Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

re-writing college books [was: Re: A banner year for software bugs | Tech News on ZDNet]

From: ge at linuxbox.org (Gadi Evron)
Date: Wed, 11 Oct 2006 20:28:52 -0500 (CDT)
On Wed, 11 Oct 2006, Gary McGraw wrote:

We're working on it!  The problem is not simply a book.


Great! What are you guys doing? What more can be done? There are quite a
few of us willing to help, and I figure, starting with the books future
programmers learn from is not a bad idea.

This community is perfect for this job.

        Gadi.



gem

 -----Original Message-----
From:         Gadi Evron [mailto:ge at linuxbox.org]
Sent: Wed Oct 11 20:58:12 2006
To:   Kenneth Van Wyk
Cc:   Secure Coding
Subject:      [SC-L] re-writing college books [was: Re: A banner year for software bugs | Tech News on ZDNet]

So, how can we edit current basic programming college books to present
secure code, a couple of words of the correct way of doing things, and a
whole new chapter on secure coding (which may be redudndent?)

How do we start?

Some Whiley book for introduction to CS?

Any volunteers to get this on the road?

      Gadi.

On Wed, 11 Oct 2006, Kenneth Van Wyk wrote:


So here's a lovely statistic for the software community to hang its  
hat on:

http://news.zdnet.com/2100-1009_22-6124541.html?tag=zdfd.newsfeed

Among other things, the article says, "Atlanta-based ISS, which is  
being acquired by IBM, predicts there will be a 41 percent increase  
in confirmed security faults in software compared with 2005. That  
year, in its own turn, saw a 37 percent rise over 2004."

Of course, the real losers in this are the software users, who have  
to deal with the never ending onslaught of bugs and patches from  
their vendors.  We've just _got_ to do better, IMHO, and automating  
the patch process is not the answer.

Cheers,

Ken
-----
Kenneth R. van Wyk
KRvW Associates, LLC
http://www.KRvW.com







_______________________________________________
Secure Coding mailing list (SC-L)
SC-L at securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php




----------------------------------------------------------------------------
This electronic message transmission contains information that may be
confidential or privileged.  The information contained herein is intended
solely for the recipient and use by any other party is not authorized.  If
you are not the intended recipient (or otherwise authorized to receive this
message by the intended recipient), any disclosure, copying, distribution or
use of the contents of the information is prohibited.  If you have received
this electronic message transmission in error, please contact the sender by
reply email and delete all copies of this message.  Cigital, Inc. accepts no
responsibility for any loss or damage resulting directly or indirectly from
the use of this email or its contents.
Thank You.
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: