The book Designing Secure Software: a guide for developers took nearly two years from finding a publisher to publication. These posts tell part of my experience developing the book and writing it. Writing a book is the ideal project for riding out a pandemic.

Root causes

 Posted on November 1, 2021  |  Loren Kohnfelder

Each time a high-profile software security bug is reported, I wonder how this happened yet again. I don’t expect vulnerabilities to approach zero any time soon, but still I’d like to know how this keeps happening over and over, so we can do better. [Read More]
security 

Statement of Intention

 Posted on October 27, 2021  |  Loren Kohnfelder

I believe that we can do so much better at delivering more secure software, and my book explains how we could do that. [Read More]
security 

Announcement

 Posted on October 25, 2021  |  Loren Kohnfelder

I’m proud to announce my new software security book, Designing Secure Software: A Guide for Developers. I wanted to create something a little different: broadly readable rather than expert targeted, general approaches over specific details, all based on direct personal experience. [Read More]
promo 

Coming Soon

 Posted on October 13, 2021  |  Loren Kohnfelder

Awaiting the release of any book requires patience, but this year amidst numerous supply chain challenges it’s particularly uncertain. The original October target date is almost here, but I can report that the publisher hopes to have copies of the print edition for sale in early November – about a month ahead of general release now set for December 2021. [Read More]
promo 

Complete Mediation in Sci-Fi

 Posted on August 30, 2021  |  Loren Kohnfelder

In the book Project Hail Mary by Andy Weir, there is a short scene (on page 339) that features a very clear example of failure to implement Complete Mediation (one of the secure design patterns described in Chapter 4 of my book). [Read More]
security 

Complete book proof review

 Posted on August 26, 2021  |  Loren Kohnfelder

This week I reviewed the complete book PDF, checking that previous changes were successfully made by the compositor. With luck that should be make it final. [Read More]
publishing 

Custom domain for this website

 Posted on August 26, 2021  |  Loren Kohnfelder

It’s time to point the domain name designingsecuresoftware.com at this website. For reference, the docs I referenced for this are noted below. [Read More]
website