Sometimes parody fails, when reality produces something more absurd than the joke. Microsoft teaching people how to write secure code. Next up: the al Quada Flight Safety Training School, and the G.W. Bush Political Institute on Uniting Instead of Dividing. Crispin Jimmy Sadri wrote: > http://www.infoworld.com/article/03/03/21/HNmsteachhack_1.html > > By Joris Evers > IDG News Service > March 21, 2003 > > Microsoft is working with a number of universities in several > countries to set up courses that teach students how to write secure > code, the company said Friday. The University of Leeds in England is > the first to announce such a course. > > As part of an 11 week module that will start in January next year, > third-year undergraduates at the University of Leeds will be asked to > hack into software and fix any security bugs they find, Nick Efford, > senior teaching fellow at the School of Computing, University of > Leeds, said. > > "We are going to get our students to think about software in a > different way and look at software with a different perspective. We > will give them examples of software and will ask them to perform a > security audit of it and identify things that are insecure and then > ask them to fix the problems," Efford said. > > Students will be confronted with security vulnerabilities such as > buffer overruns and taught how to prevent those when writing software. > That focus on security in software engineering and the hands-on > experience makes the course different from most existing security > classes, which typically focus on network security and cryptography, > according to Efford. > > Microsoft is partly funding Efford's fellowship and is helping with > the curriculum's content. The Redmond, Washington , software maker is > in talks with other universities on similar programs, Stuart Okin, > chief security officer for Microsoft in the U.K. said. > > "We are talking to a number of universities in the U.S. ," he said. "I > hope of a world where in a few years' time every computing course is > teaching some part of writing secure code." > > Microsoft's university program is closely linked to its Trustworthy > Computing initiative, a Microsoft-wide focus on securing its products > that was launched early last year. As part of that initiative, > Microsoft halted the development work of thousands of software > engineers for 10 weeks to train them to look at software like hackers > do. > > Okin would like to see all software vendors share their knowledge with > academic institutions so future programmers have better security > knowledge. "The software industry as a whole will want to take on > people who have this skill set," he said. > > That Microsoft is sponsoring the course at the University of Leeds > does not mean students will only work with Microsoft's technology, > Efford said. "We are not focusing exclusively on any one vendor's > technology. We have to equip our students with broad knowledge," he > said. > > Okin agreed: "We need to get input from others as well. Clearly there > is no point in these undergraduates learning only about Microsoft > technology. We need a broad approach." -- Crispin Cowan, Ph.D. http://wirex.com/~crispin/ Chief Scientist, WireX http://wirex.com HP/Trend Micro Immunix Secured Solutions http://h18000.www1.hp.com/products/servers/solutions/iis/ Just say ".Nyet"
This archive was generated by hypermail 2b30 : Tue Mar 25 2003 - 08:46:43 PST