- Tapa blanda: 792 páginas
- Editor: O'Reilly Media; Edición: 1 (24 de julio de 2003)
- Colección: Classique Us
- Idioma: Inglés
- ISBN-10: 0596003943
- ISBN-13: 978-0596003944
- Valoración media de los clientes: Sé el primero en opinar sobre este producto
- Clasificación en los más vendidos de Amazon: nº340.441 en Libros en idiomas extranjeros (Ver el Top 100 en Libros en idiomas extranjeros)
- Ver el Índice completo
Compara Precios en Amazon
+ Envío GRATIS
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More (Classique Us) (Inglés) Tapa blanda – 24 jul 2003
|Nuevo desde||Usado desde|
Los clientes que compraron este producto también compraron
Descripción del producto
"This is a book that's long overdue and makes for an interesting and deeply technical read on a topic that we should all core about more. Yes, it's limited to C and C++ readers, but with the majority of key applications being written in these languages that's where the biggest benefit can be had - give the sample chapter a read, and you'll soon be on your way to the books store to buy the rest of it." "A powerful and initially somewhat scary book that will quickly get you thinking about security while you program - as opposed to as an afterthought." - Paul Hudson, LinuxFormat, Christmas 03 - Rating 10/10 - Top Stuff Award
Reseña del editor
Password sniffing, spoofing, buffer overflows, and denial of service: these are only a few of the attacks on today's computer systems and networks. At the root of this epidemic is poorly written, poorly tested, and insecure code that puts everyone at risk. Clearly, today's developers need help figuring out how to write code that attackers won't be able to exploit. But writing such code is surprisingly difficult.
Secure Programming Cookbook for C and C++ is an important new resource for developers serious about writing secure code. It contains a wealth of solutions to problems faced by those who care about the security of their applications. It covers a wide range of topics, including safe initialization, access control, input validation, symmetric and public key cryptography, cryptographic hashes and MACs, authentication and key exchange, PKI, random numbers, and anti-tampering. The rich set of code samples provided in the book's more than 200 recipes will help programmers secure the C and C++ programs they write for both Unix® (including Linux®) and Windows® environments. Readers will learn:
- How to avoid common programming errors, such as buffer overflows, race conditions, and format string problems
- How to properly SSL-enable applications
- How to create secure channels for client-server communication without SSL
- How to integrate Public Key Infrastructure (PKI) into applications
- Best practices for using cryptography properly
- Techniques and strategies for properly validating input to programs
- How to launch programs securely
- How to use file access mechanisms properly
- Techniques for protecting applications from reverse engineering
Secure Programming Cookbook for C and C++ is destined to become an essential part of any developer's library, a code companion developers will turn to again and again as they seek to protect their systems from attackers and reduce the risks they face in today's dangerous world.
No es necesario ningún dispositivo Kindle. Descárgate una de las apps de Kindle gratuitas para comenzar a leer libros Kindle en tu smartphone, tablet u ordenador.
Obtén la app gratuita:
Detalles del producto
Si eres el vendedor de este producto, ¿te gustaría sugerir ciertos cambios a través del servicio de atención al vendedor?
Opiniones de clientes
|5 estrellas (0%)|
|4 estrellas (0%)|
|3 estrellas (0%)|
|2 estrellas (0%)|
|1 estrella (0%)|
Opiniones de clientes más útiles en Amazon.com
The importance of understanding the security surrounding the development of software is finally being realized. This book provides a complete reference for the secure implementation of common operations that software developers often fail to do correctly.
One of the best things about this book is that it covers so many topics that are often left out of secure programming texts. It is in cookbook format which is really nice for quick reference as well as accommodating readers that have different levels of experience in this area. Both the problem and the solution are explained and real source code is provided leaving the reader with an understanding of the risks, and practical solutions that can be incorporated into their software projects.
The topics that impressed me most were: privilege separation, secure child process creation, executing external processes, safe file and string operations, random number generation, input validation, and the ways to safeguard against many types of attacks. There are also many good tips for safeguarding networked applications. For the more intensive apps, there is in-depth coverage of symmetric and public key crypto, key management, using OpenSSL, and dealing with X.509 certs (including validation techniques).
It's nice to see so much useful information related to secure software development packed into a single resource!
But, when I got it and chuckled over the Acknowledgements section, I started to mindlessly flip through the book. Mindless page flipping soon turned to semi-conscious scanning. Semi-conscious scanning soon turned to serious reading. I find myself reading the book more and more, jumping back and forth between sections I find interesting and useful.
As a Windows C++ programmer for in-house tools, I do not dwell much on secure programming concepts. Yes, this is very, very bad way to program, so those of you reading this review should not try it at home. This book has shown the errors of my ways, revealed security issues that I have overlooked by accident or on purpose and gave concepts and examples that I can apply in my projects.
This book is one reference that I will be going back over and over again. The authors and editors have done a wonderful job to make the reading flow nice and easy. It is also very well laid out by stating the problem you may encounter, followed by a solution and then detailed discussion section with code samples.
For any C/C++ programmer making software to be used by more than one person, this reference book is a must.
You can still read the Acknowledgments and marvel at my name on there, of course.
If this describes your needs and you code in C or C++, then this book will be invaluable. Extensive code fragments that show how you can interface to existing crypto packages. Very detailed. You won't find theorems or any elegant maths here. No Chinese Remainder Theorem or Fermat's theorems. You have to already know or accept the theoretical underpinnings.
Given this, the book takes you into the nitty gritty of every major publicly available cryptosystem. With up to date assessments of their comparative strengths.
All of the above is aimed at application developers. The book also has sections for sysadmins of both unix and Microsoft operating systems, replete with suggestions on patching and good practice.
Don't be daunted by the book's heft. It is encyclopaedic in scope, and access is reasonably random access. The authors have striven to comprehensively span the field. You don't have to read from start to finish before you can commence using it.