Writing Secure Code


Michael Howard - 2001
    You need to assume it will run in the most hostile environments imaginable -- and design, code, and test accordingly. Writing Secure Code, Second Edition shows you how. This edition draws on the lessons learned and taught throughout Microsoft during the firm s massive 2002 Windows Security Push. It s a huge upgrade to the respected First Edition, with new coverage across the board. Michael Howard and David LeBlanc first help you define what security means to your customers -- and implement a three-pronged strategy for securing design, defaults, and deployment. There s especially useful coverage of threat modeling -- decomposing your application, identifying threats, ranking them, and mitigating them. Then, it s on to in-depth coverage of today s key security issues from the developer s standpoint. Everyone knows buffer overruns are bad: Here s a full chapter on avoiding them. You ll learn how to establish appropriate access controls and default to running with least privilege. There s detailed coverage of overcoming attacks on cryptography (for example, avoiding poor random numbers and bit-flipping attacks). You ll learn countermeasures for virtually every form of user input attack, from malicious database updates to cross-site scripting. We ve just scratched the surface: There are authoritative techniques for securing sockets and RPC, protecting against DOS attacks, building safer .NET applications, reviewing and testing code, adding privacy features, and even writing high-quality security documentation. Following these techniques won t just improve security -- it ll dramatically improve robustness and reliability, too. Bill CamardaBill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks For Dummies®, Second Edition.

Java 8 Lambdas: Pragmatic Functional Programming


Richard Warburton - 2014
    Starting with basic examples, this book is focused solely on Java 8 language changes and related API changes, so you don’t need to buy and read a 900 page book in order to brush up. Lambdas make a programmer's job easier, and this book will teach you how. Coverage includes introductory syntax for lambda expressions, method references that allow you to reuse existing named methods from your codebase, and the collection library in Java 8.

RESTful Web Services Cookbook


Subbu Allamaraju - 2010
    This cookbook includes more than 100 recipes to help you take advantage of REST, HTTP, and the infrastructure of the Web. You'll learn ways to design RESTful web services for client and server applications that meet performance, scalability, reliability, and security goals, no matter what programming language and development framework you use.Each recipe includes one or two problem statements, with easy-to-follow, step-by-step instructions for solving them, as well as examples using HTTP requests and responses, and XML, JSON, and Atom snippets. You'll also get implementation guidelines, and a discussion of the pros, cons, and trade-offs that come with each solution.Learn how to design resources to meet various application scenariosSuccessfully design representations and URIsImplement the hypertext constraint using links and link headersUnderstand when and how to use Atom and AtomPubKnow what and what not to do to support cachingLearn how to implement concurrency controlDeal with advanced use cases involving copying, merging, transactions, batch processing, and partial updatesSecure web services and support OAuth

Training Guide: Programming in HTML5 with JavaScript and CSS3


Glenn Johnson - 2013
    Build hands-on expertise through a series of lessons, exercises, and suggested practices—and help maximize your performance on the job.Provides in-depth, hands-on training you take at your own pace Focuses on job-role-specific expertise for using HTML5, JavaScript, and CSS3 to begin building modern web and Windows 8 apps Features pragmatic lessons, exercises, and practices Creates a foundation of skills which, along with on-the-job experience, can be measured by Microsoft Certification exams such as 70-480 Coverage includes: creating HTML5 documents; implementing styles with CSS3; JavaScript in depth; using Microsoft developer tools; AJAX; multimedia support; drawing with Canvas and SVG; drag and drop functionality; location-aware apps; web storage; offline apps; writing your first simple Windows 8 apps; and other key topics

Programming Android: Java Programming for the New Generation of Mobile Devices


Zigurd Mednieks - 2010
    With this book’s extensively revised second edition, you’ll focus on Android tools and programming essentials, including best practices for using Android 4 APIs. If you’re experienced with Java or Objective-C, you’ll gain the knowledge necessary for building well-engineered applications.Programming Android is organized into four parts:Part One helps programmers with some Java or iOS experience get off to a fast start with the Android SDK and Android programming basics.Part Two delves into the Android framework, focusing on user interface and graphics class hierarchies, concurrency, and databases. It’s a solid foundation for understanding of how the most important parts of an Android application work.Part Three features code skeletons and patterns for accelerating the development of apps that use web data and Android 4 user interface conventions and APIs.Part Four delivers practical coverage of Android’s multimedia, search, location, sensor, and account APIs, plus the Native Development Kit, enabling developers to add advanced capabilities.This updated edition of Programming Android focuses on the knowledge and developer priorities that are essential for successful Android development projects.

