Trip to Chapters

So the Langley trip was pretty good; picked up a couple of my books, and watched my daughter and wife go nuts in a book store with lots of stuff for them to. ScoobyD blogged about the couches, but I was sure they still had comfortable chairs. I was wrong. Now they got these hard, cold wooden chairs that you would NOT want to sit in for a long period of time. But maybe thats the point. They no longer want you reading books in the store. Of course, that IS what MADE Chapters. So easy it is to forget. Oh well.

So I started reading the first book which is Writing Secure Code from Microsoft Press. Now before you start babbeling about how that just HAS to be an oxymoron, consider this. Microsoft has some of the brightest minds in computing on their payroll as it related to security. But the weakest link is still the human factor. As much as the security division can preach about security, if application developers don't FOLLOW it... its doomed to fail. And in the past, that has been the issue at Microsoft. Atleast in my opinion. And I gain that from private conversations with friends at Microsoft that were frustrated with how hard it was to get security engineering as a principle at the design level, and not something bolted on after. Security isn't supposed to be a flavouring you sprinkle on the top of your "dish". It should be "baked" in. But they are getting better. Ever since Bill's memo Microsoft has been trying to make some changes. Now, I won't get into the thread about this being a marketing ploy... but atleast the world knows they are making an attempt. From my POV, the memo was very much like Bill's memo about IE. It was more of .. "ok.. the big boys are here... you can start the party now". The next few years should be interesting to see.

Anyways, back on track, the book is awesome. I am already a quarter of the way through it and THOROUGHLY enjoying it. Most of it I already know... but its good to see how they lay it out and explain it. I originally started looking into getting this book when Bill mentioned it in his memo. Hell, if Gates thinks all his developers should be reading it... I should consider atleast opening my mind to
it. Then I heard more about this on some of the security mailing list. So I bit the bullet and bought it... and am happy with the purchase.

I noticed Arc is trying moveable type. Let me know what you think of it. Like you, this journal is more for me to reflect on what is going on, while letting friends know what I am up to in a round about way. Not sure how I would feel about others commenting. I kinda like it when people email me if they have comments. Much more personal. But alas, each to their own.

Anyways, on that note... that book awaits me. I am going to veg and read most of the day and just enjoy the peace and quiet. TTYL