Category Archives: Book Reviews

Book Review: “Ghost in the Wires: My Adventure as the World’s Most Wanted Hacker”

I wrote this review back in November of 2011. While cleaning out my blog’s draft folder I realized I’d never gotten around to posting it. Since it’s a good tech/geek read, I figured it was better late than never.

Ghost in the Wires

I went on vacation recently and needed a book for the rather long plane ride. After reading a sample chapter of Kevin Mitnick’s new autobiography, my interest was piqued. I had remembered reading about him and the “Free Kevin” movement back in ’98, and at the time I didn’t understand why people were getting behind this guy. He did a bunch of bad stuff, why should he be free? Since it’d also probably cover some interesting computer security topics, I figured it be both educational and entertaining. I picked up a copy and by the time I was arriving home, my hopes had been met.

Mitnick gained massive media attention in the mid-to-late 90’s when he was on the run from the FBI for various hacking related offenses. He was eventually captured, and spent 5 years in prison. In his new autobiography, “Ghost in the Wires”, he chronicles his escapades and details how he compromised so many systems. Surprisingly, it mostly through something called Social Engineering, which can loosely be defined as “the manipulation of people to get them to do what you want”.

Mitnick’s tales typically involve him just calling up his target, and simply convincing them to give him certain information or do certain things for him. For example, he was able to compromise the Social Security Administration by pretending to be an investigator from the Inspector General’s Office. He convinced a staff member there of his status, and for several years was able to use her to get privileged information. Here’s an excerpt of where he discusses the ruse:

I said, “We’re going to be needing assistance on a continuing basis,” explaining that while our office was working on a number of fraud investigations, we didn’t have access to MCS — short for “Modernized Claims System,” the amusingly clumsy name for their centralized computer system.

From the time of that initial conversation, we became telephone buddies. I was able to call Ann and have her look up whatever I wanted — Social Security numbers, dates and places of birth, mother’s maiden names, disability benefits, wages, and so on. Whenever I phoned, she would drop whatever she was doing to look up anything I asked for.

Mitnick comes off as smart and very curious, and a lot of his stories are very interesting, but it’s hard to like the guy. He ends up causing a lot of people grief and some of the decisions he makes made me want to facepalm. He continues to hang out with his best friend after the guy steals his wife (this same friend later tries to offer him up to the FBI), he strings along “Eric” even though he suspects the guy is working for the FBI, and he continues to do high profile system break-ins while he’s on the run. Though then again, if he hadn’t made these nutty decisions, there probably wouldn’t be a book to read.

The book starts off a little slow, but takes off once Mitnick goes on the run from the FBI for 2 years. During this time he assumes several identities, lives in a hand full of cities, and breaks into numerous systems. He gleefully details the social engineering tactics he used to do all of this, but when it comes to the technical aspects of his crimes, the book does a little bit of hand waving. The lack of detail in this department was apparently due to a disagreement between Mitnick and his co-writer. Mitnick wanted more detail, while his co-writer wanted to keep the story moving. They comprised, so there are a few side boxes for the more technically inclined, but you typically just get the general idea of what happened.

Overall I thought the book was a fascinating read and a valuable look into how a very successful individual was able to break into many different systems. If you’re into computer security, or looking for a non-fiction thriller, this is something to check out.

Book Review: Audio Processing with Web Audio

audio_book

Audio Processing with Web Audio

HTML5’s web audio API is pretty cool. Last year I had some fun experimenting with it, and since then I have been meaning to loop back and play around with it some more. So when I was offered a review copy of Audio Processing with Web Audio, my interested was piqued and I decided to see what it had to offer.

The book is setup to be a primer for web audio (in Packt terms an “instant” book). It contains a mere 63 pages, and reads like one long chapter. Overall it turned out to be a nice introductory book, but it’s does have a few flaws that take it down a notch.

As the book starts, you’re directed to setup your development environment and to download a zip of the code examples. This zip contains a total of 8 examples, broken out into 6 “recipes”. You can see a list of what they are below.

Recipe 1_1: Initialization exercise
Recipe 2_1: Playing Audio Files from an Audio Buffer
Recipe 3_1: Playing Audio in a Loop
Recipe 4_1a: Setting Volume
Recipe 4_1b: Setting Volume (refactored to use new template code)
Recipe 5_1: Scheduling Audio Playback
Recipe 5_2: Automating Audio Parameters
Recipe 6_1: 5-band Equalizer

For what I assume were space restrictions, the first two recipes in the code example packet were not discussed in the book. This makes the book slightly awkward since the first recipe covered, the one on looping sound (3_1), makes references to text written for these recipes and doesn’t cover concepts that would have been discussed for those examples. Thankfully it’s easy to pick up what you miss from the example code, but it’s an unfortunate editing snafu.

In the looping sound section you’re walked through the creation of the recipe via code samples with explanations, and once it’s done you’re given a deeper discussion of why things worked the way they did. The next two recipes are done in the same vein, and cover volume and automating audio parameters. The example code works smoothly and the author does a great job of explaining all of the little nuances that go with the code.

The final recipe is on building the 5-band equalizer. It’s billed as an advanced example, and it sort of feels like you go from a nice walk through the world of web audio, to a brisk sprint. I really didn’t know what was going on. I don’t know much about sound theory, so the different filters and concepts were all very foreign. I imagine this chapter was included so those more familiar with sound concepts would feel they got something out of the book, but it’s a little confusing for developers not tuned into how sound works.

Looking over the example packet, one other example titled “Scheduling Audio Playback” was cut from the book. However, unlike the first two examples, this exclusion isn’t really noticeable. Still, it leaves me thinking this book could have been a lot more interesting if it had been expanded by 20 or 30 pages. However, I’m glad they included all of the examples in the code packet, since it gives the reader some jumping off points after they’ve finished the text.

Overall it’s a nice introductory book. It has some flaws, but it comes with some good example code and does a good job on the majority of topics it tackles.

Book Review: “JavaScript: The Definitive Guide”

I felt a little nerdy asking for this for Christmas, but it was worth while read

The web apps I write for this site are written in JavaScript, and after landing a web developer job two years ago, I’ve focused more on getting better at everything web related – through reading blogs, writing apps, and reading books.

As far as books were concerned, there had been one which had consistently caught my eye, but which I’d kept resisting due to its size. I have a short attention span and I was worried I wouldn’t finish it. I also tried to foolishly convince myself that I probably already knew most of what it covered – after finishing JavaScript: The Good Parts and a couple other short books, I felt I had a pretty good handle on the language. What else could there really be to know? But temptation got the best of me, and I’m glad it did, because it’s a great book and I learned a ton.

JavaScript: The Definitive Guide, by David Flanagan, is 1078 pages* of densely packed information on the JavaScript programming language. It’s not filled with fluff and it covers an amazing amount of ground. In truth, it’s really 3 books in one: a book on the core JavaScript language, a book on client-side JavaScript development, and a reference book for client-side and core development. It’s written for people familiar with programming who want to gain an in-depth understanding of everything they can do with JavaScript.

An experiment in retaining information

I didn’t want to read this book and then 6 months later not remember anything I’d read. I had a friend who’d read it and not gotten much out of it, but I believed that may have been because of information overload. Leisurely reading technical books can be fun, but the information isn’t going to stick unless you use it or discuss it. So I decided to try an experiment – after each chapter, I was going to write up a set of notes on what I found interesting in that chapter. That would force me to go back over the information and help me document what I may want to go back to later on.

I did this on the wordpress blog Reading the Rhino JS Book. It’s really just a collection of notes, but it’s a great way for me to go back and go “oh yeah, this is what I found interesting in this chapter”. In the beginning I was really excited and felt it was a great way to read a technical book – if you’re going to invest the time in reading a large book, you might as well invest the time to try and retain the information. However, I’d be lying if I didn’t say I got tired of writing up notes on each chapter. So my feelings are mixed. I do believe it helped in organizing what I learned and found interesting, but it was also a bit of a pain towards the end. I haven’t yet decided if I’ll take notes on each chapter of the next programming book I read, but I can say it was useful to do so in this case.

