Now Bamford describes the transformation of the NSA since 9/11, as the agency increasingly turns its high-tech ears on the American public.The Shadow Factory reconstructs how the NSA missed a chance to thwart the 9/11 hijackers and details how this mistake has led to a heightening of domestic surveillance. In disturbing detail, Bamford describes exactly how every American’s data is being mined and what is being done with it. Any reader who thinks America’s liberties are being protected by Congress will be shocked and appalled at what is revealed here.From the Trade Paperback edition.

    This complete guide shows you how to automate your build, integration, release, and deployment processes with Jenkins—and demonstrates how CI can save you time, money, and many headaches. Ideal for developers, software architects, and project managers, Jenkins: The Definitive Guide is both a CI tutorial and a comprehensive Jenkins reference. Through its wealth of best practices and real-world tips, you'll discover how easy it is to set up a CI service with Jenkins. Learn how to install, configure, and secure your Jenkins server Organize and monitor general-purpose build jobs Integrate automated tests to verify builds, and set up code quality reporting Establish effective team notification strategies and techniques Configure build pipelines, parameterized jobs, matrix builds, and other advanced jobs Manage a farm of Jenkins servers to run distributed builds Implement automated deployment and continuous delivery

    Find the best of the magazine's writing in Best of 2600: A Hacker Odyssey, a collection of the strongest, most interesting, and often most controversial articles covering 24 years of changes in technology, all from a hacker's perspective. Included are stories about the creation of the infamous tone dialer "red box" that allowed hackers to make free phone calls from payphones, the founding of the Electronic Frontier Foundation, and the insecurity of modern locks.

    You'll learn how to confidently and securely build and deploy OAuth on both the client and server sides. Foreword by Ian Glazer.Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.About the TechnologyThink of OAuth 2 as the web version of a valet key. It is an HTTP-based security protocol that allows users of a service to enable applications to use that service on their behalf without handing over full control. And OAuth is used everywhere, from Facebook and Google, to startups and cloud services.About the BookOAuth 2 in Action teaches you practical use and deployment of OAuth 2 from the perspectives of a client, an authorization server, and a resource server. You'll begin with an overview of OAuth and its components and interactions. Next, you'll get hands-on and build an OAuth client, an authorization server, and a protected resource. Then you'll dig into tokens, dynamic client registration, and more advanced topics. By the end, you'll be able to confidently and securely build and deploy OAuth on both the client and server sides.What's InsideCovers OAuth 2 protocol and designAuthorization with OAuth 2OpenID Connect and User-Managed AccessImplementation risksJOSE, introspection, revocation, and registrationProtecting and accessing REST APIsAbout the ReaderReaders need basic programming skills and knowledge of HTTP and JSON.About the AuthorJustin Richer is a systems architect and software engineer. Antonio Sanso is a security software engineer and a security researcher. Both authors contribute to open standards and open source.Table of ContentsPart 1 - First stepsWhat is OAuth 2.0 and why should you care?The OAuth dance Part 2 - Building an OAuth 2 environmentBuilding a simple OAuth clientBuilding a simple OAuth protected resourceBuilding a simple OAuth authorization serverOAuth 2.0 in the real world Part 3 - OAuth 2 implementation and vulnerabilitiesCommon client vulnerabilitiesCommon protected resources vulnerabilitiesCommon authorization server vulnerabilitiesCommon OAuth token vulnerabilities Part 4 - Taking OAuth furtherOAuth tokensDynamic client registrationUser authentication with OAuth 2.0Protocols and profiles using OAuth 2.0Beyond bearer tokensSummary and conclusions

    Richard Stevens' classic TCP/IP Illustrated, Volume 1 to gain the detailed understanding of TCP/IP they need to be effective. Now, the world's leading TCP/IP best-seller has been thoroughly updated to reflect a new generation of TCP/IP-based networking technologies. TCP/IP Illustrated, Volume 1, Second Edition doesn't just describe protocols: it enables readers to observe how these protocols operate under different conditions, using publicly available tools, and explains why key design decisions were made. The result: readers gain a deep understanding of how TCP/IP protocols function, and why they function that way. Now thoroughly updated by long-time networking expert Kevin Fall, this brand-new second edition's extensive new coverage includes: " Remote procedure call " Identity management (access control / authentication) " Network and transport layer security (authentication / privacy) " File access protocols, including NFS and SMB/CIFS " Host initialization and DHCP " NAT and firewalls " E-mail " Web and web services " Wireless and wireless security " New tools, including Ethereal, nmap and netcat

    One half massive case study, one half technical manual, Dissecting the Hack has it all - learn all about hacking tools and techniques and how to defend your network against threats. Yes, the security threats are real - read more about the tactics that you see executed throughout the story in the second half of the book where you will learn to recon, scan, explore, exploit and expunge with the tools and techniques shown in the story. Every hack is real and can be used by you once you have the knowledge within this book! Utilizes actual hacking and security tools in its story- helps to familiarize a newbie with the many devices and their codeIntroduces basic hacking techniques in real life context for ease of learningPresented in the words of the hacker/security pro, effortlessly envelops the beginner in the language of the hack

    Reprint. NYT.

    It is difficult to imagine a world without instant access and 24/7 connectivity. We have reengineered our business, governance, and social relations around a planetary network unlike any that has come before. And, as with any social transformation, there have been unintended consequences.     In Black Code, Ron Deibert examines the profound effect that cyberspace is having on the relationship between citizens and states, on the private and public spheres, and on domestic and international affairs. Cyberspace has brought us a world of do-it-yourself signals intelligence, he argues, and WikiLeaks is only a symptom of a much larger phenomenon to which governments, businesses, and individuals will have to get accustomed. Our lives have been turned inside out by a digital world of our own spinning.     Fast-paced, revealing, and sometimes terrifying, Black Code takes readers into the shadowy realm of cybersecurity, offering insight into the very future of cyberspace and revealing what new rules and norms we will need to adopt in order to survive in this new environment.

    Starting with Alexander Graham Bell's revolutionary "harmonic telegraph," by the middle of the twentieth century the phone system had grown into something extraordinary, a web of cutting-edge switching machines and human operators that linked together millions of people like never before. But the network had a billion-dollar flaw, and once people discovered it, things would never be the same.Exploding the Phone tells this story in full for the first time. It traces the birth of long-distance communication and the telephone, the rise of AT&T's monopoly, the creation of the sophisticated machines that made it all work, and the discovery of Ma Bell's Achilles' heel. Phil Lapsley expertly weaves together the clandestine underground of "phone phreaks" who turned the network into their electronic playground, the mobsters who exploited its flaws to avoid the feds, the explosion of telephone hacking in the counterculture, and the war between the phreaks, the phone company, and the FBI.The product of extensive original research, Exploding the Phone is a ground-breaking, captivating book.

    Author Pat Shaughnessy takes a scientific approach, laying out a series of experiments with Ruby code to take you behind the scenes of how programming languages work. You'll even find information on JRuby and Rubinius (two alternative implementations of Ruby), as well as in-depth explorations of Ruby's garbage collection algorithm. Ruby Under a Microscope will teach you:How a few computer science concepts underpin Ruby's complex implementation How Ruby executes your code using a virtual machine How classes and modules are the same inside Ruby How Ruby employs algorithms originally developed for Lisp How Ruby uses grammar rules to parse and understand your code How your Ruby code is translated into a different language by a compilerNo programming language needs to be a black box. Whether you're already intrigued by language implementation or just want to dig deeper into Ruby, you'll find Ruby Under a Microscope a fascinating way to become a better programmer. Covers Ruby 2.x, 1.9 and 1.8

    It took the open source world by storm since its inception in 2005, and is used by small development shops and giants like Google, Red Hat, and IBM, and of course many open source projects.A book by Git experts to turn you into a Git expert. Introduces the world of distributed version control Shows how to build a Git development workflow.

