It is an unabashed look at the dark side of the Net--the stuff many other books gloss over. It's hard-edged, wisecracking, and often quite cynical as it pours over the reality of online scams, illegal activities, and simple annoyances. Wang's stated goal is to open the reader's eyes about what's really there. He shows what's being done, how it's being done, and how to avoid problems or even strike back. He begins with a chapter about the news media, and his message is that no source is to be trusted completely. He examines issues important to Internet users: the cost of getting computerized (with tips on how to find the real bargains), who is using the Internet as a source of hate information, and how your privacy can be invaded and protected. He shows you the secrets of malicious hackers and others and how some of them attack computer systems without the ethical mindset typical of the original, idealistic hackers. Wang shows you how you can set up your defenses against such an onslaught, discussing how to protect yourself and your kids from online stalkers and how online con games work. Wang never claims that the Internet is the electronic den of darkness that the pop media make it out to be. But he makes it clear that something this big has its lowlights--it's own "net noir." His messages are "know your enemy" and "be careful who you trust," an ideology verified by the examples he provides. --Elizabeth Lewis This offbeat, non-technical book examines what hackers do, how they do it, and how readers can protect themselves. Informative, irreverent, and entertaining, the completely revised fourth edition of Steal This Computer Book contains new chapters that discuss the hacker mentality, lock picking, exploiting P2P file sharing networks, and how people manipulate search engines and pop-up ads. Includes a CD with hundreds of megabytes of hack

    It follows standards-based principles, but also teaches readers ways around problems they are likely to face using (X)HTML.While XHTML is the "current" standard, the book still covers HTML because many people do not yet understand that XHTML is the official successor to HTML, and many readers will still stick with HTML for backward compatibility and simpler/informal Web pages that don't require XHTML compliance.The book teaches basic principles of usability and accessibility along the way, to get users into the mode of developing Web pages that will be available to as many viewers as possible from the start. The book also covers the most commonly used programming/scripting language -- JavaScript -- and provides readers with a roadmap of other Web technologies to learn after mastering this book to add more functionality to their sites.

    And this book will teach you all you need to know to be immediately productive with MySQL. By working through 30 highly focused hands-on lessons, your MySQL Crash Course will be both easier and more effective than you'd have thought possible. Learn how to: Retrieve and sort data Filter data using comparisons, regular expressions, full text search, and much more Join relational data Create and alter tables Insert, update, and delete data Leverage the power of stored procedures and triggers Use views and Cursors Manage transactional processing Create user accounts and manage security via access control Ben Forta is Macromedia's Senior Technical Evangelist, and has almost 20 years of experience in the computer industry in product development, support, training, and product marketing. Ben is the author of the best-selling Sams Teach Yourself SQL in 10 Minutes (now in its third edition, and translated into over a dozen languages), ColdFusion Web Application Construction Kit, and Advanced ColdFusion Development (both published by Que Publishing), Sams Teach Yourself Regular Expressions in 10 Minutes, as well as books on SQL, Flash, JSP, HomeSite, WAP, Windows 2000, and other subjects.

    In the tradition of Manning's ground breaking "In Action" series, this book comes from right from the source. Written by Bruce Payette, one of principal creators of PowerShell, Windows PowerShell in Action shows you how to build scripts and utilities to automate system tasks or create powerful system management tools to handle the day-to-day tasks that drive a Windows administrator's life. Because it's based on the .NET platform, PowerShell is also a powerful tool for developers and power users.Windows PowerShell in Action was written by Bruce Payette, one of the founding members of the Windows PowerShell team, co-designer of the PowerShell language and the principal author of the PowerShell language implementation. The book enables you to get the most out of the PowerShell environment. Using many examples, both small and large, this book illustrates the features of the language and environment and shows how to compose those features into solutions, quickly and effectively.This book is designed for anyone who wants to learn PowerShell and use it well. Rather than simply being a book of recipes to read and apply, this book gives you the deep knowledge about how PowerShell works and how to apply it.

    Now, security expert Brian Carrier has written the definitive reference for everyone who wants to understand and be able to testify about how file system analysis is performed. Carrier begins with an overview of investigation and computer foundations and then gives an authoritative, comprehensive, and illustrated overview of contemporary volume and file systems: Crucial information for discovering hidden evidence, recovering deleted data, and validating your tools. Along the way, he describes data structures, analyzes example disk images, provides advanced investigation scenarios, and uses today's most valuable open source file system analysis tools--including tools he personally developed. Coverage includes Preserving the digital crime scene and duplicating hard disks for dead analysis Identifying hidden data on a disk's Host Protected Area (HPA) Reading source data: Direct versus BIOS access, dead versus live acquisition, error handling, and more Analyzing DOS, Apple, and GPT partitions; BSD disk labels; and Sun Volume Table of Contents using key concepts, data structures, and specific techniques Analyzing the contents of multiple disk volumes, such as RAID and disk spanning Analyzing FAT, NTFS, Ext2, Ext3, UFS1, and UFS2 file systems using key concepts, data structures, and specific techniques Finding evidence: File metadata, recovery of deleted files, data hiding locations, and more Using The Sleuth Kit (TSK), Autopsy Forensic Browser, and related open source tools When it comes to file system analysis, no other book offers this much detail or expertise. Whether you're a digital forensics specialist, incident response team member, law enforcement officer, corporate security specialist, or auditor, this book will become an indispensable resource for forensic investigations, no matter what analysis tools you use.

