Dobbs Jolt Award Finalist since Bruce Schneier's Secrets and Lies and Applied Cryptography!Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn effective ways to address threats that have been validated at Microsoft and other top companies.Systems security managers, you'll find tools and a framework for structured thinking about what can go wrong. Software developers, you'll appreciate the jargon-free and accessible introduction to this essential skill. Security professionals, you'll learn to discern changing threats and discover the easiest ways to adopt a structured approach to threat modeling.Provides a unique how-to for security and software developers who need to design secure products and systems and test their designs Explains how to threat model and explores various threat modeling approaches, such as asset-centric, attacker-centric and software-centric Provides effective approaches and techniques that have been proven at Microsoft and elsewhere Offers actionable how-to advice not tied to any specific software, operating system, or programming language Authored by a Microsoft professional who is one of the most prominent threat modeling experts in the world As more software is delivered on the Internet or operates on Internet-connected devices, the design of secure software is absolutely critical. Make sure you're ready with Threat Modeling: Designing for Security.

    It supports secure remote logins, secure file transfer between computers, and a unique "tunneling" capability that adds encryption to otherwise insecure network applications. Best of all, SSH is free, with feature-filled commercial versions available as well.SSH: The Secure Shell: The Definitive Guide covers the Secure Shell in detail for both system administrators and end users. It demystifies the SSH man pages and includes thorough coverage of:SSH1, SSH2, OpenSSH, and F-Secure SSH for Unix, plus Windows and Macintosh products: the basics, the internals, and complex applications.Configuring SSH servers and clients, both system-wide and per user, with recommended settings to maximize security.Advanced key management using agents, agent forwarding, and forced commands.Forwarding (tunneling) of TCP and X11 applications in depth, even in the presence of firewalls and network address translation (NAT).Undocumented behaviors of popular SSH implementations.Installing and maintaining SSH systems.Whether you're communicating on a small LAN or across the Internet, SSH can ship your data from "here" to "there" efficiently and securely. So throw away those insecure .rhosts and hosts.equiv files, move up to SSH, and make your network a safe place to live and work.

    It's available on almost every OS--if you master the techniques in this book, you'll never need another text editor. Practical Vim shows you 120 vim recipes so you can quickly learn the editor's core functionality and tackle your trickiest editing and writing tasks. Vim, like its classic ancestor vi, is a serious tool for programmers, web developers, and sysadmins. No other text editor comes close to Vim for speed and efficiency; it runs on almost every system imaginable and supports most coding and markup languages. Learn how to edit text the "Vim way:" complete a series of repetitive changes with The Dot Formula, using one keystroke to strike the target, followed by one keystroke to execute the change. Automate complex tasks by recording your keystrokes as a macro. Run the same command on a selection of lines, or a set of files. Discover the "very magic" switch, which makes Vim's regular expression syntax more like Perl's. Build complex patterns by iterating on your search history. Search inside multiple files, then run Vim's substitute command on the result set for a project-wide search and replace. All without installing a single plugin! You'll learn how to navigate text documents as fast as the eye moves--with only a few keystrokes. Jump from a method call to its definition with a single command. Use Vim's jumplist, so that you can always follow the breadcrumb trail back to the file you were working on before. Discover a multilingual spell-checker that does what it's told.Practical Vim will show you new ways to work with Vim more efficiently, whether you're a beginner or an intermediate Vim user. All this, without having to touch the mouse.What You Need: Vim version 7

    This book contains the fundamental laws of software development, the primary pieces of understanding that make the difference between a mid-level/junior programmer and the high-level senior software engineer. The book exists to help all programmers understand the process of writing software, on a very fundamental level that can be applied to any programming language or project, from here into eternity. Code Simplicity is also written in such a way that even non-technical managers of software teams can gain an understanding of what the “right way” and the “wrong way” is (and why they are right and wrong) when it comes to software design. The focus of the book is primarily on “software design,” the process of creating a plan for a software project and making technical decisions about the pattern and structure of a system.

