Today I gave my presentation on Open Source Security to the Open Source class at Oregon State University. Along with the presentation is a collection of examples of bad (and good) programs ranging from XSS, CSRF, temp races, system() and SSL misuse, stack and heap memory corruption, format strings, and all sorts of other things I could think of. I gave this presentation in 2007 and was again honored to be asked back in 2008. I think more schools need to be teaching dedicated Open Source classes, and I’m pleased to help out. I’m hoping people will take away a few good ideas that will contribute to them producing safe code.
© 2008, Kees Cook. This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 License.
Good presentation, Kees. In suggestions for further reading, you might consider pointing to David Wheeler’s Security Programming for Linux and Unix HOWTO, at: http://www.dwheeler.com/secure-programs/
It’s freely available in PDF and HTML format, and it’s really a wealth of secure programming information.
:-Dustin
Comment by Dustin Kirkland — February 20, 2008 @ 7:32 pm