5 comments about Pro EJB 3: Java Persistence API (Pro).

1. Anything that requires getting a bunch of jars on the server classpath was deemed unsuitable for automated deployments. I wonder how people manage automated deployments and configurations, especially in a multi-server clustered environment.



2. Pro EJB3 is a great book. Having been using it for over last 6 month on my recent project, I can definitely say that this book is invaluable.
   
   Have been worked on EJB 2.x for many years and on several projects with different application servers (Weblogic, JBoss, WebSphere), I understand the basics of EJB. So I want not only understand the basic how-to in EJB3 and JPA, but also want to understand the in depth explanations on transaction, persistence context and different behavior in the new system.
   
   The book explain all these topics very well. I had brought other book (hibernate in action with JPA pdf version), but found that book was too focused on hibernate (even I was a fan of the previous edition of hibernate in action book). This book is well focused on JPA,and I really likes JPA APIs.
   
   The book author is really nice and accessible. I have emailed Mike questions and he consistently replied promptly.
   
   This book worth the money !!!
   
   Chester



3. This is the best book out there that explains in detail how JPA works with some good examples. I found the book to be well structured and easy to read.
   
   I would recommend this book for anybody who is looking to work with JPA.



4. This book is a joy to read. Object relational mapping is explained in a very simple manner. What I like about this book is that it explains a certain concept and then immediately talk about the specific use-cases when that concept/design may not be the best choice. The authors then give excellent suggestions and alternatives.
   
   Very good reading material, simple examples used to explain complicated concepts. Writing style of the authors is also very engaging.
   
   A very good buy.



5. This books seems to achieve the goal it has in mind, that of providing the user with the information necessary to use the Java Persistence API. Unfortunately there are real problems in the execution of this book.
   
   A book like this should not only be full of examples, but it should be structured in such a way that it is easy for someone using the book to duplicate the examples on their own system. This book fails to do so.
   
   In chapter two we are promised a complete application using the new API by the end of the chapter. The source code is provided for the application discussed and it is a pretty good example of the API discussed up to that point. Unfortunately there isn't enough information for the reader to build and run the application on their own computer. There is no reason for this kind of omission this early in the book.
   
   The problems with the book continue as one moves on. I recognize that the target audience for this book includes only professional programmers of reasonable skill. I consider myself a very good Java programmer. That doesn't mean that I want to waste my time filling in gaps that should have been covered by a book I already spent my money on. It isn't any excuse for the omissions in this book.

5 comments about Collaboration Explained: Facilitation Skills for Software Project Leaders (Agile Software Development Series).

1. A challenge faced by any project leader is how to lead the team without resorting to a command-and-control management style. This book's essential premise is that the project leader can do this by fostering collaboration among team members. Jean Tabaka's Collaboration Explained is really two books in one. The first explains the benefits of collaborating and why project leaders need to foster collaboration among their teams if those teams are to perform at a high level.
   
   The second, and by far longest, part of Collaboration Explained is a compendium of techniques that will foster team collaboration and will help the reader become a more collaborative leader. Any reader will finish this part having learned new techniques. Nominally this book is about team decision making and so most of the book is about the various decisions teams make and how the project leader can ensure that the team makes the best decision. Covered are decisions about project requirements, estimates, priorities, vision, resolving conflict and more. Tabaka provides both general purpose advice that can be used in many contexts as well as very specific advice for each of the contexts or meetings she describes.
   
   This book is well-placed in a series devoted to agile software development. However, it is important to point out that the techniques covered here will be applicable to any team with any development process. Any project leader who wants to help his or her team work better together will benefit from reading this book.



2. Jean Tabaka has done a great service to Software Development. The highest cost meetings where everyone is attendance can be at least twice as valuable when well run and Jean gives us some great guides to make these fruitful. This is especially true with Agile methods that recommends frequent time-boxed meetings to evaluate plans, inspect them and adapt to the changing conditions our fast-paced environments introduce. I have adopted many ideas and have found them very useful. Finally, this kind of skill is what many technically trained people need most for creating a truly collaborative environment.



3. Jean Tabaka's COLLABORATION EXPLAINED: FACILITATION SKILLS FOR SOFTWARE PROJECT LEADERS tells how to build an agile project which fosters techniques for ensuring effective collaboration. Jean Tabaka has been studying and using agile environments since its early days: her guidelines and templates for project events cover all areas and aspects of methodology and application, applying concepts to business practices and special circumstances project managers face with their development teams. A recommended, real-world project pick.



