On Mon, 9 Oct 2006, Gary McGraw wrote:
The most interesting thing from an sc-l perspective about this column is
that it emphasizes a client need we're often forced to address---the
need for a demo exploit. Sometimes those on the receiving end of a
software security vulnerability don't
I think there is an easy solution to this. It is called a 3rd party
audit. This is done all the time in the financial community. Software
vendors fork over their latest product version and sometimes source code
and a credible 3rd party looks for holes. It is sometimes paid for by the
customer
At 10:03 AM -0400 10/12/06, ljknews wrote:
At 9:20 AM -0400 10/12/06, Robert C. Seacord wrote:
I'm also teaching a course at CMU in the spring on Secure Coding in C
and C++.
Is there participation on this list from the (hopefully larger number of)
CMU instructors who are teaching people to
On 10/13/06, Craig E. Ward [EMAIL PROTECTED] wrote:
At 10:03 AM -0400 10/12/06, ljknews wrote:
At 9:20 AM -0400 10/12/06, Robert C. Seacord wrote:
I'm also teaching a course at CMU in the spring on Secure Coding in C
and C++.
Is there participation on this list from the (hopefully