Centro Cultural São Paulo Library

2020 Book Review

As in the book review for 2019, the list for 2020 includes only the books that I’ve read from cover to cover or at least finished reading the parts I’ve committed myself to read. There are a few books I’ve abandoned for a reason or another. Then there are a few others I haven’t finished but intend to resume reading. The latter group may end up in the review for the next year.

Also as last time, the book cover images below are affiliate links to Amazon. If you click on them and buy anything over there, you won’t be charged anything more than their normal price, but I’ll get a little commission.

That being said, most of the books I buy these days aren’t bought from Amazon. I mostly buy books in electronic form if it has PDF as one of the formats available. That’s pretty much most of them as most publishers now-a-days have web stores and sell e-books in two or three formats: epub, PDF and mobi – the latter of which can be copied over to Kindle devices. Having a book in more than one downloadable format gives you flexibility, portability and prevents you from getting locked into a particular ecosystem.

The exception would be for books from O’Reilly. They’ve stopped selling e-books directly from their site apparently in an effort to arm twist their customers into subscribing to O’Reilly Learning. The only place I’ve been able to find their books in electronic format is when from time-to-time a themed selection of their books goes on sale on humblebundle.com.

Webpack for Beginners

by Mohamed Bouzid

As part of my interest in PWAs, I’ve invested the earlier part of 2019 ramping up on modern web development technologies and although I knew that sooner or later I’d have to take a look into bundlers, the topic was still some items away in my to-do list.

But in January 2020 I offered myself to do technical reviewing for books on topics I had an interest in: Linux, client-side web development, Azure, and .NET. I got an offer to review this book about Webpack and it was a nice match as the book is laid out as a tutorial and I was a true beginner on the subject.

As the pesky reviewer I am, I followed each and every instruction contained in the book making sure each one worked as described and gave feedback where it occasionally didn’t.

Beyond that, I gave feedback on a few parts that I thought needed clarification, other parts that seemed repetitive, and other parts that seemed to get into too much detail on topics that in my understanding were pre-reqs before someone would be interested in using Webpack itself. All in all, I hope my humble feedback resulted in a better book.

Sudo Mastery

by Michael W Lucas

Despite having bought my first Mac in 2010, it wasn’t until 2014 that I first tried to use one for development purposes. Alien to anything derived from UNIX, I followed closely any instructions I could find for installing the necessary tooling only to hit some error for which the solution proposed by forum users typically involved using sudo to run commands that in some cases the documentation or software packages themselves warned against because of the security implications of doing so.

Not taking the time to step back and learn the basics of the UNIX world was certainly sudomasochistic as I probably spent more time than necessary trying to troubleshoot issues due to improper permissions and/or opening security holes that wouldn’t be there if I had a clue of what I was doing.

Fast-forward to April 2020, I’m pretty much comfortable using a Bash terminal to accomplish day-to-day tasks and although I have an understanding about the differences of running as root versus an unprivileged user, I still don’t understand the specifics of how sudo does it magic.

Enter Sudo Mastery, a book that teached me everything I ever wanted to know about sudo and then some more. Answer to questions such as:

  • What accounts for the differences in sudo.conf between Ubuntu and CentOS?
  • On a system with shared administrative responsibilities, what would be gained by implementing sudo policies, instead of sharing the root password among different sysadmins?
  • How to delegate tasks to other users that need access to privileged commands while limiting what commands can be executed?

Answers to those and many more questions I had are found throughout the text. All with a writing style with just the right amount of snarkiness that I found really entertaining.

Ed Mastery

by Michael W Lucas

What could possibly be written about ed that hasn’t already? Why would anyone buy and then read a book about ed in 2020 when there are modern alternatives such as the extremely popular Visual Studio Code or the older but dependable Vim?

Well, for starters:

ed is the standard Unix text editor.

https://en.wikipedia.org/wiki/Ed_(text_editor)

Ed Mastery is a short book published in 2018 whose subject is a piece of software first written in 1969 that can still be found on boxes running operating systems derived from UNIX to this day. The writing style follows the previous book, so there’s some geek entertainment right there, but is it useful in any way?

Surprisingly, at least for me, after forcing myself to use ed's constrained feature set to edit several little programs as exercises of a programing language book, when I got back to Vim, I immediately saw some of those techniques being put to use as several commands that are essential to ed‘s operation, work as well on Vim, sed, etc.

Firewalls Don’t Stop Dragons 3rd Edition

A Step-by-Step Guide to Computer Security and Privacy for Non-Techies

by Carey Parker

The following observations are based on the 3rd edition published in 2018. There’s a more recent version published in 2020 which I haven’t read.

The idea of a book on computer security for non-techies is a nice one, but I’m genuinely curious about potential audience size of non-techies willing to buy and then read a 440 page book on the subject. I’m willing to bet that most will rather do a Google search, end up watching some random tutorial on YouTube and stop there.

One could (correctly) argue that you don’t have to read the whole 440 pages as it devotes lengthily sections containing instructions full of screenshots for three different versions of two operating systems: Windows 7, 8.1 and 10; Mac OS X 10.11, macOS 10.12 and 10.13.

But given the target audience…

It’s the book that’s going to save you countless hours explaining to Aunt May why she needs to have more than one password …

… or helping your mom remove ten different Internet Explorer toolbars so that she can actually see more web page than buttons.

From the preface, page xxi.

… if they were to read a book like this – and again, that’s a big IF right there, how much you wanna bet that Uncle George will be mixing up instructions for one of the Mac versions with a Windows box or the other way around?

Don’t get me wrong. There’s plenty fundamentals and good guidance in the book for anyone that doesn’t pay much attention to security beyond making sure the anti-virus and firewall are turned on. It’s just that I don’t see the target audience as it was described in the book taking the time to actually read it.

Then there’s Chapter 4. It’s devoted to the topic of passwords. What makes for good and bad passwords, the importance of enabling 2FA where possible, and the importance – in the author’s point of view – of 3rd party password managers.

Mostly important advice, but this is the point where things start smelling funny to me. See… all the current browsers offer support for some level of password management. Some will even synchronize between different devices and generate strong random passwords for you.

The author introduces LastPass and lays out instructions on how to install it on a computer and a smartphone – which is nice given the target audience? – then somehow manages to fit mentions to LastPass in each and every chapter there on to the end of the book (except for chapter 10). If you don’t have MFA enabled, don’t use a browser that has a password manager built-in and are using the same password over and over again, then you should totally get a password manager, but I couldn’t help but get the feeling that the whole thing was a lengthily advert for LastPass.

Published by

Alfred Myers

I have been interested in computers since I got my hands on a magazine about digital electronics back in 1983 and programming them has been paying the bills since 1991. Having focused on Microsoft-centric technology stacks for the best part of two decades, in recent years I’ve been educating myself on open source technologies such as Linux, networking and the open web platform.