4. I found Jean's book to provide a good introduction into team dynamics and fostering collaborative, self-empowered teams. She touches on topics like DISC and other personality studies. She offers some discussion on team evoloution (from formation to real high-performance).
   
   The 2nd half of the book has a lot of perscriptive meeting formats and agendas. It's helpful for individuals who are starting out with managing a team (or experienced team members who want to refresh on the subject).
   
   The only reason I didn't give this book a 5 star is because while it's generally informative and easy to read - I felt that it didn't offer as much value for it's price. A good majority of the book is templated agendas and meeting formats, there's a few sections on strategies within meetings (like how to handle someone not paying attention gracefully). I would of liked to of seen more in way of that for the price of the book.



5. I've been lucky enough to meet Jean Tabaka before I'd read her book. She's a very humble and knowledgeable lady, and you can see both of those attributes in her book about effective collaboration. It's probably heavy reading for some people. For the right kind of people, I imagine it's very easy to digest. If you're working on projects in a team, especially as a team leader or a project manager, it's a great book that equips you with lots of practices and tools that come in handy every single day. Even if you're not working in any of aforementioned roles, as a member of any team, it offers lots of gems worth digging for.
   
   Don't be daunted by the book's thickness - Tabaka's laid the four hundred or so pages well with a decent index and table of contents, making it easy to jump around to topics that interest you. I fortunately had a few hours in the airport and the plane to give me a good chance of reading the detail of the sections that interested me.
   
   A lot of the topics that Takaba covers are very relevant to any environment in which you're working and even more so in agile development teams where collaboration is key. I definitely relate to many of the stories that she talks about, littering the book and giving real examples of the tools in practice. It's well written and many of the models are useful straight away.
   
   There's a little bit of repetition - some of it probably because it's written in a way that allows you to digest chapters on their own, and maybe so that it really lets the lessons sink in. It also talks about a number of topics that aren't directly related to facilitation though are still useful in their own way for setting a better context such as leadership and specific agile methodologies. In a way, a lot of the practices draw from many other disciplines and although not necessarily completely new, are presented in a very easy to digest manner.
   
   I'd definitely add this to my recommended reading list, especially for people who want to improve the effectiveness of their teams.

2 comments about ANDROID A PROGRAMMERS GUIDE.

1. Just received this book. I went over the first seven chapters and am very disappointed. The first seven chapters are nothing more than existing online material with some added textual embellishments. There are also a few chapters with sample code (some of which are from the Google samples) and a few might be original code. This is not recommended.



2. Contrary to what the other reviewer writes, I find this book very informative and not related to any Google help that is available since it is so scarce. This is a terrific introduction to the topic - well organized and well written. Bravo.

5 comments about Network Security: A Beginner's Guide, Second Edition (Beginner's Guide).

1. I am pretty new to the network security world. This book is a great guide to the very basic ways of securing a network. My main goal was to find out more about securing my network from outside attackers, and this book hit the nail on the head. I highly recommend it to beginners and intermediate network professional.



2. Excellent book at an introductory level. Not much technical. But gives a brief overview of most of the security terminologies . This is perhaps one of the best books to start with.
   - Anand



3. I originally bought the book because it was less than 10 bucks, and I wanted a good overview of network security. The book is written fairly well, but it's main focus is security policy and legal issues with a general overview of some network security technology.
   I have been in IT for around 6 years now, the last 2 I spent working on Military/DoD networks, so I already have a sound networking background. This book's intended audience seems to be aimed more toward the executive/management type who does not have much technical experience. I believe a better title for this book would have been "Network Security Policy Making: A Beginners Guide". If you security needs are more for creating sound policy & procedures this is a good for you, the more technical minded should seek elsewhere.



4. Hi,
   I am working in IT Securiy field , and was a fan of this book's first edition. He also did a great job for second edition.
   
   I was about to conduct a internal training class (Basic ITSec.) for my IT colleagues here and use his 2nd edition as primary source material.
   
   I have found no typo nor technical error in this book and the only negative point for me is that the "Hacker Techniques" & "Type of attack " chapters comes too early as they should appear after CIAA was disscused. Maybe this is the author's style to make this book more colorful but I personally think make learning experience in ITSEc. a little deviate.
   
   Still , this book is worth buying.



