Cover V04, I03


Books: A User's Report

Elizabeth Zinkann

This month covers a variety of topics, as usual. However, in two departures from the norm, I reviewed a book primarily for Windows, in an effort to save countless repetitive explanations and confusion regarding downloading, and a book that simulates the newspaper and television tabloids. As always, there was an abundance of books to review, but the final selections include: The Downloader's Companion for Windows, by Scott Meyers and Catherine Pinch; Internet Insider, by Ruffin Prevost; New Riders' Official Internet Yellow Pages, 2nd Ed., by Christine Maxwell and Czeslaw Jan Grycz; Solaris Implementation: A Guide for System Administrators, by George Becker, Mary E. S. Morris, and Kathy Slattery; The New Kornshell Command and Programming Language, by Morris I. Bolsky and David G. Korn; UNIX System Security Essentials, by Christoph Braun; Exploring Expect: A Tcl-based Tookit for Automating Interactive Programs, by Don Libes; and E-Mail Security: How to Keep Your Electronic Messages Private, by Bruce Schneier.

An item that may interest readers of this column: O'Reilly & Associates, Inc., has made "HTML Overview," a subset of its Managing Internet Information Services book, available at no charge through its World Wide Web site ( The overview provides all the basic information for creating an HTML (HyperText Markup Language) document, plus a view of the recently redesigned World Wide Web site.

The Downloader's Companion for Windows
by Scott Meyers and Catherine Pinch
Prentice Hall
ISBN 0-13-342254-2
Disk Included

Meyers and Pinch have written a valuable book on an integral component of personal computer and Internet use. Downloading a file is only part of the issue. After the file has been successfully transferred, is it readable? Comparing the files to wrapped packages that cannot be opened, the authors demonstrate the correct way to download, tell which files can view the mystery packages, and include all of the necessary software.

The introduction covers the basics of downloading, its problems and importance. It outlines the structure and content of each chapter and explains the various icons employed (installation for instructions, wizard for advice, and pitfall for caution). The authors also introduce the software featured on the disk and offer an "Installation Summary (for the Impatient)." The second chapter explains the principles of freeware versus shareware, and the benefits and disadvantages of each. More important, it describes the correct procedures to follow when using shareware programs.

The fundamental concepts of downloading are examined in chapter 3. Meyers and Pinch describe the different transfer protocols, present a summary of each protocol's benefits and disadvantages in an excellent table, and discuss how and why to choose a protocol. The authors explain the differences between text and binary files, demonstrate the essential downloading technique, and provide detailed downloading examples, for both binary and text files. Chapter 4 focuses on file storage: compression and archiving. Meyers and Pinch introduce the concepts, illustrate what compression and archiving are and how they differ, then explore the various types of archives. Chapter 5 discusses encoding and decoding, and why it is necessary (and when). The authors also explain how to accomplish these tasks. Chapter 6 delves into multimedia: images, sounds, movies, and the necessary tools to either send or receive them. The final chapter references other books and CDs pertaining to functioning online, while the appendices list the extensions that the reader may encounter, in both alphabetical and category order presentations.

This book not only details the procedures used in downloading files and images, but also includes the software for Windows users (saving the reader time-consuming searches). The techniques are methodically described, so that no step can be overlooked. Meyers and Pinch have addressed a neglected topic. (Every time I go online, someone asks if I know how to download. A "yes" response usually starts a barrage of questions. Now someone should write one for Macintosh users!) They include tips on such issues as how to avoid downloading an outdated file and what transfer protocol is the best for the reader's unique situation. The Downloader's Companion for Windows is well-written and easy to understand: it will become indispensable for anyone using an online service.

Internet Insider
by Ruffin Prevost
Osborne McGraw-Hill
ISBN 0-07-882084-7

The newspaper tabloid has become an accepted part of everyday life: the various publications escort the shopper through the grocery or drugstore check-out lane. Television shows use the same format present sensational stories. Could the Internet be far behind? The Internet Insider uses the breathless tabloid style to feature some serious (and frivolous) articles. (One of my favorites, "Woman Ages Seven Years While On Hold," reminds me of some phone non-conversations I have had!)

The Internet Insider reflects the Internet as it exists today: partly serious, partly humorous -- a mirror of the current users' reflections and concerns. Online access to The Internet Insider is available through the World Wide Web. This book illustrates a refreshing change from the instructional books and shows how the Internet is currently used. It is fun to peruse and should bring a smile to the faces of serious Net surfers everywhere.

