So, why does conventional wisdom insist that software engineers focus primarily on the design and development of large-scale computing systems?In this collection of essays and articles, key members of Google's Site Reliability Team explain how and why their commitment to the entire lifecycle has enabled the company to successfully build, deploy, monitor, and maintain some of the largest software systems in the world. You'll learn the principles and practices that enable Google engineers to make systems more scalable, reliable, and efficient--lessons directly applicable to your organization.This book is divided into four sections: Introduction--Learn what site reliability engineering is and why it differs from conventional IT industry practicesPrinciples--Examine the patterns, behaviors, and areas of concern that influence the work of a site reliability engineer (SRE)Practices--Understand the theory and practice of an SRE's day-to-day work: building and operating large distributed computing systemsManagement--Explore Google's best practices for training, communication, and meetings that your organization can use

    Navy intelligence officer, David Locke Hall was a federal prosecutor when a bizarre-sounding website, CRACK99, came to his attention. It looked like Craigslist on acid, but what it sold was anything but amateurish: thousands of high-tech software products used largely by the military, and for mere pennies on the dollar. Want to purchase satellite tracking software? No problem. Aerospace and aviation simulations? No problem. Communications systems designs? No problem. Software for Marine One, the presidential helicopter? No problem. With delivery times and customer service to rival the world’s most successful e-tailers, anybody, anywhere—including rogue regimes, terrorists, and countries forbidden from doing business with the United States—had access to these goods for any purpose whatsoever.But who was behind CRACK99, and where were they? The Justice Department discouraged potentially costly, risky cases like this, preferring the low-hanging fruit that scored points from politicians and the public. But Hall and his colleagues were determined to find the culprit. They bought CRACK99's products for delivery in the United States, buying more and more to appeal to the budding entrepreneur in the man they identified as Xiang Li. After winning his confidence, they lured him to Saipan—a U.S. commonwealth territory where Hall’s own father had stormed the beaches with the marines during World War II. There they set up an audacious sting that culminated in Xiang Li's capture and imprisonment. The value of the goods offered by CRACK99? A cool $100 million.An eye-opening look at cybercrime and its chilling consequences for national security, CRACK99 reads like a caper that resonates with every amazing detail.

    Did you design your system to survivef a sudden rush of visitors from Digg or Slashdot? Or an influx of real world customers from 100 different countries? Are you ready for a world filled with flakey networks, tangled databases, and impatient users?If you're a developer and don't want to be on call for 3AM for the rest of your life, this book will help.In Release It!, Michael T. Nygard shows you how to design and architect your application for the harsh realities it will face. You'll learn how to design your application for maximum uptime, performance, and return on investment.Mike explains that many problems with systems today start with the design.

    Scott doesn’t just show you which sliders do what (every Lightroom book will do that). Instead, by using the following three simple, yet brilliant, techniques that make it just an incredible learning tool, this book shows you how to create your own photography workflow using Lightroom: Throughout the book, Scott shares his own personal settings and studiotested techniques. Each year he trains thousands of Lightroom users at his live seminars and through that he’s learned what really works, what doesn’t, and he tells you flat out which techniques work best, which to avoid, and why. The entire book is laid out in a real workflow order with everything step by step, so you can begin using Lightroom like a pro from the start. What really sets this book apart is the last chapter. This is where Scott dramatically answers his #1 most-asked Lightroom question, which is: “Exactly what order am I supposed to do things in, and where does Photoshop fit in?” You’ll see Scott’s entire start-to-finish Lightroom 5 workflow and learn how to incorporate it into your own workflow. Plus, this book includes a downloadable collection of some of the hottest Lightroom Develop module presets to give you a bunch of amazing effects with just one click! Scott knows first-hand the challenges today’s digital photographers are facing, and what they want to learn next to make their workflow faster, easier, and more fun. He has incorporated all of that into this major update for Lightroom 5. It’s the first and only book to bring the whole process together in such a clear, concise, and visual way. Plus, the book includes a special chapter on integrating Adobe Photoshop seamlessly right into your workflow, and you’ll also learn some of Scott’s latest Photoshop portrait retouching techniques and special effects, which take this book to a whole new level. There is no faster, more straight-to-the-point, or more fun way to learn Lightroom than with this groundbreaking book.

    AWS has been the frontrunner in cloud computing products and services, and the AWS Certified Solutions Architect Official Study Guide for the Associate exam will get you fully prepared through expert content, and real-world knowledge, key exam essentials, chapter review questions, access to Sybex's interactive online learning environment, and much more. This official study guide, written by AWS experts, covers exam concepts, and provides key review on exam topics, including:Mapping Multi-Tier Architectures to AWS Services, such as web/app servers, firewalls, caches and load balancers Understanding managed RDBMS through AWS RDS (MySQL, Oracle, SQL Server, Postgres, Aurora) Understanding Loose Coupling and Stateless Systems Comparing Different Consistency Models in AWS Services Understanding how AWS CloudFront can make your application more cost efficient, faster and secure Implementing Route tables, Access Control Lists, Firewalls, NAT, and DNS Applying AWS Security Features along with traditional Information and Application Security Using Compute, Networking, Storage, and Database AWS services Architecting Large Scale Distributed Systems Understanding of Elasticity and Scalability Concepts Understanding of Network Technologies Relating to AWS Deploying and Managing Services with tools such as CloudFormation, OpsWorks and Elastic Beanstalk. Learn from the AWS subject-matter experts, review with proven study tools, and apply real-world scenarios. If you are looking to take the AWS Certified Solutions Architect Associate exam, this guide is what you need for comprehensive content and robust study tools that will help you gain the edge on exam day and throughout your career.

