I found the “graphic guide” book concept intriguing, yet reading through multiple of them, I felt like they are more directories – pointers for further readings – rather than something I could use – while having little idea about the subject – as an introduction or overview into the subject.

This idea was further strengthened by Introducing Quantum Theory: A Graphic Guide to Science’s Most Puzzling Discovery. This one I found rather enjoyable and I think it gives a bit more of “human” face to the quantum theory – but also, I already had basic notion in physics.

Java Concurrency in Practice is an interesting book, which should be a must-read for anyone doing concurrent programming in Java (and in these days if you aren’t, you’re missing out on a whole lot of possible performance improvement). While some reader criticize it for the dense stile, it is hard to see how one could tackle such a complicated topic in simpler way (to paraphrase Albert Einstein: one needs to make things as simple as they need to be and no simpler). That said, the book definitely has the topics ordered from simple to more advanced, so even if you find the idea of reading the whole book daunting, you should look at the first couple of chapters at least. I would especially recommend chapter 3 (Sharing Objects) from part I (Fundementals) which should give a clear motive to everyone why they should be concerned by thread-safety and how they should reason about concurrent programs (I find that many concurrency errors occur because people have a naive and simplistic understanding of the way concurrency works on modern hardware).

Concurrent Programming in Java: Design Principles and Pattern (2nd Edition): The CPiJ book is much older, ancient even by computer age standards (published in 1999, compared to the JCiP book published in 2006). If also describes a much more manual, tedious way of doing things compared to the newer book. Also, it talks about the precursor of the java.util.concurrent package, since the package didn’t exists back then. All in all: if possible, get the JCiP book. If you already have the CPiJ book, it is a good introduction to the topic, however be ware that much of the advice is outdated and Java 6 (and even Java 5) contain better and simpler ways to perform the tasks described in the book.

I know, I know, I’m quite late to the game (Freakonomics was first published in 2005), but I still feel that this book deserves a review.

What I like about it the most, is the fact that it tries to teach critical thinking, a thing which is lacking these days. The book provides vivid and easy to read descriptions of investigative stories, similar to detective/murder-mystery books, about how seemingly distant events relate to one-another. Each chapter stands on its own and can be read-trough in a short amount of time. Where necessary, the book provides high-level description of the statistical terms (like regression-analysis), without giving the impression of “talking down”.

My favorite quote from the book is actually not from the book authors, but non-the-less I find it very fitting (and I’m sure that the authors agree with me, since they included it in the book :-)):

“We Associate truth with convenience,” he wrote, “with what closely accords with self-interest and personal well-being or promises best to avoid awkward effort or unwelcome dislocation of life. We also find highly acceptable what contributes the most to self-esteem.” Economic and social behaviors, Galbraith continued, “are complex, and to comprehend their character is mentally tiring. Therefore we adhere, as though to a raft, to those ideas which represent our understanding.”

I consider this book one worth reading. The only negative was that I got the “extended” version (which is not the one I link to) and I found that the “extension” was just some rehashing of the content from the book and from their blog. So get the real thing.

PS. Wikipedia says (so it must be true :-p) that a sequel is coming. I’m looking forward to it! Even if it will be half of the quality of the original (as sequels usually are), it should still be a great read!

Full disclosure: the links include my Amazon Affiliate ID.

To get the bad stuff straight out of the way:

• The authors define a very wide scope for the book in the introduction (something along the lines of “everyone should read it” – of course I’m paraphrasing). There is stark contrast however between this statement and the level of knowledge required to be able to understand the book, knowledge mostly isn’t covered in the book
• A large part of the book is monospaced textual content. They don’t use a typeface however in which you can easily differentiate between the letter l and the digit 1 (like Monaco), which makes many of the examples ambiguous
• The chapters have a certain feel of disorganization to them in my opinion, and frequently they seem to be more of a “tips & tricks” collection than complete whole. I assume that a large reason for this is the fact that the WinDBG commands evolved over time, so there isn’t a simple logic which can “decode” all of them (similar to the MS-DOS/MS Windows batch language). Still, a summary of the commands (in cheat-sheet fashion) would have been nice.

One positive aspect of the book is its low error rate. In fact I’ve seen only one error in the whole book (there might have been more, but not many more): a drawing shows the end of the SEH chain as being 0x00000000, while in fact it is 0xFFFFFFFF (the correct value is used however in the text). An other positive aspect is the thoroughness: after reading trough all off ~750 pages, you will get a very good idea about the capabilities of WinDBG and other related tools.

So would I recommend reading this book? If you want to use WinDBG (or other debuggers from the Windows Debugging Tools) yes, but only after reading at least the Windows Internals and an assembly book (I’ve heard that Art of Assembly would be good, although I’ve didn’t read it myself). It should have a warning sticker: for hard-core enthusiast only.

Full disclosure: the links in the post contain my Amazon Affiliate ID.

