Your online and in-store purchasing patterns are recorded, and reveal if you're unemployed, sick, or pregnant. Your e-mails and texts expose your intimate and casual friends. Google knows what you’re thinking because it saves your private searches. Facebook can determine your sexual orientation without you ever mentioning it.The powers that surveil us do more than simply store this information. Corporations use surveillance to manipulate not only the news articles and advertisements we each see, but also the prices we’re offered. Governments use surveillance to discriminate, censor, chill free speech, and put people in danger worldwide. And both sides share this information with each other or, even worse, lose it to cybercriminals in huge data breaches.Much of this is voluntary: we cooperate with corporate surveillance because it promises us convenience, and we submit to government surveillance because it promises us protection. The result is a mass surveillance society of our own making. But have we given up more than we’ve gained? In Data and Goliath, security expert Bruce Schneier offers another path, one that values both security and privacy. He brings his bestseller up-to-date with a new preface covering the latest developments, and then shows us exactly what we can do to reform government surveillance programs, shake up surveillance-based business models, and protect our individual privacy. You'll never look at your phone, your computer, your credit cards, or even your car in the same way again.

    We're going to do that by introducing you to Example.com, where you're going to start a new job as one of its SysAdmins. The first project you'll be in charge of is developing its new log management solution. We'll teach you how to:* Install and deploy LogStash.* Ship events from a LogStash Shipper to a central LogStash server.* Filter incoming events using a variety of techniques.* Output those events to a selection of useful destinations.* Use LogStash's Web interface and alternative interfaces like Kibana.* Scale out your LogStash implementation as your environment grows.* Quickly and easily extend LogStash to deliver additional functionality you might need.By the end of the book you should have a functional and effective log management solution that you can deploy into your own environment.

    It also works beautifully with other open source tools, such as the MySQL database and the Apache web server. However, as more web sites are developed in PHP, they become targets for malicious attackers, and developers need to prepare for the attacks.Security is an issue that demands attention, given the growing frequency of attacks on web sites. Essential PHP Security explains the most common types of attacks and how to write code that isn't susceptible to them. By examining specific attacks and the techniques used to protect against them, you will have a deeper understanding and appreciation of the safeguards you are about to learn in this book.In the much-needed (and highly-requested) Essential PHP Security, each chapter covers an aspect of a web application (such as form processing, database programming, session management, and authentication). Chapters describe potential attacks with examples and then explain techniques to help you prevent those attacks.Topics covered include:Preventing cross-site scripting (XSS) vulnerabilitiesProtecting against SQL injection attacksComplicating session hijacking attemptsYou are in good hands with author Chris Shiflett, an internationally-recognized expert in the field of PHP security. Shiflett is also the founder and President of Brain Bulb, a PHP consultancy that offers a variety of services to clients around the world.

    Using sample charts, graphics, case studies, and war stories, Yankee Group Security Expert Andrew Jaquith demonstrates exactly how to establish effective metrics based on your organization's unique requirements. You'll discover how to quantify hard-to-measure security activities, compile and analyze all relevant data, identify strengths and weaknesses, set cost-effective priorities for improvement, and craft compelling messages for senior management. Security Metrics successfully bridges management's quantitative viewpoint with the nuts-and-bolts approach typically taken by security professionals. It brings together expert solutions drawn from Jaquith's extensive consulting work in the software, aerospace, and financial services industries, including new metrics presented nowhere else. You'll learn how to: - Replace nonstop crisis response with a systematic approach to security improvement - Understand the differences between "good" and "bad" metrics - Measure coverage and control, vulnerability management, password quality, patch latency, benchmark scoring, and business-adjusted risk - Quantify the effectiveness of security acquisition, implementation, and other program activities - Organize, aggregate, and analyze your data to bring out key insights - Use visualization to understand and communicate security issues more clearly - Capture valuable data from firewalls and antivirus logs, third-party auditor reports, and other resources - Implement balanced scorecards that present compact, holistic views of organizational security effectiveness Whether you're an engineer or consultant responsible for security and reporting to management-or an executive who needs better information for decision-making-Security Metrics is the resource you have been searching for. Andrew Jaquith, program manager for Yankee Group's Security Solutions and Services Decision Service, advises enterprise clients on prioritizing and managing security resources. He also helps security vendors develop product, service, and go-to-market strategies for reaching enterprise customers. He co-founded @stake, Inc., a security consulting pioneer acquired by Symantec Corporation in 2004. His application security and metrics research has been featured in CIO, CSO, InformationWeek, IEEE Security and Privacy, and The Economist. Foreword Preface Acknowledgments About the Author Chapter 1 Introduction: Escaping the Hamster Wheel of Pain Chapter 2 Defining Security Metrics Chapter 3 Diagnosing Problems and Measuring Technical Security Chapter 4 Measuring Program Effectiveness Chapter 5 Analysis Techniques Chapter 6 Visualization Chapter 7 Automating Metrics Calculations Chapter 8 Designing Security Scorecards Index

