The IT Nerd

The latest addition to No Starch Press’s robust lineup of security books, Gray Hat C# ($39.95, 304 pp., June 2017) aims to help computer security professionals streamline their workday and bulk up their security toolkit. This practical guide to C#’s powerful set of core libraries shows readers how to build tools to automate security tasks, like writing offensive exploits, automating scans for infrastructure vulnerabilities, reading offline registry hives, and creating custom cross-platform payloads.

Many computer security professionals rely on automation to get the job done but can feel limited by the tools available on any given system. With some help from Gray Hat C# and Mono, an open source project that allows for cross-platform development, infosec professionals will have the power to write their own tools to run on Windows, OS X, and Linux.

Following a crash course in C# and some of its advanced features, readers learn to:

• Write fuzzers that use the HTTP and XML libraries to scan for vulnerabilities like SQL and XSS injection
• Generate shellcode in Metasploit to create cross-platform payloads
• Automate commonly used pentesting tools like Nessus, Cuckoo Sandbox, and sqlmap to scan for vulnerabilities and exploit SQL injections
• Parse and read offline registry hives to dump system information
• Write a .NET decompiler for OS X and Linux

Gray Hat C# arrives in bookstores everywhere this month.

Modern vehicles can be attacked in countless ways—attackers can remotely stop moving cars, open locked doors, and even take control of the steering. Connected cars are becoming increasingly intelligent, but their security is too often an afterthought.

The Car Hacker’s Handbook (No Starch Press, $49.95, 304 pp., March 2016) is the first book of its kind to take an in-depth look at the computer-based systems in modern cars that make them vulnerable to attack and exploitation.

Some of the topics addressed include how-to:

• Write Metasploit payloads to attack the infotainment system and take control of a vehicle’s engine, steering, brakes, temperature control, door locks, and much more
• Reverse engineer the CAN bus—the network that communicates critical information like braking, RPM, and door locking
• Hack the ECU (engine control unit) to access or modify it
• Feed exploits to a vehicle through vehicle-to-vehicle communication systems
• Override factory settings to improve engine performance

The Car Hacker’s Handbook is a technical guide for anyone interested in cybersecurity or modifying vehicles, and a wake-up call for car manufacturers. According to No Starch Press founder Bill Pollock, “I’m excited to release this book because the topic affects all of us. Modern cars are basically unprotected networks that weigh thousands of pounds and travel at 80 mph. And the attack surface is astounding.”

Author Craig Smith explains the importance of car hacking this way: “Car hacking allows you to assess the security risks of the vehicle you and your family ride in every day. The information in my book can be used to understand the undocumented inner workings of modern vehicles and communicate your findings with car manufacturers, which will make us all more secure.”

The Car Hacker’s Handbook will be available online and in fine bookstores everywhere this March.

More than half a billion people trust iOS apps with their personal information every day, but security flaws in some applications have allowed for the exposure of sensitive data, circumvention of authentication mechanics, and abuse of user privacy.

A new book from No Starch Press, iOS Application Security ($49.95, 296 pp., Feb. 2016), aims to address these issues by educating developers and security specialists about the common ways iOS applications sometimes fail to protect users and how to identify, fix, and avoid security flaws.

iOS Application Security teaches developers how to build secure applications from the ground up by covering the structure and limitations of the iOS security model, the ways local storage mechanisms can leak sensitive information, and how to successfully encrypt data with the Keychain, the Data Protection API, and CommonCrypto. Following a primer on Objective-C and various mobile security threats, readers learn how to avoid programming flaws and implement protective measures as well as how to use white-box and black-box security testing methods to test their own applications and analyze for vulnerabilities. They’ll also learn how to build a test platform and debug their applications using lldb, Instruments, Hopper, and other third-party analysis tools.

No developer wants their app’s security flaw or information leak to become an embarrassing headline. iOS Application Security is an invaluable resource for those looking to build secure apps or to expose security threats before they become a problem.

iOS Application Security is available now online and in fine bookstores everywhere.

Most technical books about programming are dull and devoid of life. But every so often the stars align and a book inspires readers to pursue their programming dreams. Clojure for the Brave and True (No Starch Press, $34.95, 328 pp., Sept. 2015) is such a book. Have you any doubts, read on to experience a tale of Clojure’s whimsy and wonder.

