Re: [SC-L] Where Does Secure Coding Belong In the Curriculum?

Wed, 26 Aug 2009 15:52:55 -0700 

> Actually, I'm not teaching my 1 yo toddler much of anything about
> traffic right now. I'm more playing guardian when she runs around the
> house and making sure she doesn't get into situations for which she
> would be completely and totally unprepared (and in serious
> danger). She lacks the language skills to even marginally
> understand basic concepts like "street" let alone "don't play
> in the street." I think this rather proves my point that
> secure coding is not itself a fundamental concept,
> but rather an intermediate-to-advanced concept. Matt Bishop's comments
> are great, but they've also been applied in a context of
> higher ed., and recognize the limits of student understanding
> at different phases of development.

I don't mean to split hairs here, but I think "fundamental concept"
vs "intermediate-to-advanced concept" is a red herring. In your case
of you teaching a 1 yr old toddler, "NO" is about the only thing
they understand at this point. That doesn't imply that concepts like
"street" are intermediate-to-advanced. It's all a matter of perspective.
If you are talking to someone with a Ph.D. in physics about partial
differential equations, PDEs *are* a fundamental concept at that level
(and much earlier in fact). The point is, not to argue semantics, but
rather to teach LEVEL-APPROPRIATE concepts.

-kevin
---
Kevin W. Wall           Qwest Information Technology, Inc.
kevin.w...@qwest.com    Phone: 614.215.4788
"It is practically impossible to teach good programming to students
 that have had a prior exposure to BASIC: as potential programmers
 they are mentally mutilated beyond hope of regeneration"
    - Edsger Dijkstra, How do we tell truths that matter?
      http://www.cs.utexas.edu/~EWD/transcriptions/EWD04xx/EWD498.html


_______________________________________________
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
_______________________________________________

Reply via email to