Secure Coding mailing list archives
Source or Binary
From: andrews at rbacomm.com (Brad Andrews)
Date: Wed, 29 Jul 2009 15:17:38 -0500
This is something where I have to watch my own mind. Figuring out a binary in C++ is very difficult. The Java is not really a binary, at least not in the "runs by itself" meaning. (Everything is (a) binary in reality, including the file holding this email.) Realizing that java "binaries" hold a lot more is a mental shift that probably must be actively kept in mind. Those with only Java experience may think it is obvious, but how many developers did not start with Java and have not purged this concept from their mind. This is a topic worth consideration when we are educating developers on secure development. At least it seems to to me! -- Brad Andrews RBA Communications CSSLP, SANS/GIAC GSEC, GCFW, GCIH, GPCI
Current thread:
- IBM Acquires Ounce Labs, Inc. Kenneth Van Wyk (Jul 28)
- IBM Acquires Ounce Labs, Inc. Prasad Shenoy (Jul 28)
- <Possible follow-ups>
- IBM Acquires Ounce Labs, Inc. Matt Fisher (Jul 28)
- IBM Acquires Ounce Labs, Inc. Tom Brennan (Jul 28)
- IBM Acquires Ounce Labs, Inc. Arian J. Evans (Jul 28)
- IBM Acquires Ounce Labs, Inc. Jim Manico (Jul 28)
- IBM Acquires Ounce Labs, Inc. ljknews (Jul 28)
- IBM Acquires Ounce Labs, Inc. John Steven (Jul 29)
- Source or Binary Brad Andrews (Jul 29)
- Source or Binary Kenneth Van Wyk (Jul 29)
- Source or Binary silky (Jul 29)
- Source or Binary Paco Hope (Jul 30)
- Source or Binary Wall, Kevin (Jul 30)
- Static Vs. Binary John Steven (Jul 30)
- Static Vs. Binary Pravir Chandra (Jul 30)
- Static Vs. Binary Kenneth Van Wyk (Jul 30)
- Static Vs. Binary John Steven (Aug 04)
- IBM Acquires Ounce Labs, Inc. Arian J. Evans (Aug 04)
- IBM Acquires Ounce Labs, Inc. Chris Wysopal (Aug 04)