[Previous entry: "Run anti spam software at all times or you may get phished"] [Next entry: "CitrixOnline (formerly Expertcity) is hiring"]
12/23/2004: "Book Review: "Writing Secure Code" by Michael Howard and David LeBlanc"
First 4 chapters cover Security basics: lots of useful suggestions, but nothing to lose your sleep over.
Chapter 5 has some very interesting stuff on how to cause a buffer overrun...
Having demonstrated this stack overrun exploit, the authors go on to show other buffer overrun exploits which are both entertaining and scary. The authors then go on to say that using buffer security checks option (/GS) when compiling with VS.NET prevents simple stack overruns, but does nothing to help with heap corruption or complex stack overruns.
Chapters 6 and 7 are about ACLs and SIDs.
In chapter 8, authors mount a strong argument against using rand() function in cryptographic applications. The authors feel that rand() has a short period and its numbers are fairly predictable. The authors recommendation is to call CryptGenRandom instead of calling rand(). Unfortunately, the authors fail to point out that CryptGenRandom is very significantly slower than rand() and therefore is not acceptable for most applcations. Authors do, however, show a "better" rand by Knuth. Since a typical cryptographic application makes billions of calls to a random number generator, a random number generator by Press, Teukolsky, Vetterling and Flannery ("Numerical recipies in C", Cambridge University Press 1997) is probably the best choice.
Chapter 9 is very good, there is wealth of information about storing secret data with LSA or DPAPI .Authors even spend some time discussing hiding secrets in RAM, compiler optimization effects on secrets and secrets in managed code. This is probably the best chapter in the book...
Review