Patterns of Software: Tales from the Software Community


Richard P. Gabriel - 1996
    But while most of us today can work a computer--albeit with the help of the ever-present computer software manual--we know little about what goes on inside the box and virtually nothing about software designor the world of computer programming. In Patterns of Software, the respected software pioneer and computer scientist, Richard Gabriel, gives us an informative inside look at the world of software design and computer programming and the business that surrounds them. In this wide-ranging volume, Gabriel discusses such topics as whatmakes a successful programming language, how the rest of the world looks at and responds to the work of computer scientists, how he first became involved in computer programming and software development, what makes a successful software business, and why his own company, Lucid, failed in 1994, tenyears after its inception. Perhaps the most interesting and enlightening section of the book is Gabriel's detailed look at what he believes are the lessons that can be learned from architect Christopher Alexander, whose books--including the seminal A Pattern Language--have had a profound influence on the computer programmingcommunity. Gabriel illuminates some of Alexander's key insights--the quality without a name, pattern languages, habitability, piecemeal growth--and reveals how these influential architectural ideas apply equally well to the construction of a computer program. Gabriel explains the concept ofhabitability, for example, by comparing a program to a New England farmhouse and the surrounding structures which slowly grow and are modified according to the needs and desires of the people who live and work on the farm. Programs live and grow, and their inhabitants--the programmers--need to workwith that program the way the farmer works with the homestead. Although computer scientists and software entrepreneurs will get much out of this book, the essays are accessible to everyone and will intrigue anyone curious about Silicon Valley, computer programming, or the world of high technology.

OpenGL SuperBible: Comprehensive Tutorial and Reference


Richard S. Wright Jr. - 1996
    If you want to leverage OpenGL 2.1's major improvements, you really need the Fourth Edition. It's a comprehensive tutorial, systematic API reference, and massive code library, all in one. You'll start with the fundamental techniques every graphics programmer needs: transformations, lighting, texture mapping, and so forth. Then, building on those basics, you'll move towards newer capabilities, from advanced buffers to vertex shaders. Of course, OpenGL's cross-platform availability remains one of its most compelling features. This book's extensive multiplatform coverage has been thoroughly rewritten, and now addresses everything from Windows Vista to OpenGL ES for handhelds. This is stuff you absolutely want the latest edition for. A small but telling point: This book's recently been invited into Addison-Wesley's OpenGL Series, making it an "official" OpenGL book -- and making a powerful statement about its credibility. Bill Camarda, from the August 2007 href="http://www.barnesandnoble.com/newslet... Only

Continuous Delivery: Reliable Software Releases Through Build, Test, and Deployment Automation


Jez Humble - 2010
    This groundbreaking new book sets out the principles and technical practices that enable rapid, incremental delivery of high quality, valuable new functionality to users. Through automation of the build, deployment, and testing process, and improved collaboration between developers, testers, and operations, delivery teams can get changes released in a matter of hours-- sometimes even minutes-no matter what the size of a project or the complexity of its code base. Jez Humble and David Farley begin by presenting the foundations of a rapid, reliable, low-risk delivery process. Next, they introduce the "deployment pipeline," an automated process for managing all changes, from check-in to release. Finally, they discuss the "ecosystem" needed to support continuous delivery, from infrastructure, data and configuration management to governance. The authors introduce state-of-the-art techniques, including automated infrastructure management and data migration, and the use of virtualization. For each, they review key issues, identify best practices, and demonstrate how to mitigate risks. Coverage includes - Automating all facets of building, integrating, testing, and deploying software - Implementing deployment pipelines at team and organizational levels - Improving collaboration between developers, testers, and operations - Developing features incrementally on large and distributed teams - Implementing an effective configuration management strategy - Automating acceptance testing, from analysis to implementation - Testing capacity and other non-functional requirements - Implementing continuous deployment and zero-downtime releases - Managing infrastructure, data, components and dependencies - Navigating risk management, compliance, and auditing Whether you're a developer, systems administrator, tester, or manager, this book will help your organization move from idea to release faster than ever--so you can deliver value to your business rapidly and reliably.

97 Things Every Software Architect Should Know: Collective Wisdom from the Experts


Richard Monson-Haefel - 2009
    More than four dozen architects -- including Neal Ford, Michael Nygard, and Bill de hOra -- offer advice for communicating with stakeholders, eliminating complexity, empowering developers, and many more practical lessons they've learned from years of experience. Among the 97 principles in this book, you'll find useful advice such as:Don't Put Your Resume Ahead of the Requirements (Nitin Borwankar) Chances Are, Your Biggest Problem Isn't Technical (Mark Ramm) Communication Is King; Clarity and Leadership, Its Humble Servants (Mark Richards) Simplicity Before Generality, Use Before Reuse (Kevlin Henney) For the End User, the Interface Is the System (Vinayak Hegde) It's Never Too Early to Think About Performance (Rebecca Parsons) To be successful as a software architect, you need to master both business and technology. This book tells you what top software architects think is important and how they approach a project. If you want to enhance your career, 97 Things Every Software Architect Should Know is essential reading.

