You need to assume it will run in the most hostile environments imaginable -- and design, code, and test accordingly. Writing Secure Code, Second Edition shows you how. This edition draws on the lessons learned and taught throughout Microsoft during the firm s massive 2002 Windows Security Push. It s a huge upgrade to the respected First Edition, with new coverage across the board. Michael Howard and David LeBlanc first help you define what security means to your customers -- and implement a three-pronged strategy for securing design, defaults, and deployment. There s especially useful coverage of threat modeling -- decomposing your application, identifying threats, ranking them, and mitigating them. Then, it s on to in-depth coverage of today s key security issues from the developer s standpoint. Everyone knows buffer overruns are bad: Here s a full chapter on avoiding them. You ll learn how to establish appropriate access controls and default to running with least privilege. There s detailed coverage of overcoming attacks on cryptography (for example, avoiding poor random numbers and bit-flipping attacks). You ll learn countermeasures for virtually every form of user input attack, from malicious database updates to cross-site scripting. We ve just scratched the surface: There are authoritative techniques for securing sockets and RPC, protecting against DOS attacks, building safer .NET applications, reviewing and testing code, adding privacy features, and even writing high-quality security documentation. Following these techniques won t just improve security -- it ll dramatically improve robustness and reliability, too. Bill CamardaBill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks For Dummies®, Second Edition.

    By following the recommendations of the Association of Computing Machinery's Java Task Force, this first edition text adopts a modern objects-first approach that introduces readers to useful hierarchies from the very beginning.KEY TOPICS: Introduction; Programming by Example; Expressions; Statement Forms; Methods; Objects and Classes; Objects and Memory; Strings and Characters; Object-Oriented Graphics; Event-Driven Programs; Arrays and ArrayLists; Searching and Sorting; Collection Classes; Looking Ahead.MARKET: A modern objects-first approach to the Java programming language that introduces readers to useful class hierarchies from the very beginning.

    Now this classic book has been fully updated and revised with leading-edge practices--and hundreds of new code samples--illustrating the art and science of software construction. Capturing the body of knowledge available from research, academia, and everyday commercial practice, McConnell synthesizes the most effective techniques and must-know principles into clear, pragmatic guidance. No matter what your experience level, development environment, or project size, this book will inform and stimulate your thinking--and help you build the highest quality code. Discover the timeless techniques and strategies that help you: Design for minimum complexity and maximum creativity Reap the benefits of collaborative development Apply defensive programming techniques to reduce and flush out errors Exploit opportunities to refactor--or evolve--code, and do it safely Use construction practices that are right-weight for your project Debug problems quickly and effectively Resolve critical construction issues early and correctly Build quality into the beginning, middle, and end of your project

    Integrate your editor with tools for building, testing, linting, indexing, and searching your codebase. Discover the future of Vim with Neovim: a fork of Vim that includes a built-in terminal emulator that will transform your workflow. Whether you choose to switch to Neovim or stick with Vim 8, you’ll be a better developer.A serious tool for programmers and web developers, no other text editor comes close to Vim for speed and efficiency. Make Vim the centerpiece of a Unix-based IDE as you discover new ways to work with Vim 8 and Neovim in more than 30 hands-on tips.Execute tasks asynchronously, allowing you to continue in Vim while linting, grepping, building a project, or running a test suite. Install plugins to be loaded on startup—or on-demand when you need them—with Vim 8’s new package support. Save and restore sessions, enabling you to quit Vim and restart again while preserving your window layout and undo history. Use Neovim as a drop-in replacement for Vim—it supports all of the features Vim 8 offers and more, including an integrated terminal that lets you quickly perform interactive commands. And if you enjoy using tmux and Vim together, you’ll love Neovim’s terminal emulator, which lets you run an interactive shell in a buffer. The terminal buffers fit naturally with Vim’s split windows, and you can use Normal mode commands to scroll, search, copy, and paste. On top of all that: Neovim’s terminal buffers are scriptable.With Vim at the core of your development environment, you’ll become a faster and more efficient developer.

     At any given moment, somewhere in the world someone struggles with the same software design problems you have. You know you don't want to reinvent the wheel (or worse, a flat tire), so you look to Design Patterns--the lessons learned by those who've faced the same problems. With Design Patterns, you get to take advantage of the best practices and experience of others, so that you can spend your time on...something else. Something more challenging. Something more complex. Something more fun. You want to learn about the patterns that matter--why to use them, when to use them, how to use them (and when NOT to use them). But you don't just want to see how patterns look in a book, you want to know how they look "in the wild". In their native environment. In other words, in real world applications. You also want to learn how patterns are used in the Java API, and how to exploit Java's built-in pattern support in your own code. You want to learn the real OO design principles and why everything your boss told you about inheritance might be wrong (and what to do instead). You want to learn how those principles will help the next time you're up a creek without a design pattern. Most importantly, you want to learn the "secret language" of Design Patterns so that you can hold your own with your co-worker (and impress cocktail party guests) when he casually mentions his stunningly clever use of Command, Facade, Proxy, and Factory in between sips of a martini. You'll easily counter with your deep understanding of why Singleton isn't as simple as it sounds, how the Factory is so often misunderstood, or on the real relationship between Decorator, Facade and Adapter. With Head First Design Patterns, you'll avoid the embarrassment of thinking Decorator is something from the "Trading Spaces" show. Best of all, in a way that won't put you to sleep! We think your time is too important (and too short) to spend it struggling with academic texts. If you've read a Head First book, you know what to expect--a visually rich format designed for the way your brain works. Using the latest research in neurobiology, cognitive science, and learning theory, Head First Design Patterns will load patterns into your brain in a way that sticks. In a way that lets you put them to work immediately. In a way that makes you better at solving software design problems, and better at speaking the language of patterns with others on your team.

    Updated and revised for iPhone SDK 3, many of the discussions in the original book have been clarified to make some of the more complex topics easier to understand. In addition, all of the projects have been rebuilt from scratch using the SDK 3 templates.Assuming only a minimal working knowledge of Objective-C, and written in a friendly, easy-to-follow style, this book offers a complete soup-to-nuts course in iPhone and iPod touch programming. The book starts with the basics, walking you through the process of downloading and installing Apple's free iPhone SDK, and then stepping you though the creation of your first simple iPhone application. From there, you'll learn to integrate all the interface elements iPhone users have come to know and love, such as buttons, switches, pickers, toolbars, and sliders. You'll master a variety of design patterns, from the simplest single view to complex hierarchical drill-downs. The confusing art of table building will be demystified, and you'll see how to save your data using the iPhone file system. You'll also learn how to save and retrieve your data using SQLite, iPhone's built-in database management system. In addition, you'll also learn about Core Data, an important persistence mechanism that has just been added with SDK 3.And there's much more! You'll learn to draw using Quartz 2D and OpenGL ES, add multitouch gestural support (pinches and swipes) to your applications, and work with the camera, photo library, accelerometer, and built-in GPS. You'll discover the fine points of application preferences and learn how to localize your apps for multiple languages. You can discover more about this book, download source code, and find support forums at the book's companion site, at www.iphonedevbook.com.The iPhone 3 update to the best-selling and most recommended book for iPhone developers Packed full of tricks, techniques, and enthusiasm for the new SDK from a developer perspective The most complete, useful, and up-to-date guide to all things having to do with Apple's iPhone SDK

    Now featuring more than 250 color illustrations throughout, this perennially popular guide is a must for novices who want to work with HTML or XHTML, which continue to be the foundation for any Web site The new edition features nearly 50 percent new and updated content, including expanded coverage of CSS and scripting, new coverage of syndication and podcasting, and new sample HTML projects, including a personal Web page, an eBay auction page, a company Web site, and an online product catalog The companion Web site features an eight-page expanded Cheat Sheet with ready-reference information on commands, syntax, colors, CSS elements, and more Covers planning a Web site, formatting Web pages, using CSS, getting creative with colors and fonts, managing layouts, and integrating scripts

    The premise for this unique approach is that business initiatives should drive technology choices. Every discussion first addresses the business needs and then addresses the technology that supports those needs. This text provides the foundation that will enable students to achieve excellence in business, whether they major in operations management, manufacturing, sales, marketing, finance, human resources, accounting, or virtually any other business discipline. Business Driven Information Systems is designed to give students the ability to understand how information technology can be a point of strength for an organization.

    With this practical book, you’ll learn how pointers provide the mechanism to dynamically manipulate memory, enhance support for data structures, and enable access to hardware. Author Richard Reese shows you how to use pointers with arrays, strings, structures, and functions, using memory models throughout the book.Difficult to master, pointers provide C with much flexibility and power—yet few resources are dedicated to this data type. This comprehensive book has the information you need, whether you’re a beginner or an experienced C or C++ programmer or developer.Get an introduction to pointers, including the declaration of different pointer typesLearn about dynamic memory allocation, de-allocation, and alternative memory management techniquesUse techniques for passing or returning data to and from functionsUnderstand the fundamental aspects of arrays as they relate to pointersExplore the basics of strings and how pointers are used to support themExamine why pointers can be the source of security problems, such as buffer overflowLearn several pointer techniques, such as the use of opaque pointers, bounded pointers and, the restrict keyword

    As the words "at work" suggest, Peter Seibel focuses on how his interviewees tackle the day–to–day work of programming, while revealing much more, like how they became great programmers, how they recognize programming talent in others, and what kinds of problems they find most interesting. Hundreds of people have suggested names of programmers to interview on the Coders at Work web site: http://www.codersatwork.com. The complete list was 284 names. Having digested everyone’s feedback, we selected 16 folks who’ve been kind enough to agree to be interviewed:- Frances Allen: Pioneer in optimizing compilers, first woman to win the Turing Award (2006) and first female IBM fellow- Joe Armstrong: Inventor of Erlang- Joshua Bloch: Author of the Java collections framework, now at Google- Bernie Cosell: One of the main software guys behind the original ARPANET IMPs and a master debugger- Douglas Crockford: JSON founder, JavaScript architect at Yahoo!- L. Peter Deutsch: Author of Ghostscript, implementer of Smalltalk-80 at Xerox PARC and Lisp 1.5 on PDP-1- Brendan Eich: Inventor of JavaScript, CTO of the Mozilla Corporation - Brad Fitzpatrick: Writer of LiveJournal, OpenID, memcached, and Perlbal - Dan Ingalls: Smalltalk implementor and designer- Simon Peyton Jones: Coinventor of Haskell and lead designer of Glasgow Haskell Compiler- Donald Knuth: Author of The Art of Computer Programming and creator of TeX- Peter Norvig: Director of Research at Google and author of the standard text on AI- Guy Steele: Coinventor of Scheme and part of the Common Lisp Gang of Five, currently working on Fortress- Ken Thompson: Inventor of UNIX- Jamie Zawinski: Author of XEmacs and early Netscape/Mozilla hackerWhat you’ll learn:How the best programmers in the world do their jobWho is this book for?Programmers interested in the point of view of leaders in the field. Programmers looking for approaches that work for some of these outstanding programmers.

    Significant numbers of poorly designed programs have been created by less-experienced developers, resulting in applications that are inefficient and hard to maintain and extend. Increasingly, software system professionals are discovering just how difficult it is to work with these inherited, non-optimal applications. For several years, expert-level object programmers have employed a growing collection of techniques to improve the structural integrity and performance of such existing software programs. Referred to as refactoring, these practices have remained in the domain of experts because no attempt has been made to transcribe the lore into a form that all developers could use... until now. In Refactoring: Improving the Design of Existing Software, renowned object technology mentor Martin Fowler breaks new ground, demystifying these master practices and demonstrating how software practitioners can realize the significant benefits of this new process.

    You could spend years discovering solutions to them all, step by step as you encounter them. Or you can just look in here. All successful database applications are destined to eventually run into issues scaling up their performance. Peek into the future of your PostgreSQL database's problems today. Know the warning signs to look for, and how to avoid the most common issues before they even happen. Surprisingly, most PostgreSQL database applications evolve in the same way: Choose the right hardware. Tune the operating system and server memory use. Optimize queries against the database, with the right indexes. Monitor every layer, from hardware to queries, using some tools that are inside PostgreSQL and others that are external. Using monitoring insight, continuously rework the design and configuration. On reaching the limits of a single server, break things up; connection pooling, caching, partitioning, and replication can all help handle increasing database workloads. The path to a high performance database system isn't always easy. But it doesn't have to be mysterious with the right guide. This book is a clear, step-by-step guide to optimizing and scaling up PostgreSQL database servers. - Publisher.

    Objects in harmonic motion have the ability to transfer some of their energy over large distances. Light Nature: This chapter covers the nature of light, polarization, and color.

    Darrell is determined to help the user navigate past the confusion that often comes with complex and powerful professional camera equipment. This book explores the features and capabilities of the camera in a way that far surpasses the user's manual. It guides readers through the camera features with step-by-step setting adjustments; color illustrations; and detailed how, when, and why explanations for each option. Every button, dial, switch, and menu configuration setting is explored in a user-friendly manner, with suggestions for setup according to various shooting styles. Darrell's friendly and informative writing style allows readers to easily follow directions, while feeling as if a friend dropped in to share his knowledge. The learning experience for new D7100 users goes beyond just the camera itself and covers basic photography technique.

    It describes how to index your data, including types you definitely need to know such as MS Word, PDF, HTML, and XML. It introduces you to searching, sorting, filtering, and highlighting search results.Lucene powers search in surprising placesWhat's Inside- How to integrate Lucene into your applications- Ready-to-use framework for rich document handling- Case studies including Nutch, TheServerSide, jGuru, etc.- Lucene ports to Perl, Python, C#/.Net, and C++- Sorting, filtering, term vectors, multiple, and remote index searching- The new SpanQuery family, extending query parser, hit collecting- Performance testing and tuning- Lucene add-ons (hit highlighting, synonym lookup, and others)