You will delve into the world of functional programming and in a very unique way learn how to:

• Wield Clojure’s core functions
• Use Emacs for Clojure development
• Write macros to modify Clojure itself
• Use Clojure’s tools to simplify concurrency and parallel programming

Clojure for the Brave and True is now available in bookstores and online.

Geek book publisher No Starch Press continues to make technology accessible to everyone with How Software Works (No Starch Press, $29.95, 216pp., Sept. 2015), a new book that explains the magical way common software technologies power our modern world.

In How Software Works, readers will discover the inner workings of software without getting bogged down in complicated lines of computer code. Although the book exposes the technical details of the topics explored, there’s no programming to wade through. Through patient explanations and intuitive diagrams, readers will learn:

• The fundamentals of computer security
• How passwords and private data are protected
• How computers generate stunning digital graphics for films and video games
• How data is searched and found in huge databases in an instant
• How map software finds directions

How Software Works will be available in September 2015.

This May, geek book publisher No Starch Press will release the next in its line of bestselling programming books for young people, Teach Your Kids to Code (336 pp., $29.95, ISBN 9781593276140). Unlike prior bestsellers like Python for Kids, Lauren Ipsum, and Super Scratch Programming Adventure!, Teach Your Kids to Code is designed to help parents and educators teach their kids, students, and even themselves basic Python programming and problem-solving.

Filled with visual and colorful game-oriented examples sure to hold a young programmer’s attention, the step-by-step explanations in Teach Your Kids to Code will have kids learning computational thinking in no time. They’ll explore geometry using Python’s Turtle graphics module, learn basic syntax, then build fun, playable games, like War, Yahtzee, and Pong. Simple, plain English explanations of programming concepts demystify ideas like loops, lists, functions, and variables and will have kids on the fast track to making their own cool games and applications.

Teach Your Kids to Code is sure to be the perfect companion to an introductory programming class, after school meet-up, programming club, or any similar event designed to meet the needs of kids who want to learn to program. It will be available in bookstores everywhere this May.

This April, No Starch Press will release what promises to be a great introduction to creating data visualizations with JavaScript called, appropriately enough, Data Visualization with JavaScript. This is not a coffee table book about data visualization; it’s a heavily illustrated, full-color book that walks technical readers through creating, integrating, and debugging different types of visualizations.

Readers first learn to build basic visualizations like bar, line, and scatter graphs, and they’ll quickly advance to more complex constructions such as timelines, heat maps, and network graphs. Later chapters show readers how to visualize geographic data, make custom visualizations with D3.js, manage data in the browser, and, ultimately, build data-driven web applications.

Few would argue with the power of data analysis. According to author Stephen Thomas, data can be used to create “effective visualizations to make journalists’ stories more compelling and make managers’ decisions easier by telling stories,” and his new book will show technical readers how to make the magic happen.

No Starch Press has long been the go-to source for curious kids, offering the finest in geek entertainment and education. Its recent line of kids programming books has garnered widespread praise from educators, parents, and book reviewers alike. Today, No Starch teams up with Humble Bundle to offer the Humble Brainiac Book Bundle.

Humble Bundle’s pay-what-you-want model allows customers to pay any price for the eBook bundle, valued at over 250 dollars.

Customers can pay any amount of money and receive:

• Ruby Wizardry: An Introduction to Programming for Kids
• Lauren Ipsum: A Story About Computer Science and Other Improbable Things
• The Manga Guide to Electricity
• Snip, Burn, Solder, Shred: Seriously Geeky Stuff to Make with Your Kids
• The LEGO Adventure Book, Volume 1: Cars, Castles, Dinosaurs & More!

Customers who pay more than the average user will also receive:

• LEGO Space: Building the Future
• The Manga Guide to Physics
• Python for Kids: A Playful Introduction to Programming
• Incredible LEGO Technic: Cars, Trucks, Robots & More!
• Build Your Own Website: A Comic Guide to HTML, CSS, and WordPress

And customers who pay $15 or more will receive all of the above, plus:

• Steampunk LEGO
• JavaScript for Kids: A Playful Introduction to Programming
• The LEGO Neighborhood Book: Build Your Own Town!

As with all Humble Bundle promotions, customers choose how much of their money goes to the publisher, Humble Bundle, and charity. The two charities supported by this bundle are the Electronic Frontier Foundation (EFF) and the Freedom of the Press Foundation.

The Humble Brainiac Book Bundle runs for two weeks and ends February 18, 2015 at 2pm EST time.