l. I no longer care about the endless stream of buffer-overflow
attacks against codecs or new ways to hide trojans.
--
J. Eric Townsend
design: www.allartburns.org; hacking: www.flatline.net; HF: KG6ZVQ
PGP: 0xD0D8C2E8 AC9B 0A23 C61A 1B4A 27C5 F799
A lot of people I know in IT are picking up certifications and I'm wondering if
there's any equivalent for software engineers or product security engineers.
I have vague memories of QE/QA certifications for ISO compliance, but a quick
perusal of google and yahoo turns up nothing for security
I'm working for an outfit that is looking for some external code review and
external black-box testing of consumer electronics products.
In the past, I've usually sent RFPs to firms I talked to at an RSA conference,
but I didn't go last year and there's been some shuffling of companies since
th
I've been asked to review some tcl code that works on data from untrusted
sources. I've dabbled in tcl a couple of times, but don't consider myself any
sort of expert and I'm looking for a bit of automated help.
Anyone know of a tool like rats, its4, or codeassure that works on tcl source,
or