Hendrik Boom said on Mon, 26 Jul 2021 17:21:24 -0400 >On Mon, Jul 26, 2021 at 11:48:53AM -0400, Steve Litt wrote: >> Andreas Messer said on Mon, 26 Jul 2021 09:38:23 +0200 >> >> >> >My feeling is, that you can not simply teach someone how to write >> >safe software. >> >> Why not? You can teach a person to do anything else. But maybe not in >> college, because college is built to make money, not to teach. >> Consider the average textbook and compare to the average "For >> Dummies" book. The former makes the subject matter look incredibly >> complex, justifying the professor. The latter makes it easy to learn. >> >> What is needed is a curated document explaining the five or ten or >> twenty things you need to do to be secure, and then how to achieve >> them in a practical world. Let's start with input field cleansing and >> protection from errant pointers and buffer overflow. There are many >> more: > >Knowing you, you probably already have a draft of such a document >lying around.
Not that I know of. That's why I'm starting at the level of a simple list. SteveT Steve Litt Spring 2021 featured book: Troubleshooting Techniques of the Successful Technologist http://www.troubleshooters.com/techniques _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng