[SC-L] Deadline extended to Oct. 7 - SecSE 2010

2009-09-28 Thread Martin Gilje Jaatun
We've extended the submission deadline of the Fourth International Workshop on Secure Software Engineering (in conjunction with ARES 2010) to October 7th. For more information, see http://sintef.org/secse ___ Secure Coding mailing list (SC-L) SC-L@sec

Re: [SC-L] academics do software security too

2010-10-11 Thread Martin Gilje Jaatun
Hi SC-L, Since Gary has been plugging ESSoS, I thought I'd let you know that the 5th annual International Workshop on Secure Software Engineering (SecSE 2011) will be organized as part of the ARES conference in Vienna, Austria next summer. This year the conference has been shifted 6 months o

Re: [SC-L] Java: the next platform-independent target

2010-10-25 Thread Martin Gilje Jaatun
On 2010-10-22 04:51, Kevin W. Wall wrote: In a large part, I think that people fail to patch Flash or Acrobat Reader for the same reason they forget about Java...out of sight, out of mind.* I think they believe that Windows Update solves (or should solve) *all* their patching needs. I think many

[SC-L] Experiences from engineering secure web applications

2010-11-22 Thread Martin Gilje Jaatun
Hi SC-L, We're planning a Special Issue of the International Journal of Secure Software Engineering (IJSSE) titled "Lessons learned in engineering secure & dependable Web applications". The submission deadline is March 7th - see http://www.sislab.no/ijsse for more details. Cheers, Martin

[SC-L] CFP: SecSE Deadline extended to April 4th

2011-03-16 Thread Martin Gilje Jaatun
have almost three weeks at your disposal. See http://sintef.org/secse for more information! Cheers, Martin Gilje Jaatun PS: BSIMM2: The Building Security In Maturity Model http://bsimm2.com Software security has made great progress over the last decade. The Building Security In Maturity Model (

Re: [SC-L] informIT: Modern Malware

2011-03-23 Thread Martin Gilje Jaatun
On 2011-03-23 00:57, Andy Steingruebl wrote: On Tue, Mar 22, 2011 at 8:41 AM, Gary McGraw wrote: [...] malware" as the AT&T guys sometimes think…you use it to find the kinds of bugs that malware exploits to get a toehold on target servers. One level removed, but a clear causal effect. Inte

[SC-L] "Building" conferences (was: informIT: Building versus Breaking)

2011-09-02 Thread Martin Gilje Jaatun
Karen Goertzel wrote: There are these: ISC(2) Secure Software Conference Series - > https://www.isc2.org/PressReleaseDetails.aspx?id=650 ESSoS - http://distrinet.cs.kuleuven.be/events/essos/2012/ SecSE - http://www.sintef.org/secse SSIRI - http://paris.utdall

[SC-L] CFP: IJSSE Special Issue on Security Modeling

2011-09-14 Thread Martin Gilje Jaatun
The International Journal of Secure Software Engineering is planning a special issue on security modeling. Submission deadline is October 30th - see http://www.igi-global.com/bookstore/titledetails.aspx?titleid=1159&detailstype=callforpapersspecial

[SC-L] CFP: SecSE 2012

2012-02-21 Thread Martin Gilje Jaatun
30th, 2012; for more details see the workshop website: http://www.sintef.org/secse Cheers, Martin Gilje Jaatun Organizing Chair ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http

[SC-L] Fwd: [SEWORLD] SWEBOK Version 3 Call for Reviewers

2012-03-07 Thread Martin Gilje Jaatun
Hi SC-L, I would have hoped that "Software Security" should have been a topic area in SWEBOK, right alongside "Software Quality", but it doesn't look like it... -Martin Opprinnelig melding Emne: [SEWORLD] SWEBOK Version 3 Call for Reviewers Dato: Fri, 2 Mar 2012 10:53:2

Re: [SC-L] Fwd: [SEWORLD] SWEBOK Version 3 Call for Reviewers

2012-03-11 Thread Martin Gilje Jaatun
make as they fly by." - Douglas Adams *From:* sc-l-boun...@securecoding.org <mailto:sc-l-boun...@securecoding.org> [sc-l-boun...@securecoding.org <mailto:sc-l-boun...@securecoding.org>] on behalf of Martin

Re: [SC-L] SearchSecurity: Mobile Security = Software Security

2012-07-15 Thread Martin Gilje Jaatun
Hi Gary, I agree with everything you write in the article (although I was a bit peeved at having to register to read it...). It ties nicely in with a related topic that is being discussed a lot recently: "The danger of QR codes", where people argue that you shouldn't scan QR codes with your s

[SC-L] CFP: International Workshop on Secure Software Engineering (SecSE-13@AReS)

2013-03-05 Thread Martin Gilje Jaatun
more information. Submit your papers by March 30th at https://confdriver.ifs.tuwien.ac.at/ares2013. Cheers, Martin Gilje Jaatun SecSE organizing chair ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc

[SC-L] CFP - Secure Software Engineering (SecSE 2010)

2009-08-18 Thread Martin Gilje Jaatun
gineering (ISSN 1947-3036 - http://www.igi-global.com/ijsse). Organizing committee: ==== Martin Gilje Jaatun, SINTEF ICT, Norway Torbjørn Skramstad, Norwegian University of Science and Technology (NTNU) Lillian Røstad, Norwegian University of Science and Technology (NTNU) Enquiri

Re: [SC-L] What is the size of this list?

2009-08-20 Thread Martin Gilje Jaatun
Rafael Ruiz wrote: I am a lurker (I think), I am an embedded programmer and work at Lowrance (a brand of the Navico company), and I don't think I can't provide too much to security because embedded software is closed per se. IMHO, it is very dangerous to assume that "since it is embedded, nobo

[SC-L] Security as a part of code quality (Was: Re: Where Does Secure Coding Belong In the Curriculum?)

2009-08-21 Thread Martin Gilje Jaatun
Karen, Matt & all, Goertzel, Karen [USA] wrote: > I'm more devious. I think what needs to happen is that we need to redefine > what we mean by "functionally correct" or "quality" code. If determination of > functional correctness were extended from "must operate as specified under > expected co