Computer Science Books

I have been an information assurance professional for over 40-years. This is the only book that ties it all together and provides so many additonal bonuses that you cannot go wrong for the price.

What I found best about the book:
1. Great price for all the pertinent and up-to-date information, including references and URL's,
2. Complete, concise, focused; no wandering down memory lane,
3. A great study reference guide in preparation for the CISSP examination (I used it, I took the exam, I am now certified as an Information System Security Professional),
4. The book will be a solid reference for years to come,
5. The author knows her subject and presents it in such a logical manner that it is impossible not to grasp the concepts presented.
6. Can use the author's web site for this book so that you maintain your currency (who else offers this?),
7. If your on the security profession career path this book is mandatory, and
8. Where in the hell (heck) was this book 10-15 years ago.

I am the network manager at a mid-size Chicago company and have been tasked with the job of developing a formal security infrastructure for our organization. I have read many of Mandy's InfoWorld articles and eagerly awaited the release of this book. Needless to say, I was not disappointed. Surviving Security is a great resource for understanding the components of a security infrastructure, how they fit together, and how to analyze and select the best approach for your environment. She covers all the basics (security policies, firewalls, IDS, remote access, OS hardening, network architecture, etc.)

In addition, there's a great chapter on authentication techniques. She also discusses the issues most people forget or do not really think about until it is too late: keeping up-to-date with patches, monitoring systems and logs, creating incident response teams, developing secure applications, etc. Most sections have "For More Information" boxes that give resources (books, websites, etc.) where you can go for more detailed information. I thought these were a great feature. She provides insightful information and commentary based on her experiences and then refers you to places where you can find more information. This book does not try to be all things for all people.

The companion website is a great way to keep the content up-to-date. As long as the author keeps the information and links current, this will be a good resource for security information. The product reviews give an independent, third-party opinion that is sometimes hard to find.

For those looking to develop a complete security infrastructure, this is the book to read. Surviving Security gives you an excellent "big picture" look at security that I have found lacking in other security books I have looked at.

Surviving Security is a really good book for someone needing a thorough introduction to information security.

The book covers all of the most important security technologies and processes. After completing the book, the reader will come out with a good understanding the components of an information systems security infrastructure.

All of the chapters contain loads of valuable information. Two extremely valuable sections are (Page 358) ýSample Audit Checklistý and (Page 399) ýAssessing Your Needsý.

The Sample Audit Checklist contains over 30 pages of technology items that require security. Assessing Your Needs details all of the items required for an effective incident response team....

For those people needing an effective and easily readable reference about computer security, Surviving Security is an excellent resource.

Thousands of years ago, a geometry teacher informed his royal subject and student that there was no royal road or shortcut to the understanding of geometry. That statement also holds true for computer system security. Like the steps in a geometric proof, any shortcut taken in security has the potential for invalidating the entire structure. Furthermore, developing a sound security policy requires that many of our deeply held social and legal attitudes be set aside.
In the American legal structure, any person is entitled to the presumption of innocence until their guilt is proven. However, to create and maintain an adequate computer security policy, everyone must be assumed untrustworthy until it has been proven otherwise. This creates an enormous potential for hard feelings, leading some to bypass the controls as a form of protest. Sound security policies also erects barriers that often reduce the efficiency of everyone accessing the system, creating an ongoing dent in the company bottom line. With all of this social, technical and economic baggage, it would appear that constructing an effective security system would be impossible. While constructing an impenetrable system is impossible, one can always reach a best possible level, and you see how to do it in this book.
All of the problems in computer security, from the initial meeting to regular audits are covered in this book. As the title implies, the emphasis is on the integration of the many parts that interact to build a secure system. Knowledge of human psychology is important, as the users must be treated with an iron fist wrapped inside a fuzzy velvet glove. The coverage is thorough in the broad sense, but shallow in the depth sense. This is not a criticism, just a statement of fact. Each section has links to resources that provide the depth of explanation that may be needed.
Security puts another level of complexity on top of the very difficult task of writing software that works. In the past, getting software to work took priority over getting it to work in a secure manner. Those days are gone and it is very difficult to conceive of any scenario where that will change. No one knows when it occurred, but several years ago, the cost of paying for security fell below the cost of repairing the damage caused by lax security practices. To get on the right side of this critical curve, read this book and follow the advice.

