Quickies of the day
- Jiri has an interesting comparison between the state of infrastructure security as opposed to application security.
- Michael Howard has the slides from what appear to be an excellent presentation about Secure coding issues up (by way of Sergey Simakov
- The widely-talked-about paper from Paul Watson on the TCP reset vulnerability that threatened to destroy the internet last week is now online.
- Charles Miller discusses where bugs come from, and why unit testing only will catch a part of them.
- Mr Ed from Hacknot asks all developers to spare a thought for the next guy that will change your code — it could be you.
Also, with all the recent book reviews all over the .Net blogosphere, I broke down and went crazy on Amazon. The following books should soon be here:
- Building Secure Software: How to Avoid Security Problems the Right Way [Hardcover] By: John Viega (Author), Gary McGraw (Author)
- .NET Framework Standard Library Annotated Reference, Volume 1: Base Class Library and Extended Numerics Library, 1/e [Hardcover] By: Brad Abrams (Author)
- Practical Cryptography [Paperback] By: Niels Ferguson (Author), Bruce Schneier (Author)
- Exploiting Software : How to Break Code [Paperback] By: Greg Hoglund (Author), Gary McGraw (Author)
- Writing Secure Code, Second Edition [Paperback] By: Michael Howard (Author), David C. LeBlanc
- The C# Programming Language [Hardcover] By: Anders Hejlsberg (Author), et al
- Essential .NET, Volume I: The Common Language Runtime [Paperback] By: Don Box (Author)
- Secure Coding: Principles and Practices [Paperback] By: Mark G. Graff, Kenneth R. Van Wyk
Tags: datorsäkerhet, mjukvarutestning