Secure Programming Cookbook for C and C++

The Networking chapter is a very good reference section for creating SSL clients and servers, as well as using kerberos or securing your connections to your database. There is almost 80 pages of information related to generating random numbers and data from using /dev/random to gathering entropy from Mouse Evens on Win32.

The one chapter I didn't expect to see here that was quite good was Chapter 12, Anti-Tampering. This chapter goes over obfuscating your code, detecting binary modifications, disguising boolean values, etc. It even shows you how to detect SoftICE and other debuggers, which can be useful for attempting to block people from cracking your commercial software. Although, I believe all attempts end up being rather futile when someone is determined enough.

This book really is a must for anyone who is programming. If not just for the basics of protecting yourself from overflows and validating input and environment variables, than definitely for the extremely well written sections on crypto. This book has earned a permanent spot next to K&R and UNP on my desk.

Rating:
Summary: Better alternatives are available
Review: I have read both this book and several others on the same topic; I would have to recommend instead buying "Writing Secure Code, Second Edition" by Michael Howard and David C. LeBlanc (ISBN 0735617228). Their text is much more approachable and easy to understand, while at the same providing broader coverage of important subjects.

As the current authors themselves admit, this book listed here "doesn't cover C++ well enough.... Over time, our coverage of C++ will improve on the book's web site." However, planning to add future updates to a website is not going to help those who buy the book today.

Similary, the authors seem to constantly disdain Windows programmers, and their sparse Win32 coverage bears this out. (And there is much better UNIX-related material on line for free). I don't recommend buying this book, especially to Windows programmers...who should consider other, better alternatives.

Rating:
Summary: An author's perspective
Review: I thought I'd offer some insight on this book, particularly in light of a recently posted bad review that makes a bunch of criticisms that are quite wrong (I am pretty sure the review is due to a personal grudge held by someone who hasn't even read the book).

First, the goal of this book is to be a reference people can use to find solutions for "doing it right", not an elementary text on secure coding principles that gives a bunch of high-level advice that's still difficult to apply securely in practice. Security-relevant design and architecture principles are followed and discussed, but there's definitely a stated assumption that you have read a more elementary book such as "Building Secure Software", "Writing Secure Code" or the free "Secure Programming for Linux and UNIX HOWTO".

Second, the book covers all common security problems one sees in C and C++ programs, going so deep as to give working code and in-depth discussions. It spends hundreds of pages on how to implement and integrate cryptography into applications securely, a topic that is almost completely ignored in the elementary books (and even ignored in most crypto books, which teach building blocks, more than how to use them securely).

Many security problems that affect programs are largely language independent. We give C++-specific code in the few cases where there are C++-specific issues. But, for the most part, problems apply equally to C and C++. In those cases, the code is written in a subset of C that will work directly in C++ programs, but we don't take advantage of C++-specific features. To do so would result in a book nearly 1500 pages long!

All topics are covered for both Microsoft and Unix platforms (much of the code is cross-platform, and was tested on both). There are a couple of instances where a problem or solution doesn't apply to a particular platform. For example, "shatter" attacks are Windows specific, and the jail() protection mechanism works only on FreeBSD, not Windows. We have no platform bias, and even had the leading Windows secure programming expert from Microsoft review things.

This book gives detailed solutions for secure programming in a level of detail that no other book yet does, covering many topics that other books completely ignore.

Rating:
Summary: Voluminous and comprehensive
Review: If you are interested in encryption, you should probably get Bruce Schneier's Applied Cryptography, which is generally considered the standard summary of the field. But suppose you actually want to use some of the symmetric key or public key methods he describes? If you want to code from scratch, his book is a good starting point. But if you want to quickly avail yourself of the best existing methods and you don't want to reinvent the wheel by recoding? Also, it can be risky to do that. A mistake made in coding a crypto algorithm might render it insecure. Better to use reviewed, tested code.

If this describes your needs and you code in C or C++, then this book will be invaluable. Extensive code fragments that show how you can interface to existing crypto packages. Very detailed. You won't find theorems or any elegant maths here. No Chinese Remainder Theorem or Fermat's theorems. You have to already know or accept the theoretical underpinnings.

Given this, the book takes you into the nitty gritty of every major publicly available cryptosystem. With up to date assessments of their comparative strengths.

All of the above is aimed at application developers. The book also has sections for sysadmins of both unix and Microsoft operating systems, replete with suggestions on patching and good practice.

Don't be daunted by the book's heft. It is encyclopaedic in scope, and access is reasonably random access. The authors have striven to comprehensively span the field. You don't have to read from start to finish before you can commence using it.

Rating:
Summary: a good reference if you've really got to be secure
Review: If you are not sure that you need this book, then you probably don't. But if there is something it the table of contents that you've got to know, and you've got to get it right, then this would be a good book to have. Chapter 12 on Anti-Tampering was a really enjoyable read, though probably a futile task.

Rating:
Summary: best o'reilly book I've ever purchased
Review: If you develop software, any kind of software, you need this book.

The importance of understanding the security surrounding the development of software is finally being realized. This book provides a complete reference for the secure implementation of common operations that software developers often fail to do correctly.

One of the best things about this book is that it covers so many topics that are often left out of secure programming texts. It is in cookbook format which is really nice for quick reference as well as accommodating readers that have different levels of experience in this area. Both the problem and the solution are explained and real source code is provided leaving the reader with an understanding of the risks, and practical solutions that can be incorporated into their software projects.

The topics that impressed me most were: privilege separation, secure child process creation, executing external processes, safe file and string operations, random number generation, input validation, and the ways to safeguard against many types of attacks. There are also many good tips for safeguarding networked applications. For the more intensive apps, there is in-depth coverage of symmetric and public key crypto, key management, using OpenSSL, and dealing with X.509 certs (including validation techniques).

It's nice to see so much useful information related to secure software development packed into a single resource!

Rating:
Summary: A valuable tool on the programmers bookshelf
Review: There are many books on how to write programs in C and C++, and many people learn to write programs from them. What few (if any) of them tell you is the safe way to develop programs. With the release of Secure Programming Cookbook there is now a wealth of knowledge on the subject in one handy tome.

The examples are clearly written and show clearly how the recipe will help in specific or general situations. There are a lot of solid discussion of input validation, environment handling, string handling, access controls, and cryptography. In fact there was more crypto discussion than I expected, but it's all very good and if not applicable today, hopefully it will be some day.

This book is jam packed with excellent examples and discussion of ways to prevent programs from doing bad, and most of the time unexpected or unplanned, things. The diligent C or C++ programmer should add this as yet another volume on the bookshelf tool chest that is next to their desk. Smart programmers will realize that having this book will only help them in the long run.

Rating:
Summary: Secure Programming Recipes
Review: This book is an asset to anyone whose profession requires them to write code. In this day and age code must be designed and written from the beginning with security in mind. The code contained in this book solve real problems that occur everyday in the programming world. I would go so far as to say the code in this book outlines particularly good practices that could be applied to other languages with relative ease as well. So whether you currently program C or C++, on Windows or *nixs, I believe you can get a lot out of this book. I recommend it highly and suggest you place it right next to your copy of Applied Cryptography. ;)

Rating:
Summary: Required reading if you code in C
Review: This book is required reading if you code in C or C++.

While there are a lot of security problems with C, the authors show how to get around them and write secure code.

Rating:
Summary: Great book for anyone using C
Review: This is simply a great book for anyone using C or C++.

These guys literally wrote the book on secure code.

Read it!