, we looked at how to convert between strings of the
data type and strings of the
data type using methods
in the string class of Python 3.x
. Another way that is a bit more straightforward is to simply call the function form of the target data type. So, to convert to
str(<bytes string>, <encoding>)
Similarly, you can make bytes from
bytes(<str string>, <encoding>)
For more on the syntax of each, see "Converting str to bytes via Functions"
in "A Guide to Text vs Data in Python 3.0"
posed the question in the forum of how to calculate the due date in a lending library system
. The extended post has more context. I am not going to answer the question here but encourage you to take a read of the post
and answer it
if you can. The Python forum
is designed for you to help others, so have a go and post your reply
It is an open secret that the US government is perhaps the largest software customer in the country. If you or your company deal with any government agency, you will be aware of FISMA
(Federal Information Security Management Act of 2002). Seeking to bolster the criteria of FISMA, several federal agencies and private companies have released the Consensus Audit Guidelines
(CAG). There they list 20 criteria for cybersecurity that need to be implemented in your organisation in order to be FISMA compliant. The list runs as follows:
- Inventory of authorized and unauthorized hardware.
- Inventory of authorized and unauthorized software; enforcement of white lists of authorized software.
- Secure configurations for hardware and software on laptops, workstations, and servers.
- Secure configurations of network devices such as firewalls, routers, and switches.
- Boundary Defense
- Maintenance, Monitoring and Analysis of Complete Audit Logs
- Application Software Security
- Controlled Use of Administrative Privileges
- Controlled Access Based On Need to Know
- Continuous Vulnerability Testing and Remediation
- Dormant Account Monitoring and Control
- Anti-Malware Defenses
- Limitation and Control of Ports, Protocols and Services
- Wireless Device Control
- Data Leakage Protection
- Secure Network Engineering
- Red Team Exercises
- Incident Response Capability
- Data Recovery Capability
- Security Skills Assessment and Appropriate Training To Fill Gaps
Obviously, not all of these relate to the security of web applications themselves. Rather, they apply not only to the software being implementated but also to the environment in which it is developed. Application security is additional, and you can find more about it at the following pages:
NOTE: Please don't click on any links in this post until you read it through.
Even if you have taken the "Hello, World!"
crash course in Python
, you would be forgiven if you were unsure of the difference between
when using Python regular expressions
. The fact is that to one who is good with a hammer everything looks like a nail. Consequently, our tendency as humans is to try to make everything a nail on which we can use a hammer. A good sign of this "syndrome" is an inability to name at least 21 of the 35 different regex symbols and phrases
found in Python - that is only 60% of what is available to you in the
module. As most could not, a competition might well profit us all. The challenge:
Name all 35 symbols and phrases without looking at the RegEx Glossary of this site.
You are on your honour not to cheat. Whoever does it first will get their props by due recognition in this space
, accompanied by their photo if they send it. The competition runs until 1st March 2009 (exclusive). Please do not post your answer in the comments but send me your answer via email at python.guide[at]about.com
(substituting '@' for the [at]).