One of the few technology books that is actually under-priced based on the value you'll get from it. Content is very good and it's an easy read. You don't have to already be a security wiz to understand. There is also some unique treatment to process issues that I haven't seen elsewhere... Highly recommended.

That's an exciting and useful book in all synthesis manner: almost no gate-level circuits inside, as in modern EDA tools it don't need to.

A lot of algorithms (eg. log, sin, sqr...) which is beyond fast adders or one-cycle multipliers that can be easily found in many DSP hardware books. In fact, we make and sells a DSP state-machine chips in almost a million pcs that certain arithmetic circuit blocks is inspired by the book.

This book is quite original in its presentation. The selection of implementations is of interest.
The theoretical foundations are sound and presented in a well organized way.
The applications cope with the actual technology: especially in what concerns programmable devices.
It is a good book for advanced students and a must have tool for the professional designer.

In the part dedicated to general algorithms, very interesting new presentations or generalizations, made this work attractive at the theoretical point of view. Extensions of booth algorithms and generalizations to base B operation make the work innovative at the mathematical point of view. At the implementation level there is very good and innovative ideas towards special applications in FPGA (mainly Xilinx oriented). It would have been desirable to cope with some other technology, but the book may be considered self containing anyway.

The presentation of arithmetic theory and applications is innovative. Some of the topics are inedited; they present new approaches for both algorithmic and implementation aspects. It is a very interesting reference book for what refer to computer arithmetic in general and special purpose arithmetic circuit in particular.

There's a lot to like here. It goes over all the low-level stuff you could hope for, including creative number system, carry-lookahead, Booth encodings, and SRT division. It addresses some of the needs of crypto people, with discussion of finite-field arithmetic. It even gives enough intro to residue number systems for the desperate developer to gain a toehold - 10,000 digit addition or subtraction can be done in a few-digit time, as long as the expense of getting into and out of RNS are amortized.

That's all good for someone who can't trust their synthesis tools for good carry chains, or for someone headed way into the weirdness. The ranges where I live get distressingly little attention. If you need a dot product of two vectors, this will do a great job on the multiply and add steps as long as you can work out all the pipelining implications for yourself, but those were never the problem - it's the parallelism (how many multiplies can you run? how deep is your adder tree? or do you have something better?). It's the memory bottleneck (what do you mean you read "a word" from memory? I want 100). It's the numbers that number-crunchers use, i.e. IEEE 754, which get a moment of mention at the beginning and at the end. Those start turning strange with NaNs, signed zeroes, and denorms, then go totally off the rails when things like Intel (not always IEEE) compliance arise from the deep.

This could be a good text for a mid-level practitioner or student, fluent with logic design but blissfully ignorant of numerical analysis. If that's your trajectory, you'll spend some amount of time where this book lives. Then you'll advance, and it will no longer serve you. That's not a criticism, since every level has its own needs, but the prospective buyer should weigh needs to be met against needs that this meets. Not all readers will find a match.

-- wiredweird

This book has a great knowledge of all things computer related, DOS, WIndows, Hardware, and more.

It is an awesome resource for all people who work with computers. It has great DOS, Windows and hardware information, and more. It is like a bible to me.

While this is a very good reference, it leaves a lot of room for disappointment. Perhaps its time to replace the resistor color code tables with summaries of the IEEE and ITU standards, certainly something more needed in the 2001 world of PCs. When was the last time anyone changed a resistor in a PC other than at the component manufacturer site? And it doesn't yet contain a power supply wire color code, which would be far more useful than resistor codes. There is info on Win98 but not on Win2K or ME (or even NT). The processor and socket list is hopelessly out of date. Fixed disk drive lists are way behind the times with only the most minimal information to help keep the confusing IDE/SCSI/EIDE PIO 1/2/3/4/5 ATA33/66/100/133 drive, BIOS, MB chipset and cable standards straight.
This is a good book for troubleshooting, repairing and maintaining the older PC, but it is not even treading water well in a world of P4 or Thunderbird processors, multi-gigabyte drives or 400Mhz RIMM memory. Still, I have to give it four stars (would be 4.5 if Amazon allowed) because there simply is nothing better out there except keeping file folders full of manufacturer specs, white papers and web page printouts.

