Dobbs Jolt Award Finalist since Bruce Schneier's Secrets and Lies and Applied Cryptography!Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn effective ways to address threats that have been validated at Microsoft and other top companies.Systems security managers, you'll find tools and a framework for structured thinking about what can go wrong. Software developers, you'll appreciate the jargon-free and accessible introduction to this essential skill. Security professionals, you'll learn to discern changing threats and discover the easiest ways to adopt a structured approach to threat modeling.Provides a unique how-to for security and software developers who need to design secure products and systems and test their designs Explains how to threat model and explores various threat modeling approaches, such as asset-centric, attacker-centric and software-centric Provides effective approaches and techniques that have been proven at Microsoft and elsewhere Offers actionable how-to advice not tied to any specific software, operating system, or programming language Authored by a Microsoft professional who is one of the most prominent threat modeling experts in the world As more software is delivered on the Internet or operates on Internet-connected devices, the design of secure software is absolutely critical. Make sure you're ready with Threat Modeling: Designing for Security.

    Revolution in the Valley traces this vision back to its earliest roots: the hallways and backrooms of Apple, where the groundbreaking Macintosh computer was born. The book traces the development of the Macintosh, from its inception as an underground skunkworks project in 1979 to its triumphant introduction in 1984 and beyond.The stories in "Revolution in the Valley" come on extremely good authority. That's because author Andy Hertzfeld was a core member of the team that built the Macintosh system software, and a key creator of the Mac's radically new user interface software. One of the chosen few who worked with the mercurial Steve Jobs, you might call him the ultimate insider.When "Revolution in the Valley" begins, Hertzfeld is working on Apple's first attempt at a low-cost, consumer-oriented computer: the Apple II. He sees that Steve Jobs is luring some of the company's most brilliant innovators to work on a tiny research effort the Macintosh. Hertzfeld manages to make his way onto the Macintosh research team, and the rest is history.Through lavish illustrations, period photos, and Hertzfeld's vivid first-hand accounts, Revolution in the Valley reveals what it was like to be there at the birth of the personal computer revolution. The story comes to life through the book's portrait of the talented and often eccentric characters who made up the Macintosh team. Now, over 20 years later, millions of people are benefiting from the technical achievements of this determined and brilliant group of people.

    Simultaneously becoming more user friendly and more powerful as a back-end system, Linux has achieved new plateaus: the newer filesystems have solidified, new commands and tools have appeared and become standard, and the desktop--including new desktop environments--have proved to be viable, stable, and readily accessible to even those who don't consider themselves computer gurus. Whether you're using Linux for personal software projects, for a small office or home office (often termed the SOHO environment), to provide services to a small group of colleagues, or to administer a site responsible for millions of email and web connections each day, you need quick access to information on a wide range of tools. This book covers all aspects of administering and making effective use of Linux systems. Among its topics are booting, package management, and revision control. But foremost in Linux in a Nutshell are the utilities and commands that make Linux one of the most powerful and flexible systems available.Now in its fifth edition, Linux in a Nutshell brings users up-to-date with the current state of Linux. Considered by many to be the most complete and authoritative command reference for Linux available, the book covers all substantial user, programming, administration, and networking commands for the most common Linux distributions.Comprehensive but concise, the fifth edition has been updated to cover new features of major Linux distributions. Configuration information for the rapidly growing commercial network services and community update services is one of the subjects covered for the first time.But that's just the beginning. The book covers editors, shells, and LILO and GRUB boot options. There's also coverage of Apache, Samba, Postfix, sendmail, CVS, Subversion, Emacs, vi, sed, gawk, and much more. Everything that system administrators, developers, and power users need to know about Linux is referenced here, and they will turn to this book again and again.

    With an emphasis on improvements and new features in Spark 2.0, authors Bill Chambers and Matei Zaharia break down Spark topics into distinct sections, each with unique goals. You’ll explore the basic operations and common functions of Spark’s structured APIs, as well as Structured Streaming, a new high-level API for building end-to-end streaming applications. Developers and system administrators will learn the fundamentals of monitoring, tuning, and debugging Spark, and explore machine learning techniques and scenarios for employing MLlib, Spark’s scalable machine-learning library. Get a gentle overview of big data and Spark Learn about DataFrames, SQL, and Datasets—Spark’s core APIs—through worked examples Dive into Spark’s low-level APIs, RDDs, and execution of SQL and DataFrames Understand how Spark runs on a cluster Debug, monitor, and tune Spark clusters and applications Learn the power of Structured Streaming, Spark’s stream-processing engine Learn how you can apply MLlib to a variety of problems, including classification or recommendation

    An immediate and comprehensive answer source, rather than a diffuse tutorial, for serious programmers who want to see difficult material covered in depth without the fluff. Discusses XML, dynamic HTML, JavaScript, Java, and Perl CGI programming to create a full Web site programming package. Written by the author of several successful titles published by The Coriolis Group.