5. Also great reference book. It is not for someone who has already had a course in network security (except as a reference book) as it is a pretty low level book. It is easy to read and follow.

5 comments about OpenOffice.org for Dummies.

1. The book covers the major aspects of the software suite, but it really doesn't get into the details of the programs. For that, I recommend a Dummies book on the Microsoft version, since they don't have an in-depth book on the OpenOffice.org version of the software applications. For what it is, an overview of the suite, it is very good. I highly recommend it as a fantastic starting point. I paid a paltry $7 for the book, delivered. How can you go wrong with a price like that? Truth be told, I believe it would have been worth the cover price of $24.99. It is an excellent book to start with, but you'll want to dig deeper after you make it through this book. I hope the authors will consider making full-blown Dummies books for Impress/Presentation, and Calc/Spreadsheet, and the Writer/Text Document applications, too.
   
   I highly recommend OpenOffice.org to all non-profit organizations, as well as for-profit companies: save yourselves $200-$500, per computer, along with the upgrade/compatibility issues, and dump Microsoft. You will be glad you did. Cheers!



2. Pretty much of a getting started but does talk about many important points.
   Though I am very skilled in Excel, Open office is still irritating.
   I would buy it again.



3. All supplied material for review of this book said it was new and up to date but did not give the version number of Open Office that was covered. When I received the book I was frustrated and well into it when I found it was for version 1.1. The Open Office I have is 2.2. The data base portion is not even mentioned in this book. I found that I wasted a lot of time. If any of these books do not show the version number of the program they are working with I would not buy them!



4. Best book on the subject but spends a lot of time on stuff 90% of us will never use.



5. Should be more in depth....and along with another reviewer I would like to see more in depth books covering the individual applications...such as the spreadsheet and presentation applications....
   
   Have not had much time to read the whole book but I was not very impressed with the spreadsheet section.....although it is helpfull....I was hoping for more detailed and in depth help....

No comments about Software Testing and Analysis: Process, Principles and Techniques.

5 comments about Secure Programming with Static Analysis (Addison-Wesley Software Security Series).

1. I was an early technical reviewer of the manuscript and I'm thrilled to see that the book is finally in print so other people can get their hands on it.
   
   Brian and Jacob live and breathe this stuff, and it shows. If you're a developer or manager of developers and you're coding software that may eventually be run over the internet (that's pretty much 100% of it, right?) you should read this book!



2. Every software developer who has to write secure code should read this book. This book will tell you how to use static analysis tools to help you build more secure software. It's a great primer for software developers who are new to static analysis and for security practitioners who want to learn how recent advances in the field can improve their software.
   
   I reviewed an pre-release version. It's good stuff. It's well-written, easy to read, and tells you what you need to know without getting bogged down in the details. Brian Chess and Jacob West have a great deal of experience in this area and they do a good job of conveying pragmatic information you can apply in practice to improve your software.



3. Chess and West describe methods of building security into your coding projects. As an integral part of the development process. There are tools out there which perform the static analysis described in the text. These are far removed from the early tools, which the book correctly describes as glorified grep. (That is, they were merely fancy parsers.)
   
   The tools are not definitive, as you are cautioned. Often, their greatest virtue can be to point out source code that should be subject to manual scrutiny. In a large code base, of hundreds of thousands of lines, this can be invaluable assistance.
   
   A quick comparative summary of various bug and security tools is also provided in Chapter 2. Specifically, figure 2.2 is a nice qualitative summary of these tools.
   
   Various chapters of the book deal with problems also covered elsewhere. Like finding buffer overflows. Especially with string logic. While the Web also is now a source of weaknesses in web applications that are weak in input and output validation. You have to carefully filter anything that you solicit as user input on a web page.



4. If you are an architect who really serious about building security to your large-scale applications, then this book would offer only a hello world to security. All you find is a full-blownup security chapter "Part 1 and 2" for Standalone application applications beyond that nothing but google-able content. The worst is Part III discusses on web apps, XML web services security, privacy and privileged programs - poorly written and highly repetitive content. To the most disappointment, there is no chapter to show how to put-to-gether all these stuff in a real world enterprise application. I also noticed the book if has the same Java examples from the Java site. The chapter on Web services security is a joke, shows the authors lack of understanding on Web services security fundamentals. After browsing all the pages, I don't found anything that shows how to incorporate them in a working security architecture. The book also trying to promote a product, maybe this book is relevant for those use the author suggested products.



