What You Don’t Do for Secure Programming

The hardest part of growing up is that everything you’re allowed to do is communicated in a general sense and everything that you’re not allowed to do is enumerated specifically and in detail AFTER you’ve gotten in trouble for doing it. So you’re told things like, “Go play in the yard.” Yet you get chewed out for very specifically flooding the yard to play mud football. Apparently the lawn, the water, and the clothes all cost money. Yet you played in the yard. Crazy, I know. Wouldn’t it have been better had you been told from the start, “Go play in the yard but do not flood it or damage it or your clothes in any way and do not waste water.” Sure, they tell you that NOW but it would have been much smarter to do it before you got in trouble. This is the 3rd article of a pragmatic series to help you understand security in new and practical ways that you can apply immediately to improve software. So check back regularly and get a new story or learn about software security, whichever, and be sure to take the...
Read more