On Wed, 11 Oct 2006, Gary McGraw wrote:
> We're working on it! The problem is not simply a book.
Great! What are you guys doing? What more can be done? There are quite a
few of us willing to help, and I figure, starting with the books future
programmers learn from is not a bad idea.
This community is perfect for this job.
Gadi.
>
> gem
>
> -----Original Message-----
> From: Gadi Evron [mailto:[EMAIL PROTECTED]
> Sent: Wed Oct 11 20:58:12 2006
> To: Kenneth Van Wyk
> Cc: Secure Coding
> Subject: [SC-L] re-writing college books [was: Re: A banner year for
> software bugs | Tech News on ZDNet]
>
> So, how can we edit current basic programming college books to present
> secure code, a couple of words of the correct way of doing things, and a
> whole new chapter on secure coding (which may be redudndent?)
>
> How do we start?
>
> Some Whiley book for introduction to CS?
>
> Any volunteers to get this on the road?
>
> Gadi.
>
> On Wed, 11 Oct 2006, Kenneth Van Wyk wrote:
>
> > So here's a lovely statistic for the software community to hang its
> > hat on:
> >
> > http://news.zdnet.com/2100-1009_22-6124541.html?tag=zdfd.newsfeed
> >
> > Among other things, the article says, "Atlanta-based ISS, which is
> > being acquired by IBM, predicts there will be a 41 percent increase
> > in confirmed security faults in software compared with 2005. That
> > year, in its own turn, saw a 37 percent rise over 2004."
> >
> > Of course, the real losers in this are the software users, who have
> > to deal with the never ending onslaught of bugs and patches from
> > their vendors. We've just _got_ to do better, IMHO, and automating
> > the patch process is not the answer.
> >
> > Cheers,
> >
> > Ken
> > -----
> > Kenneth R. van Wyk
> > KRvW Associates, LLC
> > http://www.KRvW.com
> >
> >
> >
> >
> >
>
> _______________________________________________
> Secure Coding mailing list (SC-L)
> SC-L@securecoding.org
> List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
> List charter available at - http://www.securecoding.org/list/charter.php
>
>
>
>
> ----------------------------------------------------------------------------
> This electronic message transmission contains information that may be
> confidential or privileged. The information contained herein is intended
> solely for the recipient and use by any other party is not authorized. If
> you are not the intended recipient (or otherwise authorized to receive this
> message by the intended recipient), any disclosure, copying, distribution or
> use of the contents of the information is prohibited. If you have received
> this electronic message transmission in error, please contact the sender by
> reply email and delete all copies of this message. Cigital, Inc. accepts no
> responsibility for any loss or damage resulting directly or indirectly from
> the use of this email or its contents.
> Thank You.
> ----------------------------------------------------------------------------
>
_______________________________________________
Secure Coding mailing list (SC-L)
SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
