2009-06-19 23:06:07

Greetings, Bagel Blog followers!
I have been spending a huge amount of time lately crafting a comprehensive guide to programming a secure user system.

The guide will cover things like planning, understanding the general threats, how to prevent these threats, best security practices, all with example code and practical examples, with specific information as to why each piece is needed, and what can happen if you don't do it.

I will include a realistic analysis of several common threats (XSS, CSRF, SQL injection, etc.), along with best user practices for the average user to keep in mind (log out every time, etc.).

I hope to have this guide complete in ~30 days. Bear in mind, I am writing it for several audiences; programmers, security professionals, average users, and the generally curious, so it will have several sections with varying levels of technical requirement and varying use to varying audiences.

The full guide should be many tens of pages, but the useful section to any given user should not be too long.