hi sc-l, Greg Hoglund and I are releasing our new book "Exploiting Online Games" today. Lots of information on the book can be found here http://exploitingonlinegames.com, including a foreword by Ed Felten, the usual blurbs, and a complete preface that explains the structure of the book.
Greg and I did a Silver Bullet episode that we released last night. Greg is an interesting guy, with deep knowledge of rootkits, decompilers, and low level security exploits. We talked about that, and we talked a little about EOG http://www.cigital.com/silverbullet/ The most interesting thing to me about EOG is that I believe the kinds of time and state errors found in MMORPGs like World of Warcraft are indicators of what we can expect over the next decade as SOA actually catches on. You see, moving around state between gazillions of clients and a central server in real time is a huge security challenge. Most software people screw it up. Darkreading wrote a little story about this last night: http://www.darkreading.com/document.asp?doc_id=128961&WT.svl=news1_1 The book is packed with real code, hard core examples, and things you can try yourself. Give it a spin! gem p.s. For some reason, amazon is a bit behind the curve for the launch and you can only pre-order. More on that when it gets cleared up. _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________