I am a 14 year old and have usued this book to help me build everything from forts to computers, it's GREAT and I would recommend it to everyone!

When I first open this book I thought I was looking at an larger copy of the Pocket PCREF, after reading through it I found that while most of the information included is exactly like the Pocket version there is was more information included.

Large in size and over 875 pages, this reference book includes everything in the Pocket PCREF plus a very extensive glossary, printer control codes and a much larger pc phone directory. Overall a much better value that the Pocket PCREF book.

The material covered is broken down into categories and each category is covered well. The authors take a great deal of time in making sure the information presented is accurate and well documented. For the money this might be the one to have on your desk.

While this book won't fit in your back pocket, it will fit very nicely in a briefcase. An excellent value for the dollar. You might find similar books on the market, but you'll be hard pressed to find any one better. Well Done Sequoia Publishing.

THIS WAS A SWEET BOOK! . Must read. 2 thumbsup. THRILLING. I recomend you read the first two books and the last who knows how many after that!

I don't have much to say about this book accept that it is AWSOME and a MUST HAVE if you like this series or John Peel, the author. I haven't read the 5th book - MELTDOWN - yet but out of the first four i think this one is the best. I look forward to reading MELTDOWN and can't wait to read other books by John Peel.

this was a great book in john peels (fear the year 2099) series. I dont think this was the best bok in the series. But it still was a great book

I just finnished reading this book. I loved the first two so I decides to try this one out. I was amased that this author can write so many good books. This book is his most thrilling and cool yet. I got this book from my teacher at school in first period. I kept reading this book through homeroom 1st period 2ed period 3ed period till finaly my teacher told me to put it away. Lucky for me she did not take it away. At lunch all I could do was read this book. I complettly forgott to eat lunch. Tristan has the most exciting adventure in this book than in any of the other one I have read. He team up with Genia and they try to break out of the "Ice" do they make it?how do they make it? Read this wonderfull book to find out.

Tristan has been wrongly accused of setting loose the deadly Doomsday virus. Now he's in Ice -- the only prison in the world, in the cold and treacherous Antarctica. Surprisingly, a punk rebel girl named Genia, is in nearly the same situation as Tristan. She makes several shocking discoveries about herself in Ice, and storms into action trying to escape. The two may not be friends , but they realize if they're going to get out, they're goinig to have to be on the same side. Can the impossible be possible?

First, it's a very clear example of how to extend UML within its own rules for extension. Other authors need more than raw UML gives, so start adding cruft any way they want - wrong! UML was meant to be extended and has explicit points at which extension is allowed. This shows extension as it's meant to be done.

Second, it is a worthwhile application area. Frameworks have been around for years, important all out of proportion to the relativley small number of them and relatively small number of framework developers. Framework development deserves attention as a specific discipline, and it's good to see this kind of attention being paid. The authors have chosen parts of well known design patterns for examples, keeping the ideas readable and understandable.

Best, it doesn't try to pull the entire UML standard into the discussion. To tell the truth, if I printed out the whole set of UML standards documents, I'm not sure I'd be able to lift the pile. This uses a well-chosen subset of the standard, but still lets the afficionado use as much more of the standard as desired.

Still, it's just notation. It's a set of tags for making statements about frameworks. The book doesn't really go into the design of frameworks. Framework design appears to be a premise, something the reader already understands well - perhaps not a good assumption.

The real problem with this notation, though, is that it is barely useable without tool support. It's based on sets of tags, which refine other tags (using something like inheritance), which refine yet other tags. Looking at tag A, though, there is no way to know that it refines tag B. Nothing about the tag indicates its family tree of inheritance, or even where to look for the information. Also, the UML extension mechanism for tags appears not to have dealt with global uniqueness at all. Nothing prevents me and you from coming up with the same tag names independently, then causing collisions for our common customer. XML deals with global uniqueness fairly well. If XML conventions are compatible with UML, they should be used - if not, UML needs to create conventions.

On the whole, this is interesting and informative. It's nearly impossible to put to practical use without significant automation, however, and that automation is not available to me.

This book gives a fairly good insight for expanding the concept of UML designs and notations for more practical framework approaches.