    Featuring techniques not taught in any certification prep or covered by common defensive scanners, this book integrates social engineering, programming, and vulnerability exploits into a multidisciplinary approach for targeting and compromising high security environments. From discovering and creating attack vectors, and moving unseen through a target enterprise, to establishing command and exfiltrating data--even from organizations without a direct Internet connection--this guide contains the crucial techniques that provide a more accurate picture of your system's defense. Custom coding examples use VBA, Windows Scripting Host, C, Java, JavaScript, Flash, and more, with coverage of standard library applications and the use of scanning tools to bypass common defensive measures.Typical penetration testing consists of low-level hackers attacking a system with a list of known vulnerabilities, and defenders preventing those hacks using an equally well-known list of defensive scans. The professional hackers and nation states on the forefront of today's threats operate at a much more complex level--and this book shows you how to defend your high security network.Use targeted social engineering pretexts to create the initial compromise Leave a command and control structure in place for long-term access Escalate privilege and breach networks, operating systems, and trust structures Infiltrate further using harvested credentials while expanding control Today's threats are organized, professionally-run, and very much for-profit. Financial institutions, health care organizations, law enforcement, government agencies, and other high-value targets need to harden their IT infrastructure and human capital against targeted advanced attacks from motivated professionals. Advanced Penetration Testing goes beyond Kali linux and Metasploit and to provide you advanced pen testing for high security networks.

    Essential System Administration provides a clear, concise, practical guide to the real-world issues that anyone responsible for a Unix system faces daily.The new edition of this indispensable reference has been fully updated for all the latest operating systems. Even more importantly, it has been extensively revised and expanded to consider the current system administrative topics that administrators need most. Essential System Administration,3rd Edition covers: DHCP, USB devices, the latest automation tools, SNMP and network management, LDAP, PAM, and recent security tools and techniques.Essential System Administration is comprehensive. But what has made this book the guide system administrators turn to over and over again is not just the sheer volume of valuable information it provides, but the clear, useful way the information is presented. It discusses the underlying higher-level concepts, but it also provides the details of the procedures needed to carry them out. It is not organized around the features of the Unix operating system, but around the various facets of a system administrator's job. It describes all the usual administrative tools that Unix provides, but it also shows how to use them intelligently and efficiently.Whether you use a standalone Unix system, routinely provide administrative support for a larger shared system, or just want an understanding of basic administrative functions, Essential System Administration is for you. This comprehensive and invaluable book combines the author's years of practical experience with technical expertise to help you manage Unix systems as productively and painlessly as possible.

    It details the core protocols that make TCP/IP internetworks function, and the most important classical TCP/IP applications. Its personal, easy-going writing style lets anyone understand the dozens of protocols and technologies that run the Internet, with full coverage of PPP, ARP, IP, IPv6, IP NAT, IPSec, Mobile IP, ICMP, RIP, BGP, TCP, UDP, DNS, DHCP, SNMP, FTP, SMTP, NNTP, HTTP, Telnet and much more. The author offers not only a detailed view of the TCP/IP protocol suite, but also describes networking fundamentals and the important OSI Reference Model.

    Each mini-chapter adds one feature to the ray tracer, and by the end the reader can produce the image on the book cover. Details of basic ray tracing code architecture and C++ classes are given.

    This new world revolves around defeating monsters and profiting on whatever they drop—food, money, items, etc. Unfortunately for Ryota, he has no skills to speak of...until he learns he has the ability to get rare drops! Suddenly his luck turns around...or does it?

    Enjoy a journey through the eyes of a geek working at one of the most important companies in the world as he walks you through events both large and small. Just don't get caught in the Redmond reality distortion field! What others are saying about "A Microsoft Life": "Any self-respecting geek needs to read this book. Stepto provides an enjoyable and entertaining insight of life inside Microsoft." - Larry "Major Nelson" Hryb, Director of Programming for Xbox LIVE "Anyone who lived through the adolescent years of the computer revolution will alternate between laughing and crying (from laughing) at these great stories from inside the monolith. - Ken Denmead, NYT Bestselling Author, and editor of Geekdad.com

    Beginning with an introduction to array formulas, this manual examines topics such as how they differ from ordinary formulas, the benefits and drawbacks of their use, functions that can and cannot handle array calculations, and array constants and functions. Among the practical applications surveyed include how to extract data from tables and unique lists, how to get results that match any criteria, and how to utilize various methods for unique counts. This book contains 529 screen shots.

    Covers all the topics needed by computer scientists with a sometimes humorous approach that reviewers found refreshing. The goal of the book is to provide a firm understanding of the principles and the big picture of where computer theory fits into the field.

    With this comprehensive book, Linux kernel contributor Robert Love provides you with a tutorial on Linux system programming, a reference manual on Linux system calls, and an insider’s guide to writing smarter, faster code.Love clearly distinguishes between POSIX standard functions and special services offered only by Linux. With a new chapter on multithreading, this updated and expanded edition provides an in-depth look at Linux from both a theoretical and applied perspective over a wide range of programming topics, including:A Linux kernel, C library, and C compiler overviewBasic I/O operations, such as reading from and writing to filesAdvanced I/O interfaces, memory mappings, and optimization techniquesThe family of system calls for basic process managementAdvanced process management, including real-time processesThread concepts, multithreaded programming, and PthreadsFile and directory managementInterfaces for allocating memory and optimizing memory accessBasic and advanced signal interfaces, and their role on the systemClock management, including POSIX clocks and high-resolution timers

    But how can you design a voice interface for your mobile app so that users can talk to it? And not just to facilitate question-and-answer sessions, but also provide an engaging, compelling experience?With this practical guide, you ll learn basic voice user interface (VUI) principles for designing mobile apps that makes speech an important tool for interaction. You ll learn how to choose the right speech recognition engine, use best methods for testing VUI on mobile, and dive into advanced VUI design topics to make your VUI not just functional but great.Ideal for product managers, UX designers, and VUI designers, this book explains basic VUI principles for mobile app design, and shows you how to measure the performance of your VUI app and improve upon it. You ll also learn how to determine whether using voice for your app is a good idea in the first placeVUI design is not just about making things cool it s about making a user s experience more natural, more powerful, and more human."