Showing posts with label software security. Show all posts
Showing posts with label software security. Show all posts

Code Optimization: Effective Memory Usage Review

Posted by Napoleon Caskey on 12/15/2012 / Labels: , , / Comments: (0)
Code Optimization: Effective Memory Usage
Average Reviews:

(More customer reviews)Are you looking to buy Code Optimization: Effective Memory Usage? Here is the right place to find the great deals. we can offer discounts of up to 90% on Code Optimization: Effective Memory Usage. Check out the link below:

>> Click Here to See Compare Prices and Get the Best Offers

Code Optimization: Effective Memory Usage ReviewThis book has been a revelation to me. Prior to read this book, all I knew was that memory access was expensive. This book will teach you how to organize your data in memory and how to access it to improve your program performance and most of the time without having to use assembly programming. It covers x86 memory organization and the interface between the processor and the memory and there is a whole chapter covering x86 processor cache memory. To me, the most shocking information contained in this book is a C implementation of memcpy() that outbeats VC++ implementation by 25%-30%!!!
This book is not for novices but if you are ready to change your perception forever of the x86 programming, this book is highly recommended!
Code Optimization: Effective Memory Usage OverviewA guide to optimizing programs on the PC and Unix platforms, this book covers the expediency of optimization and the methods to increase the speed of programs via optimization. Discussed are typical mistakes made by programmers that lessen the performance of the system along with easily implemented solutions. Detailed descriptions of the devices and mechanism of interaction of the computer components, effective ways of programming, and a technique for optimizing programs, are provided. Programmers will also learn how to effectively implement programming methods in a high-level language that is usually done in assembler with particular attention given to the RAM subsystem. The working principles of the RAM and the way in which it is coupled with the processor as well as a description of programming methods that allows programmers to overclock the memory to reach maximum performance are included.

Want to learn more information about Code Optimization: Effective Memory Usage?

>> Click Here to See All Customer Reviews & Ratings Now
Read More...

Hacker Debugging Uncovered (Uncovered series) Review

Posted by Napoleon Caskey on 12/05/2012 / Labels: , , , , , , , , , / Comments: (0)
Hacker Debugging Uncovered (Uncovered series)
Average Reviews:

(More customer reviews)Are you looking to buy Hacker Debugging Uncovered (Uncovered series)? Here is the right place to find the great deals. we can offer discounts of up to 90% on Hacker Debugging Uncovered (Uncovered series). Check out the link below:

>> Click Here to See Compare Prices and Get the Best Offers

Hacker Debugging Uncovered (Uncovered series) ReviewFirst, a word about the publisher, A-List. This book was delayed time and time again. So much so that I had this book preordered for over a year. This sort of thing is just unacceptable, and would make me inclined to not purchase any books from this publisher in the future, and some of the rating I gave it is because of the publisher.
This book has a much larger unix focus than the 'Hacker Disassembling Uncovered' which was largely windows based, however the author's relative unfamiliarity with unix tends to show.
For example, on page 39 the author states:
IDA Pro, the best disassembler of all times, is nw available under Linux! Users of FreeBSD and other operating systems will have to be content with the console Windows version started under the emulator or have to work on native MS-DOS, OS/2, and Windows.
Unfortunately, the author does not mention (or does not know?) that the OS2 and DOS4GW products were discontinued when the linux version was released. Additionally, FreeBSD (and OpenBSD and NetBSD) can easily run linux binaries by mapping the system calls. It's a very cheap way to run linux binaries, and it was acomplished for OpenBSD within a day or so of the 4.7 release. A much cleaner way is available now; others have managed to do the same for FreeBSD, and NetBSD is likely to be straihtforward as well.
There's also some problems with the book that confuse me. For example, on page 432 the author states the following:The C programming language doesn't allow you to declare functions
returning pointers to functions, because this declaration is recursively
looped.
I simply do not know where he pulled this from. The following small C example demonstrates how to do just this:
#include
int (*HelloWorld(void))(int,int);
int helloworld(int a, int b)
{
printf("hello world: %d %d\n", a, b);
return 0;
}
int main(void)
{
int (*foo)(int, int) = HelloWorld();
foo(1,2);
return 0;
}
int (*HelloWorld(void))(int, int)
{
return helloworld;
}
And here is it being compiled:
brian@lemon:~> gcc -ansi -std=c89 -Wall -o foo foo.c
brian@lemon:~>
and here is it being run:
brian@lemon:~> ./foo
hello world: 1 2
brian@lemon:~>
On to the actual content of the book, it's largely okay. However, if you are expecting new antidebugging ideas, or even ideas hackers are actually going to use, you are in for a rather unfortunate surprise.
When I purchased this book, I sort of expected it would keep the duplication from Hacker Disassembling Uncovered to a minimum, but I found that the amount of the book dedicated to static analysis (ie: disassembling and the line) is significant. Far more significant than it should be; nearly the first half of the book is filled with static analysis stuff, working on straightforward crackmes (similar to the previous book in the series), and so forth. This strikes me as fluff in order to boost the price the publisher can charge.
Once you get past these negative parts, you have an okay book about (mostly) antidebugging techniques, and some debugging techniques. There's also the requisite PE injection section (sorry, no elf version) along with some basic PE documentation (also no elf version of this).
There's quite a bit here if you want a broad ovrview of binary analysis using both static and dynamic analysis. There's nothing new here at all, but if you'd like a bunch of things all in one place, this book may be useful, dispite its many flaws.Hacker Debugging Uncovered (Uncovered series) OverviewTips for the practical use of debuggers, such as NuMega SoftIce, Microsoft Visual Studio Debugger, and Microsoft Kernel Debugger, with minimum binding to a specific environment are disclosed in this debugger guide. How debuggers operate and how to overcome obstacles and repair debuggers is demonstrated. Programmers will learn how to look at what is inside a computer system, how to reconstruct the operating algorithm of a program distributed without source code, how to modify the program, and how to debug drivers. The use of debugging applications and drivers in Windows and Unix operating systems on Intel Pentium/DEC Alpha-based processors is also detailed.

