First 4 chapters cover Security basics: lots of useful suggestions, but nothing to lose your sleep over.
Chapter 5 has some very interesting stuff on how to cause a buffer overrun. It turns out that if you run a code like this:
void foo()
{
char buf[10];
buf[0]=0;
strcpy(buf,"AAAAAAAAAAAAAAAB\x50\x10\x40");
}
void bar(void)
{
printf("You have been hacked. \n");
}
int _tmain(int argc, _TCHAR*
argv[])
{
foo();
return 0;
}
it prints "You have been hacked" even though function bar is not explicitly called in the code. The reason function bar is called, is because the stack buffer has been overrun by "AAAAAAAAAAAAAAAB\x50\x10\x40". The last 3 characters of buf have been cleverly chosen to replace the return address of function foo and to point to function bar.
Having demonstrated this stack overrun exploit, the authors go on to show other buffer overrun exploits which are both entertaining and scary. The authors then go on to say that using buffer security checks option (/GS) when compiling with VS.NET prevents simple stack overruns, but does nothing to help with heap corruption or complex stack overruns.
Chapters 6 and 7 are about ACLs and SIDs.
In chapter 8, authors mount a strong argument against using rand() function in cryptographic applications. The authors feel that rand() has a short period and its numbers are fairly predictable.
The authors recommendation is to call CryptGenRandom instead of calling rand(). Unfortunately, the authors fail to point out that CryptGenRandom is very significantly slower than rand() and therefore is not acceptable for most applcations. Authors do, however, show a "better" rand by Knuth. Since a typical cryptographic application makes billions of calls to a random number generator, a random number generator by Press, Teukolsky, Vetterling and Flannery ("Numerical recipies in C", Cambridge University Press 1997) is probably the best choice.
Chapter 9 is very good, there is wealth of information about storing secret data with LSA or DPAPI .Authors even spend some time discussing hiding secrets in RAM, compiler optimization effects on secrets and secrets in managed code. This is probably the best chapter in the book.
Chapters 10-13 cover every input security issue you would ever want to know. The
remainder of the book deals with various security topics, including denial of
service attacks (DOS) and security reviews.