Good developer reference
This is a well-written and example oriented book for C/C++ programmers that covers secure programming in all aspects. I had been using this book for last one year now and It helps me as a quick reference and also real source code demonstrating practical approaches that can be incorporated into their software projects.
The book needs a little update but still helps any aspiring C/C++ programmer involved with crypto.
a good reference if you've really got to be secure
If you are not sure that you need this book, then you probably don't. But if there is something it the table of contents that you've got to know, and you've got to get it right, then this would be a good book to have. Chapter 12 on Anti-Tampering was a really enjoyable read, though probably a futile task.
Great book for anyone using C
This is simply a great book for anyone using C or C++.These guys literally wrote the book on secure code.
Read it!
A task-oriented reference guide
This well-written book covers a lot of topics that I have not read in other books. Its strengths include:
--Good coverage of cryptography programming
--Task-oriented solutions to specific programming problems
--Easy to navigate "cookbook" style ("with recipes" as the authors call them)
However, some areas of improvement might be:
--Could use more coverage of important subjects (buffer overflows, etc.)
--spends a lot of space on narrower examples (like explaining certain APIs that are documented well online)
--Sometimes jumps into material without much background explanation (which was confusing for me)
It is probably not the first book you should read on the subject. This is more of a recipe guide that is useful if you get stuck on coding a particular topic that happens to be covered. The authors have done a good job of explaining what coverage they do and don't include.
Bought it for one reason but ended up using it.
To be truthful, I bought this book because the "gang" I hang out with is mentioned in the Acknowledgments section of the book. That was the ONLY reason when I sent money to Amazon.Com and purchased it for the dusty collection on my bookshelf.But, when I got it and chuckled over the Acknowledgements section, I started to mindlessly flip through the book. Mindless page flipping soon turned to semi-conscious scanning. Semi-conscious scanning soon turned to serious reading. I find myself reading the book more and more, jumping back and forth between sections I find interesting and useful.
As a Windows C++ programmer for in-house tools, I do not dwell much on secure programming concepts. Yes, this is very, very bad way to program, so those of you reading this review should not try it at home. This book has shown the errors of my ways, revealed security issues that I have overlooked by accident or on purpose and gave concepts and examples that I can apply in my projects.
This book is one reference that I will be going back over and over again. The authors and editors have done a wonderful job to make the reading flow nice and easy. It is also very well laid out by stating the problem you may encounter, followed by a solution and then detailed discussion section with code samples.
For any C/C++ programmer making software to be used by more than one person, this reference book is a must.
You can still read the Acknowledgments and marvel at my name on there, of course.
(12 reviews)
