[Global_education_committee] [Owasp-leaders] TTBSP/Defcon

Martin Knobloch martin.knobloch at owasp.org
Mon Aug 3 03:29:29 EDT 2009


I definitely agree as well, this is line with the GEC mission!

Therefore I took this thread it of the project leaders communication and put
it in discussion with my GEC-pals ;-)



On Sun, Aug 2, 2009 at 11:23 PM, Mark Bristow <mark.bristow at owasp.org>wrote:

> I could not agree more as this really gets at the heart of the solution to
> many security issues.  My little cousin is going to graduate from UMBC next
> winter with a minor in CS.  I asked him if his professors/textbooks
> addressed security in any meaningful way and they had not.  The most
> "security" they discussed was to do bounds checking on risky C calls but
> stressed the reliability issues here not the security ones.  The most he got
> in his web class was to "watch out" for ' in SQL statements.  Textbooks have
> perhaps a chapter about security but more importantly the examples
> throughout the book don't include any security elements.
>
> IIRC a few years ago Billy Hoffman (of SPI at the time) built a website
> using vulnerable book examples and did all the usual badness to it.  Perhaps
> someting along these lines would help bring attention to the issue?
>
> I definately think that this is someting that OWASP should support and
> would go a long way to "solving" the problem long term.
>
> -Mark
>
>
> On Sun, Aug 2, 2009 at 3:07 PM, Tom Brennan <tomb at owasp.org> wrote:
>
>> APPSEC community leaders, this new effort for the next generation is
>> synergistic with our efforts and wanted to raise its awareness to you too
>>
>> http://www.securethetextbook.com/
>>
>> Textbooks that are WRONG here is how you might point that out. A list of
>> supported text books is one of the goals.
>>
>> After talking with Jon Kibler and Mike Cooper (project leaders) this
>> effort is in step with our OWASP Global Education Committee mission.
>>
>> Thoughts/Discussion
>>
>> Tom Brennan
>> Board Member - OWASP Foundation
>> Url: www.owasp.org | Tel: 973-202-0122
>>
>> http://www.linkedin.com/in/tombrennan
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>
>
>
> --
> Mark Bristow
>
> OWASP Global Conferences Committee member -
> https://www.owasp.org/index.php/Global_Conferences_Committee
> AppSec DC 09 Organizer -
> https://www.owasp.org/index.php/OWASP_AppSec_DC_2009
> OWASP DC Chapter Co-Chair - http://www.owasp.org/index.php/Washington_DC
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_education_committee/attachments/20090803/da5188d5/attachment.html 


More information about the Global_education_committee mailing list