«
»

Yet Another Coding Standard?

July 30th, 2006 by arthur

Over at Matasano, Tom Ptacek skewers the new CERT Secure Programming Standard by asking: Do We Need an ISO Secure Coding Standard?. The entire article is well worth reading, but it sums up nicely with this:

There are already a myriad of good sources of information about
secure programming, including books targeted specifically to
developers that don’t have experience with secure
programming. I don’t understand why a wiki or an ISO standard
would be more accessible to these developers, who write the
majority of all code.

Thanks Tom.

This entry was posted by arthur on Sunday, July 30th, 2006 at 10:45 am and is filed under Security, information security. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

2 Responses to “Yet Another Coding Standard?”

  1. adam says:
    July 30, 2006 at 6:11 pm

    Shoot. My coding standard, at http://homeport.org/~adam/review.html is all anyone ever needs, and its cheaper and better written than an ISO standard.

  2. Jason says:
    July 31, 2006 at 4:03 pm

    The people who will read the standard probably don’t need to, and those that need to will never hear about it, or care to read about it, unless managers and/or senior developers make it mandatory reading for new developers on their team.