This is a excellent book, since it provides good examples in how using patterns, frameworks and UML in practice.

This is a great book! It gives a good insight into Design Patterns, Framework, Components and UML. It is especially useful as it provides a good and practical explanation while combining these concepts.
I have always been into Design Patterns, Framework, Components and UML. Although still missing some points when mixing these concepts. This book definitely provides a good clarification as it goes further into these OO concepts.
In a whole, it's a book worth studying carefully.

Whenever I read about a new UML profile for something, I wonder whether it will be really useful and also usable. Well, the UML-F profile presented in this book, happens to be both -- useful and usable, for framework developers and users, but also for people interested in frameworks, patterns and OO in general.
It is a very good, easy-to-read book (contents and style):
the authors grasp the reader's attention from the very beginning, with motivating examples and good explanations.

This is a really good, but theoretical, in depth book on the fairly new subject of VoIP security. It is in places deep technical - not the kind of how-to-approach-the-problem type of book, but really describing in detail how things work. The reason why I picked this book was twofold. One, it really focuses on VoIP *security* - as opposed to many books on the subject that handle security or VoIP, with only one or two chapters on VoIP + security. Two, it is in-depth and detailed.

Concerning the `in-depth' part, clearly it is. The style is dense, compact, almost academic. No pages of listings or screenshots - just a factual approach: I personally hate those 800 odd pages manuals full of listings, too large font, giving the impression the author is getting paid by the page...

The objective of the book is to give a clear insight in `how it works'. It is clear that Mr. Johnston is a protocol oriented person, and quite a few things are explained and approached from that perspective. It will clearly help you in designing and architecturing a VoIP deployment, but remains theoretical. Do not expect being able to actually configure an Asterisk or other vendor product. But do expect to have a clear view on what matters and what does not, from a technical perspective. In my view, it targets solution designers, VoIP architects, to some extent the technically oriented CSO, but not so much the engineer.

Chapters 9 and 10, Signaling and Media security are really tough reading: I had to go about 2 to 3 times through them! It's not that they are not well written, but the subject is really complex, and, given the style of the book, these chapters go in quite some detail. They are followed by two interesting chapters on PSTN Gateways and Identity handling. One thing I'm missing is a chapter on Session Border Controllers - possibly these are really too new, and the authors didn't want to venture into something so new it may change and obsolete the book too quickly.

Overall, the book is well edited, with no irritating typos - as we see in too many books today. It is compact and easy to handle. Each chapter contains plenty of references to related publications: what you'd expect from any serious college textbook.

The good:
- Dense, concise, precise, detailed, complete
- Product independent - a theoretical book
- Good, no-frills publishing with no pointless screenshots and the like

The not so good
- Some parts are really hard to follow
- Nothing on Session Border Controllers, but that seems to be the only missing point.

As a CTO of a software technology company in the middle of a VOIP project, I found this book invaluable in our research. There are very few books/guides/articles that talk about VOIP security and I believe this is huge thing to consider as you launch a VOIP network in your facilities or work with the protocols. The other book I read was not nearly as technical or complete and some issues defied standard communications standards which I believe were inaccurate.

I can see from the writing that the authors bring complementary knowledge to the table. One being a data/internet security
expert who considers voice "yet another stream of data to protect" and this agnosticism is IMO a good thing because it brings voice into the IT security realm in many enterprises. The other author is a voice and VOIP standards expert so he is able to call attention to the voice and voice protocol specific issues.

The book utilizes many easy to read real world scenarios that lighten the material and distinguish it from being just a reference book on protocols and standards. These scenarios often incorporate well laid out diagrams and pictures that really help you understand what's happening.

If you are investigating or implementing VOIP networks, I definitely recommend you get this book and read it cover to cover.

I picked up this book because I needed to know a few specific things about the security of VoIP systems, and discovered that it's not only a good source of information about VoIP security - it's a good source of information about IP network security in general. We're moving all these applications to IP/Internet, and we need to know what that means for security at the IP/Internet level, not just for voice but for all of the other applications. Putting Alan Johnston, with his expertise in SIP and VoIP, with Dave Piscitello, who is an expert in security, has produced a major win. "VoIP folks" and "security folks" will both want to read this book.

