Through the book’s many examples, you’ll quickly learn how OCaml stands out as a tool for writing fast, succinct, and readable systems code.Real World OCaml takes you through the concepts of the language at a brisk pace, and then helps you explore the tools and techniques that make OCaml an effective and practical tool. In the book’s third section, you’ll delve deep into the details of the compiler toolchain and OCaml’s simple and efficient runtime system.Learn the foundations of the language, such as higher-order functions, algebraic data types, and modulesExplore advanced features such as functors, first-class modules, and objectsLeverage Core, a comprehensive general-purpose standard library for OCamlDesign effective and reusable libraries, making the most of OCaml’s approach to abstraction and modularityTackle practical programming problems from command-line parsing to asynchronous network programmingExamine profiling and interactive debugging techniques with tools such as GNU gdb

    Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape.In The Tangled Web, Michal Zalewski, one of the world's top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they're fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You'll learn how to:Perform common but surprisingly complex tasks such as URL parsing and HTML sanitization Use modern security features like Strict Transport Security, Content Security Policy, and Cross-Origin Resource Sharing Leverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugs Build mashups and embed gadgets without getting stung by the tricky frame navigation policy Embed or host user-supplied content without running into the trap of content sniffing For quick reference, "Security Engineering Cheat Sheets" at the end of each chapter offer ready solutions to problems you're most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications that stand the test of time.

    It gives an overview of every learning objective for the TOGAF 9 Foundation Syllabus and in-depth coverage on preparing and taking the TOGAF 9 Part 1 Examination. It is specifically designed to help individuals prepare for certification.This Study Guide is excellent material for:a) Individuals who require a basic understanding of TOGAF 9b) Professionals who are working in roles associated with an architecture project such as those responsible for planning, execution, development, delivery, and operationc) Architects who are looking for a first introduction to TOGAF 9d) Architects who want to achieve Level 2 certification in a stepwise manner and have not previously qualified as TOGAF 8 CertifiedA prior knowledge of enterprise architecture is advantageous but not required. While reading this Study Guide, the reader should also refer to the TOGAF Version 9.1 documentation available online at www.opengroup.org and also available as hard copy from www.vanharen.net and online booksellers

    Topics covered include:Basic version control commands and conceptsIntroduction to Distributed Version Control Systems (DVCS)Advanced branching workflowsStrengths and weaknesses of DVCS vs. centralized toolsBest practicesHow distributed version control works under the hoodFeaturing these open source version control tools:Apache SubversionMercurialGitVeracity

    This bestseller talks to readers at their level, explaining every aspect of how to get started and learn the C language quickly. Readers also find out where to learn more about C. This book includes tear-out reference card of C functions and statements, a hierarchy chart, and other valuable information. It uses special icons, notes, clues, warnings, and rewards to make understanding easier. And the clear and friendly style presumes no programming knowledge.

    Developers are instantly productive, picking up all the benefits of the Ruby-based Rails framework without giving up any of the power of Java.Grails in Action is a comprehensive look at Grails for Java developers. It covers the nuts and bolts of the core Grails components and is jam-packed with tutorials, techniques, and insights from the trenches.The book starts with an overview of Grails and how it can help you get your web dev mojo back. Then it walks readers through a Twitter-style social networking app-built in Grails, of course-where they implement high-interest features like mashups, AJAX/JSON, animation effects, full text search, rounded corners, and lots of visual goodness. The book also covers using Grails with existing Java technology, like Spring, Hibernate, and EJBs.Purchase of the print book comes with an offer of a free PDF, ePub, and Kindle eBook from Manning. Also available is all code from the book.

    We have put thousands of hours into the fourth edition of the book, writing and revising its material to include significant improvements and new material based on feedback from previous editions.

    High Dynamic Range photography is the process of taking several pictures of a scene at various exposures, then merging them into one file. So the entire photo can look crisp and detailed, from highlights to midtones to shadows—and photographers needn’t sacrifice any part of their image. And the best way to master this exciting technology is with this thorough, easy-to-follow, and visually spectacular guide. No other title does justice to these cutting-edge techniques, which actually take the viewer into worlds far beyond normal photography—sometimes even beyond normal human perception. Ferrell McCollough, a widely respected photographer, pushes the boundaries and inspires others to pursue their artistic vision, too. The amazing results simply can’t be achieved any other way.

