice” (and no, I don’t know why it isn’t listed on their web page). These books cover such topics as “Essential Business Process Modeling” and “Applied Software Project Management”. It was my pleasure to secure a copy of “Applied Software Project Management” right before I left for the holidays. Since I am doing some project management now, I figured doing some reading certainly couldn’t hurt, right?

“Applied Software Project Management” is a generalist book. It is modular; no chapter really relying on any other. It covers the whole range of software project and management topics from planning, to managing people, to software testing and everything in between. While a lot of the ideas covered are really only effective for larger teams than the ones I am usually involved with, there are a lot of useful ideas for smaller teams as well. Perhaps the most valuable – Part 2: Using Project Management Effectively. It focuses more on understanding and incorporating changes into an already existing system.

This book reminds me somewhat of Code Complete (a good technical book in my opinion). The fact that it is general enough to be useful to a wide variety of people, yet specific enough to get its points across makes it extremely valuable. Also enjoyable is the fact that it very rarely focuses on specific tools (the only major case of this being the use of Subversion), and when it mentions one specific tool, it always refers to several specific instances (such as mentioning Perforce, Arch, CVS, etc. after mentioning Subversion).

“Applied Software Project Management” is one of the better books I have read from O’Reilly. At no point was I bogged down in technical concepts I couldn’t understand. It was actually quite difficult to put down until I finished whatever section I was reading at any given time. I recommend this book to anyone involved in software project management.

Final Rating: 4.5/5

“Applied Software Project Management�? is available from O’Reilly Media, Inc. for CAN $55.95. Sample chapters can be obtained @ The O’Reilly Catalog

Review - Security Warrior

Sean — Sat, 18 Jun 2005 16:32:00 +0200

Security Warrior labels itself as the “most comprehensive, up-to-date book covering the art of computer war�?. Having been on my To-Read list since it was initially released a year and a half ago, I was interested to see how accurate this claim remains.

Obviously, some topics you might expect to be covered in a comprehensive security handbook are missing. No where to be seen is discussion of vulnerabilities in MD5 and SHA, as these hadn’t been published yet. Also missing is any reference to the Linux 2.6 kernel, as the first version of that was released barely a month before the first publishing.

However, this items discussed in this book are general enough that they are still valid and highly valuable. Discussion is platform neutral where possible, with further discussion on platform dependencies where needed. There are some very nice examples and case studies, which make the book a more interesting read than strict discussion. The Advanced Defense subsection is spectacular and well deserving of the designation Advanced. A lot of the ideas there, while simple in nature, are things that I haven’t come across before, or even thought of, especially their discussion on intrusion detection and log aggregation.

There are, however, a few problems with the book. First and foremost, I have a problem with the Social Engineering section. While I agree that social engineering is an important aspect of network security, 10 pages does not even begin to scratch the surface on the topic. Thankfully, this is offset by an amazing set of references at the end of the chapter, including the excellent “Art Of Deception�? by Kevin Mitnick. Another problem that ties into this, is the fact that the Reconnaissance chapter comes AFTER the Social Engineering chapter, when reconnaissance is usually a precursor to a social engineering attack. I felt that the logical order would have created a smoother reading process here. Finally, the author’s repeatedly mentioned that some tools were standard on Linux distributions, but not commercial unix systems, and as a result might have to be installed manually. I felt this repetition for most of the tools discussed was distracting from the core information I was trying to read.

One area that deserves its own discussion is the section on Reverse Engineering. This section was highly interesting, showing a wide variety of techniques for not only the Unix operating system, but Windows CE as well. A plethora of information regarding techniques, tips and tools are contained in these chapters….... but really only for the Unix and Windows CE environments. Out of 175 pages, only 20 of those discusses reverse engineering on the actual windows platform. With 2/5 of the book actually being devoted towards this topic, I feel that this section might have been better off being an entire book of its own, with expanded discussion for all environments and additional examples.

Overall, Security Warrior was quite an interesting read. I fully plan to take many concepts I have learned here and incorporate them into both current and future plans. If you want a detailed look at network security concepts, this book is a very solid starting point, before branching out into other works.

Final Rating: 3.5/5

“Security Warrior�? is available from O’Reilly Media, Inc. for CAN $65.95. Sample chapters can be obtained @ The O’Reilly Catalog

Crazy Or Genius?: Tag oreilly

Review - Applied Software Project Management

Review - Security Warrior