The book Designing Secure Software: a guide for developers took nearly two years from finding a publisher to publication. These posts tell part of my experience developing the book and writing it. Writing a book is the ideal project for riding out a pandemic.
Each time a high-profile software security bug is reported, I wonder how this happened yet again. I don’t expect vulnerabilities to approach zero any time soon, but still I’d like to know how this keeps happening over and over, so we can do better.
[Read More]
Statement of Intention
I believe that we can do so much better at delivering more secure software, and my book explains how we could do that.
[Read More]
Announcement
I’m proud to announce my new software security book, Designing Secure Software: A Guide for Developers. I wanted to create something a little different: broadly readable rather than expert targeted, general approaches over specific details, all based on direct personal experience.
[Read More]
Coming Soon
Awaiting the release of any book requires patience, but this year amidst numerous supply chain challenges it’s particularly uncertain.
The original October target date is almost here, but I can report that the publisher hopes to have copies of the print edition for sale in early November – about a month ahead of general release now set for December 2021.
[Read More]
Complete Mediation in Sci-Fi
In the book Project Hail Mary by Andy Weir, there is a short scene (on page 339) that features a very clear example of failure to implement Complete Mediation (one of the secure design patterns described in Chapter 4 of my book).
[Read More]
Complete book proof review
This week I reviewed the complete book PDF, checking that previous changes were successfully made by the compositor. With luck that should be make it final.
[Read More]
Custom domain for this website
It’s time to point the domain name designingsecuresoftware.com at this website. For reference, the docs I referenced for this are noted below.
[Read More]