Gadi, I sort of agree with mic that the problem is poor programming. My last manager liked to pick up C text books at random and point out all the vulnerabilities in the code examples that are being used to teach the next generation of programmers (how to write vulnerabilities).
> This community is perfect for this job. If the community is bored right now ;^) we are looking for community help to build up our knowledge of secure coding rules and recommendations for the C and C++ programming languages: www.securecoding.cert.org I'm also teaching a course at CMU in the spring on Secure Coding in C and C++. I'm hoping to take this material and incorporate it into the course. Once I get some experience teaching the material, I could help turn it into a college text. (I've written three books already, so I'm a proven threat. 8^) Thanks, rCs -- Robert C. Seacord Senior Vulnerability Analyst CERT/CC Work: 412-268-7608 FAX: 412-268-6989 _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php
