The book Designing Secure Software: a guide for developers took nearly two years from finding a publisher to publication. These posts tell part of my experience developing the book and writing it. Writing a book is the ideal project for riding out a pandemic.
Whenever considering applications that rely on generative AI, I believe we always need to ask if we can trust it. And given the technology’s track record it’s hard to imagine how we are going to honestly be able to say “100%” any time soon.
[Read More]
Better security discussions
I’ve been a fan of threat modeling for many years, but only recently seeing that it isn’t just behind-the-scenes work for software professionals to do.
[Read More]
Running the “Reflections on Trusting Trust” Compiler
In the Afterword of my book I mention Ken Thompson’s classic “Trusting Trust” paper showing how to embed a backdoor into an OS by compiling the compiler such that the modification is invisible in source code.
[Read More]
Japanese translation is on sale
8月18日、新刊『セキュアなソフトウェアの設計と開発』を発刊
The Japanese translation of my book goes on sale this week. This is particularly rewarding for me because I lived and worked there for about ten years and speak the language well enough to read the text (but nowhere near ability write at a publishable level of quality).
[Read More]
On the Signature Reblocking Problem in Public Key Cryptosystems
In Chapter 5 of the book I write about my good fortunate meeting two of the RSA algorithm inventors at MIT, and collaborating with them.
[Read More]
Bard likes my book
I was surprised that Bard has read my book, or at least claims to have. Here’s our conversation about it, word for word: it’s a good overview.
[Read More]
Polish translation is on sale
Wspaniale jest widzieć, że ukazało się polskie tłumaczenie mojej książki o bezpieczeństwie oprogramowania. (It’s great to see that the Polish translation of my book on software security is out.
[Read More]