Re: [SC-L] Education and security -- another perspective (was ACM Queue - Content)

environment in universities. And more importantly, from a secure coding objective, you can show what NOT to do. -- Regards, Dana Epp [Blog: http://silverstr.ufies.org/blog/]

Re: [SC-L] Programming languages used for security

time and eliminating coding error. You will find exactly those arguments in the preface to the KR C book. Crispin -- Regards, Dana Epp [Blog: http://silverstr.ufies.org/blog/]

Re: [SC-L] How do we improve s/w developer awareness?

of this email or its contents. Thank You. -- Regards, Dana Epp [Blog: http://silverstr.ufies.org/blog/]

[no subject]

[EMAIL PROTECTED] Subject: Re: [SC-L] How do we improve s/w developer awareness? Date: Thu, 2 Dec 2004 12:52:35 -0800 Sender: [EMAIL PROTECTED] Precedence: bulk Mailing-List: contact [EMAIL PROTECTED] ; run by MajorDomo List-Id: Secure Coding Mailing List sc-l.securecoding.org List-Post:

RE: [SC-L] Bugs and flaws

not something that will be fixed over night. --- Regards, Dana Epp[Microsoft Security MVP] Blog: http://silverstr.ufies.org/blog/ From: [EMAIL PROTECTED] on behalf of Crispin CowanSent: Fri 2/3/2006 12:12 PMTo: Gary McGrawCc: Kenneth R. van Wyk; Secure Coding Mailing ListSubject: Re: [SC-L] Bugs

RE: [SC-L] ddj: beyond the badnessometer

to show green blinky lights to tell you the code is safe. Human heuristics come into play here, and we have to leverage what assets we have, both manual and automatic, to find the faulty code and eliminate it. And pentesting is just another one of those tools in the arsenal to help. Regards, Dana Epp

Re: [SC-L] bumper sticker slogan for secure software

. It simply says: 0x5 10 points to the first person to explain what that means. Regards, Dana Epp [Microsoft Security MVP] http://silverstr.ufies.org/blog/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of SC-L Subscriber Dave Aronson Sent: Tuesday, July 18

Re: [SC-L] bumper sticker slogan for secure software

in our infancy when it comes to secure software as a discipline, and we still have much to learn before we will reach it. Regards, Dana Epp [Microsoft Security MVP] http://silverstr.ufies.org/blog/ ___ Secure Coding mailing list (SC-L) SC-L

Re: [SC-L] bumper sticker slogan for secure software

). So 0x5 means - no reception (0) - good signal strength (5) ie, we're doing ok at getting our message out, but people aren't listening yet. That cracked me up. So fitting for this forum. Regards, Dana Epp [Microsoft Security MVP] http://silverstr.ufies.org/blog/ -Original Message

Re: [SC-L] Bumper sticker definition of secure software

think they can solve all problems with technology without considering all risks and impacts to the business. Regards, Dana Epp [Microsoft Security MVP] http://silverstr.ufies.org/blog/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of mikeiscool Sent

Re: [SC-L] Unclassified NSA document on .NET 2.0 Framework Security

to reflect on them to tactically do it. -- Regards, Dana Epp Microsoft Security MVP On Tue, Nov 25, 2008 at 9:01 AM, Stephen Craig Evans [EMAIL PROTECTED] wrote: Gunnar, Developers have no power. You should be talking to the decision makers. As an example, to instill the importance

Re: [SC-L] any one a CSSLP is it worth it?

that crappy piece of code that I didn't properly threat model 15 years ago that is still in use today. -- Regards, Dana Epp Microsoft Security MVP On Wed, Apr 14, 2010 at 8:24 AM, Wall, Kevin kevin.w...@qwest.com wrote: Gary McGraw wrote... Way back on May 9, 2007 I wrote my thoughts about