VOIP - the next big thing in network communication? Or a security disaster in progress? My money's on the latter, so I was happy to be able to read through this book. It has a lot of useful background material on security and security technology, and then ties it into VOIP and the current implementations of the VOIP suite. The authors don't exactly come out and say it but the situation for VOIP looks a bit grim - security kludged on as an afterthought largely by layering atop TLS and the non-existent non-functioning public key infrastructure.

I found the book to be interesting an informative, and will recommend it as a reference to any of my friends who are so unfortunate as to have to deal with securing VOIP.

mjr.

Now, VOIP security has been talked about for a few years; it started even before organizations started to deploy VOIP in greater numbers. Many folks like to say that "VOIP security is a disaster," but usually they don't explain how or why.

Dave Piscitello does. In his excellent book ""Understanding Voice over IP Security" he provides excellent coverage of both VOIP technology basics as well as internet security fundamentals (which are admittedly more useful to the security beginners) Then he fuses the above information into a comprehensive coverage of VOIP security issues, from protocols to call fraud.

VOIP and NAT? Security analysis of SIP protocol? VOIP and honeypots? PSTN gateway security? Public VOIP vs private VOIP? Is VOIP spam inevitable? Yes, all those and much much more are covered in the book.

On the negative side, I had to skip through some of the security basics (yes, even a castle metaphor is there ...), but I am conscious of the fact that such content is indeed useful to people with networking background. At the same time, some of the esoterica of phone networks was completely new to me and thus exciting to read.

I enjoyed the book; I liked that it is written to be useful to both security folks - who need to learn about VOIP - and network folks - who often need to acquire better security education.

Dr Anton Chuvakin, GCIA, GCIH, GCFA [...] is a recognized security expert and book author. His current role is a Director of Product Management with LogLogic, a log management and intelligence company. A frequent conference speaker, he also represents the company at various security meetings and standards organizations. He is an author of a book "Security Warrior" and a contributor to "Know Your Enemy II", "Information Security Management Handbook", "Hacker's Challenge 3" and the upcoming book on PCI. In his spare time he maintains his security portal [...] and several blogs.

The book is excellent. I used it and understood it very easily. I would recommend it for anyone desiring to learn Microsoft Access.

Enjoyed using this book a lot! I would reccomend this book to all of my friends and neighbors.

Great book for a novice or one with more experience. Answered many of my questions quickly and easily. Highly recommended.

Great book for MS Access XP. Well written.

Well written with excellent illustrations. Easy to follow and excellent for anyone learning Access.

This is a courageous and insightful book which should be required reading for all Big-5 accountants. Westland shows how the breakdown in accounting's ability to deal with the new economy undermines investment decisions, and fosters an environment of skepticism and deceipt.

Dr. Westland's book Valuing Technology provides unique explanations for the dot-com bubble, and for the chaos in tech markets. Both this and his sequel, Financial Dynamics offer important contributions to the study of investment valuation

This is an interesting book that helped me to understand why accounting and Wall Street have grown corrupt. Along with caveats, the author describes changes in accounting and finance that would help to improve the performance of the finance community in meeting investor's needs.

The book is written in an engaging style, and surveys current strengths and shortcomings in the tools of financial analysis when applied to technology stocks. At points, the mathematics are complex, but only as much as he needs to state his case. I think Westland's explanations of the way technology companies are different than industrial firms are accurate. They provided me with insights that I have not seen anywhere else. The book falls short in describing how to value technology stocks, which is a weakness. On the other hand, there is enough new material in the book to make it worth its price

This is a courageous and insightful book which should be required reading for all Big-5 accountants. Westland shows how the breakdown in accounting's ability to deal with the new economy undermines investment decisions, and fosters an environment of skepticism and deceipt.

First and foremost, this book has a definite audience: people who need to produce graphs for somewhat sophisticated audiences. This is not a book about producing graphs for mass marketing or other flashy arenas. While this point is implicit throughout the book, it is not often stated explicitly.

The biggest strength of this book, and what makes it worth the purchase, is Cleveland's discussion about the relationship between graphing and visual processing. We've all seen a thousand pie charts, for example, but it turns out that people are not good at visually processing pie charts. The way we process visually has implications for everything from line graph construction to color choices to deciding how to code data on XY scatter plots. Although this information does exist in other places, Cleveland brings it together concisely here. Some of the discussion can get a bit technical, however, so be warned.

