David Wheeler said: >The problem is that developers don't grok _ANY_ of the books. I wonder if some of this has to do with how the books are laid out. Based on what I've seen (and I haven't read them cover-to-cover), the books are roughly organized according to the types of problems encountered, instead of having sections for constructs that programmers understand (files, directories, command execution, networking) and linking them to the issues that are likely to be found in those constructs. Obviously the same type of vulnerability can show up in multiple constructs, but a different organization might help programmers better deal with the deluge of information while still getting across the "safe programming mindset" that seems to be a major goal of the books. That said, the emphasis on buffer overflows is quite deserved :) and these books are excellent regardless of my own pet theories. >in the real world, people don't re-write DES - they implement their >own code, and tend to make the same mistakes as everyone else did >before them. The PROTOS project and other "suite auditing" techniques demonstrate this problem (most recently, Rapid 7's analysis of SSH2). >In one hour a developer can learn enough to avoid 99% of the mistakes >currently being made... It's criminal that we can't figure out how to >get that 1-2 hours. One would figure that "secure programming certification" would be right around the corner, but there must be a good reason why nobody's really tried to do that yet. - Steve
This archive was generated by hypermail 2b30 : Tue Jan 07 2003 - 14:54:39 PST