    Others have the knack of unerringly zeroing in on the root cause of a bug. Are they geniuses? Just lucky? No, they've learned the secrets of professional debugging. This book will equip you with the tools, techniques and approaches-proven in the crucible of professional software development-to ensure that you can tackle any bug with confidence. You'll learn how to handle every stage of the bug life-cycle, from constructing software that makes debugging easy, through detection, reproduction, diagnosis and rolling out your eventual fix. If you develop software, sooner or later you're going to discover that it doesn't always behave as you intended. Working out why it's misbehaving can be hard. Sometimes very hard. Debug It! is here to help! All bugs are different: there is no silver bullet. You've got to rely upon your intellect, intuition, detective skills and yes, even a little luck. But that doesn't mean that you're completely on your own-there is much you can learn from those who have gone before. This book distills decades of hard-won experience gained in the trenches of professional software development, giving you a head-start and arming you with the tools you need to get to the bottom of the problem, whatever you're faced with. Whether you're writing Java or assembly language, targeting servers or embedded micro-controllers, using agile or traditional approaches, the same basic bug-fixing principles apply. From constructing software that is easy to debug (and incidentally less likely to contain bugs in the first place), through handling bug reports to rolling out your ultimate fix, we'll cover the entire life-cycle of a bug. You'll learn about the empirical approach, which leverages your software's unique ability to show you what's really happening, the importance of finding a reliable and convenient means of reproducing a bug, and common pitfalls so you can avoid them. You'll see how to use commonly available tools to automatically detect problems before they're reported by customers and how to construct "transparent software" that provides access to critical information and internal state.

    Max 'Vision' Butler was a white-hat hacker and a celebrity throughout the programming world, even serving as a consultant to the FBI. But there was another side to Max. As the black-hat 'Iceman', he'd seen the fraudsters around him squabble, their ranks riddled with infiltrators, their methods inefficient, and in their dysfunction was the ultimate challenge: he would stage a coup and steal their ill-gotten gains from right under their noses.Through the story of Max Butler's remarkable rise, KINGPIN lays bare the workings of a silent crime wave affecting millions worldwide. It exposes vast online-fraud supermarkets stocked with credit card numbers, counterfeit cheques, hacked bank accounts and fake passports. Thanks to Kevin Poulsen's remarkable access to both cops and criminals, we step inside the quiet,desperate battle that law enforcement fights against these scammers. And learn that the boy next door may not be all he seems.

    You'll progress from a complete beginner regarding Arduino programming and electronics knowledge to intermediate skills and the confidence to create your own amazing Arduino projects. Absolutely no experience in programming or electronics required!Rather than requiring you to wade through pages of theory before you start making things, this book has a hands-on approach. You will dive into making projects right from the start, learning how to use various electronic components and how to program the Arduino to control or communicate with those components.Each project is designed to build upon the knowledge learned in earlier projects and to further your knowledge in programming as well as skills with electronics. By the end of the book you will be able create your own projects confidently and with creativity.Please note: the print version of this title is black & white; the eBook is full color. You can download the color diagrams in the book from http: //www.apress.com/9781430232407

    With this practical book, you’ll learn how pointers provide the mechanism to dynamically manipulate memory, enhance support for data structures, and enable access to hardware. Author Richard Reese shows you how to use pointers with arrays, strings, structures, and functions, using memory models throughout the book.Difficult to master, pointers provide C with much flexibility and power—yet few resources are dedicated to this data type. This comprehensive book has the information you need, whether you’re a beginner or an experienced C or C++ programmer or developer.Get an introduction to pointers, including the declaration of different pointer typesLearn about dynamic memory allocation, de-allocation, and alternative memory management techniquesUse techniques for passing or returning data to and from functionsUnderstand the fundamental aspects of arrays as they relate to pointersExplore the basics of strings and how pointers are used to support themExamine why pointers can be the source of security problems, such as buffer overflowLearn several pointer techniques, such as the use of opaque pointers, bounded pointers and, the restrict keyword