The book is structured into 26 chapters which cover every aspect of IDA, no matter how exotic :-). A word of caution: this book isn’t an “introduction into reverse engineering”. A prerequisite to reading it is at least some basic knowledge of the PC and the OS (things like CPU registers, memory addressing, paging, etc). For obvious reasons (like size limit – the book is already 500+ pages long) it is presumed that the reader posses this knowledge.

The chapters are well structured and can be read in a maximum of two hours by my estimation, so you could read trough the whole book in a month easily by looking at one chapter a day.

A very large percentage of what is described can be directly applied to the freeware version (4.9), and even more, the book contains a separate appendix listing the differences between the version covered in the book (5.2) and the freeware version (4.9).

An other positive aspect of the book are the warnings inserted in the correct places (when it talks about debugging malware for example), which is very important to avoid unpleasant surprises (like infecting the local network, having to rebuild your machine to ensure that it is not infected, etc).

I have very few negative things to say about the book and all of them are a matter of taste/personal preference. For example I feel that too little emphasis was put on the usage of shortcut keys and everything was presented by using the menus. Then again, shortcut keys can change from installation to installation, but the menus are always in the same place and you can easily find out the associated shortcut key. An other quibble of mine would be the usage of IDC (the built-in scripting language) despite of the existence of much better options like IDAPython (the difference between the two beeing – IMHO – wanting to kill yourself and enjoying your work IMHO :-)). Then again, IDC is directly available upon installation, while IDAPython (and its brethren) need to be installed separately (which can be difficult, especially if you are not running Windows).

So, should you buy this book? If you already have (some) RE knowledge and plan on using IDA (even if only the free version), the answer is a resounding yes. It will give you a big productivity boost, so it is definitely worth its price. Also, how can you go wrong if Ilfak say: “I wholeheartedly recommend The IDA Pro Book to all IDA Pro users” and displays it on his blog :-).

Full disclosure: the links provided contain my Amazon affiliate id so that I can give you more and more useful reviews (or at least buy myself some quality black tea :-)).

PS. You can find a sample chapter and further material on the site of the book.

I found out about this book from the (ISC)2 blog, where Robert Slade (one of the authors) has written about the intention to publish it freely and mentioned that an unauthorized versions was already online (you can still get the physical book from Amazon). After reading it from top to bottom in a couple of days, I’m convinced that this book should be read by anyone thinking about malware threats. For younger technical people (like reverse engineers, security / malware researchers just starting out in the field) it can give a great historical perspective. For less technical people who are preoccupied by this issue it gives a lot of bias-free high quality information, that can help them to make sense of the security messages with which they are bombarded daily. As I mentioned in the introduction, it should be a mandatory read (in my humble opinion) for journalists writing about malware issues, since the media can play a big role in raising the level of public understanding.

Some of my favorite quotes from the book were:

Q: What’s the difference between a computer salesperson and a used-car salesperson?
A: A car salesperson can usually drive, and knows when he or she is lying to you.

and

Jeff Richards’ Laws of Data Security:
1. Don’t buy a computer.
2. If you do buy a computer, don’t turn it on.

These also show the light-hearted tone the authors use, which makes the book an easy read. If there is one negative thing about the book, is its age, exemplified by the following quote:

Some vendors claim to receive reports of as many as 20 new viruses a week.

(the number of new daily malware variants currently is several thousand!). Of course there is nothing the authors could have done at the time of the writing to avoid this issue, but it would be really nice if an updated edition would to appear (either free or for pay – this book is definitely worth its money!). Some of the areas where the book shows its age:

• The focus on mostly the MS-DOS operating environment with some mention of Window ‘95. Currently the most widely deployed OS is Windows XP, so an updated edition should definitely include it
• Given its focus on MS-DOS, there is relatively little mention of the PE format (which was a novelty at the moment when the book was published)
• An other aspect not covered in detail in the book is the Internet as an attack vector (it talks about mass-mailing malware, but I’m referring here to things like security vulnerabilities, the browser as a platform, etc). Interestingly, during the last years the role of vulnerabilities has been deemphasized and more social-engineering type of attacks (which are thoroughly covered) seem to play a bigger role
• When talking about the motivation of the malware writers they talk about wanting to “show off”, but in the last years money has become the most important motivator for creating malware.

Even with all these issues (which are minor if we consider the big picture), it is a well rounded book which includes not only technical information, but other, related (and relevant) information (like law, ethic, etc) which manages to create a holistic understanding of the issues surrounding malware.

Two thumbs up!

Update: added my Amazon Affiliate ID to the links. I might as well get a few cents

• from the taint.org blog / Geeking with Greg: Introduction to Information Retrieval – very interesting with contributions from real practitioners
• from the all about linux blog: Ubuntu Pocket Guide and Reference
• from the all about linux blog: Open Source E-Books for Linux (a large collection of them)
• A collection of usability guides for GUI designers
• from the Lightweight Linux blog: Linux Kernel in a Nutshell
• from the Lightweight Linux blog: The Linux Cookbook: Tips and Techniques for Everyday Use
• Wikipedia: The Missing Manual – I already mentioned this, but wanted to have a complete list in a central location

Image taken from ailatan’s photostream with permission.