1. Computing
Send to a Friend via Email

Beginning Python

Beginning Python is currently the best book for the beginning programmer. If you learn better from a book than a screen, this is the best place to start.

Learn Python Your Way
Python Spotlight10

Converting bytes to str in Python 3.0 via Functions

Thursday February 26, 2009
Last week, we looked at how to convert between strings of the str data type and strings of the bytes data type using methods in the string class of Python 3.x. Another way that is a bit more straightforward is to simply call the function form of the target data type. So, to convert to str, call
str(<bytes string>, <encoding>)
Similarly, you can make bytes from str with
bytes(<str string>, <encoding>)
For more on the syntax of each, see "Converting str to bytes via Functions" in "A Guide to Text vs Data in Python 3.0".

Using Dates as Variables

Wednesday February 25, 2009
Recently, 'Sugarmag1991' posed the question in the forum of how to calculate the due date in a lending library system. The extended post has more context. I am not going to answer the question here but encourage you to take a read of the post and answer it if you can. The Python forum is designed for you to help others, so have a go and post your reply.

SANS Publishes Consensus Guidelines for FISMA

Tuesday February 24, 2009
It is an open secret that the US government is perhaps the largest software customer in the country. If you or your company deal with any government agency, you will be aware of FISMA (Federal Information Security Management Act of 2002). Seeking to bolster the criteria of FISMA, several federal agencies and private companies have released the Consensus Audit Guidelines (CAG). There they list 20 criteria for cybersecurity that need to be implemented in your organisation in order to be FISMA compliant. The list runs as follows:
  1. Inventory of authorized and unauthorized hardware.
  2. Inventory of authorized and unauthorized software; enforcement of white lists of authorized software.
  3. Secure configurations for hardware and software on laptops, workstations, and servers.
  4. Secure configurations of network devices such as firewalls, routers, and switches.
  5. Boundary Defense
  6. Maintenance, Monitoring and Analysis of Complete Audit Logs
  7. Application Software Security
  8. Controlled Use of Administrative Privileges
  9. Controlled Access Based On Need to Know
  10. Continuous Vulnerability Testing and Remediation
  11. Dormant Account Monitoring and Control
  12. Anti-Malware Defenses
  13. Limitation and Control of Ports, Protocols and Services
  14. Wireless Device Control
  15. Data Leakage Protection
  16. Secure Network Engineering
  17. Red Team Exercises
  18. Incident Response Capability
  19. Data Recovery Capability
  20. Security Skills Assessment and Appropriate Training To Fill Gaps
Obviously, not all of these relate to the security of web applications themselves. Rather, they apply not only to the software being implementated but also to the environment in which it is developed. Application security is additional, and you can find more about it at the following pages:

RegEx Competition!

Saturday February 21, 2009
NOTE: Please don't click on any links in this post until you read it through.

Even if you have taken the "Hello, World!" crash course in Python, you would be forgiven if you were unsure of the difference between (?P<name>..) and (?P=name) when using Python regular expressions. The fact is that to one who is good with a hammer everything looks like a nail. Consequently, our tendency as humans is to try to make everything a nail on which we can use a hammer. A good sign of this "syndrome" is an inability to name at least 21 of the 35 different regex symbols and phrases found in Python - that is only 60% of what is available to you in the re module. As most could not, a competition might well profit us all. The challenge:
Name all 35 symbols and phrases without looking at the RegEx Glossary of this site.
You are on your honour not to cheat. Whoever does it first will get their props by due recognition in this space, accompanied by their photo if they send it. The competition runs until 1st March 2009 (exclusive). Please do not post your answer in the comments but send me your answer via email at python.guide[at]about.com (substituting '@' for the [at]).

©2014 About.com. All rights reserved.