Blog Stats
  • Posts - 1333
  • Articles - 1
  • Comments - 127
  • Trackbacks - 0

 

Thursday, October 30, 2014

O’Reilly offer to 05:00 PT 7/November/2014 - O’Reilly Web Design Starter Kit


Until 05:00 PT 7/November/2014 are offering 50% off individual books from the O’Reilly Web Design Starter Kit at http://shop.oreilly.com/category/get/web-design-kit.do?code=DNWKIT. If you buy the whole kit, the saving is 60%!

Learning Web Design, 4th Edition

“Do you want to build web pages, but have no previous experience? This friendly guide is the perfect place to start. You’ll begin at square one, learning how the Web and web pages work, and then steadily build from there. By the end of the book, you’ll have the skills to create a simple site with multi-column pages that adapt for mobile devices.  Learn how to use the latest techniques, best practices, and current web standards—including HTML5 and CSS3. Each chapter provides exercises to help you to learn various techniques, and short quizzes to make sure you understand key concepts.”

Learning Responsive Web Design

“Deliver an optimal user experience to all devices—including tablets, smartphones, feature phones, laptops, and large screens—by learning the basics of responsive web design. In this hands-on guide, UX designer Clarissa Peterson explains how responsive web design works, and takes you through a responsive workflow from project kickoff to site launch.”

Designing for Performance

“This practical book helps you approach a new project or redesign with page speed in mind, and shows you how to test and benchmark your design choices' impact on performance. You’ll also learn how to create semantic HTML and CSS that are easily repurposed and edited later, saving not just page load time but also your own time during development.”

Information Architecture for the World Wide Web, 3rd Edition

“The post-Ajaxian Web 2.0 world of wikis, folksonomies, and mashups makes well-planned information architecture even more essential. How do you present large volumes of information to people who need to find what they're looking for quickly? This classic primer shows information architects, designers, and web site developers how to build large-scale and maintainable web sites that are appealing and easy to navigate.”

High Performance Responsive Design

“Responsive Web Design (RWD) requires a more abstract way of responding to a user's behavior and environment. There’s a delicate balance between designing for a user's context and insuring that the performance of the design is not weighed down by special elements.  High Performance Responsive Design is the first book to approach RWD with performance in mind. Author Tom Barker, a software engineer, solutions architect, and technical manager, shows you how to create website designs that are both high performing and compelling for the context of the user.”

Interactive Data Visualization for the Web

“Create and publish your own interactive data visualization projects on the Web—even if you have little or no experience with data visualization or web development. It’s easy and fun with this practical, hands-on introduction. Author Scott Murray teaches you the fundamental concepts and methods of D3, a JavaScript library that lets you express data visually in a web browser. Along the way, you’ll expand your web programming skills, using tools such as HTML and JavaScript.”

Wednesday, October 29, 2014

APress Deal of the Day 29/October/2014 - Pro ASP.NET MVC 5


Today’s $10 Deal of the Day from APress at http://www.apress.com/9781430265290 is Pro ASP.NET MVC 5. The author is Adam Freeman so you can be sure that the book is filled with real world examples.

“The ASP.NET MVC 5 Framework is the latest evolution of Microsoft’s ASP.NET web platform. It provides a high-productivity programming model that promotes cleaner code architecture, test-driven development, and powerful extensibility, combined with all the benefits of ASP.NET.”

Tuesday, October 28, 2014

O’Reilly Deal of the Day 28/Oct/2014 - 21st Century C, 2nd Edition


Today’s half-price E-book deal from O’Reilly at http://shop.oreilly.com/product/0636920033677.do?code=DEAL is 21st Century C, 2nd Edition.

“Throw out your old ideas about C and get to know a programming language that’s substantially outgrown its origins. With this revised edition of 21st Century C, you’ll discover up-to-date techniques missing from other C tutorials, whether you’re new to the language or just getting reacquainted.”

APress Deal of the Day 28/Oct/2014 - Pro ASP.NET 4.5 in C#


Today’s $10 Deal of the Day from APress at http://www.apress.com/9781430242543 is Pro ASP.NET 4.5 in C#. One of the authors is Adam Freeman and I therefore recommend this book to all Dot Net developers.

“ASP.NET 4.5 is the principal standard for creating dynamic web pages on the Windows platform. Pro ASP.NET 4.5 in C# raises the bar for high-quality, practical advice on learning and deploying Microsoft's dynamic web solution.”

Monday, October 27, 2014

Free book from Syncfusion - Machine Learning Using C# Succinctly


At http://www.syncfusion.com/resources/techportal/ebooks/machine, Syncfusion are offering a free E-Book Machine Learning Using C# Succinctly.

POODLE for Windows admins


At http://www.wservernews.com/, Windows Server News has published an excellent series of links on POODLE for Windows Admins. Here is a copy of their links.

Things just seem to keep getting worse in IT, don't they? Just when you thought you had a handle on the ShellShock vulnerability a.k.a. BASH bug, another gaping flaw in the underlying protocols of the Internet raises its nasty head. So what is POODLE? Why should we worry about it? Can it affect Windows-based environments? If so, what can we do about it?

