I'd like to share a few thoughts with you about a book I've been reading recently, which has really inspired me whilst being greatly amusing.
At Barcamp Manchester, they were giving away copies of this book; I picked up one to look at later - I could always ebay it later. Never before has a book of such calibre caused me so much amusement, I seriously recommend this book for it's outstanding range of comic delights.

I am, of course, referring to "The Developer Highway Code" written by Paul Maher and Alex Mackman, a book, which, in my opinion, should be renamed

"The Microsoft Jokebook".

The book, whose copyright is owned by Microsoft, describes itself as a book for Application Architects, Testers and Quality Assurance Specialists and Developers and alleges to capture and summarise the key security processes which "should be" in your development process.

The book is themed in the style of the highway code, with random icons with captions such as "12 hours' coding - need a coffee" and "Warning - unstable coding ahead". Presumably this is meant to interest and entertain the Developers and System Architects reading the book, however unless they are between the ages of five and fifteen (and sometimes I think they are), the icons do nothing but assist with visual puns comparing coders to roadsigns in a manner which would make even the Black Death seem like stand up comedy.

Whilst reading through the book, several things struck me; it was full of useful tips for developers. And it's incredibly convenient for them to provide URLs for detailed reference linking to the Microsoft Developer Network. Indeed, no one can doubt that this must be extremely handy...
I mean, every developer loves copying out URLs like

http://msdn2.microsoft.com/en-us/library/8dbf701c(VS.71).aspx

I can just see them, reading through the book and thinking,

"Oh No!
I don't know very much about the /GS compiler switch to detect buffer overuns in C++. I know I'll type in this 50+ character URL for a quick reminder. At least I know it will be just as much fun as this awesome book is because they have thrown in a random string of characters to test my memory skills!"

As a book to improve security awareness of developers, I was highly impressed with it's awareness of good security practises. Even as someone with limited knowledge in the security field, I was happy to see that it was suggesting that development teams should use custom cryptographic algorithms. Everyone knows that the most secure systems are those with custom security schemas, brand new patented encryption algorithms, not to mention proprietary authentication systems which give them a competitive edge over other systems.

Whilst the book is distributed online gratis, it's copyright licence fails to allow one to make use of this in a way where one could remove the constant source of irritations.

Because I'm a generous person, and love to donate treasured possessions to good causes. I have already perfected my .NET programming skills to the most secure method possible and thus wish to donate this book to someone else and let it inspire them like it inspired me.

Leave a comment if you are interested in having it...

Footnotes

• Custom crypo systems are seriously bad. Read Schneier.

• The safest way of coding .NET is not to code it.

• This is funny. Laugh.