Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Writing Secure Code", Michael Howard/David LeBlanc

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKWRSCCD.RVW 20060910 Writing Secure Code , Michael Howard/David LeBlanc, 2002, 0-7356-1588-8, U$39.99/C$57.99 %A Michael Howard %A David LeBlanc %C 1
    Message 1 of 1 , Oct 27 9:50 AM
      BKWRSCCD.RVW 20060910

      "Writing Secure Code", Michael Howard/David LeBlanc, 2002,
      0-7356-1588-8, U$39.99/C$57.99
      %A Michael Howard
      %A David LeBlanc
      %C 1 Microsoft Way, Redmond, WA 98052-6399
      %D 2002
      %G 0-7356-1588-8
      %I Microsoft Press
      %O U$39.99/C$57.99 800-MSPRESS fax: 206-936-7329
      %O http://www.amazon.com/exec/obidos/ASIN/0735615888/robsladesinterne
      %O http://www.amazon.ca/exec/obidos/ASIN/0735615888/robsladesin03-20
      %O Audience a Tech 2 Writing 1 (see revfaq.htm for explanation)
      %P 477 p. + CD-ROM
      %T "Writing Secure Code"

      The introduction states that the purpose of the book is to teach
      application designers (and particularly .NET developers) to design,
      write, and test application code in a secure manner.

      Part one addresses the contemporary security situation. Chapter one
      reviews the need for secure systems. The text is so supplemented by
      notes, comments, text boxes, and sidebars that it becomes difficult to
      follow at times. However, ultimately it does have a lot of
      interesting material that would be useful for those who have to make a
      case for secure coding practices and processes. Designing secure
      systems, in chapter two, provides a solid list of secure strategy
      principles along with details and discussion of them, although much of
      this deliberation is restricted to "war stories" which are interesting
      but not always useful. The content makes the point that the mere
      addition of security technologies does not always make for secure
      applications, which point is not supported by the inclusion, in the
      latter part of the material, of a huge list of security technologies.

      Part two turns to secure coding techniques. Chapter three details
      that old standard and nemesis, the buffer overflow. Unfortunately,
      most of what is provided is limited to code demonstrating that various
      types of buffer overflows exist, and some contentions in regard to
      specific C language instructions that should not be used. Code for
      access control list use on Windows NT4 and 2000 is reviewed in chapter
      four. Code, but not design, for running with least privilege occupies
      chapter five. Chapter six is again concerned primarily with source
      code for cryptographic operations, although limited to pseudorandom
      number generation (paying insufficient attention to seed values), key
      management, and miscellaneous topics. Further functions involved with
      encrypting confidential information are in chapter seven. Chapter
      eight turns to canonical representation, although the discussion is
      narrowly confined to filenames and issues of traversal.

      Part three concentrates on network-based application considerations
      even though network connectivity and access has been given as the
      reason to pay attention to secure coding in the first place. Chapter
      nine looks at the possibility of port hijacking, and the design of
      applications in order to work cooperatively with firewalls. Securing
      the use of RPC (Remote Procedure Calls), ActiveX, and DCOM
      (Distributed Common Object Model) is covered well in chapter ten, with
      concepts as well as code and good explanations (although I know for a
      fact that accessing dcomcnfg on XP is *not* as easy as the authors
      want to make out). Chapter eleven lists some denial of service (DoS)
      attacks and generally suggests limiting the resources available to
      applications. Most of the advice on securing Web-based services, in
      chapter twelve, boils down to advice not to trust the client, and
      various examples of malformed input are described.

      Part four contains special topics. Chapter thirteen details .NET
      functions and operations related to security, but also provides
      valuable guidance in regard to appropriate (and inappropriate) use.
      Testing of secure applications gets a review of standard procedures,
      in chapter fourteen, but the material does not provide an abstract
      overview of assessment concepts that could be used to find all
      possibilities of weakness. Installation procedures, in chapter
      fifteen, could have been useful, but is probably the most Windows
      specific and least practical section of the entire work. Chapter
      sixteen is a bit of a grab bag, but contains worthwhile tips and
      principles to follow (mostly in order to avoid common security

      Appendices are usually extraneous material, sometimes added merely to
      pad out the page count of a book. However, the essays included at the
      end of this volume could be quite helpful. There are the ten
      immutable laws of security and the ten immutable laws of security
      administration, which have become famous in their own right, and have
      spread through the Internet, as well as a list of dumb excuses given
      for not doing security properly.

      Overall, the book contains much that can be of use for those who wish
      to develop code that is secure and resistant against bugs and flaws
      that may open the application to attack. However, there is also a
      good deal that is irrelevant and not helpful, and a number of issues
      that could have useful have not been included (such as development
      methodologies, design strategies, and testing issues).

      copyright Robert M. Slade, 2006 BKWRSCCD.RVW 20060910

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      Microsoft gambled that making their users fault-tolerant was a
      better use of resources than making their software reliable.
      - Paul Guertin
      Dictionary of Information Security www.syngress.com/catalog/?pid=4150
    Your message has been successfully submitted and would be delivered to recipients shortly.