Tagged Questions
1
vote
1answer
55 views
How frequent should the Token Updation in CSRF security be?
To start with the background, this post is what Jeff Atwood says about CSRF tokens. In this very page, he goes on to say:
An even stronger, albeit more complex, prevention method is to
leverage ...
0
votes
4answers
196 views
How does using #define for loop and condition bounds in C increase security?
My program uses the following define statements:
#define LOWEST_PATIENT_ID 10000
#define HIGHEST_PATIENT_ID 99999
#define LOWEST_CRITICAL_STATUS 1
#define HIGHEST_CRITICAL_STATUS 100
used in this ...
2
votes
7answers
194 views
What's a good way to prepare for this course titled “Programming Language Security”?
I have a course with the following description:
The purpose of this course is the study of programming language security features and languages designed to support it explicitly. Static and ...
14
votes
12answers
2k views
Is using ELSE bad programming?
I've often come across bugs that have been caused by using the ELSE construct. A prime example is something along the lines of:
If (passwordCheck() == false){
displayMessage();
}else{
...