5. First. Full disclosure. I am an ex-employee of Fortify Software. Second. I was a reviewer of this book. That said... I'd say the target audience for this book is 50% of developers and all the tire-kickers who don't think static analysis is possible (let alone accurate).
   
   Why only 50% of developers? This is based upon one of my own heuristics when putting together (or working in large) development teams. i.e. 50% of the developers in the world shouldn't even be writing code, and, the world would be safer place if they weren't. Unfortunately they are. And, they need tools. And, one of those tools should be a static analysis tool focused on software security. I've only scanned a few hundred million lines of code at Fortune 500 companies over the past 5 years. And, the vast majority of that code proves to me that 50% of developers couldn't even write (compilation error free) a `Hello World' from scratch let alone find all of the cross-site scripting or buffer overflows in their own production code.
   
   The tire-kickers are the other 50% of developers (architects, lead developers, etc). They need to try; findbugs, FxCop, splint, and the tool on the accompanying CD of this book. Some will be too smart to use a tool like the one in the accompanying CD. They won't see the value in giving their developers a tool that simply checks for the obvious. They have the policies in place that completely eliminate the possibility of the other developers `introducing vulnerabilities' into the code base and/or `checking in code that breaks the the build'. Wow! ... Other tire-kickers are not so smart. (Again, full disclosure. I'd fit into that category.) The only question that I would hope to answer from reading this book is; If I give a tool as described in this book to my dumbest developer... will they be able to produce better code. I know the answer. YOU have to read this book.

5 comments about Ruby by Example: Concepts and Code.

1. Superb introduction to Ruby and important programming idioms that every Rubyist should know. Shows you a small chunk of code, with significant lines numbered, and follows the code with descriptive paragraphs that show you what the code is doing. In effect, you learn how to read the code as you go through the book, starting with basic material and getting more advanced as you go along. VERY nicely done.



2. 'Ruby by Example: Concepts and Code' is the perfect reference for anyone that wants to learn how to use Ruby, one of the hottest programming languages to come around in some time. With over around 300 pages of content spread across 45 examples, this book will give you all the basis you need to go from a non-Ruby user to someone writing good code immediately!! I think that the No Starch line has some of the most unique layouts you will find from any publishing line. Chapters are usually broken up into small manageable chunks that make it easier for the reader to actually learn and dissect the information they are taking in, fonts are clear and concise, and it's just an enjoyable easy read all around. While this may seem low in importance I don't think that's the case at all. Especially for a book where the user base is someone new to a language, environment or tool, I want a book that is easy to learn from, fun to read and makes me actually want to LEARN and look forward to the next chapter(s). If you want to learn Ruby and build on your development skillset, pick up this book and move to the fast lane!!
   
   ***** HIGHLY RECOMMENDED



3. Ruby By Example seeks to teach Ruby by introducing a series of small scripts, explaining how they work, often by showing some examples in irb, Ruby's interactive shell, and reinforcing the explanations with some suggested modifications to the script to highlight the principles just expounded. The closest examples in other languages I'm aware of are Dive Into Python and (to a lesser extent) Wicked Cool Perl Scripts.
   
   This is a very nice idea, and there are some examples that are a cut above the usual fare: chapter 9 includes a Bible Code generator, and an implementation of the 'methinks it is like a weasel' sentence natural selection program from Richard Dawkins' The Blind Watchmaker. There's also mention of memoization, profiling and benchmarking, the Schwartzian transform for sorting, and even Symbol#to_proc. There's also quite a gentle introduction to Rails, which is probably sufficient for someone new to Ruby and Rails to move onto Ruby for Rails.
   
   However, the execution isn't always perfect. Probably the biggest downside to this pedagogical approach is that there's not really one obvious place to describe how a particular feature works in depth, or the focus moves away from its practical use in a script. As a result, many of the explanations are compressed. Chapter 1 provides a 'crash' description of object orientation in 9 lines. Chapter 3 first mentions hashes, but compares them to functions, and not to arrays. Tail recursion is defined in a 4 line footnote in chapter 7. If you already understand these concepts, you'll be fine, but they won't teach you anything. If you don't, they aren't very helpful. At a couple of points the book also insists that everything in Ruby is an object, but code blocks (among other things) aren't until they're wrapped in Procs. For the more functional-esque techniques advocated in the book, this is a subtle point which could trip up a beginner.
   