C++ Primer


Stanley B. Lippman - 1989
    This Fourth Edition not only keeps this tradition alive, it actually improves on it."--Steve Vinoski, Chief Engineer, Product Innovation, IONA Technologies" The Primer really brings this large and complex language down to size."--Justin Shaw, Senior Member of Technical Staff, Electronic Programs Division, The Aerospace Corporation"It not only gets novices up and running early, but gets them to do so using good programming practices."--Nevin ": -)" Liber, Senior Principal Engineer (C++ developer since 1988)This popular tutorial introduction to standard C++ has been completely updated, reorganized, and rewritten to help programmers learn the language faster and use it in a more modern, effective way.Just as C++ has evolved since the last edition, so has the authors' approach to teaching it. They now introduce the C++ standard library from the beginning, giving readers the means to write useful programs without first having to master every language detail. Highlighting today's best practices, they show how to write programs that are safe, can be built quickly, and yet offer outstanding performance. Examples that take advantage of the library, and explain the features of C++, also show how to make the best use of the language. As in its previous editions, the book's authoritative discussion of fundamental C++ concepts and techniques makes it a valuable resource even for more experienced programmers.Program Faster and More Effectively with This Rewritten ClassicRestructured for quicker learning, using the C++ standard libraryUpdated to teach the most current programming styles and program design techniquesFilled with new learning aids that emphasize important points, warn about common pitfalls, suggest good programming practices, and provide general usage tipsComplete with exercises that reinforce skills learnedAuthoritative and comprehensive in its coverage The source code for the book's extended examples is available on the Web at the address below.www.awprofessional.com/cpp_primer

Engineering a Compiler


Keith D. Cooper - 2003
    No longer is execution speed the sole criterion for judging compiled code. Today, code might be judged on how small it is, how much power it consumes, how well it compresses, or how many page faults it generates. In this evolving environment, the task of building a successful compiler relies upon the compiler writer's ability to balance and blend algorithms, engineering insights, and careful planning. Today's compiler writer must choose a path through a design space that is filled with diverse alternatives, each with distinct costs, advantages, and complexities.Engineering a Compiler explores this design space by presenting some of the ways these problems have been solved, and the constraints that made each of those solutions attractive. By understanding the parameters of the problem and their impact on compiler design, the authors hope to convey both the depth of the problems and the breadth of possible solutions. Their goal is to cover a broad enough selection of material to show readers that real tradeoffs exist, and that the impact of those choices can be both subtle and far-reaching.Authors Keith Cooper and Linda Torczon convey both the art and the science of compiler construction and show best practice algorithms for the major passes of a compiler. Their text re-balances the curriculum for an introductory course in compiler construction to reflect the issues that arise in current practice.

PHP and MySQL Web Development (Developer's Library)


Luke Welling - 2003
    This book helps you develop websites by integrating and implementing the PHP scripting language and the MySQL database system. It contains real-world examples and working sample projects that give you a foundation to start building your own websites.

Peopleware: Productive Projects and Teams


Tom DeMarco - 1987
    The answers aren't easy -- just incredibly successful.

Head First jQuery


Ryan Benedetti - 2011
    With Head First jQuery, you'll quickly get up to speed on this amazing JavaScript library by learning how to navigate HTML documents while handling events, effects, callbacks, and animations. By the time you've completed the book, you'll be incorporating Ajax apps, working seamlessly with HTML and CSS, and handling data with PHP, MySQL and JSON.If you want to learn—and understand—how to create interactive web pages, unobtrusive script, and cool animations that don't kill your browser, this book is for you.Use jQuery with DOM to overcome the limitations of HTML and CSSLearn how jQuery selectors and actions work togetherWrite functions and wire them to interface elementsUse jQuery effects to create actions on the pageMake your pages come alive with animationBuild interactive web pages with jQuery and AjaxBuild forms in web applications

Effective Python: 59 Specific Ways to Write Better Python


Brett Slatkin - 2015
    This makes the book random-access: Items are easy to browse and study in whatever order the reader needs. I will be recommending "Effective Python" to students as an admirably compact source of mainstream advice on a very broad range of topics for the intermediate Python programmer. " Brandon Rhodes, software engineer at Dropbox and chair of PyCon 2016-2017" It s easy to start coding with Python, which is why the language is so popular. However, Python s unique strengths, charms, and expressiveness can be hard to grasp, and there are hidden pitfalls that can easily trip you up. " Effective Python " will help you master a truly Pythonic approach to programming, harnessing Python s full power to write exceptionally robust and well-performing code. Using the concise, scenario-driven style pioneered in Scott Meyers best-selling "Effective C++, " Brett Slatkin brings together 59 Python best practices, tips, and shortcuts, and explains them with realistic code examples. Drawing on years of experience building Python infrastructure at Google, Slatkin uncovers little-known quirks and idioms that powerfully impact code behavior and performance. You ll learn the best way to accomplish key tasks, so you can write code that s easier to understand, maintain, and improve. Key features includeActionable guidelines for all major areas of Python 3.x and 2.x development, with detailed explanations and examples Best practices for writing functions that clarify intention, promote reuse, and avoid bugs Coverage of how to accurately express behaviors with classes and objects Guidance on how to avoid pitfalls with metaclasses and dynamic attributes More efficient approaches to concurrency and parallelism Better techniques and idioms for using Python s built-in modules Tools and best practices for collaborative development Solutions for debugging, testing, and optimization in order to improve quality and performance "