Secure Programming

viega writes "Matt Messier and I have just launched a secure programming web site. While this site does support our new book The Secure Programming Cookbook for C and C++ , it also serves as a thorough resource for developers. It has numerous links to articles and other topical resources, new recipes that demonstrate secure programming techniques a large glossary and the obligatory web log. We accept outside submissions, and will reward the best recipe submission each month-- O'Reilly will publish it on the O'Reilly Network web site and will give the author a free book. There's already a decent amount of new content, including recipes on avoiding malloc()/new-related integer overflows, watching out for security problems in API differences and issues when truncating data. There's also an RSS feed for the web log."

Re:Warding off the inevitable "switch to Java" com

[Admiral+Burrito]

Buffer overruns are just one kind of problem you need to deal with when writing secure code.

Buffer overruns are one of the problems you don't need to deal with when writing secure code because modern languages (not C/C++) can detect that condition for you, leaving you to concentrate on the real bugs.

So much for "warding off". :p

Re:2 tips from the hood

[Eponymous+Coward]

Why get out of bed in the morning? One day you're just going to die and what will be the point of anything you've done?