On Thu, Sep 2, 2010 at 3:20 PM, silky <michaelsli...@gmail.com> wrote:
[...] > Even outside of direct "help" from Microsoft, I think any individual > could discuss with OWASP or a similar organisation and come up with a > way to contact Uni's and give a lecture on some industry-experienced > approaches to actually developing securely, and the proper way to do > validation and write to cookies and use hashing schemes and so on. > > If the current process isn't educating people correctly then lets > change it. We have the power. The question is how much you care. I've gone ahead and done this by contacting RMIT and CC'ing Dinis Cruz (who I've also included in this email, so he may comment if he so desires), the current lead of OWASP ( http://owasp.org ) or at least OWASP.NET (correct me if I'm wrong Dinis, you know I'm not up to date on this). If anyone else would prefer to present instead of me, feel free, as anyone who has seen me talk knows that I'm probably a last-resort option at best. Nevertheless, it's been done. I encourage anyone else who legitimately cares about this problem, and especially those who Microsoft has recognised as MVP's in the security area ( is it unfair to call you out? maybe, oh well :P ) to step forward and help educate the future programmers. It'll only be a few hours out of one day. Not that much to sacrifice. If you want to see a copy of what I wrote so you can send something similar to a Uni near you, or you want a copy of the presentation I plan on putting together (or even better, if you want to work on the presentation with me) feel free to contact me off list. I think it would be good to work on a nice, generic, detailed, and correct presentation that can given to various uni's around Australia and checked by various people. -- silky http://dnoondt.wordpress.com/ "Every morning when I wake up, I experience an exquisite joy — the joy of being this signature."