    

    The book covers all of the new CompTIA Security+ 2008 exam objectives and maps to the new Security+ 2008 exam. This updated edition features many all-new topics, including topics new to the CompTIA exams like cross site scripting, SQL injection, rootkits, and virtualization, as well as topics of increasing importance in the industry as a whole, like the latest breeds of attackers, Wi-Fi Protected Access 2, and Microsoft Windows Vista security.

    Everybody wants to learn them. You're not a programmer though. How is a non technical user going to learn how to program? You do want to use macros to make your work easier but are you really going to sit down with a huge programming textbook and work your way through every. single. boring. page? Like most people, you'll start with great enthusiasm and vigor but after a few chapters, the novelty wears off. It gets boring. I'm going to try and change that and make learning macro programming entertaining and accessible to non-techies. First of all, programming Excel macros is a huge topic. Let's eat the elephant one bite at a time. Instead of sitting down with a dry, heavy text, you will read very focused, to the point topics. You can then immediately use what you learned in the real world. This is the first lesson in the series. You will learn what macros are, how to access them, a tiny bit of programming theory (just so you have a clue as to what's going on) and how to record macros. As with all my other lessons, this one has a follow along workbook that you can use to work through the exercises. The images in the lessons are based on Excel 2013 for Windows.

    Build hands-on expertise through a series of lessons, exercises, and suggested practices—and help maximize your performance on the job.Provides in-depth, hands-on training you take at your own pace Focuses on job-role-specific expertise for using HTML5, JavaScript, and CSS3 to begin building modern web and Windows 8 apps Features pragmatic lessons, exercises, and practices Creates a foundation of skills which, along with on-the-job experience, can be measured by Microsoft Certification exams such as 70-480 Coverage includes: creating HTML5 documents; implementing styles with CSS3; JavaScript in depth; using Microsoft developer tools; AJAX; multimedia support; drawing with Canvas and SVG; drag and drop functionality; location-aware apps; web storage; offline apps; writing your first simple Windows 8 apps; and other key topics

    This update to the bestselling first edition dives in to cover the exciting new features of the latest release of the Android mobile platform.Providing in-depth coverage of how to build mobile applications using the next major release of the Android SDK, this invaluable resource takes a hands-on approach to discussing Android with a series of projects, each of which introduces a new feature and highlights techniques and best practices to get the most out of Android.The Android SDK is a powerful, flexible, open source platform for mobile devices Shares helpful techniques and best practices to maximize the capabilities of Android Explains the possibilities of Android through the use of a series of detailed projects Demonstrates how to create real-world mobile applications for Android phones Includes coverage of the latest version of Android Providing concise and compelling examples, Professional Android Application Development is an updated guide aimed at helping you create mobile applications for mobile devices running the latest version of Android.

