Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape.In The Tangled Web, Michal Zalewski, one of the world's top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they're fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You'll learn how to:Perform common but surprisingly complex tasks such as URL parsing and HTML sanitization Use modern security features like Strict Transport Security, Content Security Policy, and Cross-Origin Resource Sharing Leverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugs Build mashups and embed gadgets without getting stung by the tricky frame navigation policy Embed or host user-supplied content without running into the trap of content sniffing For quick reference, "Security Engineering Cheat Sheets" at the end of each chapter offer ready solutions to problems you're most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications that stand the test of time.

    How has Google done it? Veteran technology reporter Steven Levy was granted unprecedented access to the company, and in this revelatory book he takes readers inside Google headquarters—the Googleplex—to show how Google works.While they were still students at Stanford, Google cofounders Larry Page and Sergey Brin revolutionized Internet search. They followed this brilliant innovation with another, as two of Google’s earliest employees found a way to do what no one else had: make billions of dollars from Internet advertising. With this cash cow, Google was able to expand dramatically and take on other transformative projects: more efficient data centers, open-source cell phones, free Internet video (YouTube), cloud computing, digitizing books, and much more.The key to Google’s success in all these businesses, Levy reveals, is its engineering mind-set and adoption of such Internet values as speed, openness, experimentation, and risk taking. After its unapologetically elitist approach to hiring, Google pampers its engineers—free food and dry cleaning, on-site doctors and masseuses—and gives them all the resources they need to succeed. Even today, with a workforce of more than 23,000, Larry Page signs off on every hire.But has Google lost its innovative edge? With its newest initiative, social networking, Google is chasing a successful competitor for the first time. Some employees are leaving the company for smaller, nimbler start-ups. Can the company that famously decided not to be evil still compete?No other book has ever turned Google inside out as Levy does with In the Plex.

    You'll learn how to use Haskell in a variety of practical ways, from short scripts to large and demanding applications. Real World Haskell takes you through the basics of functional programming at a brisk pace, and then helps you increase your understanding of Haskell in real-world issues like I/O, performance, dealing with data, concurrency, and more as you move through each chapter. With this book, you will:Understand the differences between procedural and functional programming Learn the features of Haskell, and how to use it to develop useful programs Interact with filesystems, databases, and network services Write solid code with automated tests, code coverage, and error handling Harness the power of multicore systems via concurrent and parallel programming You'll find plenty of hands-on exercises, along with examples of real Haskell programs that you can modify, compile, and run. Whether or not you've used a functional language before, if you want to understand why Haskell is coming into its own as a practical language in so many major organizations, Real World Haskell is the best place to start.

    The problem is that all of those lines of JavaScript code can slow down your apps. This book reveals techniques and strategies to help you eliminate performance bottlenecks during development. You'll learn how to improve execution time, downloading, interaction with the DOM, page life cycle, and more. Yahoo! frontend engineer Nicholas C. Zakas and five other JavaScript experts -- Ross Harmes, Julien Lecomte, Steven Levithan, Stoyan Stefanov, and Matt Sweeney -- demonstrate optimal ways to load code onto a page, and offer programming tips to help your JavaScript run as efficiently and quickly as possible. You'll learn the best practices to build and deploy your files to a production environment, and tools that can help you find problems once your site goes live. Identify problem code and use faster alternatives to accomplish the same task Improve scripts by learning how JavaScript stores and accesses data Implement JavaScript code so that it doesn't slow down interaction with the DOM Use optimization techniques to improve runtime performance Learn ways to ensure the UI is responsive at all times Achieve faster client-server communication Use a build system to minify files, and HTTP compression to deliver them to the browser

    Commercial game development expert Robert Nystrom presents an array of general solutions to problems encountered in game development. For example, you'll learn how double-buffering enables a player to perceive smooth and realistic motion, and how the service locator pattern can help you provide access to services such as sound without coupling your code to any particular sound driver or sound hardware. Games have much in common with other software, but also a number of unique constraints. Some of the patterns in this book are well-known in other domains of software development. Other of the patterns are unique to gaming. In either case, Robert Nystrom bridges from the ivory tower world of software architecture to the in-the-trenches reality of hardcore game programming. You'll learn the patterns and the general problems that they solve. You'll come away able to apply powerful and reusable architectural solutions that enable you to produce higher quality games with less effort than before. Applies classic design patterns to game programming. Introduces new patterns specific to game programming. Brings abstract software architecture down to Earth with approachable writing and an emphasis on simple code that shows each pattern in practice. What you'll learn Overcome architectural challenges unique to game programming Apply lessons from the larger software world to games. Tie different parts of a game (graphics, sound, AI) into a cohesive whole. Create elegant and maintainable architecture. Achieve good, low-level performance. Gain insight into professional, game development. Who this book is forGame Programming Patterns is aimed at professional game programmers who, while successful in shipping games, are frustrated at how hard it sometimes is to add and modify features when a game is under development. Game Programming Patterns shows how to apply modern software practices to the problem of game development while still maintaining the blazing-fast performance demanded by hard-core gamers. Game Programming Patterns also appeals to those learning about game programming in their spare time. Hobbyists and aspiring professionals alike will find much to learn in this book about pathfinding, collision detection, and other game-programming problem domains.

