Secure Coding mailing list archives
informIT: Building versus Breaking
From: Gary McGraw <gem () cigital com>
Date: Wed, 31 Aug 2011 10:16:34 -0400
hi sc-l, I went to Blackhat for the first time ever this year (even though I am basically allergic to Las Vegas), and it got me started thinking about building things properly versus breaking things in our field. Blackhat was mostly about breaking stuff of course. I am not opposed to breaking stuff (see "Exploiting Software" from 2004), but I am worried about an overemphasis on breaking stuff. After a quick and dirty blog entry on the subject <http://www.cigital.com/justiceleague/2011/08/09/building-versus-breaking-a-white-hat-goes-to-blackhat/>, I sat down and wrote a better article about it: Software [In]security: Balancing All the Breaking with some Building http://www.informit.com/articles/article.aspx?p=1750195 I've also had a chat with Adam Shostack (a member of the newly formed Blackhat Advisors) about the possibility of adding some building content to Blackhat. Go Adam! Do you agree that Blackhat could do with some building content?? gem company www.cigital.com podcast www.cigital.com/silverbullet blog www.cigital.com/justoceleague book www.swsec.com _______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
Current thread:
- informIT: Building versus Breaking Gary McGraw (Aug 31)
- Re: informIT: Building versus Breaking Sergio 'shadown' Alvarez (Aug 31)
- Re: informIT: Building versus Breaking Steven M. Christey (Sep 01)
- Re: informIT: Building versus Breaking Goertzel, Karen [USA] (Sep 01)
- Re: informIT: Building versus Breaking James Walden (Sep 05)
- Re: informIT: Building versus Breaking Jeffrey Walton (Sep 05)
- Re: informIT: Building versus Breaking Jeremy Epstein (Sep 05)
- Re: informIT: Building versus Breaking Steven M. Christey (Sep 01)
- Re: informIT: Building versus Breaking Sergio 'shadown' Alvarez (Aug 31)
- Re: informIT: Building versus Breaking Chris Schmidt (Sep 01)
- Re: informIT: Building versus Breaking Sergio 'shadown' Alvarez (Sep 01)
- "Building" conferences (was: informIT: Building versus Breaking) Martin Gilje Jaatun (Sep 05)
- Re: "Building" conferences (was: informIT: Building versus Breaking) Gary McGraw (Sep 05)