What is POODLE?

It's basically a flaw in version 3.0 of the SSL protocol which used to be the standard for encrypting web traffic but has since been superseded by an updated protocol named TLS.

Should I be worried?

If your company or organization does business over the web then you should probably be worried for two reasons. First, while your web servers are likely configured to use TLS by default for encrypting web traffic, they are also likely configured to fall back to using SSL 3.0 should negotiation between your web server and a customer's web browser fail with TLS for some reason. Second, if your users need to securely connect with their web browsers to any web servers that are outside your control, those web servers are vulnerable for the same reason described above. And if those web servers beyond your control get compromised, then users connecting to them are potentially exposed to various kinds of information disclosure attacks.

I want to know more about POODLE

Want to learn more about how POODLE works? Here is the original announcement concerning this vulnerability on the Google Online Security Blog:

http://www.wservernews.com/go/1414409473798

The above blog post references a security advisory published on OpenSSL.org by some members of the Google Security Team (PDF file):

http://www.wservernews.com/go/1414409475392

StackExchange also has an excellent "in a nutshell" explanation of how POODLE works:

http://www.wservernews.com/go/1414409477517

OK what should I do?

There are basically two things you can do to protect your assets against POODLE:

  • Disable SSL 3.0 on all systems, platforms, and products you own and manage.
  • Apply any patches released by vendors to address this vulnerability.

What about Microsoft products?

SSL 3.0 is still supported (available for fallback purposes) in the following Microsoft products:

  • All versions of the Windows operating system including both client and server versions
  • Internet Information Services (IIS) web server role on the Windows Server platform
  • Internet Explorer web browser on all versions of Windows

Yikes! OK how can I disable SSL 3.0 on Microsoft products?

See the Suggested Actions section of Microsoft Security Advisory 3009008 for some general workarounds (requires Windows ID sign-in):

http://www.wservernews.com/go/1414409480923

This thread on ServerFault may also be helpful especially with regard to IIS:

http://www.wservernews.com/go/1414409483204

And this tweet by Microsoft MVP Eric Lawrence shows an easy way users can disable SSL 3.0 if they use Internet Explorer as their web browser:

http://www.wservernews.com/go/1414409485501

Eric later followed this up with another tweet:

http://www.wservernews.com/go/1414409488298

What about other web servers and web browsers?

Scott Helme has a terrific post on his blog describing how to disable SSL 3.0 on:

  • Web servers like Apache, NginX, and IIS
  • Web browsers like Firefox, Chrome and Internet Explorer

Here is Scott's post:

http://www.wservernews.com/go/1414409490376

Scott's article also includes links to sites where you can test your web server or web browser to ensure they have SSL 3.0 disabled.

George Chetcuti also published a note about the POODLE exploit on his blog on WindowsSecurity.com:

http://www.wservernews.com/go/1414409492376

At the end of George's note he says "Go here to find out how to disable SSLv3 support in your browser" and points you to another good article that describes how to disable SSLv3 on various browser platforms:

http://www.wservernews.com/go/1414409495157

Anything more for Windows admins?

We've found a few threads on various Microsoft forums that you might want to keep an eye on:

Fixing Error CS0234: The type or namespace name 'Ajax' does not exist in the namespace 'System.Web.Mvc'


In the process of reviewing the excellent book ‘Expert ASP.NET Web API 2 for MVC Developers’ by Adam Freeman, some of the examples failed with the following:

Compiler Error Message: CS0234: The type or namespace name 'Ajax' does not exist in the namespace 'System.Web.Mvc' (are you missing an assembly reference?)

This was fixed by:
  1. Stopping the project
  2. Changing the Copy Local property against System.Web.Mvc from False to True.
  3. Restart and it now works!

Thursday, October 23, 2014

Protect yourself from POODLE!


At https://www.poodletest.com/ there is a web site for checking if your browser is vulnerable to POODLE! POODLE is a susceptibility with some browsers if they support SSLv3 using stream ciphers.  (POODLE stands for Padding Oracle On Downgraded Legacy Encryption.)

To protect yourself, follow the instructions at http://windowssecrets.com/newsletter/protecting-yourself-from-poodle-attacks/.

Then re-test using https://www.poodletest.com/ !

APress Deal of the Day 23/Oct/2014 - JavaScript Programmer's Reference


Today’s $10 Deal of the Day from APress at http://www.apress.com/9781430246299 is JavaScript Programmer's Reference.

JavaScript Programmer's Reference is a one-stop source for everything you'll need to know to become a cutting edge web developer using the latest tools and techniques available today. ”

Wednesday, October 22, 2014

APress Deal of the Day 22/Oct/2014 - TypeScript Revealed


Today’s $10 Deal of the Day from APress at http://www.apress.com/9781430257257 is TypeScript Revealed.

TypeScript Revealed is a quick 100-page guide to Microsoft’s “JavaScript for application-scale development," covering the new object-oriented-like syntax, tooling, community support, and process to include it into your projects.”

 

 

Copyright © TATWORTH