Security pals: what is the most concise secure coding advice you can give to a C devel for embedded? Pls RT and read thread before answering
Show this thread
Get the code building on a modern compiler, then turn on all errors, warnings, and instrumentation to find bugs.
-
-
Also look at the assembly output, especially on sensitive code. Optimization can break a correctly implemented crypto package.
-
that's hard, though, for your average embedded devel, isn't it? Can we help?
- 6 more replies
New conversation -
-
-
Or turn them on before getting the code building. Turning them all on should be the default.
-
Setup important dev<>test<>prod code/config early (TLS, etc.) to avoid weakening defaults inline for convenience, that may end up shipped.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.