Want to learn more information about Hacker Debugging Uncovered (Uncovered series)?

>> Click Here to See All Customer Reviews & Ratings Now
Read More...

Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition Review

Posted by Napoleon Caskey on 11/15/2012 / Labels: , , , , , , , , , / Comments: (0)
Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition
Average Reviews:

(More customer reviews)Are you looking to buy Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition? Here is the right place to find the great deals. we can offer discounts of up to 90% on Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition. Check out the link below:

>> Click Here to See Compare Prices and Get the Best Offers

Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition ReviewBruce Schneier's APPLIED CRYPTOGRAPHY is an excellent book for anyone interested in cryptology from an amateur level to actually being involved in the development of new encryption mechanisms. Schneier's book begins with a simple discussion of what is cryptography, and then he proceeds through the history of various encryption algorithms and their functioning. The last portion of the book contains C code for several public-domain encryption algorithms.
A caveat: this is not a textbook of cryptography in the sense that it teaches everything necessary to understand the mathematical basis of the science. Schneier does not discuss number theory because he expects those who use the relevant chapters of the book will already have training in higher maths. Nonetheless, the book does contain a wealth of information even for the layman.
One helpful part of Schneier's book is his opinion of which encryption algorithms are already broken by the National Security Agency, thus letting the reader know which encryption programs to avoid. There will always be people who encrypt to 40-bit DES even though it is flimsy and nearly instantly breakable, but the readers of APPLIED CRYPTOGRAPHY can greatly improve the confidentiality of their messages and data with this book. Discussion of public-key web-of-trust is essential reading for anyone confused by how public-key signatures work.
APPLIED CRYPTOGRAPHY was published in 1995 and some parts are already out of date. It is ironic that he hardly mentions PGP, when PGP went on to become the most renowned military-strength encryption program available to the public, although it is being superseded by GnuPG. Another anachronism is Schneier's assurance that quantum computing is decades away. In the years since publication of APPLIED CRYPTOGRAPHY we have seen some strides in quantum computer, even the creation of a quantum computer that can factor the number 15. While this publicly known quantum computer is not at all anything to get excited about, it is certain that more powerful quantum computers are in development and classified by NSA. Because a quantum computer can break virtually any traditional cipher, hiding the message (steganography) is becoming more important than ever. In the era of Schneier's book steganography was unnecessary because ciphertext could withstand brute-force attacks, but with advances in computing power steganography is becoming vital to secure communications. It would be nice to see the book updated with this topic, because cryptography and steganography can no longer be regarded as two distinct fields.
All in all, in spite of its age, APPLIED CRYPTOGRAPHY is recommended to anyone interested in cryptography. It ranks among the essential books on the field, although an updated version is certainly hoped for.Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition Overview

Want to learn more information about Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition?

>> Click Here to See All Customer Reviews & Ratings Now
Read More...