Course Notes and Slides by Allen Holub

Here are course notes for recently-held public presentations by Allen.

Everything You Know is Wrong!

These slides were first presented at the 2004 Software-Development conference (and have subsequently been updated several times since them). (This is the 2008 version.) They discuss two significant problems of OO systems: fragile base classes and the inappropriate use of accessor and mutator (getter/setter) methods. The slides describe how overuse of implementation inheritance (extends in Java) can get you into trouble, and how getter/setter methods can make your code unmaintainable. They also discuss solutions to both problems (interface-based replacements for implementation inheritance and the Builder design pattern).

An Introduction to the Google Web Toolkit (GWT)

A brief introduction to the Google Web Toolkit, the best way that I know to build Ajax applications. Presented at the Software-Development conference in 2008.

Security 101

These slides are an introduction to software security from a presentation given at Software-Development conference in 2008. The focus is on what makes an application secure (or not) and how to go about writing secure software. The slides don't focus on any specific technology (such as cryptography), but talk more about what security actually is and how to achieve security in your own software.

Web 2.0/Ajax Security

These slides are an introduction to securing Web 2.0/Ajax applications, from a presentation given at Software-Development conference in 2008. The slides examine the most prevalent JavaScript attacks on Web 2.0 applications and shows you how to protect yourself from them. In particular, they talk about data leaks, man-in-the-middle attacks and efficient HTTPS communication, cross-site scripting, cross-site request forging, and JSON vulnerabilities. SQL injection is also discussed.

Cryptography 101

These slides are an introduction to cryptography from a presentation given several times at the Software-Development conference. (This is the 2008 version.) The focus here is on how both secret-key and public/private key cryptography work and how to use this technology get do practical things (like digital signing). The slides are program-language agnostic, but approach the subject from a programmer's (as compared to mathemetician's) point of view.

Java Cryptography (and related) APIs

These slides are an introduction to Java's cryptography APIs. This particular talk was given at the Software-Development conference in 2008. The slides discuss Providers and how to install them, class loaders and permissions, the cryptography APIs themselves (showing you how to do both symetric and asymetric encryption and digital signing), and keystore management (both with keytool and programmatically within your Java application.

Java "Tiger" Release

These slides sumarize the new features that will appear in Java 1.5 ("Tiger"). These include:

• Generics (sort-of like C++ templates).
• Static Imports (let's you access public statics without a class name).
• Autoboxing (automatically wraps int with Integer, etc.).
• Variable-length arrays (let's you implement printf() in Java
• Foreach syntax (vastly simplifes iterator usage).
• Constrained enumerated types (like a C/C++ enum, but better).
• Metadata (taged attributes on declarations).

Object-Oriented Design

I use these slides (either in full or in part) to teach OO-design process and concepts. They give you an overview of what OO-design is and why you may want to do it, cover several processes that lend themselves to OO development (SEI/CMM, [R]UP, Extreme Programming), present the process that I use in depth, and also provide a glossary of OO terminology. Combined with the Bank-of-Allen Project, they provide a good introduction to object-oriented design.

Taming Java Threads

These slides started out as the very popular presentation that Allen gave at two of Sun's JavaOne conferences. The slides supplied here are considerably expanded from the originals: Allen uses them as the basis of a full-day lecture on Java threading.