Who should read this Book?

I would not recommend this book for people who are new to JavaScript. It does contain almost everything you need to know, but it’s not really written for the newbie. When you’re new you want to get up and running quickly, and you want a brief introduction to the tool set you have at hand. For that, JavaScript: The Good Parts is probably the better choice.

If you do front-end web development professionally, or you just really like writing web apps, this book is worth picking up. It’s written to be readable and thoroughly covers the current set of web technologies you have at your finger tips with JavaScript. Even if you feel like you have a good handle on things, this book does a good job at filling in the gaps. As an example, I knew JavaScript did automatic semicolon insertion if you forgot to include semicolons**, but I wasn’t sure how this worked. It turns out that the ECMAScript spec has a clearly defined algorithm for this, and knowing how it works gives some insight into using the language.

Final Thoughts

This is probably now my favorite book on JavaScript. A couple weeks ago I was openly pondering where I wanted to go web development wise, and I think, for now, I’m going to focus on client-side development. This doesn’t mean I’m going to ignore back-end stuff, I do a lot of PHP at work and there’s other back-end technologies like Ruby, Python, and Node which look interesting, but the client-side looks like it has the most utility for app developers. It’s nice to be able to quickly write a single page app, upload it, and have anyone be able to use it.

* 716 pages if you don’t include the reference sections.
** Technically the interpreter doesn’t insert semicolons, it just treats a line break as the end of a statement in certain situations. Thus it’s sort of simulating semicolon insertion.

Book Review: “The Tangled Web: A Guide to Securing Modern Web Applications”

The Tangled Web

Security is a hot right now*. You see TV commercials touting degrees in Information Security, you see news stories on hacking done by Anonymous, and you hear people throwing around terms like “cyber security” and “cyber attacks”. So when offered a review copy of The Tangled Web, my interest was piqued. The book aims to take its readers on a walk through of the modern web stack, and to explain the web’s vulnerabilities and what can be done to avoid them. It’s geared at software engineers and security professionals, and is written by a security expert at Google.

The book is divided into 3 sections. The first section aims to describe the anatomy of the web. It goes over URLs, the HTTP protocol, CSS, HTML, JavaScript, non-HTML document types, and browser plugins, all with a security mind set. I felt I was pretty familiar with the URL syntax, but was surprised to learn about some of the tricky URLs that could be created. Most people probably wouldn’t think twice before visiting this URL: http://bing.com&q=test@1249763400 – what happens depends on what browser you’re using.

The second section of the book covers Browser Security, and was to me the most interesting part of the book. The fundamental security policy of the browser is the Same Origin Policy (SOP), which puts content isolation rules in place to keep web sites from interfering with one another. In most web browsers, the origin for a page is defined by its scheme, host, and port. Though apparently for IE versions before 9, only the scheme and host are taken into account – unless you’re dealing with the XMLHttpRequest (XHR) object, then IE takes all 3 into account when defining the origin.

My favorite browser flaw talked about in this section was the one on the getComputedStyle/currentStyle API. Back in 2002, it was discovered that JavaScript could be used to look at the computed color of visited links to determine if a visitor had visited a particular site. Thousands of checks could be made a second, thus any website you went to could snoop-in on your browsing habits if it wanted to. Fixes for this security issue were put in place around 2010.

Another neat trick that was talked about was trying to load an authentication-requiring image from a third party site and using the image’s onload and onerror events to see if the user had logged into that site (a good discussion of this can be found here). This idea can further be extended to third party APIs. If a website doesn’t put the proper security in place for its API, malicious sites can do all sorts of mischief to their visitors, all without them noticing.

The last section of the book is the shortest (32 pages) and focuses on coming security features. This section of the book didn’t really grab me, but there were a few bits that piqued my interest. Cross-Origin Request Sharing finally allows developers to use the XHR object in a cross domain fashion, but until older browsers are phased out, developers will have to create a fall-back behavior if they decide to use it.

