Updated reading list

Published Thu, Aug 19 2004 23:09 | William

Well, finally got a little time to get through a few new reads.  Two books come to mind.  Sort of switched gears this time and focused on stuff I only knew about marginally or stuff I didn't spend a lot of time concerned with.

First on the list was .NET Security and Cryptography  by Peter Thorstienson and G. Gnana Arun Ganesh. Now, at first I started to think that maybe the authors decided to be funny and use Tripledes to create some cypher text for Joe Johnson and that's where the second authors name was from.  But no, it was his real name.  Maybe I'm just a self hatinng American, but when I get a book on something with a lot of math in it, I definitely want to see some dude's name on it that I can't pronounce because, well, let's face it, “Japanese Men that are bad at math” or “Why Indian Men don't do well in Calculus” aren't titles of books that will ever be written in my lifetime.  I know, I know, Europeans are all better than Americans at math , and according to them, everything else too, but Europeans like ridiculing Americans a lot more than other people do so I don't want to slip in a compliment there.  So, I spent about 20 minutes trying to figure out how to pronounce 'Gnana' and couldn't do it, but that's fine b/c both of these dudes are total bad a33e3.  This book totally rocks and is very heavy on content.  I don't know, it was weird.  I can't really put my finger on it but they have a writing style that I haven't seen before.  Very direct. Very concise.  Very clear and yet even though some of the material is definite propeller head stuff, I got just about everythign the first time through. No, I didn't master it, but at no time did I feel like I was getting lost.  It does a really good job on crypto which is important but the stuff on code access security was what I really liked.  No - it wasn't better - both parts of the book are great.  I just have read about and used crypto a lot more so I found the code access security stuff more enlightening.  Then I felt like a total dumb a33 because I didn't demand minimum on any of the code I've written (please don't strip my MVP away for not realizing how stupid this was of me), but as silly as I might have been in the past, I'm all about security now.  Think about it --- if you don't demand minimum on your code, then you might get to a block that you don't have permission for, and blow up there.  Wouldn't it be a lot nicer to know up front that your code was going to fail?  Even if you want to eat the exception and let the user go on, at least you can tell them that they are in for trouble - as opposed to letting them find out 99% way through the thing and have them potentially have to redo something or worse - lose their work (sure, this last one should never happen if you handle the exception correctly - but you probably weren't expecting it if you didn't think to make the demand in the first place so chances are you aren't handling it correctly anyway).  This book totally rocks, it's wonderful - buy it!

Seeing Data: Designing User Interfaces for Database Systems Using .NET by Rebecca Riordan.  A long time ago, someone asked me about her ADO.NET Step by Step book in a newsgroup and I said something like “David Sceppa and Bill Vaughn have the two best ADO.NET books I've read, but Becky Riordan's book is pretty good too if you are just trying to learn ADO.NET”.  She read my post and, let's just say, that's the last time I'll ever call her Becky.  That aside, I really like her new book.  Addison-Wesley does it again!  now, you are probably thinking “Oh no, not another .NET UI book” because there are tons of them.  Chris Sells and Matthew Macdonald both have two killer books on the subject.  But this book is really different.  You get the vibe you are reading a philosophy book here, and it's written by a Philosopher sent down by Zeus to vanquish the demons of stupidity (and there are a lot of them in the software business).  So she'll talk about a concept and then demonstrate it in code. Lots of code, lots of theory.  All of it's good.  Remember, though that this book isn't about UI's per se, or drawing, it's about databound UI's.  She goes into depth here and although I knew  a LOT of it, I definitely found a few areas that she enlightened me on.  Her discussion of the currency manager, as well as integrating help systems justifies the price of the book alone.  But code stuff isn't what makes this booik great.  It's her “This is what users what.  This is what a lot of dumb know it all types in software development think users want.  Their ideas suck a33.  <Inserts proof>  This is what I think makes for a good UI based on user wants <Insert Proof>”  Then you sit back and go “You know, I wish I would have made that argument last year when my manager told me to make the commit button blink”  (At my last job, my manager actually threatened to fire me if I didn't make the “Submit” button of a windows forms application blink - and blink as well as switch colors from Red to White (our company's colors).  “  I lied and said I didn't know how to do it because it was a lot uglier than it sounds.  Anyway, as soon as I saw that AW press put it out I knew it would be good.  They didn't disappoint.  And Rebecca “Don't Call me Becky” Riordan ends up with another well done book under her belt.

 

 

Filed under:

Comments

# William said on August 19, 2004 11:58 PM:

Bill:

would it be possible to get you to fish out the ISBN's on the books you're referring to here?

I did a quickie search on our "local" shops and nothing, nada, zippo came up for Riordan or Sceppa..

cheers

# William said on August 20, 2004 12:02 AM:

nevermind that..duh...amazon has it!!