    Find the best of the magazine's writing in Best of 2600: A Hacker Odyssey, a collection of the strongest, most interesting, and often most controversial articles covering 24 years of changes in technology, all from a hacker's perspective. Included are stories about the creation of the infamous tone dialer "red box" that allowed hackers to make free phone calls from payphones, the founding of the Electronic Frontier Foundation, and the insecurity of modern locks.

    

    Now Bamford describes the transformation of the NSA since 9/11, as the agency increasingly turns its high-tech ears on the American public.The Shadow Factory reconstructs how the NSA missed a chance to thwart the 9/11 hijackers and details how this mistake has led to a heightening of domestic surveillance. In disturbing detail, Bamford describes exactly how every American’s data is being mined and what is being done with it. Any reader who thinks America’s liberties are being protected by Congress will be shocked and appalled at what is revealed here.From the Trade Paperback edition.

    We've seen North Korea's retaliatory hack of Sony Pictures, China's large-scale industrial espionage against American companies, Russia's 2016 propaganda campaign, and quite a lot more. The cyber war is upon us.As the former Assistant Attorney General and Chief of Staff to FBI Director Robert Mueller, John Carlin has spent 15 years on the frontlines of America's ongoing cyber war with its enemies. In this dramatic book, he tells the story of his years-long secret battle to keep America safe, and warns us of the perils that await us as we embrace the latest digital novelties -- smart appliances, artificial intelligence, self-driving cars -- with little regard for how our enemies might compromise them. The potential targets for our enemies are multiplying: our electrical grid, our companies, our information sources, our satellites. As each sector of the economy goes digital, a new vulnerability is exposed.The Internet of Broken Things makes the urgent case that we need to start innovating more responsibly. As a fleet of web-connected cars and pacemakers rolls off the assembly lines, the potential for danger is overwhelming. We must see and correct these flaws before our enemies exploit them.

    The principal enhancement in Java 8 was the addition of functional programming constructs to Java's object-oriented roots. Java 7, 8, and 9 also introduced language features, such as the try-with-resources statement, the diamond operator for generic types, default and static methods in interfaces, the @SafeVarargs annotation, and modules. New library features include pervasive use of functional interfaces and streams, the java.time package for manipulating dates and times, and numerous minor enhancements such as convenience factory methods for collections. In this new edition of Effective Java, Bloch updates the work to take advantage of these new language and library features, and provides specific best practices for their use. Java's increased support for multiple paradigms increases the need for best-practices advice, and this book delivers. As in previous editions, each chapter consists of several "items," each presented in the form of a short, standalone essay that provides specific advice, insight into Java platform subtleties, and updated code examples. The comprehensive descriptions and explanations for each item illuminate what to do, what not to do, and why. Coverage includes:Updated techniques and best practices on classic topics, including objects, classes, methods, libraries, and generics How to avoid the traps and pitfalls of commonly misunderstood subtleties of the platform Focus on the language and its most fundamental libraries, such as java.lang and java.util

    It also works beautifully with other open source tools, such as the MySQL database and the Apache web server. However, as more web sites are developed in PHP, they become targets for malicious attackers, and developers need to prepare for the attacks.Security is an issue that demands attention, given the growing frequency of attacks on web sites. Essential PHP Security explains the most common types of attacks and how to write code that isn't susceptible to them. By examining specific attacks and the techniques used to protect against them, you will have a deeper understanding and appreciation of the safeguards you are about to learn in this book.In the much-needed (and highly-requested) Essential PHP Security, each chapter covers an aspect of a web application (such as form processing, database programming, session management, and authentication). Chapters describe potential attacks with examples and then explain techniques to help you prevent those attacks.Topics covered include:Preventing cross-site scripting (XSS) vulnerabilitiesProtecting against SQL injection attacksComplicating session hijacking attemptsYou are in good hands with author Chris Shiflett, an internationally-recognized expert in the field of PHP security. Shiflett is also the founder and President of Brain Bulb, a PHP consultancy that offers a variety of services to clients around the world.

