phase. Not sure
how much it helps sell things over and above our reputation among our
customers but we keep it out there.
--
Mike Lyman
mly...@west-point.org
___
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscription
tatements or case statements etc. Once they've had those
though, some basic input validation becomes a great programming
assignment to test their understanding of those skills.
--
Mike Lyman
mly...@west-point.org
___
Secure Coding mailing
bout 50% of the doctors out
there graduated in the bottom half of their class applies to our
industry as well with the added burden of plenty doing what we do with
no formal training at all. There are reasons we do peer reviews, formal
code reviews and testing. This is just a small piece of the puzzle th
njection attempt.
You might not touch on this until you get to those type applications. If
they were taught to question input all along though, by time you get to
something like this the habit might be forming.
--
Mike Lyman
mly...@west-point.org
___
making sure examples are done correctly. The database
examples that connected to an MS SQL server with userid=SA;password=""
used to drive me crazy. "The sample code does it that way so I better do
it that way." It makes for more complicated sample code but it may be
the on
omputer users' idea of
security was locking their car doors but it did set us up for bad
habits. Basics need to be drilled in early and always count for
something even if the lesson is while loops.
--
Mike Lyman
mly...@west-point.org
___
Secure
se hosting the call and doing the writing
didn't seem to grasp it. It may be a while before we see too many
adopting this or requiring it for a while.
--
Mike Lyman
[EMAIL PROTECTED]
___
Secure Coding mailing list (SC-L) SC-L@securecod
is the better question. Should be but even then I won't give
concrete answer. Based on what we know today it probably will be but
somewhere somebody may well be crafting that next attack that blows us
out of the water.
--
Mike Lyman
[EMAIL PROTECTED]
not ever be allowed to look at due to delivery schedules. Security
is giving them a good excuse to go learn more.
--
Mike Lyman
[EMAIL PROTECTED]
___
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - h