[SC-L] re-writing college books - erm.. ahm...
Crispin Cowan
crispin at novell.com
Sat Oct 28 04:07:23 EDT 2006
Gadi Evron wrote:
> So, "dump C", "Use SML", "What secure coding classes are you doing?" and
> "we are already doing it!!" are the responses I got when I started this
> thread.
>
What did you expect from whining about the generally poor quality of
software? :)
> Can someone mention again why re-writing the main often-used and probably
> less than 3 mostly-used basic programming books is a bad idea?
>
Uh ... 'cause I question the assertion that there are 3 mostly-used
basic programming books. I suspect it is more like 78 mostly used books.
More importantly, if there are 3 mostly used books, then there are 78
more behind them vying for those 3 slots, and they all have the same
problems. If you write a new book, then you just join the pool of 78,
and you have the impact of a drop in the bucket.
Worse, we are talking about correctness here. Correctness is hard, and
correctness on a large scale is harder. I doubt that even a concerted
effort at a "correct" book on intro to programming would manage to
actually be correct any time before the 3rd edition, 10 years from now.
Seeking perfect correctness as an approach to security is a fool's
errand. Security is designing systems that can tolerate imperfect software.
Crispin
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/
Director of Software Engineering, Novell http://novell.com
Hack: adroit engineering solution to an unanticipated problem
Hacker: one who is adroit at pounding round pegs into square holes
More information about the SC-L
mailing list