Binding: Paperback Dewey Decimal Number: 005.133 EAN: 9780596003944 Format: Illustrated ISBN: 0596003943 Label: O'Reilly Media, Inc. Manufacturer: O'Reilly Media, Inc. Number Of Items: 1 Number Of Pages: 790 Publication Date: July 14, 2003 Publisher: O'Reilly Media, Inc. Sales Rank: 47031 Studio: O'Reilly Media, Inc.
Product DescriptionPassword sniffing, spoofing, buffer overflows, and denial of service: these are only a few of the attacks on today's computer systems and networks. At the root of this epidemic is poorly written, poorly tested, and insecure code that puts everyone at risk. Clearly, today's developers need help figuring out how to write code that attackers won't be able to exploit. But writing such code is surprisingly difficult.
'Secure Programming Cookbook for C and C++' is an important new resource for developers serious about writing secure code. It contains a wealth of solutions to problems faced by those who care about the security of their applications. It covers a wide range of topics, including safe initialization, access control, input validation, symmetric and public key cryptography, cryptographic hashes and MACs, authentication and key exchange, PKI, random numbers, and anti-tampering. The rich set of code samples provided in the book's more than 200 recipes will help programmers secure the C and C++ programs they write for both Unix(R) (including Linux(R)) and Windows(R) environments. Readers will learn:
How to avoid common programming errors, such as buffer overflows, race conditions, and format string problems
How to properly SSL-enable applications
How to create secure channels for client-server communication without SSL
How to integrate Public Key Infrastructure (PKI) into applications
Best practices for using cryptography properly
Techniques and strategies for properly validating input to programs
How to launch programs securely
How to use file access mechanisms properly
Techniques for protecting applications from reverse engineering
The book's website supplements the book by providing a place to post new recipes, including those written in additional languages like Perl, Java, and Python. Monthly prizes will reward the best recipes submitted by readers.
'Secure Programming Cookbook for C and C++' is destined to become an essential part of any developer's library, a code companion developers will turn to again and again as they seek to protect their systems from attackers and reduce the risks they face in today's dangerous world.
Customer Reviews
Average Rating:
Rating: - Good developer reference
This is a well-written and example oriented book for C/C++ programmers that covers secure programming in all aspects. I had been using this book for last one year now and It helps me as a quick reference and also real source code demonstrating practical approaches that can be incorporated into their software projects.
The book needs a little update but still helps any aspiring C/C++ programmer involved with crypto.
Rating: - a good reference if you've really got to be secure
If you are not sure that you need this book, then you probably don't. But if there is something it the table of contents that you've got to know, and you've got to get it right, then this would be a good book to have. Chapter 12 on Anti-Tampering was a really enjoyable read, though probably a futile task.
Rating: - Great book for anyone using C
This is simply a great book for anyone using C or C++.
These guys literally wrote the book on secure code.
Read it!
Rating: - A task-oriented reference guide
This well-written book covers a lot of topics that I have not read in other books.
Its strengths include:
--Good coverage of cryptography programming --Task-oriented solutions to specific programming problems --Easy to navigate "cookbook" style ("with recipes" as the authors call them)
However, some areas of improvement might be:
--Could use more coverage of important subjects (buffer overflows, etc.) --spends a lot of space on narrower ... Read More
Rating: - Bought it for one reason but ended up using it.
To be truthful, I bought this book because the "gang" I hang out with is mentioned in the Acknowledgments section of the book. That was the ONLY reason when I sent money to Amazon.Com and purchased it for the dusty collection on my bookshelf.
But, when I got it and chuckled over the Acknowledgements section, I started to mindlessly flip through the book. Mindless page flipping soon turned to semi-conscious scanning. Semi-conscious scanning soon turned to serious reading. I find myself ... Read More
- Good developer reference 
- a good reference if you've really got to be secure
- Great book for anyone using C
