Comments on “Buckle up. The Developer Highway Code's at the start line” • The Register

Comments on: Buckle up. The Developer Highway Code's at the start line

Back to the article
Comments on this article are now closed

It's not April is it? #

By /\/\j17 Posted Tuesday 9th October 2007 13:42 GMT

Secure coding advice...from Microsoft?

Is it subtitled "Do as we say, not as we do" by any chance?

Pot Kettle and Black #

By Anonymous Coward Posted Tuesday 9th October 2007 13:44 GMT

Microsoft and security.. now that's what I call amazing. Pity most of their products weren't so security conscious. Any outpouring from Redmond tends to resemble a sieve in my humble opinion!!

Or from MS direct #

By David Hearn Posted Tuesday 9th October 2007 13:45 GMT

Alternatively, you can download it from MS as a PDF. See http://msdn2.microsoft.com/en-gb/security/aa473878.aspx

If it's the same as the copies MS were giving away at their free events in 2006, the spine is printed the wrong way, thus when lined up in a bookshelf with other books, it's reversed compared to the other books.

Double Take on Date #

By Anonymous Coward Posted Tuesday 9th October 2007 14:22 GMT

I had to check it was October and not the beginning of April

"The team at Microsoft has done a bit of developing in its time and has drawn up a few guidelines on security engineering activities that should be an integral part of your software development process - bundled up in one convenient little handbook."

I'm sorry, 'Microsoft', 'Guidelines', 'Security' in one sentence that doesn't include the words 'ha ha ha ha ha ha ha ha'

Is it perhaps a history of Microsoft development with the advice at end to do the opposite (thanks Douglas Adams)

David Hearn, we hardly knew ye #

By Andrew Badera Posted Tuesday 9th October 2007 18:07 GMT

... taps foot, waiting for the Reg hammer to drop on David's login.

Knee-jerk reaction #

By Steve Mansfield Posted Wednesday 10th October 2007 07:02 GMT

Actually I've read through this (I got it at a Visual Studio event a while back) and it's a good basic introduction to various ideas around secure coding.

If someone is new or inexperienced to the demands of coding securely and defensively for a corporate business-critical environment rather than hobby or self-taught coding, this is a good primer, and much of it is conceptual considerations rather than tied to Microsoft products.

I know this comment doesn't tie in with the knee-jerk anti-Microsoft sentiment this topic has predictably unleashed, and I would of course like to unreservedly apologise for being a M$ imperialist running dog fanb0i or whatever: but some of you, or someone you know, might actually find it a quite useful read.

Some Microsoft titles are good titles #

By Tony Barry Posted Wednesday 10th October 2007 11:01 GMT

I haven't read this particular offering, but I think "Code Complete" by Steve McConnell (Microsoft Press) is an absolute Must Read. I am not an M$ fanboi either, despite this uncharacteristic comment to the contrary.

Yes but #

By Anonymous Coward Posted Wednesday 10th October 2007 18:22 GMT

Well I guess it's a nice starting point.

It's also given away free at any of those Microsoft seminars you might go to. Be aware it was written when .net 1.1 was release and 2.0 was in beta.