On Wed, 11 Oct 2006, Gary McGraw wrote: > We're working on it! The problem is not simply a book.
Great! What are you guys doing? What more can be done? There are quite a few of us willing to help, and I figure, starting with the books future programmers learn from is not a bad idea. This community is perfect for this job. Gadi. > > gem > > -----Original Message----- > From: Gadi Evron [mailto:[EMAIL PROTECTED] > Sent: Wed Oct 11 20:58:12 2006 > To: Kenneth Van Wyk > Cc: Secure Coding > Subject: [SC-L] re-writing college books [was: Re: A banner year for > software bugs | Tech News on ZDNet] > > So, how can we edit current basic programming college books to present > secure code, a couple of words of the correct way of doing things, and a > whole new chapter on secure coding (which may be redudndent?) > > How do we start? > > Some Whiley book for introduction to CS? > > Any volunteers to get this on the road? > > Gadi. > > On Wed, 11 Oct 2006, Kenneth Van Wyk wrote: > > > So here's a lovely statistic for the software community to hang its > > hat on: > > > > http://news.zdnet.com/2100-1009_22-6124541.html?tag=zdfd.newsfeed > > > > Among other things, the article says, "Atlanta-based ISS, which is > > being acquired by IBM, predicts there will be a 41 percent increase > > in confirmed security faults in software compared with 2005. That > > year, in its own turn, saw a 37 percent rise over 2004." > > > > Of course, the real losers in this are the software users, who have > > to deal with the never ending onslaught of bugs and patches from > > their vendors. We've just _got_ to do better, IMHO, and automating > > the patch process is not the answer. > > > > Cheers, > > > > Ken > > ----- > > Kenneth R. van Wyk > > KRvW Associates, LLC > > http://www.KRvW.com > > > > > > > > > > > > _______________________________________________ > Secure Coding mailing list (SC-L) > SC-L@securecoding.org > List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l > List charter available at - http://www.securecoding.org/list/charter.php > > > > > ---------------------------------------------------------------------------- > This electronic message transmission contains information that may be > confidential or privileged. The information contained herein is intended > solely for the recipient and use by any other party is not authorized. If > you are not the intended recipient (or otherwise authorized to receive this > message by the intended recipient), any disclosure, copying, distribution or > use of the contents of the information is prohibited. If you have received > this electronic message transmission in error, please contact the sender by > reply email and delete all copies of this message. Cigital, Inc. accepts no > responsibility for any loss or damage resulting directly or indirectly from > the use of this email or its contents. > Thank You. > ---------------------------------------------------------------------------- > _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php