    We'll use the world's most popular functional programming language: JavaScript. Some may feel this is a poor choice as it's against the grain of the current culture which, at the moment, feels predominately imperative. However, I believe it is the best way to learn FP for several reasons:You likely use it every day at work.This makes it possible to practice and apply your acquired knowledge each day on real world programs rather than pet projects on nights and weekends in an esoteric FP language.We don't have to learn everything up front to start writing programs.In a pure functional language, you cannot log a variable or read a DOM node without using monads. Here we can cheat a little as we learn to purify our codebase. It's also easier to get started in this language since it's mixed paradigm and you can fall back on your current practices while there are gaps in your knowledge.The language is fully capable of writing top notch functional code.We have all the features we need to mimic a language like Scala or Haskell with the help of a tiny library or two. Object-oriented programming currently dominates the industry, but it's clearly awkward in JavaScript. It's akin to camping off of a highway or tap dancing in galoshes. We have to bind all over the place lest this change out from under us, we don't have classes[^Yet], we have various work arounds for the quirky behavior when the new keyword is forgotten, private members are only available via closures. To a lot of us, FP feels more natural anyways.That said, typed functional languages will, without a doubt, be the best place to code in the style presented by this book. JavaScript will be our means of learning a paradigm, where you apply it is up to you. Luckily, the interfaces are mathematical and, as such, ubiquitous. You'll find yourself at home with swiftz, scalaz, haskell, purescript, and other mathematically inclined environments.

    But honest and open conversations are not taking place between management and Agile delivery teams.In A Seat at the Table, CIO Mark Schwartz explores the role of IT leadership as it is now and opens the door to reveal IT leadership as it should be - an integral part of the value creation engine. With wit and easy style, Schwartz reveals that the only way to become an Agile IT leader is to be courageous - to throw off the attitude and assumptions that have kept CIOs from taking their rightful seat at the table. CIOs, step on up, your seat at the table is waiting for you.Listening Length: 9 hours and 20 minutes

    "We spend more time working than doing anything else in life. It's not right that the experience of work should be so demotivating and dehumanizing." So says Laszlo Bock, head of People Operations at the company that transformed how the world interacts with knowledge. This insight is the heart of WORK RULES!, a compelling and surprisingly playful manifesto that offers lessons including:Take away managers' power over employeesLearn from your best employees-and your worstHire only people who are smarter than you are, no matter how long it takes to find themPay unfairly (it's more fair!)Don't trust your gut: Use data to predict and shape the futureDefault to open-be transparent and welcome feedbackIf you're comfortable with the amount of freedom you've given your employees, you haven't gone far enough. Drawing on the latest research in behavioral economics and a profound grasp of human psychology, WORK RULES! also provides teaching examples from a range of industries-including lauded companies that happen to be hideous places to work and little-known companies that achieve spectacular results by valuing and listening to their employees. Bock takes us inside one of history's most explosively successful businesses to reveal why Google is consistently rated one of the best places to work in the world, distilling 15 years of intensive worker R&D into principles that are easy to put into action, whether you're a team of one or a team of thousands. WORK RULES! shows how to strike a balance between creativity and structure, leading to success you can measure in quality of life as well as market share. Read it to build a better company from within rather than from above; read it to reawaken your joy in what you do.

    But where do they come from? What kind of environment breeds them? What sparks the flash of brilliance? How do we generate the breakthrough technologies that push forward our lives, our society, our culture? Steven Johnson's answers are revelatory as he identifies the seven key patterns behind genuine innovation, and traces them across time and disciplines. From Darwin and Freud to the halls of Google and Apple, Johnson investigates the innovation hubs throughout modern time and pulls out the approaches and commonalities that seem to appear at moments of originality.