    Demonstrates the programming language's strength as a Web development tool, covering syntax, data types, built-ins, the Python standard module library, and real world examples

    Now that machine learning is thriving, even programmers who know close to nothing about this technology can use simple, efficient tools to implement programs capable of learning from data. This practical book shows you how.By using concrete examples, minimal theory, and two production-ready Python frameworks—Scikit-Learn and TensorFlow—author Aurélien Géron helps you gain an intuitive understanding of the concepts and tools for building intelligent systems. You’ll learn how to use a range of techniques, starting with simple Linear Regression and progressing to Deep Neural Networks. If you have some programming experience and you’re ready to code a machine learning project, this guide is for you.This hands-on book shows you how to use:Scikit-Learn, an accessible framework that implements many algorithms efficiently and serves as a great machine learning entry pointTensorFlow, a more complex library for distributed numerical computation, ideal for training and running very large neural networksPractical code examples that you can apply without learning excessive machine learning theory or algorithm details

    As a modern application developer you need to understand the emerging field of data management, both RDBMS and NoSQL. Seven Databases in Seven Weeks takes you on a tour of some of the hottest open source databases today. In the tradition of Bruce A. Tate's Seven Languages in Seven Weeks, this book goes beyond your basic tutorial to explore the essential concepts at the core each technology. Redis, Neo4J, CouchDB, MongoDB, HBase, Riak and Postgres. With each database, you'll tackle a real-world data problem that highlights the concepts and features that make it shine. You'll explore the five data models employed by these databases-relational, key/value, columnar, document and graph-and which kinds of problems are best suited to each. You'll learn how MongoDB and CouchDB are strikingly different, and discover the Dynamo heritage at the heart of Riak. Make your applications faster with Redis and more connected with Neo4J. Use MapReduce to solve Big Data problems. Build clusters of servers using scalable services like Amazon's Elastic Compute Cloud (EC2). Discover the CAP theorem and its implications for your distributed data. Understand the tradeoffs between consistency and availability, and when you can use them to your advantage. Use multiple databases in concert to create a platform that's more than the sum of its parts, or find one that meets all your needs at once.Seven Databases in Seven Weeks will take you on a deep dive into each of the databases, their strengths and weaknesses, and how to choose the ones that fit your needs.What You Need: To get the most of of this book you'll have to follow along, and that means you'll need a *nix shell (Mac OSX or Linux preferred, Windows users will need Cygwin), and Java 6 (or greater) and Ruby 1.8.7 (or greater). Each chapter will list the downloads required for that database.

    This practical book takes experienced web developers through the new discipline of frontend architecture, including the latest tools, standards, and best practices that have elevated frontend web development to an entirely new level.Using real-world examples, case studies, and practical tips and tricks throughout, author Micah Godbolt introduces you to the four pillars of frontend architecture. He also provides compelling arguments for developers who want to embrace the mantle of frontend architect and fight to make it a first-class citizen in their next project.The four pillars include:Code: how to approach the HTML, CSS, and JavaScript of a design systemProcess: tools and processes for creating an efficient and error-proof workflowTesting: creating a stable foundation on which to build your siteDocumentation: tools for writing documentation while the work is in progress