    This book explains the technical aspects of hacking, including stack based overflows, heap based overflows, string exploits, return-into-libc, shellcode, and cryptographic attacks on 802.11b.

    Using sample charts, graphics, case studies, and war stories, Yankee Group Security Expert Andrew Jaquith demonstrates exactly how to establish effective metrics based on your organization's unique requirements. You'll discover how to quantify hard-to-measure security activities, compile and analyze all relevant data, identify strengths and weaknesses, set cost-effective priorities for improvement, and craft compelling messages for senior management. Security Metrics successfully bridges management's quantitative viewpoint with the nuts-and-bolts approach typically taken by security professionals. It brings together expert solutions drawn from Jaquith's extensive consulting work in the software, aerospace, and financial services industries, including new metrics presented nowhere else. You'll learn how to: - Replace nonstop crisis response with a systematic approach to security improvement - Understand the differences between "good" and "bad" metrics - Measure coverage and control, vulnerability management, password quality, patch latency, benchmark scoring, and business-adjusted risk - Quantify the effectiveness of security acquisition, implementation, and other program activities - Organize, aggregate, and analyze your data to bring out key insights - Use visualization to understand and communicate security issues more clearly - Capture valuable data from firewalls and antivirus logs, third-party auditor reports, and other resources - Implement balanced scorecards that present compact, holistic views of organizational security effectiveness Whether you're an engineer or consultant responsible for security and reporting to management-or an executive who needs better information for decision-making-Security Metrics is the resource you have been searching for. Andrew Jaquith, program manager for Yankee Group's Security Solutions and Services Decision Service, advises enterprise clients on prioritizing and managing security resources. He also helps security vendors develop product, service, and go-to-market strategies for reaching enterprise customers. He co-founded @stake, Inc., a security consulting pioneer acquired by Symantec Corporation in 2004. His application security and metrics research has been featured in CIO, CSO, InformationWeek, IEEE Security and Privacy, and The Economist. Foreword Preface Acknowledgments About the Author Chapter 1 Introduction: Escaping the Hamster Wheel of Pain Chapter 2 Defining Security Metrics Chapter 3 Diagnosing Problems and Measuring Technical Security Chapter 4 Measuring Program Effectiveness Chapter 5 Analysis Techniques Chapter 6 Visualization Chapter 7 Automating Metrics Calculations Chapter 8 Designing Security Scorecards Index

    This rapid application development framework and its vast ecosystem of tools let you quickly build new sites and applications with clean, readable code. With this practical guide, Matt Stauffer--a leading teacher and developer in the Laravel community--provides the definitive introduction to one of today's most popular web frameworks.The book's high-level overview and concrete examples will help experienced PHP web developers get started with Laravel right away. By the time you reach the last page, you should feel comfortable writing an entire application in Laravel from scratch.Dive into several features of this framework, including:Blade, Laravel's powerful, custom templating toolTools for gathering, validating, normalizing, and filtering user-provided dataLaravel's Eloquent ORM for working with the application's databasesThe Illuminate request object, and its role in the application lifecyclePHPUnit, Mockery, and PHPSpec for testing your PHP codeLaravel's tools for writing JSON and RESTful APIsInterfaces for file system access, sessions, cookies, caches, and searchTools for implementing queues, jobs, events, and WebSocket event publishingLaravel's specialty packages: Scout, Passport, Cashier, Echo, Elixir, Valet, and Socialite

    Windows Presentation Foundation (WPF) is a key component of the .NET Framework 3.0, giving you the power to create richer and more compelling applications than you dreamed possible. Whether you want to develop traditional user interfaces or integrate 3D graphics, audio/video, animation, dynamic skinning, rich document support, speech recognition, or more, WPF enables you to do so in a seamless, resolution-independent manner. Windows Presentation Foundation Unleashed is the authoritative book that covers it all, in a practical and approachable fashion, authored by .NET guru and Microsoft developer Adam Nathan. - Covers everything you need to know about Extensible Application Markup Language (XAML) - Examines the WPF feature areas in incredible depth: controls, layout, resources, data binding, styling, graphics, animation, and more - Features a chapter on 3D graphics by Daniel Lehenbauer, lead developer responsible for WPF 3D - Delves into non-mainstream topics: speech, audio/video, documents, bitmap effects, and more - Shows how to create popular UI elements, such as features introduced in the 2007 Microsoft Office System: Galleries, ScreenTips, custom control layouts, and more - Demonstrates how to create sophisticated UI mechanisms, such as Visual Studio-like collapsible/dockable panes - Explains how to develop and deploy all types of applications, including navigation-based applications, applications hosted in a Web browser, and applications with great-looking non-rectangular windows - Explains how to create first-class custom controls for WPF - Demonstrates how to create hybrid WPF software that leverages Windows Forms, ActiveX, or other non-WPF technologies - Explains how to exploit new Windows Vista features in WPF applications