    Emphasis is placed on understanding the crisp mathematical idea behind each algorithm, in a manner that is intuitive and rigorous without being unduly formal. Features include: The use of boxes to strengthen the narrative: pieces that provide historical context, descriptions of how the algorithms are used in practice, and excursions for the mathematically sophisticated.Carefully chosen advanced topics that can be skipped in a standard one-semester course, but can be covered in an advanced algorithms course or in a more leisurely two-semester sequence.An accessible treatment of linear programming introduces students to one of the greatest achievements in algorithms. An optional chapter on the quantum algorithm for factoring provides a unique peephole into this exciting topic. In addition to the text, DasGupta also offers a Solutions Manual, which is available on the Online Learning Center.Algorithms is an outstanding undergraduate text, equally informed by the historical roots and contemporary applications of its subject. Like a captivating novel, it is a joy to read. Tim Roughgarden Stanford University

    Tracy Kidder got a preview of this world in the late 1970s when he observed the engineers of Data General design and build a new 32-bit minicomputer in just one year. His thoughtful, prescient book, The Soul of a New Machine, tells stories of 35-year-old "veteran" engineers hiring recent college graduates and encouraging them to work harder and faster on complex and difficult projects, exploiting the youngsters' ignorance of normal scheduling processes while engendering a new kind of work ethic.These days, we are used to the "total commitment" philosophy of managing technical creation, but Kidder was surprised and even a little alarmed at the obsessions and compulsions he found. From in-house political struggles to workers being permitted to tease management to marathon 24-hour work sessions, The Soul of a New Machine explores concepts that already seem familiar, even old-hat, less than 20 years later. Kidder plainly admires his subjects; while he admits to hopeless confusion about their work, he finds their dedication heroic. The reader wonders, though, what will become of it all, now and in the future. —Rob Lightner

    In this one-of-a-kind text, author V. Anton Spraul breaks down the ways that programmers solve problems and teaches you what other introductory books often ignore: how to Think Like a Programmer. Each chapter tackles a single programming concept, like classes, pointers, and recursion, and open-ended exercises throughout challenge you to apply your knowledge. You'll also learn how to:Split problems into discrete components to make them easier to solve Make the most of code reuse with functions, classes, and libraries Pick the perfect data structure for a particular job Master more advanced programming tools like recursion and dynamic memory Organize your thoughts and develop strategies to tackle particular types of problems Although the book's examples are written in C++, the creative problem-solving concepts they illustrate go beyond any particular language; in fact, they often reach outside the realm of computer science. As the most skillful programmers know, writing great code is a creative art—and the first step in creating your masterpiece is learning to Think Like a Programmer.

    In a 1995 interview, the late Steve Jobs claimed that the secret to his and Apple’s success was talent. “We’ve gone to exceptional lengths to hire the best people,” he said, believing that the talented resource was twenty-five times more valuable than an average alternative. For Microsoft founder Bill Gates, the multiple was even higher:A great lathe operator commands several times the wage of an average lathe operator, but a great writer of software code is worth 10,000 times the price of an average software writer.While the actual number might be up for debate, the importance of technical talent is not. The most successful companies today are those that understand the strategic role that developers will play in their success or failure. Not just successful technology companies – virtually every company today needs a developer strategy. There’s a reason that ESPN and Sears have rolled out API programs, that companies are being bought not for their products but their people. The reason is that developers are the most valuable resource in business.How did we get here? How did developers become the most important constituency in business seemingly overnight? The New Kingmakers explores the rise of the developer class, its implications and provides suggestions for navigating the new developer-centric landscape.

    "More concretely," the authors explain, "it is the controlled manipulation of mathematical formulas, using a collection of techniques for solving problems."

    It has led nothing short of a revolution in the entertainment industries, generating billions of dollars in annual revenue while capturing the imaginations of hundreds of millions of people in over 190 countries. But to reach these great heights, Netflix, which launched in 1998 as an online DVD rental service, has had to reinvent itself over and over again. This type of unprecedented flexibility would have been impossible without the counterintuitive and radical management principles that cofounder Reed Hastings established from the very beginning. Hastings rejected the conventional wisdom under which other companies operate and defied tradition to instead build a culture focused on freedom and responsibility, one that has allowed Netflix to adapt and innovate as the needs of its members and the world have simultaneously transformed.Hastings set new standards, valuing people over process, emphasizing innovation over efficiency, and giving employees context, not controls. At Netflix, there are no vacation or expense policies. At Netflix, adequate performance gets a generous severance, and hard work is irrel-evant. At Netflix, you don't try to please your boss, you give candid feedback instead. At Netflix, employees don't need approval, and the company pays top of market. When Hastings and his team first devised these unorthodox principles, the implications were unknown and untested. But in just a short period, their methods led to unparalleled speed and boldness, as Netflix quickly became one of the most loved brands in the world.Here for the first time, Hastings and Erin Meyer, bestselling author of The Culture Map and one of the world's most influential business thinkers, dive deep into the controversial ideologies at the heart of the Netflix psyche, which have generated results that are the envy of the business world. Drawing on hundreds of interviews with current and past Netflix employees from around the globe and never-before-told stories of trial and error from Hastings's own career, No Rules Rules is the fascinating and untold account of the philosophy behind one of the world's most innovative, imaginative, and successful companies.