    Levitt, co-author of Freakonomics - One of the best books of the year--NatureMary Aiken, the world's leading expert in forensic cyberpsychology, offers a starting point for all future conversations about how the Internet is shaping development and behavior, societal norms and values, children, safety, privacy, and our perception of the world. Drawing on her own research and extensive experience with law enforcement, Aiken covers a wide range of subjects, from the impact of screens on the developing child to the explosion of teen sexting and the acceleration of compulsive and addictive behaviors online. Aiken provides surprising statistics and incredible-but-true case studies of hidden trends that are shaping our culture and raising troubling questions about where the digital revolution is taking us.Praise for The Cyber Effect"How to guide kids in a hyperconnected world is one of the biggest challenges for today's parents. Mary Aiken clearly and calmly separates reality from myth. She clearly lays out the issues we really need to be concerned about and calmly instructs us on how to keep our kids safe and healthy in their digital lives."--Peggy Orenstein, author of the New York Times bestseller Girls & Sex"[A] fresh voice and a uniquely compelling perspective that draws from the murky, fascinating depths of her criminal case file and her insight as a cyber-psychologist . . . This is Aiken's cyber cri de coeur as a forensic scientist, and she wants everyone on the case."--The Washington Post"Fascinating . . . If you have children, stop what you are doing and pick up a copy of The Cyber Effect."--The Times (UK)"An incisive tour of sociotechnology and its discontents."--Nature"Just as Rachel Carson launched the modern environmental movement with her Silent Spring, Mary Aiken delivers a deeply disturbing, utterly penetrating, and urgently timed investigation into the perils of the largest unregulated social experiment of our time."--Bob Woodward"Mary Aiken takes us on a fascinating, thought-provoking, and at times scary journey down the rabbit hole to witness how the Internet is changing the human psyche. A must-read for anyone who wants to understand the temptations and tragedies of cyberspace."--John R. Suler, PhD, author of The Psychology of Cyberspace"Drawing on a fascinating and mind-boggling range of research and knowledge, Mary Aiken has written a great, important book that terrifies then consoles by pointing a way forward so that our experience online might not outstrip our common sense."--Steven D. Levitt"Having worked with law enforcement groups from INTERPOL and Europol as well as the U.S. government, Aiken knows firsthand how today's digital tools can be exploited by criminals lurking in the Internet's Dark Net."--Newsweek

    It also includes real world cases.

    It covers topics ranging from personal responsibility and career development to architectural techniques for keeping your code flexible and easy to adapt and reuse. Read this book, and you'll learn how toFight software rot; Avoid the trap of duplicating knowledge; Write flexible, dynamic, and adaptable code; Avoid programming by coincidence; Bullet-proof your code with contracts, assertions, and exceptions; Capture real requirements; Test ruthlessly and effectively; Delight your users; Build teams of pragmatic programmers; and Make your developments more precise with automation. Written as a series of self-contained sections and filled with entertaining anecdotes, thoughtful examples, and interesting analogies, The Pragmatic Programmer illustrates the best practices and major pitfalls of many different aspects of software development. Whether you're a new coder, an experienced programmer, or a manager responsible for software projects, use these lessons daily, and you'll quickly see improvements in personal productivity, accuracy, and job satisfaction. You'll learn skills and develop habits and attitudes that form the foundation for long-term success in your career. You'll become a Pragmatic Programmer.

    You'll learn how to confidently and securely build and deploy OAuth on both the client and server sides. Foreword by Ian Glazer.Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.About the TechnologyThink of OAuth 2 as the web version of a valet key. It is an HTTP-based security protocol that allows users of a service to enable applications to use that service on their behalf without handing over full control. And OAuth is used everywhere, from Facebook and Google, to startups and cloud services.About the BookOAuth 2 in Action teaches you practical use and deployment of OAuth 2 from the perspectives of a client, an authorization server, and a resource server. You'll begin with an overview of OAuth and its components and interactions. Next, you'll get hands-on and build an OAuth client, an authorization server, and a protected resource. Then you'll dig into tokens, dynamic client registration, and more advanced topics. By the end, you'll be able to confidently and securely build and deploy OAuth on both the client and server sides.What's InsideCovers OAuth 2 protocol and designAuthorization with OAuth 2OpenID Connect and User-Managed AccessImplementation risksJOSE, introspection, revocation, and registrationProtecting and accessing REST APIsAbout the ReaderReaders need basic programming skills and knowledge of HTTP and JSON.About the AuthorJustin Richer is a systems architect and software engineer. Antonio Sanso is a security software engineer and a security researcher. Both authors contribute to open standards and open source.Table of ContentsPart 1 - First stepsWhat is OAuth 2.0 and why should you care?The OAuth dance Part 2 - Building an OAuth 2 environmentBuilding a simple OAuth clientBuilding a simple OAuth protected resourceBuilding a simple OAuth authorization serverOAuth 2.0 in the real world Part 3 - OAuth 2 implementation and vulnerabilitiesCommon client vulnerabilitiesCommon protected resources vulnerabilitiesCommon authorization server vulnerabilitiesCommon OAuth token vulnerabilities Part 4 - Taking OAuth furtherOAuth tokensDynamic client registrationUser authentication with OAuth 2.0Protocols and profiles using OAuth 2.0Beyond bearer tokensSummary and conclusions