|
 |
|
 |
 |
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input...
|
(Paperback - July 21, 2003)
by John Viega
Sales Rank: 405269
|
List Price: $74.99
$62.36
At Amazon
|
|
Paperback: 792 pages
Publisher: O'Reilly Media; 1 edition July 14, 2003
Language: English
ISBN-10: 0596003943
ISBN-13: 978-0596003944
Product Dimensions:
9 x 6.9 x 1.5 inches
Shipping Weight: 2.4 pounds
Review
"This is a book that's long overdue and makes for an interesting and deeply technical read on a topic that we should all core about more. Yes, it's limited to C and C++ readers, but with the majority of key applications being written in these languages that's where the biggest benefit can be had - give the sample chapter a read, and you'll soon be on your way to the books store to buy the rest of it." "A powerful and initially somewhat scary book that will quickly get you thinking about security while you program - as opposed to as an afterthought." - Paul Hudson, LinuxFormat, Christmas 03 - Rating 10/10 - Top Stuff Award
Customer Reviews & Comments
I hadn't anticipated the heavy amount of crypto related chapters in this book. I honestly had only read about the input validation, avoiding overflows, and access control portions. It turns out it covers those areas plus a wide range of crypto related code. It goes over the fundamentals of Symmetric Crypto in great detail, from simple base64 encoding to parallelizing Encryption and decryption in arbitrary modes. All of the crypto related portions of this book are very clear. I highly recommend this book if you are doing any kind of crypto, whether it's simply encrypting a password, a file, or setting up a socket based secure communication tunnel. The Networking chapter is a very good reference section for creating SSL clients and servers, as well as using kerberos or securing your connections to your database. There is almost 80 pages of information related to generating random numbers and data from using /dev/random to gathering entropy from Mouse Evens on Win32. The one chapter I didn't expect to see here that was quite good was Chapter 12, Anti-Tampering. This chapter goes over obfuscating your code, detecting binary modifications, disguising boolean values, etc. It even shows you how to detect SoftICE and other debuggers, which can be useful for attempting to block people from cracking your commercial software. Although, I believe all attempts end up being rather futile when someone is determined enough. This book really is a must for anyone who is programming. If not just for the basics of protecting yourself from overflows and validating input and environment variables, than definitely for the extremely well written sections on crypto. This book has earned a permanent spot next to K&R and UNP on my desk.
|
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input...
List Price: $74.99
Available from Amazon
Price: $62.36
| |
|
|
|
|