    This concise introduction shows you how OAuth provides a single authorization technology across numerous APIs on the Web, so you can securely access users’ data—such as user profiles, photos, videos, and contact lists—to improve their experience of your application.Through code examples, step-by-step instructions, and use-case examples, you’ll learn how to apply OAuth 2.0 to your server-side web application, client-side app, or mobile app. Find out what it takes to access social graphs, store data in a user’s online filesystem, and perform many other tasks.Understand OAuth 2.0’s role in authentication and authorizationLearn how OAuth’s Authorization Code flow helps you integrate data from different business applicationsDiscover why native mobile apps use OAuth differently than mobile web appsUse OpenID Connect and eliminate the need to build your own authentication system

    That's why Elizabeth Castro has written HTML 4 for the World Wide Web, Fourth Edition: Visual QuickStart Guide, an update to her blockbuster guide to HTML 4. You'll find all the concise, practical advice--and fun examples--that made the first edition a worldwide bestseller, plus entirely new coverage of debugging, JavaScript, and using tables for page layout, and an expanded section on Cascading Style Sheets.Like all the books in the Visual QuickStart series, this one breaks even the most complex tasks into easy-to-follow steps illustrated with hundreds of screenshots and the actual code. The book presumes no prior knowledge of HTML, making it the perfect introduction for beginners. But its tabbed format and info-packed appendixes (on special HTML characters and Web-safe colors, for example) also make it a handy and indispensable reference for those who build Web pages for a living. Find out why Amazon called the previous edition a "dream guide" to HTML.

    This book teaches you how to conduct examinations by explaining what digital forensics is, the methodologies used, key technical concepts and the tools needed to perform examinations. Details on digital forensics for computers, networks, cell phones, GPS, the cloud, and Internet are discussed. Readers will also learn how to collect evidence, document the scene, and recover deleted data. This is the only resource your students need to get a jump-start into digital forensics investigations.This book is organized into 11 chapters. After an introduction to the basics of digital forensics, the book proceeds with a discussion of key technical concepts. Succeeding chapters cover labs and tools; collecting evidence; Windows system artifacts; anti-forensics; Internet and email; network forensics; and mobile device forensics. The book concludes by outlining challenges and concerns associated with digital forensics. PowerPoint lecture slides are also available.This book will be a valuable resource for entry-level digital forensics professionals as well as those in complimentary fields including law enforcement, legal, and general information security.

    This book covers the core concepts of operating systems without any unnecessary jargon or text. The authors put you on your way to mastering the fundamental concepts of operating systems while you also prepare for today's emerging developments.Covers the core concepts of operating systems Bypasses unnecessary and wordy text or jargon Encourages you to take your operating system knowledge to the next level Prepares you for today's emerging developments in the field of operating systems Operating Systems Concepts Essentials is a soup-to-nuts guide for all things involving operating systems!

    Hadoop allowed small and medium sized companies to store huge amounts of data on cheap commodity servers in racks. The introduction of Big Data has allowed businesses to make decisions based on quantifiable analysis. Hadoop is now implemented in major organizations such as Amazon, IBM, Cloudera, and Dell to name a few. This book introduces you to Hadoop and to concepts such as ‘MapReduce’, ‘Rack Awareness’, ‘Yarn’ and ‘HDFS Federation’, which will help you get acquainted with the technology.

    This classic guide—fully updated for Windows Server 2003, Windows XP, and Windows 2000, including 64-bit extensions—describes the architecture and internals of the Windows operating system. You’ll find hands-on experiments you can use to experience Windows internal behavior firsthand, along with advanced troubleshooting information to help you keep your systems running smoothly and efficiently. Whether you’re a developer or a system administrator, you’ll find critical architectural insights that you can quickly apply for better design, debugging, performance, and support.Get in-depth, inside knowledge of the Windows operating system: Understand the key mechanisms that configure and control Windows, including dispatching, startup and shutdown, and the registry Explore the Windows security model, including access, privileges, and auditing Investigate internal system architecture using the kernel debugger and other tools Examine the data structures and algorithms that deal with processes, threads, and jobs Observe how Windows manages virtual and physical memory Understand the operation and format of NTFS, and troubleshoot file system access problems View the Windows networking stack from top to bottom, including mapping, APIs, name resolution, and protocol drivers Troubleshoot boot problems and perform crash analysis