Book Review: Violent Python

(Full disclosure - this review is part of the Books for Bloggers program)

Violent Python, by TJ O'Connor, published by Elsevier / Syngress, is a fantastic concept coupled with some really terrible Python code. When I initially picked up this book I was incredibly excited, because who doesn't want to learn about hacking and computer security? And there is some terrific information in here about hacking and penetration testing and all sorts of other lovely ways to either get you sent to prison or a really good job. It's great to see Python used as a serious forensic/security tool, too. Unfortunately, I just couldn't get over the quality of the code.

This book bills itself as a cookbook, and the end result may taste good, but the process is horrible, leaves dirty dishes all over your house, and the resulting dish makes you feel a bit queasy just looking at it.

If you are new to Python, this book does not teach how to write idiomatic Python code. From lazily doing from package import * to Pokemon exception handling (gotta catch 'em all!), to cluttering up code examples with the useful but extremely verbose optparse library (the 3rd party docopt is way better), the code certainly does not follow beautiful is better than ugly.

This book would be drastically improved if the author simply stuck all of their code samples up on the Code Review Stack Exchange. As a matter of fact at that point I'd probably give it a 5/5.

For me, code quality is very important - probably because as someone who puts bread on the table with my programming, I am looking at code most of the day. And code that doesn't follow established patterns is code that I'm going to constantly have problems with. It's a bit like hearing someone speak pidgin English. Sure, you can understand that the Nigerian Prince would love to help you with this monetary endeavor, but it would be easier and less frustrating if he didn't want you to send him all those money orders.

But if you don't care about the code and you just want to learn the underlying principles and are fine with translating the code, you will love this book. Honestly, I'd actually recommend it, just make sure that you bring your pepto. I give it a 3/5. And 2.5 of those points are for the non-code portions of the book. If the author fixes the code, then this will totally be a 5/5.