New Riders' Official Internet Yellow Pages
2nd Ed.
by Christine Maxwell and Czeslaw Jan Grycz
New Riders' Publishing
ISBN 1-56205-408-2

This revised edition features an improved format. To accommodate the additional listings and expanded International listings, the second edition introduces a three-column page, replacing the former two-column design. The newer fonts and typesetting give this edition a more refined and professional look than the original. The revised version has approximately 45 percent more entries than its original counterpart, a modified keyword list to parallel the listings, an improved rating procedure, and more concentration on multimedia resources. The new format has allowed the book to essentially remain the same size book while providing more information. (While this may seem an extremely minor point, avid readers with limited bookshelves can breathe a sigh of relief. This one did.)

The modified appendices still include keywords, audience fields, Internet Service Providers, a glossary, further readings, and A Whimsical Tour of the Internet. Additions include Making Your Voice Heard and Advertisements. (Some advertising does appear in the directory itself, but has the same form as an entry, no rating, and a tinted background. It does not conflict with the directory in any way.)

I like this second edition better than the original. In attempting to include more information and keep the directory current, Maxwell and Grycz have improved the book tremendously. New Riders' Official Internet Yellow Pages remains an excellent resource, one which will benefit any and every Internet traveler.

Solaris Implementation A Guide for System Administrators
by George Becker, Mary E. S. Morris, and Kathy Slattery
SunSoft Press
Prentice Hall
ISBN 0-13-353350-6

This book helps the system administrator make the transition from Solaris 1.x to Solaris 2.x. Although the versions retain a similar structure, enough differences exist to complicate an administrator's job. This book is intended to supplement the documentation. Its contents include an Introduction to Solaris, Planning and Preparing for Installation, Installing Solaris, Admintool, Boot and Shutdown Files, Using the Network, Security Software Management, Disk Utilities, and Solaris 2.x Products. The Appendices include AutoInstall Samples, Sample Disk Configurations, and Sources of Information.

The introductory chapter, An Introduction to Solaris, describes much more than the title indicates, including the major sections of Solaris 2.x and their respective functions, common features in 1.x and 2.x, new features available only in the 2.x releease, and a brief summary of modifications and new tools important to the system administrator. Ensuring chapters cover Solaris installation, then present the changes in detail.

There is a bit of a problem with the Contents listing. The last two chapters in the Table of Contents, AutoInstall Samples and Sample Disk Configurations, are not missing. Although they are listed as chapters 11 and 12 in the Table of Contents, they actually appear as appendices A and B in the text. Appendix A in the Table of Contents thus becomes Appendix C in the text (Appendix C, Sources of Information, uses one of my favorite designs: practical questions and answers encountered daily.) Prentice Hall is aware of this incongruity and intends to correct it in future versions.

Becker, Morris, and Slattery have written an extremely readable, logical book. The reader is put at ease with the second and third sentences in the book: "We understand how hard it is to adapt to a new environment. We are all in this together." These words establish the tone for the book. The authors are expert in the field, and they share their knowledge with the reader as if with a colleague. It is intended to be an auxiliary text to the documentation accompanying the Solaris software. Solaris Implementation: A Guide for System Administrators deals with daily tasks and should be beneficial to anyone administering Solaris 2.x, whether a veteran or new Solaris user.

The New Kornshell Command and Programming Language
by Morris I. Bolsky and David G. Korn
Prentice Hall
ISBN 0-13-182700-6

Since the KornShell first appeared, there have been many changes, not only to the KornShell itself, but also to its environment. In the interim, COSE (Common Operating System Environment) has developed; POSIX (Portable Operating System Interface) has tried to set standards in the UNIX community; and several desktop products (such as Novell's dtksh) and scripting languages (such as perl and tcl) have evolved. The KornShell has also been changing to keep pace with current trends.

The New KornShell Command and Programming Language book closely resembles the original version. It has retained the format of the first book so that readers familiar with the original edition can easily find a topic. The sections include: Introduction, Tutorial, The Built-In Editors, Programming Language, Application Programming, and the Appendix. However, this KornShell is more powerful than the 1988 version. The book is compatible with earlier versions, as well as with the Bourne shell. The authors have included some hints that will make your KornShell programs more efficient and endurable. They indicate which features are not included in the Bourne shell or the POSIX shell, and which features may soon be obsolete (and what to use in their stead). This information helps you tune your programs for optimum portablility.

The New KornShell Command and Programming Language features an easily readable style and simple references. Since the book is designed for both novice and experienced users, ease of use is an important issue. The description of each command includes an explanation of the command, an example showing how the command may appear, and sample output from that command. This method results in a very effective demonstration of the language and its capabilities. The appendix contains a summary of the new features and a separate section for csh users currently learning the KornShell. This is the definitive book on ksh. Everyone who uses the KornShell should have access to a copy, within reach if possible.

UNIX System Security Essentials
by Christoph Braun
ISBN 0-201-42775-3

Although many resources related to security exist for the UNIX system administrator, the user has been largely overlooked. Introductory texts usually warn against choosing a simplistic password and emphasize the need to change it frequently, and some of the better texts will inform the reader of mesg y or n (allow or disallow messages to your screen), but most don't advance much beyond that. In UNIX System Security Essentials, Braun focuses on user security to a higher degree. His topics include an Introduction, Security for Users, System Administration, Security for Programmers, Planning Security Management, and Important Commands and System Calls.

Braun discusses the fundamental security measures available to the UNIX user. He points out that users must decide what they need to protect and must see what utilities they can conveniently access. He then examines how system administrators configure a system to protect it from unwarranted intrusions. He sees programmers as a special class of users: programmers must also ensure their project's integrity. Just as each system's needs vary and every programmer has different requirements to safeguard, each organization has its own unique security considerations. Braun discusses the process of developing an effective security management plan and how to structure one for your organization. The last chapter describes UNIX system security commands and system calls.

UNIX System Security Essentials focuses on the tools the user already has available for implementing a security strategy. Braun's approach emphasizes a carefully constructed design using utilities that are accessible with any UNIX system.

Exploring Expect: A Tcl-based Toolkit for Automating Interactive Programs
by Don Libes
O'Reilly & Associates, Inc.
ISBN 1-56592-090-2

Expect is a "software suite for automating interactive tools." In other words, it can automate responses from the keyboard, releasing the user or administrator the tedium of having to sit in front of a terminal waiting to enter "y" followed by a carriage return. (This benefit is portrayed best by a set of cartoons on page 2: "Before Expect," an interactive process leads to the workstation, with someone sitting at the keyboard; in "After Expect," the interactive process goes through Expect before reaching the unmanned workstation, complete with a crooked "Gone Fishing" sign.) Written by Expect's creator, Don Libes, the book demonstrates how to use Expect. Although the reader may not need all of the information at once (it is possible to read various sections independently), the author does recommend reading the entire book. Each chapter ends with a set of exercises, which should be read if not completed -- they could be forerunners to problems you may later encounter.

The author begins with an introduction to Expect, followed by an overview of Tcl. From that point, Libes clarifies the 25-page man entry, describing Expect's different properties and using code fragments to demonstrate its capabilities. Following the introductions to Expect and Tcl, Libes discusses getting started with Expect. Moving from the general to the specific, he illustrates some of Expect's concepts, including regular expressions, patterns, actions, limits, debugging patterns, send, spawn, signals, and interact. Libes also describes Expect + Tk (Expectk, pronounced "ek spect tee kay"); Expect, C, and C++; and Expect as a Tcl extension. The book concludes with a list of the Expect commands and variables, an index of scripts, and the general index.

The material in Exploring Expect is logically presented. The writing style is not only informative, but also humorous. (please don't ignore the author''s footnotes; many of them reflect his excellent sense of humor). The author uses examples liberally throughout the book, which helps the reader to understand the concepts presented. Libes' expertise in both Expect and Tcl is obvious; the clarity of his presentation is a bonus. The book merits the attention of anyone using Tcl, Tk, or Expect.

E-Mail Security: How to Keep Your Electonic Messages Private
by Bruce Schneier
John Wiley & Sons, Inc.
ISBN 0-471-05318-X

Schneier encapsulates the entire electronic mail problem more succinctly than anyone else has: "The world of electronic mail is the world of postcards" (p. 1). Unprotected electronic mail can be altered, mis-directed, and delivered to the wrong address. Schneier demonstrates exactly what can happen to e-mail and then describes different ways to protect its delivery and integrity.

E-Mail Security is organized in two main sections. Part I, Privacy and Electronic Mail, discusses The Problem, Encryption, Key Management, Authentication, Certificates, Keeping Your Private Key Private, Odds and Ends, and Patents, Governments, and Export Laws. Part II, Achieving Electronic Mail Privacy, explores Requirements annd Features, Privacy Enhanced Mail (PEM), Pretty Good Privacy (PGP), Comparing PGP and PEM, and Attacks Against PGP and PEM. The Appendices discuss Pretty Good Privacy and Privacy Enhanced Mail.

Schneier presents the topics in a logical order. The book is entertaining, but still maintains the gravity that the subject warrants. His deep understanding of the subject is reflected in the lucidity of his discussion of various concepts. This is an excellent book on an extremely timely topic. It merits the attention of anyone involved with electronic mail, online systems, the Internet, and security.

About the Author

Elizabeth Zinkann has been involved in the UNIX and C environments for the past 11 years. She is currently a UNIX and C consultant, and one of her specialities is UNIX education. In addition to her computer science background, she also has a degree in English. Elizabeth can be reached via CompuServe at 71603,2201 (Internet format:, or via America Online (