Turvalise programmeerimise meetodid 2020/21 kevad

Secure Programming Techniques

• Code: MTAT.07.015 (3 EAP)
• Lectures: Saved ideo only at first, With Panopto live webcasts possible later
• Lecturer: Meelis Roos
• Communication: MS Teams team (please log in to see team code for joining) (needs login with ut.ee account)
• Exams: 29.05.2021 12.15 (electronical) and ??.06.2021 12.15
• Re-examination for failed students: ??.06.2020 /around 29th) (please register in ÕIS!)
• Grading: 80% written exam with Internet access, 20% homeworks (4 total) + bonus homework 10%
• Results: Will be in in Google Docs with pseudonyms
• Some previous year exam questions as examples: 2019-2, 2018-1
• Questions: mroos at ut dot ee

Literature and links:

• OWASP (Open Web Application Security Project) documents
• Secure Programming for Linux and Unix HOWTO
• Secure coding: principles and practices, Mark Graff, Kenneth R. Van Wyk, O'Reilly 2003
• Secure Programming with Static Analysis, Brian Chess, Jacob West, Addison-Wesley Professional, 2007
• The Tangled Web: A Guide to Securing Modern Web Applications
• AJAX and Mashup Security
• Introductory Intel x86: Architecture, Assembly, Applications (Youtube playlist with videos for those interested in assembly language)
• An iOS zero-click radio proximity exploit odyssey