At 11:17 AM -0400 5/11/07, Gary McGraw wrote: > As readers of the list know, SANS recently announced a certification > scheme for secure programming. Many vendors and consultants jumped > on the bandwagon. I'm not so sure the bandwagon is going anywhere. > I explain why in my latest darkreading column: > > http://www.darkreading.com/document.asp?doc_id=123606
Well that page shows up as blank in my browser and shows 637 HTML errors on http://validator.w3.org, > What do you think? Can we test someone's software security knowledge with > a multiple choice test? Anybody seen the body of knowledge behind the test? but based on biases I see on this list, I tend to believe that those who make such a certification scheme would bias it toward: Programming done in C and derivative languages (C++, Java, etc.) Programming relying on TCP/IP neither of which is relevant to my endeavors. -- Larry Kilgallen _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
