Secure Coding mailing list archives
Re: Re: SC-L-DIGEST V1 #9
From: Brett Hutley <brett () hutley net>
Date: Mon, 12 Jan 2004 15:56:36 +0000
David A. Wheeler wrote: *snip* An alternative to accrediting individuals would be to REMOVE the acceditation from CS and SE universities/colleges who fail to teach how to develop secure software. Nobody is going to write their own quicksort anymore, a topic they all cover ad nauseum. Yet every developer WILL be writing a program that connects to an intranet or Internet, and those graduates' understanding of secure software development may determine if we live another day. Our lives are in their hands, *snip* The difference in complexity between writing a quicksort routine and building a network server/client is many orders of magnitude. A quicksort routine might take a few pages in a textbook. I recommend anyone that wants to learn network programming *start* with Steven's books "Unix Network Programming" & "TCP/IP Illustraded" series, then move on to maybe Snader's "Effective TCP/IP Programming". To write a decent threaded *real world* network server is still non-trivial in C or C++. With toolkits like ACE it is easier to create the server, but there is still a huge learning curve. -- Brett Hutley [MAppFin,CISSP,SANS GCIH] mailto:[EMAIL PROTECTED] http://hutley.net/brett
Current thread:
- Re: SC-L-DIGEST V1 #9 David A. Wheeler (Jan 09)
- Re: Re: SC-L-DIGEST V1 #9 Brett Hutley (Jan 12)