[Techtalk] Theory vs. practice

Mary Gardiner linuxchix at puzzling.org
Tue Jan 15 11:05:37 EST 2002

On Sun, Jan 13, 2002 at 11:44:49PM -0800, Xp0nential Xp0nential wrote:
> Very true. In the academic environment there are few schools (if there
> are any) who actually have a course that deals with code security.
> Because of that,this is something that you have to learn by yourself.
> That's why participating in coding projects (open source) helps
> learning about those stuff. That's at least from my own experience.

I now hold a computer science degree, which at my university now means a
three year programming course (and I actually want to be a research
computer scientist, thank goodness I preserved my sanity by doing
outside majors as well) without ever having taken a course in software
engineering principles or techniques.

I consider code security to be a subset of good software engineering, so
a code security course would be more useful if there was a solid
grounding in software engineering to base it on, so that the programmer
has a basis of techniques with which to avoid security flaws rather than
'release patch rinse repeat'.


Mary Gardiner
<mary at puzzling.org>
GPG Key ID: 77625870 (wwwkeys.eu.pgp.net)

More information about the Techtalk mailing list