From - Thu Dec 17 12:06:29 1998 Received: from hydra.acs.uci.edu (root@hydra.acs.uci.edu [128.200.16.3]) by nis.acs.uci.edu (8.8.8/) with ESMTP id LAA08679 for ; Thu, 17 Dec 1998 11:19:31 -0800 (PST) Received: from brimstone.netspace.org (brimstone.netspace.org [128.148.157.143]) by hydra.acs.uci.edu (8.8.8/8.7.1) with ESMTP id LAA08205; Thu, 17 Dec 1998 11:19:26 -0800 (PST) Received: from netspace.org ([128.148.157.6]:27925 "EHLO netspace.org" ident: "TIMEDOUT2") by brimstone.netspace.org with ESMTP id <71202-584>; Thu, 17 Dec 1998 13:57:02 -0500 Received: from NETSPACE.ORG by NETSPACE.ORG (LISTSERV-TCP/IP release 1.8d) with spool id 5708716 for BUGTRAQ@NETSPACE.ORG; Thu, 17 Dec 1998 13:49:47 -0500 Approved-By: aleph1@UNDERGROUND.ORG Received: from underground.org ([209.179.181.153]) by netspace.org (8.8.7/8.8.7) with SMTP id NAA24897 for ; Thu, 17 Dec 1998 13:10:23 -0500 Received: (qmail 957 invoked by uid 500); 17 Dec 1998 19:21:44 -0000 Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Message-ID: <19981217112144.B872@underground.org> Date: Thu, 17 Dec 1998 11:21:44 -0800 Reply-To: Bugtraq List Sender: Bugtraq List From: Aleph One Subject: Re: Learning security [SUMMARY] To: BUGTRAQ@netspace.org X-Mozilla-Status: 8011 X-Mozilla-Status2: 00000000 This is a summary of the many (and I do mean many) replies. Thanks to everyone that contributed. Why do programmers write unsafe code? - There is no curriculum that addresses computer security in most schools. - Programming books/classes do not teach secure/safe programming techniques. - No one uses formal verification methods. - C is an unsafe language. - The standard C library string functions are unsafe. - Programmers do not think 'multiuser'. - Programmers are human. Humans are lazy. - Most programmers are simply not good programmers. - Most programmers are not security people. - Most security people are not programmers. - Most computer security models suck. - Lots of legacy code that is broken. - Consumers don't care about security. - Cost in extra developing time. - Cost in extra testing. What secure programming resources are available? Conferences: SANS ID'99 "How Attackers Break Programs, and How to Write Programs Securely" by M. Bishop. < http://www.sans.org/ > Classes: UC David ECS153 "Introduction to Computer Security" (M. Bishop) EnGarde's Secure Programming Tutorial < http://engarde.com/tutorials/tutorials_secprog.html > Articles: "Designing Secure Software" by Peter Galvin < http://www.sunworld.com/sunworldonline/swol-04-1998/swol-04-security.html > "The Unix Secure Programming FAQ" by Peter Galvin < http://www.sunworld.com/sunworldonline/swol-08-1998/swol-08-security.html > "A Lab engineers check list for writing secure Unix code" by AUCERT < ftp://ftp.auscert.org.au/pub/auscert/papers/secure_programming_checklist > "How to find security holes" by Kragen Sitaker < http://www.dnaco.net/~kragen/security-holes.txt > < http://www.dnaco.net/~kragen/security-holes.html > "setuid - checklist for security of setuid programs" < http://www.homeport.org/~adam/setuid.7.html > "perlsec - Perl security" < ftp://ftp.digital.com/pub/plan/perl/CPAN/doc/manual/html/pod/perlsec.html > Papers: "Robust Programming" by M. Bishop < http://seclab.cs.ucdavis.edu/~bishop/classes/ecs153-98-winter/robust.html > < http://seclab.cs.ucdavis.edu/~bishop/classes/ecs153-98-winter/Pdf/robust.pdf > < http://seclab.cs.ucdavis.edu/~bishop/classes/ecs153-98-winter/Postscript/robust.ps > "How to Write a Setuid Program" by M. Bishop < http://seclab.cs.ucdavis.edu/~bishop/scriv/1986-loginv12n1.ps > "Security Code Review Guidelines" By Adam Shostack < http://www.homeport.org/~adam/review.html > Talks & Tutorials: "Writing Safe Privileged Programs" by M. Bishop < http://seclab.cs.ucdavis.edu/~bishop/scriv/1997-ns97.pdf > < http://seclab.cs.ucdavis.edu/~bishop/scriv/1997-ns97.ps > "UNIX Security: Security in Programming" by M. Bishop < http://seclab.cs.ucdavis.edu/~bishop/scriv/1996-sans-tut.pdf > < http://seclab.cs.ucdavis.edu/~bishop/scriv/1996-sans-tut.ps > "Shifting the Odds: Writing (More) Secure Software" by Steve Bellovin < http://www.research.att.com/~smb/talks/odds.pdf > < http://www.research.att.com/~smb/talks/odds.ps > Books on writing secure software: "Practical Unix and Internet Security" from O'Reilly & Associates Chapter 22 "Writing Secure SUID and Network Programs" < http://www.oreilly.com/catalog/puis/ > Books on writing bug free software: "Writing Solid Code" by Steve Maguire < http://www.amazon.com/exec/obidos/ASIN/1556155514/ref=sim_books/002-7935989-4651662 > "Code Complete" by Steve McConnel < http://www.amazon.com/exec/obidos/ASIN/1556154844/o/qid=913914934/sr=2-1/002-7935989-4651662 > -- Aleph One / aleph1@underground.org http://underground.org/ KeyID 1024/948FD6B5 Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01