Overall I enjoyed the book and found it worth reading. I do, however, wonder if framing security around a discussion of the web stack was the best way to go. The author contends that arbitrary taxonomies of vulnerabilities aren’t as informative, and that some problems don’t fit into buzzword friendly names like Cross-Site Scripting (XSS) or SQL Injection, but I think information is more accessible when organized that way. Reorganizing chapters around a taxonomy of problems like XSS, CSRF, etc, would also probably make it a better reference for developers. Though to his credit, the author does devote the last few pages to common web problems like XSS, CSRF, etc, and indicates the pages where these problems are discussed (since they come up throughout the book).

If you’re a web developer and want to get a better understanding of security I think this is a very good book and worth checking out. However, if you’re not a web developer, I wouldn’t pick this up unless you had a technical interest in web security. Lastly, if you’re interested in the book I’d recommend reading the sample chapter on the HTTP protocol, since it gives a good preview of what the book is like.

*This may be area specific. I live in Maryland, and the BRAC has been driving a lot of job growth. So it maybe it’s better to say it’s hot in the Maryland area, and possibly other places too.

“The Book of CSS3” Book Review

The Book of CSS3

I had been wanting to learn more about CSS3, so when offered a review copy of The Book of CSS3, I accepted knowing that at the minimum, I’d at least get exposure to a bunch of cool new design features. Luckily, the book itself is well written and proves to be a great guide to what’s available now, and to what’s coming soon.

The book is written for web developers who are familar with CSS and who may have played around with some of the new CSS3 features, like rounded corners and drop shadows, but who are looking to get a fuller understanding of what it is and what they can do with it. After explaining a bit about what CSS3 is, remarking on its modular nature (the spec is broken into modules so that browsers can implement individual modules without having to implement the whole CSS3 spec right way) and giving a short write up of its troubled history (work on the CSS3 spec originally started way back in 1998), the book launches into chapters on individual CSS3 topics – you can see the full table of contents here.

The flow of the book from one topic to the next is pretty good, but with the exception of chapters dealing with animation and transformation, most of the chapters can pretty much be read in any order. However, the earlier chapters cover topics that are more widely accessible, stable, and cross-browser than the later chapters, so reading the book start to finish is probably advantageous. The structure of each chapter is very similar, with the author discussing a little about the topic and then leading you through various sections where features are described and showed off with examples. Cross-browser techniques (where relevant) and compatibly are also mentioned.

One of the early topics that really piqued my interest was Web Fonts. With Web Fonts you can use any font you want, even a crazy hand written one, and users will see it when viewing your webpage. The author even provides some cool links to some CSS3 font resources like Google Web Fonts, which makes it really easy for you to include and use fonts in a cross-browser manner.

Another topic that I enjoyed was “Transitions and Animations”. Animations let you move and change elements during a given time period. Unfortunely for us, the Animations module, at least for now, is only implemented in Webkit browsers (Chrome and Safari). However, Transitions are currently available in all of the major browsers except IE. A “Transition” is an animation that happens between two different states. They allow you to give a smooth feel to certain style changes. For example, say you wanted to change the color of a link, but you wanted the change to come in gradually. You could do that like so:


Example test: Mouse over this link!

As you can see, the hover pseudo-class changes the link to color to red, but since we’ve setup a transition for the color property, the link transitions from black to red over the period of 1 second, instead of abruptly changing to red. This effect also applies to other properties, and is especially neat when changing a div’s position or size.

Near the end of the book some yet-to-be implemented features are discussed. Chief among them is the “Template Layout Module”, which would allow you to lay out items on a page in way that is similar to a grid, but a in fashion that is little more intuitive. The Template Layout Module is made even more interesting by the fact that even though it is currently not implemented in any browser, you can still use it by using a JavaScript library written by Alexis Deveria.

