Exploiting Online Games + Silver Bullet + Darkreading

[gem at cigital.com (Gary McGraw)]

hi sc-l,

Sadly, Addison-Wesley screwed up the release date of the book and as a result (and as many of you have pointed out in 
private email) the book is not yet available from amazon.  That situation will be remedied by the end of this week, but 
in the meantime you can order the book from three websites:
http://search.barnesandnoble.com/booksearch/isbnInquiry.asp?z=y&EAN=9780132271912&itm=1
http://www.awprofessional.com
http://www.informit.com/title/0132271915

I'm psyched about the coverage we're getting so far.  If we do this properly, we can get some wide exposure for 
software security.  Anything to get more people to understand the issues that we all grapple with daily!

gem

-----Original Message-----
From: sc-l-bounces at securecoding.org [mailto:sc-l-bounces at securecoding.org] On Behalf Of Gary McGraw
Sent: Friday, July 13, 2007 9:56 AM
To: SC-L at securecoding.org
Subject: [SC-L] Exploiting Online Games + Silver Bullet + Darkreading

hi sc-l,

Greg Hoglund and I are releasing our new book "Exploiting Online Games" today.  Lots of information on the book can be 
found here http://exploitingonlinegames.com, including a foreword by Ed Felten, the usual blurbs, and a complete 
preface that explains the structure of the book.

Greg and I did a Silver Bullet episode that we released last night.  Greg is an interesting guy, with deep knowledge of 
rootkits, decompilers, and low level security exploits.  We talked about that, and we talked a little about EOG
http://www.cigital.com/silverbullet/

The most interesting thing to me about EOG is that I believe the kinds of time and state errors found in MMORPGs like 
World of Warcraft are indicators of what we can expect over the next decade as SOA actually catches on.  You see, 
moving around state between gazillions of clients and a central server in real time is a huge security challenge.  Most 
software people screw it up.  Darkreading wrote a little story about this last night: 
http://www.darkreading.com/document.asp?doc_id=128961&WT.svl=news1_1

The book is packed with real code, hard core examples, and things you can try yourself.  Give it a spin!

gem

p.s. For some reason, amazon is a bit behind the curve for the launch and you can only pre-order.  More on that when it 
gets cleared up.

_______________________________________________
Secure Coding mailing list (SC-L) SC-L at securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
_______________________________________________