Andy Steingruebl wrote: > I think our real question isn't just how to reach the "professional" > programmer trained via formal training programs, but also how to reach > the "amateur" programmer trained via books, trial+error, etc. > >
One area here is making sure examples are done correctly. The database examples that connected to an MS SQL server with userid=SA;password="" used to drive me crazy. "The sample code does it that way so I better do it that way." It makes for more complicated sample code but it may be the only way to reach these self taught folks. -- Mike Lyman mly...@west-point.org _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