I feel like I learned a lot from this book and that it not only contained a lot of useful information, but that the information was presented well. The only draw back to reading this kind of book is that CSS3 is still in flux right now and certain features will change as things are ironed out, however, much of what’s talked about is reasonably stable, and knowing about what’s coming will probably give you a better footing for the features when they finally arrive. If you’re looking to learn more about CSS3, this is definitely a book to look into.

“HTML5: Up and Running” Book Review

HTML5: Up and Running

I’ve read a decent number of articles on what will be new in HTML5. I’ve read up on the canvas element, localStorage, web workers, and a couple of the other elements one can use when creating Chrome Web Browser Extensions (for when I created my Typing Speed Monitor and Image Definitions for Dictionaries extensions).

However, I hadn’t really sat down and taken the time to thoroughly go through all the goodies that are planned for/coming with HTML5. So when my office mate showed me a huge pile of books he had just purchased, I saw the one titled HTML5: Up and Runningand got kind of curious. After flipping through it, I found out that its also available online for free under the title of Dive into HTML5, but I ended up ordering my own copy since I prefer to read the paper editions. However, a good number of resources are linked to, so a digital version of the book is somewhat advantageous.

Anyway, the book starts off with some history on how HTML developed. It goes through an old thread in a 1993 W3C mailing list archive, where participants were discussing the creation of image tag. Essentially no one could really agree on how it should be setup (Should it be img, icon or include? Should its properties be src or href?), and ultimately an author of Mosaic (an early web browser) decided to just use what he had initially proposed and shipped his browser with a working img tag. The point of the story is to show you that HTML isn’t this carefully crafted language, it’s based on discussion, but many of its features came about simply because a popular web browser decided to stand behind them.

The next chapter discusses how you as a developer can use the new HTML5 tags in your web pages today, and still have your site be backward compatible with older browsers. It uses a JavaScript technique to do this, however, there are a couple of ways to use the new tags and be backwards compatible, some of which you can read about here.

The rest of the book focuses on giving introductions to the various new features you’ll have access to in HTML5, specifically: the canvas element, the video tag, the geolocation API, the localStorage element, how to setup your site for offline storage, all the new form elements, and how microdata works. These discussions are all pretty good, though I especially liked the chapter on the video tag. I didn’t really know much about the different video formats going into the chapter, so it was nice to have a high level discussion on how videos are encoded. It was also interesting to have the author touch on the licensing issues of H.264 video. After reading about all the fees involved, especially those possibly coming after Dec. 31, 2015, it seems like it’d be a bad format to use as a standard.

Overall I liked the book and would recommend checking it out if you’re curious about using and playing around with the currently available features of HTML5.

“JavaScript Patterns” Book Review

JavaScript Patterns

I went on my honeymoon recently and decided to pick up some reading for the plane ride*. The book JavaScript Patterns** piqued my interest after seeing it on this list of useful JavaScript books, so I decided to check it out.

The book’s aim is to provide useful techniques and abstractions (coding patterns), best practices, and approaches for implementing popular design patterns for the mid-level to advanced JavaScript developer. However, its main focus is on coding patterns. After introducing JavaScript and going over some basic concepts, the author launches into a chapter on best practices, which covers a grab bag of topics, everything from naming conventions to loop optimization to writing API docs. This chapter was actually where I first learned of YUIDoc and JSDoc, two great tools for generating API documentation for JavaScript code.

After that follow the chapters on coding patterns. The author goes over various subjects and explains techniques that will make you a better developer. Techniques like enforcing new when you define constructor function, the module pattern, self-defining functions, etc. Some of it you may already know, but it’s a good collection coding patterns.

The book finishes up with a chapter on implementing common design patterns in JavaScript (it covers: Singleton, Factory, Iterator, Decorator, Strategy, Facade, Proxy, Mediator, and Observer) and a chapter on working with the DOM. If your main interest is in learning design patterns, I’d probably recommend Pro JavaScript Design Patterns instead, since it’s main focus is design patterns and it devotes more time to explaining them and giving examples, however, if you’re already somewhat familiar with them and you have a decent understanding of how OOP works in JavaScript, than I would pick this book up instead as it cover more ground and is faster paced.

