Spammers, virus writers, phishermen, money launderers, and spies now trade busily with each other in a lively online criminal economy and as they specialize, they get better. In this indispensable, fully updated guide, Ross Anderson reveals how to build systems that stay dependable whether faced with error or malice. Here's straight talk on critical topics such as technical engineering basics, types of attack, specialized protection mechanisms, security psychology, policy, and more.

    Reverse engineering is not about reading assembly code, but actually understanding how different pieces/components in a system work. To reverse engineer a system is to understand how it is constructed and how it works. The book provides: Coverage of x86, x64, and ARM. In the past x86 was the most common architecture on the PC; however, times have changed and x64 is becoming the dominant architecture. It brings new complexity and constructs previously not present in x86. ARM ("Advanced RISC Machine) "is very common in embedded / consumer electronic devices; for example, most if not all cell phones run on ARM. All of apple's i-devices run on ARM. This book will be the first book to cover all three.Discussion of Windows kernel-mode code (rootkits/drivers). This topic has a steep learning curve so most practitioners stay away from this area because it is highly complex. However, this book will provide a concise treatment of this topic and explain how to analyze drivers step-by-step.The book uses real world examples from the public domain. The best way to learn is through a combination of concept discussions, examples, and exercises. This book uses real-world trojans / rootkits as examples congruent with real-life scenariosHands-on exercises. End-of-chapter exercises in the form of conceptual questions and hands-on analysis so so readers can solidify their understanding of the concepts and build confidence. The exercises are also meant to teach readers about topics not covered in the book.

    A dirty little secret assembly language programmers rarely admit to, however, is that what you really need to learn is machine organization, not assembly language programming. Write Great Code Vol I, the first in a series from assembly language expert Randall Hyde, dives right into machine organization without the extra overhead of learning assembly language programming at the same time. And since Write Great Code Vol I concentrates on the machine organization, not assembly language, the reader will learn in greater depth those subjects that are language-independent and of concern to a high level language programmer. Write Great Code Vol I will help programmers make wiser choices with respect to programming statements and data types when writing software, no matter which language they use.

    Intermediate to advanced system administrators will find more than 100 tried-and-tested scripts they can copy and use immediately.Updated for PowerShell 3.0, this comprehensive cookbook includes hands-on recipes for common tasks and administrative jobs that you can apply whether you’re on the client or server version of Windows. You also get quick references to technologies used in conjunction with PowerShell, including format specifiers and frequently referenced registry keys to selected .NET, COM, and WMI classes.Learn how to use PowerShell on Windows 8 and Windows Server 2012Tour PowerShell’s core features, including the command model, object-based pipeline, and ubiquitous scriptingMaster fundamentals such as the interactive shell, pipeline, and object conceptsPerform common tasks that involve working with files, Internet-connected scripts, user interaction, and moreSolve tasks in systems and enterprise management, such as working with Active Directory and the filesystem

    Each essay distills complex concepts and challenges into practical nuggets of useful advice, and the new edition now adds more value for leaders and managers of projects everywhere. Based on his nine years of experience as a program manager for Internet Explorer, and lead program manager for Windows and MSN, Berkun explains to technical and non-technical readers alike what it takes to get through a large software or web development project. Making Things Happen doesn't cite specific methods, but focuses on philosophy and strategy. Unlike other project management books, Berkun offers personal essays in a comfortable style and easy tone that emulate the relationship of a wise project manager who gives good, entertaining and passionate advice to those who ask. Topics in this new edition include:How to make things happenMaking good decisionsSpecifications and requirementsIdeas and what to do with themHow not to annoy peopleLeadership and trustThe truth about making datesWhat to do when things go wrongComplete with a new forward from the author and a discussion guide for forming reading groups/teams, Making Things Happen offers in-depth exercises to help you apply lessons from the book to your job. It is inspiring, funny, honest, and compelling, and definitely the one book that you and your team need to have within arm's reach throughout the life of your project. Coming from the rare perspective of someone who fought difficult battles on Microsoft's biggest projects and taught project design and management for MSTE, Microsoft's internal best practices group, this is valuable advice indeed. It will serve you well with your current work, and on future projects to come.

    Drawing heavily on the author's own real-world experiences, the book stresses design and analysis. Coverage is divided into two parts, the first being a general guide to techniques for the design and analysis of computer algorithms. The second is a reference section, which includes a catalog of the 75 most important algorithmic problems. By browsing this catalog, readers can quickly identify what the problem they have encountered is called, what is known about it, and how they should proceed if they need to solve it. This book is ideal for the working professional who uses algorithms on a daily basis and has need for a handy reference. This work can also readily be used in an upper-division course or as a student reference guide. THE ALGORITHM DESIGN MANUAL comes with a CD-ROM that contains: * a complete hypertext version of the full printed book. * the source code and URLs for all cited implementations. * over 30 hours of audio lectures on the design and analysis of algorithms are provided, all keyed to on-line lecture notes.

    Dobbs Jolt Award Finalist since Bruce Schneier's Secrets and Lies and Applied Cryptography!Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn effective ways to address threats that have been validated at Microsoft and other top companies.Systems security managers, you'll find tools and a framework for structured thinking about what can go wrong. Software developers, you'll appreciate the jargon-free and accessible introduction to this essential skill. Security professionals, you'll learn to discern changing threats and discover the easiest ways to adopt a structured approach to threat modeling.Provides a unique how-to for security and software developers who need to design secure products and systems and test their designs Explains how to threat model and explores various threat modeling approaches, such as asset-centric, attacker-centric and software-centric Provides effective approaches and techniques that have been proven at Microsoft and elsewhere Offers actionable how-to advice not tied to any specific software, operating system, or programming language Authored by a Microsoft professional who is one of the most prominent threat modeling experts in the world As more software is delivered on the Internet or operates on Internet-connected devices, the design of secure software is absolutely critical. Make sure you're ready with Threat Modeling: Designing for Security.

