Ken rejected my first attempt at pass by value, so here's pass by reference instead! See the email below for an explanation.
http://www.swsec.com/book/annotated-biblio-from-SS.pdf -----Original Message----- From: Gary McGraw Sent: Friday, February 02, 2007 12:56 AM Hi all, I got to thinking about the "what should I read" question while trying to avoid working on my next book. It turns out that I built just such a list with a huge number of references when I was writing "Software Security." The list also includes my unmitigated opinion about each paper or book. The relevant part for the thread we were on is the list of the top 5 things you should read in the field. Anyway, without further ado and completely free of charge, here is Chapter 13 from "Software Security: Building Security In"...my annotated bibliography. [see URL above.] Hope this helps. gem company www.cigital.com podcast www.cigital.com/silverbullet book www.swsec.com ---------------------------------------------------------------------------- This electronic message transmission contains information that may be confidential or privileged. The information contained herein is intended solely for the recipient and use by any other party is not authorized. If you are not the intended recipient (or otherwise authorized to receive this message by the intended recipient), any disclosure, copying, distribution or use of the contents of the information is prohibited. If you have received this electronic message transmission in error, please contact the sender by reply email and delete all copies of this message. Cigital, Inc. accepts no responsibility for any loss or damage resulting directly or indirectly from the use of this email or its contents. Thank You. ---------------------------------------------------------------------------- _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________