:24:35 2006
To: David A. Wheeler
Cc: sc-l@securecoding.org
Subject:Re: [SC-L] Secure programming is NOT just good programming
| Here are some practices you should typically be doing
| if you're worried about security, and note that many are
| typically NOT considered good programming
On Oct 12, 2006, at 4:32 PM, Gary McGraw wrote:
I suppose now is as good a time as any to say that everything david
is talking about here is described in great detail in the HOW TO
book that I released last february. If you're reading this list,
you really should read that book. It's
| The only way forward is by having the *computer* do this kind of
| thing for us. The requirements of the task are very much like those
| of low-level code optimization: We leave that to the compilers today,
| because hardly anyone can do it well at all, much less competitively
| with
On 10/13/06, David A. Wheeler [EMAIL PROTECTED] wrote:
mikeiscool claimed:
Secure programming is good programming.
Most books teach good programming.
I strongly disagree with you, on both counts.
As is your right :)
At the least, those who say they practice good programming
practices,