    Agile Coaching de-mystifies agile practices--it's a practical guide to creating strong agile teams. Packed with useful tips from practicing agile coaches Rachel Davies and Liz Sedley, this book gives you coaching tools that you can apply whether you are a project manager, a technical lead, or working in a software team. To lead change, you need to expand your toolkit, and this book gives you the tools you need to make the transition from agile practitioner to agile coach. Agile Coaching is all about working with people to create great agile teams. You'll learn how to build a team that produces great software and has fun doing it. In the process, you'll grow a team that's self-sufficient and skillful. This book provides you with deeper knowledge of how agile practices work and how to inspire your team to improve. Discover how to coach your team through the agile lifecycle, from planning to writing software. Learn the secrets of running effective agile meetings and how to get your team following a consistent approach to creating software. You'll find chapters dedicated to introducing Test-Driven Development, designing Retrospectives, and making progress visible. Find out what works and what to avoid when introducing agile practices to your team. Throughout the book the authors share their personal coaching stories from experience with real teams, giving you insights into what works and what to avoid. Each chapter also covers hurdles that you and your team may face and what to do to clear them.

    You'll learn pragmatic ways of approaching the development process and your personal coding techniques. You'll learn about your own attitudes, issues with working on a team, and how to best manage your learning, all in an iterative, incremental, agile style. You'll see how to apply each practice, and what benefits you can expect. Bottom line: This book will make you a better developer.

    It is the definitive reference guide, now in a second edition. Although the first edition was written in 1978, it continues to be a worldwide best-seller. This second edition brings the classic original up to date to include the ANSI standard. From the Preface: We have tried to retain the brevity of the first edition. C is not a big language, and it is not well served by a big book. We have improved the exposition of critical features, such as pointers, that are central to C programming. We have refined the original examples, and have added new examples in several chapters. For instance, the treatment of complicated declarations is augmented by programs that convert declarations into words and vice versa. As before, all examples have been tested directly from the text, which is in machine-readable form. As we said in the first preface to the first edition, C "wears well as one's experience with it grows." With a decade more experience, we still feel that way. We hope that this book will help you to learn C and use it well.

    Indeed, that's what computers are for. You can enlist your own computer to automate all of your project's repetitive tasks, ranging from individual builds and running unit tests through to full product release, customer deployment, and monitoring the system.Many teams try to do these tasks by hand. That's usually a really bad idea: people just aren't as good at repetitive tasks as machines. You run the risk of doing it differently the one time it matters, on one machine but not another, or doing it just plain wrong. But the computer can do these tasks for you the same way, time after time, without bothering you. You can transform these labor-intensive, boring and potentially risky chores into automatic, background processes that just work.In this eagerly anticipated book, you'll find a variety of popular, open-source tools to help automate your project. With this book, you will learn: How to make your build processes accurate, reliable, fast, and easy. How to build complex systems at the touch of a button. How to build, test, and release software automatically, with no human intervention. Technologies and tools available for automation: which to use and when. Tricks and tips from the masters (do you know how to have your cell phone tell you that your build just failed?) You'll find easy-to-implement recipes to automate your Java project, using the same popular style as the rest of our Jolt Productivity Award-winning Starter Kit books. Armed with plenty of examples and concrete, pragmatic advice, you'll find it's easy to get started and reap the benefits of modern software development. You can begin to enjoy pragmatic, automatic, unattended software production that's reliable and accurate every time.

    And now there’s a sure-fire way to solve their problems and test solutions: the sprint.While working at Google, designer Jake Knapp created a unique problem-solving method that he coined a “design sprint”—a five-day process to help companies answer crucial questions. His ‘sprints’ were used on everything from Google Search to Chrome to Google X. When he moved to Google Ventures, he joined Braden Kowitz and John Zeratsky, both designers and partners there who worked on products like YouTube and Gmail. Together Knapp, Zeratsky, and Kowitz have run over 100 sprints with their portfolio companies. They’ve seen firsthand how sprints can overcome challenges in all kinds of companies: healthcare, fitness, finance, retailers, and more.A practical guide to answering business questions, Sprint is a book for groups of any size, from small startups to Fortune 100s, from teachers to non-profits. It’s for anyone with a big opportunity, problem, or idea who needs to get answers today.

    

    Writing code that handles unexpected errors and still works is really hard. Most of us learn by trial and error. This short book removes the uncertainty. With over 100 pages of content and dozens of working examples, you’ll learn everything from the mechanics of how exceptions work to how to design a robust failure management architecture for your app or library. Whether you are a Ruby novice or a seasoned veteran, Exceptional Ruby will help you write cleaner, more resilient Ruby code.

    Management is a key part of any organization, yet the discipline is often self-taught and unstructured. Getting to the good solutions of complex management challenges can make the difference between fulfillment and frustration for teams, and, ultimately, the success or failure of companies. Will Larson's An Elegant Puzzle orients around the particular challenges of engineering management--from sizing teams to technical debt to succession planning--and provides a path to the good solutions. Drawing from his experience at Digg, Uber, and Stripe, Will Larson has developed a thoughtful approach to engineering management that leaders of all levels at companies of all sizes can apply. An Elegant Puzzle balances structured principles and human-centric thinking to help any leader create more effective and rewarding organizations for engineers to thrive in.