On Dec 14, 2007 7:35 PM, Tony Abernethy <[EMAIL PROTECTED]> wrote: > The problem with "coding standards" is that they generally at best > help slightly with things that do not matter, generally at the expense > of everything that actually does matter.
There are uses for it. You want some kind of standard, otherwise, you have one person doing C, another C++, another C# and so on and so forth. Then, as even Microsoft banned some APIs (see: http://tinyurl.com/2tbzop), it's probably a good idea for my company to look at that (no, it doesn't help dumb programmers or people who insist on shooting themselves in their foot, nor higher level security stuff - like sending usernames and passwords in the clear, across the internet), but at least provide a basic level to start. Having this will also indicate to programmers that we *care* about security. > Take the extra effort to make things as clear as possible > Self-consistency matters. Good points. > One consistent bad style is better than multiple good styles. What I hear is - consistency is good. Good point. > Eschew obfuscation. > Originality may be necessary, but it's not really a virtue. > Actually this list, and the attitudes behind it, your best bet. Hence, I ask. -- http://www.glumbert.com/media/shift http://www.youtube.com/watch?v=tGvHNNOLnCk "This officer's men seem to follow him merely out of idle curiosity." -- Sandhurst officer cadet evaluation. "Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted." -- Gene Spafford learn french: http://www.youtube.com/watch?v=j1G-3laJJP0&feature=related