SecureProgramming.com
Login
Username: 
Password: 
Forgot your password?
Create a new account
New SafeStr and XXL Releases
Posted by Matt Messier on Sun, Jan 30, 2005 (06:33 PM) GMT

SafeStr v1.0.3 and XXL v1.0.1 have finally been released today. It's been far too long since the last release was made of either of these libraries, but better late than never I suppose. The new versions are primarily bug fixes, although some minor new function has been added to both. Thanks to everyone that has submitted bug reports and patches!

Comparing Java and .NET security
Posted by John Viega on Sat, Jan 31, 2004 (06:07 AM) GMT

O'Reilly's DevCenter has posted three articles comparing Java and .NET security, with a fourth one coming in February. We'll update this story when the fourth article is available.

  1. Security Configuration and Code Containment

  2. Cryptography and Communication

  3. Code Protection and Code Access Security (CAS)

Preventing Integer Overflows in C++
Posted by John Viega on Thu, Jan 22, 2004 (10:44 PM) GMT

David LeBlanc, co-author of Writing Secure Code, has put together a C++ class to help developers avoid integer overflow errors. In addition, he wrote an article that is a lucid introduction to the problem. The article, along with a link to the code, is available here.

/.
Posted by John Viega on Wed, Oct 08, 2003 (06:07 PM) GMT

Hey, we got reviewed on slashdot. Thanks for the positive review.

[Read More] (668 bytes in body)

First SPC for C and C++ review
Posted by John Viega on Tue, Sep 16, 2003 (10:41 AM) GMT

Dan Weeks wrote the first published review of the book we've seen so far.

How much does the programming language matter?
Posted by John Viega on Mon, Sep 15, 2003 (07:59 AM) GMT

We've now been slashdotted. After lowering the idle connection timeout from hours to minutes, we're doing fine (famous last words). The comments are full of "C sucks" rants. I thought I'd summarize a few of my thoughts on this issue.

[Read More] (3724 bytes in body)

Contest: Submit the best recipe
Posted by John Viega on Sat, Sep 13, 2003 (11:31 PM) GMT

One of the goals of SecureProgramming.com is to provide recipes demonstrating good secure programming techniques (particularly ones supplementing our books). Anyone can submit these recipes.

Every month we will pick the best submitted recipe. O'Reilly will provide the winner with a free O'Reilly book (the winner's choice) and will publish the recipe on the O'Reilly Network.

Submit recipes here. Please avoid anything that duplicates material in the Secure Programming Cookbook for C and C++ (though similar recipes for other programming languages are certainly welcome).

[Python Powered]