Overall I really enjoyed this book and learned a lot of useful tid bits from it. I’d recommend picking it up if you’re looking write better JavaScript code and to fine tune the techniques you know about JavaScript.

* The other books I read were Fahrenheit 451 (it was ok) and The Martian Chronicles (excellent book).
** Non-referral link, just so you all don’t think I’m trying to sell you books.

“Pro JavaScript Design Patterns” Book Review

Pro JavaScript Design Patterns

For a while I’ve been meaning to read a book on design patterns, which are ways to design and structure solutions to common problems in order to create efficient and optimal results. I missed a chance to take a course on them back in college when I took Cryptology instead, and have since been meaning to sit down and read up on what’s been developed and what can be useful to me. So it was to my happy surprise when I stumbled across Pro JavaScript Design Patterns in the book store a while back.

The book is broken into two parts. The first part explains how object oriented programming concepts work in JavaScript and how to implement the ones that aren’t built into the language, such as interfaces and private members. The second part of the book focuses on a common set of design patterns and how they can be implemented in JavaScript. It covers the following patterns, giving a chapter on each one: Singleton, Factory, Bridge, Composite, Facade, Adapter, Decorator, Flyweight, Proxy, Observer, Command and Chain of Responsibility.

Before I go any further, while I’m going to write a mostly positive review for this book, I should say that I initially tried to read it around 18 months ago, but stopped after I finished the first section. I re-read it from start to finish about 2 months ago. I stopped the first time I tried to read it because the book introduces a lot of ideas and I was a little confused on some of the concepts it touched on. Specifically, I was confused with how constructor functions worked and how a function’s prototype property worked. I got distracted trying to understand this and picked up another book and ended up not coming back to this book (it’s hard for me to get back into a book once I’ve set it down for a while). As for constructor functions and the prototype property, a good explanation of them can be found here.

I had better luck on my second read through and found the second half of the book to be an easy read. Though each chapter focuses on a different design pattern, some of them use patterns introduced in earlier chapters, so it’s actually a good idea to read the chapters in order. Each of these chapters starts by explaining the basic idea behind the pattern and then goes into a couple of real world examples of how the pattern is used. The chapters close by discussing the benefits and drawbacks of the pattern they introduced and some advice is given to help you identify situations where using the pattern would be a good idea.

Overall, I found this be to be extremely interesting. I could possibly have learned about the different design patterns by reading online tutorials, but being able to look at solutions in JavaScript was very helpful. Also, after reading certain chapters, I felt like going back and rewriting some of my old apps (though I’ll contain myself). Knowing about this collection of design patterns is a huge plus for me and for that alone I’m glad I read this book. I wouldn’t recommend this book to someone who doesn’t have a good understanding of prototypal inheritance, but if you feel like you do, this book is worth checking out. If you don’t, I would recommend looking up some design pattern tutorials online and trying to learn about the common patterns, you’ll be glad you did.

On a side note, I was also amazed at how many of these patterns I’d seen before. It certainly gave me a better appreciation for some of the code bases I’ve seen in the past. I also found that I used some of the patterns already unknowingly, but that I didn’t have a name for the technique I was using.

If I could go back in time I would still probably take that Cryptology class, but I would also try and read up on Design Patterns too. If you have a few extra minutes, it’s worth reading up on them.

“Ext JS 3.0 Cookbook” Book Review

Ext JS 3.0 Cookbook

Ext JS 3.0 Cookbook

Packt Publishing recently provided me with a copy of their new Ext JS book called Ext JS 3.0 Cookbook. The only thing they asked for in return was a review stating my opinion.

For those who don’t know, Ext JS is a JavaScript library aimed at helping developers create web applications with customizable user interface widgets. The library is known being sturdy and for letting users easily create eye-catching designs. However, unlike many other JavaScript libraries, Ext JS is licensed under the GPL by default. For people wanting to avoid the GPL, a commercial license can be purchased.

