Excellent Secure Coding Paper

D.J. Bernstein, author of qmail and professor at U-Chicago, has released a new paper on qmail security. Though ostensibly about qmail, it's really an exposé on secure coding practices. In the paper, he identifies three fundamental approaches that will met "users' security requirements" within a given program:
1) eliminate bugs
2) eliminate code
3) eliminate trusted code

There's nothing I can say here that isn't better said by DJB in his paper. As such, I highly recommend reading it right away. It's very short (10 pages including the page of references) and very accessible. You do not need to be a programmer or a CompSci major to understand what he is saying.


About this Entry

This page contains a single entry by Ben Tomhave published on November 6, 2007 6:19 PM.

Quick Supporting Links... was the previous entry in this blog.

Call Your Congresscritter: Copyrights and Financial Aid? is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Monthly Archives

Pages

  • about
Powered by Movable Type 6.3.7