Secure Coding mailing list archives
Re: Education and security -- another perspective (was "ACM Queue - Content")
From: Dana Epp <dana () vulscan com>
Date: Thu, 08 Jul 2004 17:24:07 +0100
What is wrong with this picture ? I see both of you willing to mandate the teaching of C and yet not mandate the teaching of any of Ada, Pascal, PL/I etc. This seems like the teaching of "making do". Hmmm, interesting point. In a particular set of learning objectives required to complete a credential (ie: CompSci, CIS etc) what do you recommend we sacrifice to put in all this teaching? I don't pick C for C's sake. I choose C because ON AVERAGE, most students will be exposed to C more than the languages you suggest. Especially in the majority on industries hiring students out of university. However, that said, I don't think the language matters past exposure to the industry. A strong foundation of programming skills should be language agnostic; loops are loops, recursion is recursion, conditions are conditions etc. Learning the syntax of the language to accomplish it is secondary. Knowing how a loop breaks down into machine instructions is the goal here. Not how to do it in Ada. Think about it in reflection of a linguist doing translation at the United Nations. They didn't simply go and learn every particular language. They are trained in understanding the mechanisms of human speech and formal grammar, and they then apply it to the language they are learning. In other words, they work from their foundation of learning in grammar and then apply the syntax of the particular language they are translating. It makes learning new languages much easier, and much faster. So too should be programming. If a student has a strong foundation of learning when it comes to programming, they can adapt to different computer languages that they are exposed to as it comes to them. C is a perfect language to use to quickly get those concepts across in a practical environment in universities. And more importantly, from a secure coding objective, you can show what NOT to do. -- Regards, Dana Epp [Blog: http://silverstr.ufies.org/blog/]
Current thread:
- Re: Education and security -- another perspective (was "ACM Queue - Content"), (continued)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Fernando Schapachnik (Jul 06)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Dana Epp (Jul 06)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Mark Rockman (Jul 06)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Dana Epp (Jul 06)
- Re: Education and security -- another perspective (was "ACM Queue - Content") James Walden (Jul 07)
- Re: Education and security -- another perspective (was "ACM Queue - Content") ljknews (Jul 07)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Crispin Cowan (Jul 08)
- Re: Education and security -- another perspective (was "ACM Queue - Content") der Mouse (Jul 08)
- Re: Education and security -- another perspective (was "ACM Queue - Content") James Walden (Jul 08)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Julie JCH Ryan, D.Sc. (Jul 08)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Dana Epp (Jul 08)
- Re: Education and security -- another perspective (was "ACM Queue - Content") ljknews (Jul 08)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Jose Nazario (Jul 08)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Blue Boar (Jul 08)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Jose Nazario (Jul 08)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Fernando Schapachnik (Jul 08)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Blue Boar (Jul 08)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Blue Boar (Jul 08)
- Re: Education and security -- plus safety, reliability and availability Jim & Mary Ronback (Jul 08)
- Re: Education and security -- plus safety, reliability and availability Dana Epp (Jul 08)
- Re: Education and security -- another perspective (was "ACM Queue - Content") Crispin Cowan (Jul 06)