    The rapid maturation of PHP has created a skeptical population of users from more traditional enterprise languages who question the readiness and ability of PHP to scale, as well as a large population of PHP developers without formal computer science backgrounds who have learned through the hands-on experimentation while developing small and midsize applications in PHP. While there are many books on learning PHP and developing small applications with it, there is a serious lack of information on scaling PHP for large-scale, business-critical systems. Schlossnagle's Advanced PHP Programming fills that void, demonstrating that PHP is ready for enterprise Web applications by showing the reader how to develop PHP-based applications for maximum performance, stability, and extensibility.

    Packed with examples and helpful recommendations, the book has helped everyone--from novices to experienced developers, and from Oracle Forms developers to database administrators--make the most of PL/SQL. The fourth edition is a comprehensive update, adding significant new content and extending coverage to include the very latest Oracle version, Oracle Database 10g Release 2. It describes such new features as the PL/SQL optimizing compiler, conditional compilation, compile-time warnings, regular expressions, set operators for nested tables, nonsequential collections in FORALL, the programmer-defined quoting mechanism, the ability to backtrace an exception to a line number, a variety of new built-in packages, and support for IEEE 754 compliant floating-point numbers. The new edition adds brand-new chapters on security (including encryption, row-level security, fine-grained auditing, and application contexts), file, email, and web I/O (including the built-in packages DBMS_OUTPUT, UTL_FILE, UTL_MAIL, UTL_SMTP, and UTL_HTTP) and globalization and localization. Co-authored by the world's foremost PL/SQL authority, Steven Feuerstein, this classic reference provides language syntax, best practices, and extensive code, ranging from simple examples to complete applications--making it a must-have on your road to PL/SQL mastery. A companion web site contains many more examples and additional technical content for enhanced learning.

    Emphasizes possible, realistic and "best practice" approaches for managers, technical leads and self-managed teams. The author emphasizes efficient development concepts with an examination of rapid development strategies and a study of classic mistakes, within the context of software-development fundamentals and risk management. Dissects the core issues of rapid development, lifecycle planning, estimation and scheduling. Contains very good and practical discussions of customer-oriented development, motivation and teamwork. Explains such fundamental requirements as team structure, feature-set control (the dreaded feature creep in every project), availability and use of productivity tools and project recovery options. Relevant case studies are analyzed and discussed within the context of specific software development problems. Over 200 pages in this publication are devoted to a summary of best practices, everything from the daily build and smoke test, through prototyping, model selection, measurement, reuse, and the top-10 risks list. This publication is definitely recommended and will become a classic in the field, just as the author's prior publication, "Code Complete" already is.

    Now, hopes and expectations for JavaScript’s future are considerable.In this insightful report, Dr. Axel Rauschmayer explains how the combination of several technologies and opportunities in the past 15 years turned JavaScript’s fortunes. With that as a backdrop, he provides a detailed look at proposed new features and fixes in the next version, ECMAScript.next, and then presents his own JavaScript wish list—such as an integrated IDE.

    The book covers all of the new CompTIA Security+ 2008 exam objectives and maps to the new Security+ 2008 exam. This updated edition features many all-new topics, including topics new to the CompTIA exams like cross site scripting, SQL injection, rootkits, and virtualization, as well as topics of increasing importance in the industry as a whole, like the latest breeds of attackers, Wi-Fi Protected Access 2, and Microsoft Windows Vista security.

    But this high-level language is relatively difficult to master, even if you already know the C programming language.The 2nd edition of Practical C++ Programming is a complete introduction to the C++ language for programmers who are learning C++. Reflecting the latest changes to the C++ standard, this 2nd edition takes a useful down-to-earth approach, placing a strong emphasis on how to design clean, elegant code.In short, to-the-point chapters, all aspects of programming are covered including style, software engineering, programming design, object-oriented design, and debugging. It also covers common mistakes and how to find (and avoid) them. End of chapter exercises help you ensure you've mastered the material.Practical C++ Programming thoroughly covers: C++ Syntax Coding standards and style Creation and use of object classes Templates Debugging and optimization Use of the C++ preprocessor File input/output Steve Oualline's clear, easy-going writing style and hands-on approach to learning make Practical C++ Programming a nearly painless way to master this complex but powerful programming language.