    Russ Olsen has done a great job of selecting classic patterns and augmenting these with newer patterns that have special relevance for Ruby. He clearly explains each idea, making a wealth of experience available to Ruby developers for their own daily work."--Steve Metsker, Managing Consultant with Dominion Digital, Inc."This book provides a great demonstration of the key 'Gang of Four' design patterns without resorting to overly technical explanations. Written in a precise, yet almost informal style, this book covers enough ground that even those without prior exposure to design patterns will soon feel confident applying them using Ruby. Olsen has done a great job to make a book about a classically 'dry' subject into such an engaging and even occasionally humorous read."--Peter Cooper"This book renewed my interest in understanding patterns after a decade of good intentions. Russ picked the most useful patterns for Ruby and introduced them in a straightforward and logical manner, going beyond the GoF's patterns. This book has improved my use of Ruby, and encouraged me to blow off the dust covering the GoF book."--Mike Stok" Design Patterns in Ruby is a great way for programmers from statically typed objectoriented languages to learn how design patterns appear in a more dynamic, flexible language like Ruby."--Rob Sanheim, Ruby Ninja, RelevanceMost design pattern books are based on C++ and Java. But Ruby is different--and the language's unique qualities make design patterns easier to implement and use. In this book, Russ Olsen demonstrates how to combine Ruby's power and elegance with patterns, and write more sophisticated, effective software with far fewer lines of code.After reviewing the history, concepts, and goals of design patterns, Olsen offers a quick tour of the Ruby language--enough to allow any experienced software developer to immediately utilize patterns with Ruby. The book especially calls attention to Ruby features that simplify the use of patterns, including dynamic typing, code closures, and "mixins" for easier code reuse.Fourteen of the classic "Gang of Four" patterns are considered from the Ruby point of view, explaining what problems each pattern solves, discussing whether traditional implementations make sense in the Ruby environment, and introducing Ruby-specific improvements. You'll discover opportunities to implement patterns in just one or two lines of code, instead of the endlessly repeated boilerplate that conventional languages often require. Design Patterns in Ruby also identifies innovative new patterns that have emerged from the Ruby community. These include ways to create custom objects with metaprogramming, as well as the ambitious Rails-based "Convention Over Configuration" pattern, designed to help integrate entire applications and frameworks.Engaging, practical, and accessible, Design Patterns in Ruby will help you build better software while making your Ruby programming experience more rewarding.

    Now, in his first book, written more than two decades after the web was created, Lanier offers this provocative and cautionary look at the way it is transforming our lives for better and for worse.The current design and function of the web have become so familiar that it is easy to forget that they grew out of programming decisions made decades ago. The web’s first designers made crucial choices (such as making one’s presence anonymous) that have had enormous—and often unintended—consequences. What’s more, these designs quickly became “locked in,” a permanent part of the web’s very structure. Lanier discusses the technical and cultural problems that can grow out of poorly considered digital design and warns that our financial markets and sites like Wikipedia, Facebook, and Twitter are elevating the “wisdom” of mobs and computer algorithms over the intelligence and judgment of individuals. Lanier also shows:How 1960s antigovernment paranoia influenced the design of the online world and enabled trolling and trivialization in online discourseHow file sharing is killing the artistic middle class;How a belief in a technological “rapture” motivates some of the most influential technologistsWhy a new humanistic technology is necessary. Controversial and fascinating, You Are Not a Gadget is a deeply felt defense of the individual from an author uniquely qualified to comment on the way technology interacts with our culture.

    Today, Rails developers and architects need better ways to interface with legacy systems, move into the cloud, and scale to handle higher volumes and greater complexity. In Service-Oriented Design with Ruby and Rails Paul Dix introduces a powerful, services-based design approach geared toward overcoming all these challenges. Using Dix's techniques, readers can leverage the full benefits of both Ruby and Rails, while overcoming the difficulties of working with larger codebases and teams. Dix demonstrates how to integrate multiple components within an enterprise application stack; create services that can easily grow and connect; and design systems that are easier to maintain and upgrade. Key concepts are explained with detailed Ruby code built using open source libraries such as ActiveRecord, Sinatra, Nokogiri, and Typhoeus. The book concludes with coverage of security, scaling, messaging, and interfacing with third-party services. Service-Oriented Design with Ruby and Rails will help you Build highly scalable, Ruby-based service architectures that operate smoothly in the cloud or with legacy systems Scale Rails systems to handle more requests, larger development teams, and more complex code bases Master new best practices for designing and creating services in Ruby Use Ruby to glue together services written in any language Use Ruby libraries to build and consume RESTful Web services Use Ruby JSON parsers to quickly represent resources from HTTP services Write lightweight, well-designed API wrappers around internal or external services Discover powerful non-Rails frameworks that simplify Ruby service implementation Implement standards-based enterprise messaging with Advanced Message Queuing Protocol (AMQP) Optimize performance with load balancing and caching Provide for security and authentication