My blog
My LinkedIn Profile

BOOKS i'm reading

Napoleon Hill Keys to Success: The 17 Principles of Personal Achievement, Napoleon Hill, ISBN: 978-0452272811
The 4-Hour Workweek: Escape 9-5, Live Anywhere, and Join the New Rich (Expanded and Updated), Timothy Ferriss, ISBN: 978-0307465351
The Fountainhead, Ayn Rand, ISBN: 0452273331
Web Hosting Canada


Category: Software security


Permalink 09:39:22 pm, by lano1106, 202 words, 1769 views   English (CA)
Categories: Software security, Software security

Hunting Security Bugs

Hunting Security Bugs, Tom Gallagher, Lawrence Landauer, Bryan Jeffries, ISBN: 073562187X

Beside Bruce Schneier books, this is the second software security book that I am reading. The first being Building Secure Software: How to Avoid Security Problems the Right Way and I have prefered this one because it provides more concrete examples. The book consists of over 20 chapters covering different security areas. As a software developer, some chapters appeared less relevent and less interesting to me and I guess that it is because these chapters are geared principally toward testers.

However, at least 2 chapters should be extremely interesting and valuable to developers like myself. It is the chapters that demonstrate with step by step tutorials how a hacker would do to exploit buffer overflow and format string problems. I was already familiar with buffer overflows and I had read a similar chapter about them in Building Secure Software: How to Avoid Security Problems the Right Way but the format string exploits were new to me.

As expected since the book is published by Microsoft Press, the book has a strong bias torward Microsoft products (ie.: .NET and ActiveX controls security) but the presented topics are general enough to make this book very valuable even for users of other OSes and/or development tools.

Permalink 09:32:47 pm, by lano1106, 59 words, 1269 views   English (CA)
Categories: Software security

Building Secure Software: How to Avoid Security Problems the Right Way

Building Secure Software: How to Avoid Security Problems the Right Way, John Viega, Gary McGraw, ISBN: 020172152X

It is a good book but with the exception of the chapter on buffer overflows, my perception of the book is that it focus mainly on the theory of software security. As someone who has an engineer formation, I have a preference for books more pratical with more concrete examples. For this reason, I did prefer Hunting Security Bugs.

<< Previous Page ::

Olivier Langlois's blog

I want you to find in this blog informations about C++ programming that I had a hard time to find in the first place on the web.

< Previous |

September 2022
Sun Mon Tue Wed Thu Fri Sat
 << <   > >>
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30  


Custom Search


XML Feeds

What is RSS?

Who's Online?

  • Guest Users: 7

powered by