   Also, some of the examples are weak. Chapter 4 rushes through regular expressions, using them to compress whitespace, but why not also mention String#squeeze? Chapter 5 uses regexes to deal with XML and it gets the job done, but advice on using a real XML parser might have been more useful in the long term. Chapter 6 contains a truly contrived Buffy the Vampire Slayer-related example.
   
   This isn't a bad introduction to Ruby, and it's a very admirable attempt to do something different, but I wanted to like it more than I did. If you already know some object oriented programming, this could make a good companion to a more tutorial-style book, like The Pickaxe.



4. If you want to learn Ruby quickly and you can only afford to buy one book to do it with, this is the one I would buy! It has interesting little projects with well documented code which introduces you gradually to more advanced topics in the language. It is not a cookbook, but rather, a very well picked selection of programmes where new concepts are thoroughly explained and older concepts are reinforced. There are "hacks" to just about every script and I was able to learn more from this than I did from grinding through the Pick Axe. Amazingly, now when I pick up the Pick Axe it seems accessible!
   
   Well worth the investment!



5. The book came very fast in the mail. It was new in quality. I am able to teach myself Ruby from the book.

5 comments about Cost-Based Oracle Fundamentals (Expert's Voice in Oracle).

1. This book gets a prized spot on my technical shelf. It is a challenging read, and has taken the most time of any book I have to get through, but it is quite good. The optimizer is such a core part of what makes Oracle worth the investment, that any DBA who does not understand it is doing a disservice to the company investing such capital into the product.
   
   Lewis' use of proof through example is second to none, and leaves me feeling confident about the knowledge I've gained. His insights are not only theoretical, but quite applicable. I learned much about manipulating and using the DBMS_STATS package, about data model design and why data knowledge is so critical to the DBA.
   
   My nervousness about hints and about upgrades was reinforced with concrete examples that have improved my test plans, upgrade methodologies and overall made me a more competent DBA. I've directly used this knowledge to support my clients in better ways than I would have before it, and that is well worth the price of admission and the time to get through such an in-depth work.
   
   Thanks Jonathan!



2. Each quarter my team of DBA's has one book that we read and discuss in team meetings. This quarter, Cost-Based Oracle Fundamentals is it. This book is a wholly remarkable book for the moderate to advanced DBA. It is a deep dive into the Oracle optimizer, providing some wonderful insights into not only how it works, but why. It is not a book for the faint of hart, or those waiting breathlessly for retirement. It is a book for those who want to understand the CBO in more depth.
   
   Within the book, Jonathan provides insights into how the CBO *should* work. He follows up often by demonstrating the maturing (or devolving as the case may be) of the CBO from version to version. Beyond his own experimentation and results, he leads the reader into the process that he has followed to come to understand the internals of the CBO, providing a road map allowing the reader to continue to explore the optimizer in future releases.
   
   However, I must take Jonathan to task, for he is a nasty tease. This book was released about two years ago. In it, he leads us on with promises of forthcoming volumes 2 and 3, dangling the carrot out there for us to follow. Sadly, these volumes are yet to be seen. Jonathan! Quit running to and fro filling our heads with knowledge at various conferences and write those books man!
   
   A caution for the new DBA or the cursory SQL developer, you may find this book overwhelming at first glance. For the new or even intermediate DBA, it might be hard to derive practical application of what Jonathan is teaching at first glance. Take your time with the material and the insight that you will gain will be invaluable.
   
   Overall, if you want a book with meat, then this is the book for you. It will expand your mind and the way you look at the Oracle CBO.



3. It doesn't mean you won't love the book. I found it to be far too narrow and, even as an Oracle OCP, boringly written. That may say more about me than it does about Jonathin Lewis, who I know is brilliant and has written brilliant stuff before. I just didn't get as much out of it as I thought I would.



4. Jonathan Lewis has perfomed an invaluable service to the Oracle community. He doesn't just offer opinions of how the CBO makes decisions from his vast experience. He also offers the scripts he used to verify behavior of the Oracle CBO. This equips the user to replicate Jonathan's work with newer versions of oracle and adapt the scripts to your circumstances.
   
   Dennis Williams



5. This book contains a wealth of information about how to evaluate and test the Oracle Cost Based Optimizer. Jonathan presents the material in a very easy to follow style. All the examples and scripts that he provides work as written. I would highly recommend this book.

No comments about Practical API Design: Confessions of a Java Framework Architect.