[SC-L] MetriSec 2012 submission date is May 30th

2012-05-14 Thread James Walden
James Walden - Northern Kentucky University (US) Stephan Neuhaus - ETH Zurich (CH) STEERING COMMITTEE Dieter Gollmann, TU Harburg (DE) Sushil Jajodia, GMU (US) Guenter Karjoth, IBM (CH) Fabio Massacci, Uni. Trento (IT) John McHugh, Dalhousie Uni. (CA) Riccardo Scandariato, KU Leuven (BE) Ketil

[SC-L] MetriSec 2012 CFP International Workshop on Security Measurements and Metrics

2012-02-08 Thread James Walden
James Walden - Northern Kentucky University (US) Stephan Neuhaus - ETH Zurich (CH) STEERING COMMITTEE Dieter Gollmann, TU Harburg (DE) Sushil Jajodia, GMU (US) Guenter Karjoth, IBM (CH) Fabio Massacci, Uni. Trento (IT) John McHugh, Dalhousie Uni. (CA) Riccardo Scandariato, KU Leuven (BE) Ketil

Re: [SC-L] informIT: Building versus Breaking

2011-09-05 Thread James Walden
There are also a couple of other relevant academic security conferences: MetriSec - http://metrisec2011.cs.nku.edu/ (September 21st in Banff, Canada) SESS - http://homes.dico.unimi.it/~monga/sess11.html (May) On Thu, Sep 1, 2011 at 12:41 PM, Goertzel, Karen [USA] goertzel_ka...@bah.com wrote:

Re: [SC-L] has any one completed a python security code review`

2010-04-06 Thread James Walden
for Python, like pylint, pychecker, and pyflakes, but none of them is primarily focused on security. OWASP's Python ESAPI is a good starting point to learn about potential security flaws in Python. James Walden ___ Secure Coding mailing list (SC-L) SC-L

Re: [SC-L] Compilers

2006-12-22 Thread James Walden
to learn a new safe language than to use C++ securely. James Walden ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http

Re: [SC-L] Compilers

2006-12-22 Thread James Walden
reviews do. If your static analysis tool doesn't have a rule to detect a particular class of security bug, it obviously won't find it, but your testers might have the experience to test for it. James Walden ___ Secure Coding mailing list (SC-L) SC-L

Re: [SC-L] Fwd: re-writing college books - erm.. ahm...

2006-11-07 Thread James Walden
On 11/7/06, Gadi Evron [EMAIL PROTECTED] wrote: Well, I never recieved any replies here on what's already being done.. sonow, I am asking for ideas on how we can approach schools. What's needed,in order for basic CS classes to have a security orientation? Most CS professors have little awareness

Re: [SC-L] re-writing college books [was: Re: A banner year for software bugs | Tech News on ZDNet]

2006-10-15 Thread James Walden
On 10/12/06, Craig E. Ward [EMAIL PROTECTED] wrote: I don't think saying use safer languages is a good way to say it.It would help conditions significantly if greater care were taken tomatch the choice of programming language to the problem to be solved or application to be created. If a language

Re: [SC-L] ComputerWorld interview with Theo de Raadt on Software Security

2004-09-10 Thread James Walden
on exploit mitigation techniques that was mentioned in the article at http://cvs.openbsd.org/papers/auug04/index.html -- James Walden, Ph.D. Visiting Assistant Professor of EECS The University of Toledo @ LCCC http://www.eecs.utoledo.edu/~jwalden/

Re: [SC-L] Programming languages used for security

2004-07-10 Thread James Walden
CGI parameter strings or databases receiving SQL query strings. As for syntax, I want to be able to use functional, imperative, or object-oriented techniques as best fit my problem domain. -- James Walden, Ph.D. Visiting Assistant Professor of EECS The University of Toledo @ LCCC http

Re: [SC-L] Education and security -- another perspective (was ACM Queue - Content)

2004-07-08 Thread James Walden
++. Electives introduce other languages, of course. I like ocaml myself, but its use is restricted to restricted to certain electives. -- James Walden, Ph.D. Visiting Assistant Professor of EECS The University of Toledo @ LCCC http://www.eecs.utoledo.edu/~jwalden/

Re: [SC-L] Education and security -- another perspective (was ACM Queue - Content)

2004-07-07 Thread James Walden
it. -- James Walden, Ph.D. Visiting Assistant Professor of EECS The University of Toledo @ LCCC http://www.eecs.utoledo.edu/~jwalden/

Re: [SC-L] Education and security -- another perspective (was ACM Queue - Content)

2004-07-07 Thread James Walden
, and the first is the most workable short term solution. -- James Walden, Ph.D. Visiting Assistant Professor of EECS The University of Toledo @ LCCC http://www.eecs.utoledo.edu/~jwalden/

Re: [SC-L] SPI, Ounce Labs Target Poorly Written Code

2004-06-30 Thread James Walden
see this problem going away in the future, though particular attack instances like SQL injection may disappear. -- James Walden, Ph.D. Visiting Assistant Professor of EECS The University of Toledo @ LCCC http://www.eecs.utoledo.edu/~jwalden/ [EMAIL PROTECTED]

Re: [SC-L] ACM Queue article and security education

2004-06-30 Thread James Walden
that computer science changes rapidly, and it does compared to older fields like physics, where you have to go to graduate school to study much that was developed after the 1930's, but I suspect most people in any field avoid change until it's forced upon them. -- James Walden, Ph.D. Visiting

Re: [SC-L] Re: White paper: Many Eyes - No Assurance Against Many Spies

2004-04-30 Thread James Walden
when you install a new version. -- James Walden, Ph.D. Visiting Assistant Professor of EECS The University of Toledo @ LCCC http://www.eecs.utoledo.edu/~jwalden/

Re: [SC-L] virtual server - security

2004-04-01 Thread James Walden
on. -- James Walden, Ph.D. Visiting Assistant Professor of EECS The University of Toledo @ LCCC http://www.eecs.utoledo.edu/~jwalden/ [EMAIL PROTECTED]