Media praise for Secure Programming Cookbook for C and C++

Have a blog? Join our Reader Review Program

"This is a book that's long overdue and makes for an interesting and deeply technical read on a topic that we should all care more about. Yes, it's limited to C and C++ readers, but with the majority of key applications being written in these languages that's where the biggest benefit can be had--give the sample chapter [] a read, and you'll soon be on your way to the book store to buy the rest of it."
Linux Format Top Stuff Award
Rating: 10/10
--Paul Hudson, "Linux Format," December 2003

"This book is jam packed with excellent examples and discussion of ways to prevent programs from doing bad, and most of the time unexpected or unplanned, things. The diligent C or C++ programmer should add this as yet another volume on the bookshelf tool chest that is next to their desk. Smart programmers will realize that having this book will only help them in the long run...As with any good resource hopefully sections that are not of interest now will become useful in the future. May the pages of your book become tattered from years of good use and good luck in your secure programming endeavors."
--Dan Weeks, San Francisco OpenBSD Users Group, September 2003

"This book is a great resource for quick look-up of readily available solutions...I've written a Master's thesis on this topic (although my actual topic was way more narrow than the scope of this book) and still found a lot of great information...Yeah, everyone and his brother knows how to implement a symmetric encryption algorithm, but how do you actually do it without compromising the system and introducing new possible loopholes? The cookbook answers questions like that, and, as mentioned above, provides detailed overview of programming strategies for the two most popular platforms. Taking the cookbook concept further, this book teaches you how to make a basic ham-and-cheese sandwich as well as fine cuisine. Too often the code measures for basic security and preventing buffer overflows are summarized in higher-level concepts, thus allowing the developers to make errors even with the most trivial applications. If you're a professional programmer and do not get tired by looking at sometimes profuse code examples, this book would probably be a good read from the beginning to the end." Rating: 8/10
--Alex Moskalyuk,, October 2003