# William said on August 20, 2004 1:32 AM:

Brian:

Looks like you found it but not sure which book you're asking about. The Sceppa book was the ADO.NET core Reference and I have to come across something in ADO.NET that I couldn't get through with that book. Riordan's ADO.NET book is a Step by Step one, which is very good for one of those. I don't think they are really helpful if you're looking for more advanced stuff b/c the Step by Step method takes up a lot of space on thigns that beginners need by those with some familiarlity at all have probably figured out. It's a good book, it's just that it's probably best suited for people with very little ADO.NET Exposure.

As far as these two go though, the .NET Security & Cryptography book is something else .. the source code is available at www.objectinnovations.com/library/books/books_dotnet.html and although I definitely would suggest picking it up if you are at all interested in security, you can learn a lot from the code. I felt like a total dweeb thinking I 'knew' .NET Security which turned out to mean I knew 2 aspects of it. But by the time I read the point of "Make sure you demand minimum permissions on all of your assembiles or you may end up executing code that throws an exception b/c it lacks permissions...." and I was like....damn. So these cats are saying Demand minimum everywhere and I have done like two demands in all of my code. Sure, our stuff is in house but still, I was like crap - why don't I already know this. And it makes perfect sense - why let your code do something and only find out after the fact that it doesn't have permission? Why not know up front? You can still do whatever but at least you won't be surprised. Ok, I seem to be making a big deal out of that but it's because it's very typical of a small thing that I overlooked and only realized now. Should have been totally obvious. Actually, this is probably the first time I've seen it stated like that. Elsewhere it's been like "Code Access security: <Discussion>" but then the rest of the book never did one thing with it so you think "How important can it be" or "Oh yeah, that's cool but big deal". I mean, I knew to demand evindence of a strong name for my assemblies and look for the zone and all, but there's a lot more to it than that. Then you think someone could take an assembly you wrote, inherit from it and do all sorts of ugly shit, all they'd need is some code on your end that did something critical and a copy of Reflector. I've heard some real lame 'solutions' like "well, just make everythign non inheritable/sealed" and it's like wow, can you come up with a lamer way to protect your code. I mean, having a whole project with classes that you can't inherit from sort of, well, seems like something people make fun of VBA Programmers about except they aren't the ones saying shit like that. There's also like a really good discussion on digital signatures. I sort of thought I understood it all before. I really did. And maybe 2 years ago I did but I know sure as shit that I didn't when I started reading this. Don't claim to be an expert now by any means, but at least I have a much better understanding and I sure as hell know that '.NET Security' isn't something you just 'know' and that's it. It's definitely a complex area and every bit as in depth as say Remoting or ADO.NET.

Now, Rebecca's book is much different and it's really different in some Zen sort of way from a lot of what I'm used to reading. But it's not lacking in technical content. As a matter of fact, she's probably got the best discussion of databinding I've come across. There's also a whole bunch of little things that have always been frustrating that she 'solves' in here so it's like a great discussion on UI FAQ's which is pretty neat. I've still got my nose burried in the Security book but been flipping back and forth a good bit.

# William said on August 20, 2004 8:44 AM:

i knew she had that gui book coming out, but i was hesitant about picking it up (you know...yet another interface book...). looks like i'll be picking it up

thanks for the info!

# William said on August 20, 2004 8:52 AM:

Just the man I was looking for..... May I remind you that great responsibility comes with running one of the nets coolest blogs and I'm not referring to mine. As such, probably time for another laughfest aka new Caustic Phil Article.

As far as the book goes, if you're looking for info on data binding in particular, and pretty in depth manipulation of the BindingContext for instance, then this is it. It's focus is data bound UI's and this is the part the other UI books gloss over. There's only so far you can go with the subject matter, but I think she does a pretty good job with it. Just don't call her Becky

# William said on August 20, 2004 9:48 AM:

trust me man, i know i'm behind and owe you and others some posts!! however, my wedding is on september 12, and things are starting to get a little hectic around here. also i can't decide if i should write about requirements or the how microsoft access has single handedly destroyed software development as we know it

# William said on August 20, 2004 2:25 PM:

Totally understand - that's got to be a lot to be dealing with. My vote is for the Latter and how Access should be outlawed and anyone who speaks of its virtues should be hung. Yes, as much as I hate language snobs - I'm a shameless Database snob. SQL Server, Oracle, DB2 if at all possible - MySql or Postgre if you must - but never lamer dbs like Access - not if your app matters. I can test for null with IS NULL , I don't need IsNull to function in some wierd way atypical of everythign else just to test for it. Oh, no stored procedures but I can use an Access query to pretend like it is? Great. I don't even want to get started here but it's portentially the best topic you could write on.

Or you could go on about wedding planners, fiance's friendcs and stuff like that - it'd no doubt be popular but probably get you an early admission to the Dog House which isn't a lot of fun.

Best wishes on the wedding my man!

Search

This Blog

Tags

Community

Archives

News

My other sites

Cool Stuff

Book Stuff

Security

ORM

Data Access

Funny Stuff

Compact Framework Stuff

Web Casts

My KnowledgeBase Articles

My MVP Profile

Design Patterns

Performance

Debugging

Remoting

My Fellow Authors

My Books

LINQ

Misc

Speech

Syndication

Email Notifications