    Because almost every aspect of an enterprise is now dependent on technology, the focus of IT security must shift from locking down assets to enabling the business while managing and surviving risk. This compact book discusses business risk from a broader perspective, including privacy and regulatory considerations. It describes the increasing number of threats and vulnerabilities, but also offers strategies for developing solutions. These include discussions of how enterprises can take advantage of new and emerging technologies—such as social media and the huge proliferation of Internet-enabled devices—while minimizing risk. With ApressOpen, content is freely available through multiple online distribution channels and electronic formats with the goal of disseminating professionally edited and technically reviewed content to the worldwide community. Here are some of the responses from reviewers of this exceptional work: “Managing Risk and Information Security is a perceptive, balanced, and often thought-provoking exploration of evolving information risk and security challenges within a business context.  Harkins clearly connects the needed, but often-overlooked linkage and dialog between the business and technical worlds and offers actionable strategies.   The book contains eye-opening security insights that are easily understood, even by the curious layman.” Fred Wettling, Bechtel Fellow, IS&T Ethics & Compliance Officer, Bechtel     “As disruptive technology innovations and escalating cyber threats continue to create enormous information security challenges, Managing Risk and Information Security: Protect to Enable provides a much-needed perspective. This book compels information security professionals to think differently about concepts of risk management in order to be more effective. The specific and practical guidance offers a fast-track formula for developing information security strategies which are lock-step with business priorities.” Laura Robinson, Principal, Robinson Insight Chair, Security for Business Innovation Council (SBIC) Program Director, Executive Security Action Forum (ESAF) “The mandate of the information security function is being completely rewritten. Unfortunately most heads of security haven’t picked up on the change, impeding their companies’ agility and ability to innovate. This book makes the case for why security needs to change, and shows how to get started. It will be regarded as marking the turning point in information security for years to come.” Dr. Jeremy Bergsman, Practice Manager, CEB     “The world we are responsible to protect is changing dramatically and at an accelerating pace. Technology is pervasive in virtually every aspect of our lives. Clouds, virtualization and mobile are redefining computing – and they are just the beginning of what is to come. Your security perimeter is defined by wherever your information and people happen to be.

    Written in typical no-nonsense style, it lays out the basis of Mike's “minimalist” maintenance philosophy for owner-flown general aviation aircraft. An owner who follows the book's guidance can save a small fortune on maintenance costs and end up with a safer, more reliable aircraft.Owners are advised to perform the absolute least amount of maintenance required to make their aircraft safe, reliable and legal… and nothing more. The book explains in detail why engine and propeller TBOs and most other manufacturer-prescribed maintenance intervals should be disregarded. And “Manifesto” explains exactly how to do it.About the Author:Mike Busch is arguably the best-known A&P/IA in general aviation. In 2008, he was honored by the FAA as “National Aviation Maintenance Technician of the Year.” Mike has been a prolific aviation writer for more than four decades. His “Savvy Aviator” columns have appeared in numerous publications including EAA Sport Aviation, AOPA’s Opinion Leader’s Blog, AVweb, and magazines for the three largest GA type clubs (ABS, CPA, and COPA). He is renowned for his free monthly maintenance webinars and his standing-room-only forums at EAA AirVenture Oshkosh. Mike has been a pilot and aircraft owner for 45 years with 7,500+ hours logged, and he is a CFIA/I/ME. He’s founder and CEO of Savvy Aircraft Maintenance Management, Inc., the world’s largest firm providing maintenance-management services for owner-flown aircraft.

    You need to assume it will run in the most hostile environments imaginable -- and design, code, and test accordingly. Writing Secure Code, Second Edition shows you how. This edition draws on the lessons learned and taught throughout Microsoft during the firm s massive 2002 Windows Security Push. It s a huge upgrade to the respected First Edition, with new coverage across the board. Michael Howard and David LeBlanc first help you define what security means to your customers -- and implement a three-pronged strategy for securing design, defaults, and deployment. There s especially useful coverage of threat modeling -- decomposing your application, identifying threats, ranking them, and mitigating them. Then, it s on to in-depth coverage of today s key security issues from the developer s standpoint. Everyone knows buffer overruns are bad: Here s a full chapter on avoiding them. You ll learn how to establish appropriate access controls and default to running with least privilege. There s detailed coverage of overcoming attacks on cryptography (for example, avoiding poor random numbers and bit-flipping attacks). You ll learn countermeasures for virtually every form of user input attack, from malicious database updates to cross-site scripting. We ve just scratched the surface: There are authoritative techniques for securing sockets and RPC, protecting against DOS attacks, building safer .NET applications, reviewing and testing code, adding privacy features, and even writing high-quality security documentation. Following these techniques won t just improve security -- it ll dramatically improve robustness and reliability, too. Bill CamardaBill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks For Dummies®, Second Edition.