    So, what IS it? It is an edgy, provocative, attack-oriented series of chapters written in a first hand, conversational style. World-renowned network security personalities present a series of 25 to 30 page chapters written from the point of an attacker who is gaining access to a particular system. This book portrays the -street fighting- tactics used to attack networks and systems. Not just another -hacker- book, it plays on -edgy- market success of Steal this Computer Book with first hand, eyewitness accountsA highly provocative expose of advanced security exploitsWritten by some of the most high profile -White Hats-, -Black Hats- and -Gray Hats-Gives readers a -first ever- look inside some of the most notorious network intrusions

    Every programmer can find uses for regular expressions, but their power doesn't come worry-free. Even seasoned users often suffer from poor performance, false positives, false negatives, or perplexing bugs. Regular Expressions Cookbook offers step-by-step instructions for some of the most common tasks involving this tool, with recipes for C#, Java, JavaScript, Perl, PHP, Python, Ruby, and VB.NET.With this book, you will:Understand the basics of regular expressions through a concise tutorial Use regular expressions effectively in several programming and scripting languages Learn how to validate and format input Manage words, lines, special characters, and numerical values Find solutions for using regular expressions in URLs, paths, markup, and data exchange Learn the nuances of more advanced regex features Understand how regular expressions' APIs, syntax, and behavior differ from language to language Write better regular expressions for custom needs Whether you're a novice or an experienced user, Regular Expressions Cookbook will help deepen your knowledge of this unique and irreplaceable tool. You'll learn powerful new tricks, avoid language-specific gotchas, and save valuable time with this huge library of proven solutions to difficult, real-world problems.

    Generics and the greatly expanded collection libraries have tremendously increased the power of Java 5 and Java 6. But they have also confused many developers who haven't known how to take advantage of these new features.Java Generics and Collections covers everything from the most basic uses of generics to the strangest corner cases. It teaches you everything you need to know about the collections libraries, so you'll always know which collection is appropriate for any given task, and how to use it.Topics covered include:• Fundamentals of generics: type parameters and generic methods• Other new features: boxing and unboxing, foreach loops, varargs• Subtyping and wildcards• Evolution not revolution: generic libraries with legacy clients and generic clients with legacy libraries• Generics and reflection• Design patterns for generics• Sets, Queues, Lists, Maps, and their implementations• Concurrent programming and thread safety with collections• Performance implications of different collectionsGenerics and the new collection libraries they inspired take Java to a new level. If you want to take your software development practice to a new level, this book is essential reading.Philip Wadler is Professor of Theoretical Computer Science at the University of Edinburgh, where his research focuses on the design of programming languages. He is a co-designer of GJ, work that became the basis for generics in Sun's Java 5.0.Maurice Naftalin is Technical Director at Morningside Light Ltd., a software consultancy in the United Kingdom. He has most recently served as an architect and mentor at NSB Retail Systems plc, and as the leader of the client development team of a major UK government social service system."A brilliant exposition of generics. By far the best book on the topic, it provides a crystal clear tutorial that starts with the basics and ends leaving the reader with a deep understanding of both the use and design of generics." Gilad Bracha, Java Generics Lead, Sun Microsystems

    Topics you can expect to see in this book include: ● What problem does blockchain solve? ● How can technology make our institutions faster and less expensive? ● Could technology replace our institutions (like governments, banks, etc) altogether? ● How does blockchain build trust between strangers? ● How does blockchain increase security for transactions and contracts? ● Can blockchain be used outside of finance? ● What is a block? ● What is the chain and why do we need it? ● What’s a technical explanation of what happens in the blockchain? ● What is mining and why do we need it? ● Are there alternatives to mining to create a blockchain? ● What’s the story of Bitcoin? ● Does Bitcoin have any problems? ● What is Ethereum, and what is a smart contract? ● Are there other blockchain technologies I should know about? ● How are companies adopting blockchain? ● What regulatory hurdles might slow blockchain adoption? Whew, that’s a lot of questions. If you’re ready to tackle them, I’m ready