[27904] in bugtraq
Better security through shame
daemon@ATHENA.MIT.EDU (Michael Bacarella)
Sun Nov 17 00:22:07 2002
Date: Thu, 14 Nov 2002 13:00:28 -0500
From: Michael Bacarella <mbac@netgraft.com>
To: bugtraq@securityfocus.com
Message-ID: <20021114130028.A22035@romulus.netgraft.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
STAFF: Humbly submitted for your subscribers.
The Peon's Guide To Secure System Development
Abstract:
Increasingly incompetent developers are creeping their way into
important projects. Considering that most good programmers are pretty
bad at security, bad programmers with roles in important projects are
guaranteed to doom the world to oblivion. The author feels that a step
towards washing himself clean of responsbility is by writing this
document. Checking your memcpy() and malloc() calls have been lectured
to death. It's not working. The approach used by this document is to
instead shame developers into producing better systems. Enjoy.
To save bandwidth, the interested parties may find the rest at
the following URL, in several formats:
http://m.bacarella.com/papers/secsoft/
Thanks
--
Michael Bacarella | Netgraft Corp
| 545 Eighth Ave #401
Systems Analysis | New York, NY 10018
Technical Support | 212 946-1038 | 917 670-6982
Managed Services | http://netgraft.com/