Ext JS 3.0 Cookbook is a book which has the goal of providing Ext JS users with a wide variety of techniques and code samples with which they can use in their development of web applications. The book is well written, has nicely formatted code samples (which are also available in a zip file – a URL to the file is given in the book), and contains a lot of interesting information. However, I wouldn’t recommend it to everyone, which I’ll get to in a moment.

Ext JS 3.0 Cookbook is divided into 10 chapters, with each chapter covering a different topic of the library. However, the book can really be thought of as one giant, categorized, FAQ guide on Ext JS. Each chapter contains a series of “recipes”. These recipes are specific tasks a developer might want to perform, for example: “Displaying remote data with a combo box” or “Creating a grid panel with expandable rows” or “Creating an auto-refreshing chart”.

The definition of each recipe follows a set pattern of 5 sections:

  • The problem is described.
  • “How to do it…” – Code for solving the problem is provided.
  • “How it works…” – An explanation is given on how the code works.
  • “There’s more…” – Additional, possibly useful, bits of information are provided.
  • “See also…” – Other topics are suggested as further reading.

Each of these sections is given its own heading, though some recipes omit a section when it isn’t needed. This makes the book well suited as a reference guide since you know what you’ll be getting when you look something up. However, even though the book starts off with some recipes on working with the DOM and with data types, it’s not a book for Ext JS beginners. If you’re a new comer to Ext JS, you’re better suited by a book like Learning Ext JS.

Ext JS 3.0 Cookbook is really for those Ext JS users who are past the beginner stage and want something on-hand that will help them accomplish tasks they may run into or help them find better solutions to problems they’ve already had. If you work with the Ext JS library as part of your job or use the library a lot, having this book around would probably be beneficial. It’s nicely put together and has a lot of useful information. However, if you’re just a casual user of the Ext JS library, you’d probably find more benefit from an introductory text on the library or from just browsing their online documentation.

“JavaScript: The Good Parts” Book Review

JavaScript: The Good Parts

JavaScript: The Good Parts

Last month I finished reading the short but densely packed JavaScript book JavaScript: The Good Parts.I had been looking for a book that would cover some of the pitfalls of the language more thoroughly than what I’d read about previously and when I saw this in the bookstore it seemed to fit the bill.

The thesis of the book is that JavaScript is a misunderstood language. It recognizes that there are bad parts to the language, but it contends that once you get past them there are some pretty nice good parts – and that by using only the good parts and avoiding the bad parts, you can write some really great code.

The book covers objects, functions, arrays, regular expressions, closure, and how inheritance works in JavaScript. The last one is probably the most important, since most people are only familiar with classical inheritance, and JavaScript’s prototypal inheritance, although wrapped in a syntax that makes it look classical, is very different. The book also discusses JavaScript’s bad parts and why you should avoid them.

Most of the concepts in the book are well explained, though I did find myself needing to re-read certain sections twice to completely understand the topic. This is in part because the book is very short, coming in at 153 pages (including the index). This is a double edged sword in that it allows you to take in a lot of material in a short amount of time, but sometimes you’re left wishing that a little more time was spent on a certain topic.

One other possible fault with the book (depending on how you look at things) is that it does not cover the DOM at all. The DOM isn’t part of the JavaScript language, but almost everyone who uses JavaScript will need to interact with the DOM. Therefore, this book is really more of a companion piece than a definitive reference for JavaScript programming.

Overall I really liked this book. It gives good coverage to some important topics regarding objects and functions, and gives a good explanation of prototypal inheritance. A lot of language quarks are also pointed out and explained. For example, one thing I didn’t realize was that the arguments array that is implicitly passed to functions isn’t a real array. It’s just an object with a length property. The appendix sections covering the “bad parts” and “awful parts” were also pretty interesting, though I disagree with the author that ++ and — are bad.

Anyway, I highly recommend the book if you’re into JavaScript programming. It’s a nice easy read that covers a lot of ground. Also, this is a non-solicited review, though the link above is an amazon referral link.

If you’re interested, the book’s author gave a one hour talk on this book that touches on a lot of its ideas. You can watch it here (actual talk starts at 2 minutes 15 seconds):