Secure Coding mailing list archives
Re: Education and security -- another perspective (was "ACM Queue - Content")
From: ljknews <ljknews () mac com>
Date: Wed, 07 Jul 2004 21:34:30 +0100
At 9:40 AM -0400 7/7/04, James Walden wrote:
Dana Epp wrote:
Of course, I also think students should have to take at least one course in ASM to really understand how computer instructions work, so they can gain a foundation of learning for the heart of computer processing. And I think they should be taught the powers and failures of C. Since I know many of you think I'm nuts for that, you might want to look at this outline with the same amount of consideration.I agree with you on both of those requirements. You need to have a basic understanding of assembly and how C is translated into assembly to understand the most common types of buffer overflow attacks. There are better languages for secure programming than C, but students are almost certainly going to have to read or write C at some point in their careers, so they need to understand it.
What is wrong with this picture ? I see both of you willing to mandate the teaching of C and yet not mandate the teaching of any of Ada, Pascal, PL/I etc. This seems like the teaching of "making do". -- Larry Kilgallen
Current thread:
- Education and security -- another perspective (was "ACM Queue - Content") Wall, Kevin (Jul 02)
- Re: Education and security -- another perspective (was "ACM Queue - Content") der Mouse (Jul 02)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Fernando Schapachnik (Jul 05)
- Re: Education and security -- another perspective (was "ACM Queue - Content") der Mouse (Jul 05)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Fernando Schapachnik (Jul 06)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Dana Epp (Jul 06)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Mark Rockman (Jul 06)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Dana Epp (Jul 06)
- Re: Education and security -- another perspective (was "ACM Queue - Content") James Walden (Jul 07)
- Re: Education and security -- another perspective (was "ACM Queue - Content") ljknews (Jul 07)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Crispin Cowan (Jul 08)
- Re: Education and security -- another perspective (was "ACM Queue - Content") der Mouse (Jul 08)
- Re: Education and security -- another perspective (was "ACM Queue - Content") James Walden (Jul 08)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Julie JCH Ryan, D.Sc. (Jul 08)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Dana Epp (Jul 08)
- Re: Education and security -- another perspective (was "ACM Queue - Content") ljknews (Jul 08)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Jose Nazario (Jul 08)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Blue Boar (Jul 08)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Jose Nazario (Jul 08)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Fernando Schapachnik (Jul 05)
- Re: Education and security -- another perspective (was "ACM Queue - Content") der Mouse (Jul 02)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Fernando Schapachnik (Jul 08)