CWE/SANS TOP 25 Most Dangerous Programming Errors has been published on January 12, 2009 and i think it is an interesting must read for almost any programmer,hacker,project manager,director,etc… out there. Although all of the stuff presented in the consensus has been known for years, little has been done to create a standard,a paper or something tangible and with support from important organization/companies or perhaps even legal,something that you can relate to,until now.Very important to read it is the “How Will the Top 25 Errors Be Used?”(snipet bellow) paragraph which will present you some of the possible use-cases of such a consensus,especially if you are already familiar with what’s inside the technical part of the consensus.If not then please go on and read the stuff in there and research it until you get the point and start thinking of better ways to design and write your code,secure design and code i mean…

exploits_of_a_mom

just to make the world a safer place! was not that convincing right? 🙁

How Will the Top 25 Errors Be Used?

The Top 25 Errors will have four major impacts:

  • Software buyers will be able to buy much safer software.
  • Programmers will have tools that consistently measure the security of the software they are writing.
  • Colleges will be able to teach secure coding more confidently.
  • Employers will be able to ensure they have programmers who can write more secure code

CWE/SANS TOP 25 Most Dangerous Programming Errors

LE: http://gcn.com/articles/2009/01/19/list-creates-software-security-squabble.aspx

Well as you  can see assholes can find a reason to argue about everything.Nothing new! I actually accept the list as it is.It is way better than nothing for me,but this doesn’t seem to apply to morons suffering from the reject and “nothing pleases me” syndromes who would have prefered the top 1000 most dangerous programming errors.Don’t forget to click on *next 200*.

Leave a Reply