This is a great first book to read to learn more about how to construct graphs, and it has enough references to point you to other sources if you feel you need more. I myself have purchased several other books about the visual representation of data (including Cleveland's other book "The Elements of Graphing Data"), but this is where I started, and the information in this book has enriched my understanding of those other books immeasurably.

Behaviour elucidation is done amazingly well. This book is even more powerful than Cleveland's "Elements of Graphing Data". Key words for what you achieve: incisive, powerful, salient behaviour eludidation. The principles of graphical perception from "Elements" are great (and themselves powerful) but this book invents and emphasizes yet more incisive visualizations. These new visualizations involve considerable computation IN SUPPORT OF CONSTRUCTING the graphs. But the GRAPHS -- and the behaviours they make manifest/salient -- are the point. As in "Elements", Cleveland is not just about the techniques as if they were rote procedure; he helps you build perspective too. This book, in a very real sense, (even explicitly so stated by Cleveland himself) is an alternative paradigm to the pervasive statistical inference paradigm. No wonder, then, that another reviewer (a Statistics student) learned so much he had never even seen before. Boy was "Visualizing" useful for a project I had on univariate data in multiple categorical groups (folding durability; 6 groups of data); Chapter 2 of "Visualizing" TRULY had me seeing things I NEVER would've otherwise. The book also guides you in the computations you need to get to the visualizations.

Goo

This book was recommended highly to me by a former university professor (and now consultant). It exceeds my expectations. The figures and acompanying explanations are very clear, as is the language throughout. Visualizing Data discusses several tools with which I was not familiar, and clarifies tools that I thought I understood (including box plots). I have taken several university statistics classes, but I believe this book would help anyone involved in displaying or interpreting data. A picture may be worth a thousand words, but when your business depends on it, a well-defined plot or graph can be worth much more. Visualizing Data enables you to produce well-defined plots and graphs with confidence.

Simply the best book of its kind.

Wireless Intelligent Networking is an excellent publication with rare characteristics: easy to read, well organized and extremely efficient in what concerns quantity and quality of information. Technical protocols, market trends, services deployment, integration, among other IN hot issues are thoroughly dissected in WIN. This is definitely an essential tool for anyone in the Telco business, saving time and money in training for beginners and helping experts on a daily basis. A "dot.safe" investment for any company in the industry!

The telecommunications industry needs a lot of standards and
detailed information for true inter-operability. So, no book
is going to be perfect in its coverage of the material - there
is simply too much information.

Having said that, I find this book to be an excellent way to
understand the issues associated with WIN. It provides the basis
for further study and points people in the right direction for
increasing their knowledge.

I use this book as a basic reference and recommend it highly.
You will not go wrong reading this book - whether you are a
wireless telecom professional (which I am) or not.

The book succeeds in presenting an inherently complex and multi-disciplinary subject in a clear manner with sufficient references to allow further study as needed.

The book provides a broad view of wireless networking, including financial, market, and technical views. The technical information is well organized and presented from more than one perspective. Rather than presenting volumes of minute details, architectural principals are introduced and illuminated.

This is one of the outstanding technical books that I have ever read. I would highly recommend it to experienced hands in the fields of wireless or wireline voice networks.

I would also recommend it to beginners with the following cavaet: this book plumbs some fairly deep waters, and does not delve too deeply into the related fields that are the building blocks of Wireless Intellegent Networking. SS7, AIN, PSTN architecture, and mobility management are all presented, but having some previous background (or somebody handy who can fill in details) would be a big help.

Wireless Intelligent Networking is an excellent publication with rare characteristics: easy to read, well organized and extremely efficient in what concerns quantity and quality of information. Technical protocols, market trends, services deployment, integration, among other IN hot issues are thoroughly dissected in WIN. This is definitely an essential tool for anyone in the Telco business, saving time and money in training for beginners and helping experts on a daily basis. A "dot.safe" investment for any company in the industry!

This is a unique book that compares the intelligent networking standards, the ANSI-41 and GSM. It not only provides useful technical information but also covers the issues pertaining to the wireless intelligent market. I would definitely recommend this book to anyone who is interested in WIN and CAMEL.