Security Basics mailing list archives
RE: Programming
From: "David Gillett" <gillettdavid () fhda edu>
Date: Wed, 9 Feb 2005 15:17:20 -0800
Since ontology frequently recapitulates philology, you might be well advised to start with the assembly language for a common and reasonably powerful architecture. Pay particular attention to stack management and memory access controls. (An architecture that lacks them -- such as "real" mode on the x86 family, is not sufficiently powerful, you need to include at least one "protected" mode.) The next stop is C, with attention not merely to applications, but to what kind of source code features get compiled to what kind of executable code. Pay particular attention to automatic variables and to the "n versus non-n" string routines, and to dynamic memory management. Most other common languages fall into three major categories: 1. Languages whose compilers implement features in the translation to executable form which parallel C in concept if not in detail. e.g. Pascal, FORTRAN. 2. Languages whose compilers implement features in the translation to executable form which parallel C in concept and in detail. e.g. C++, C#. 3. Languages which are processed to an intermediate form which serves as input to a run-time environment implemented in a language from one of the first two categories. e.g. VBASIC, Java. Many issues such as buffer overflows and some DoS vulnerabilities can be traced to assumptions made by writers in something C-like that get discarded in the translation to the binary executable. Familiarity with both sides of this translation will be a major asset. David Gillett
-----Original Message----- From: dayz () planet nl [mailto:dayz () planet nl] Sent: Wednesday, February 09, 2005 12:17 AM To: security-basics () securityfocus com Subject: Programming Hi, I want to begin with learning programming to increase my knowledge about security, but I don't know where to begin. Can someone tell me which programming language is good to start with, and pherhaps what book and/or online guides I should take a look at? It would be nice that if I learn a programming language that it shouldn't be much work to understand another one. I am on Linux and Windows. Thanks for the help. Regards, Ben
Current thread:
- Programming dayz (Feb 09)
- Re: Programming Glenn English (Feb 09)
- Re: Programming Kevin Conaway (Feb 09)
- RE: Programming David Gillett (Feb 10)
- Re: Programming stonersavant (Feb 10)
- Re: Programming xyberpix (Feb 10)
- Re: Programming linux user (Feb 10)
- Re: Programming secans (Feb 10)
- Re: Programming Kevin Carlson (Feb 11)
- Re: Programming Gilles Demarty (Feb 11)
- Re: Programming Brian Knobbs (Feb 11)
- Re: Programming David Heise (Feb 14)
- RE: Programming Rocky Heckman (Feb 14)
- Re: Programming Brian Gehrke (Feb 17)
(Thread continues...)