Encryption is only mentioned 4 times. Also this is just wrong: Do not accept serialized objects from untrusted sources, and if you must send one yourself across a network, encrypt it first with a private key, then decrypt it on the other end to ensure its integrity before deserializing it
Canada’s digital software is critical infrastructure. It runs our country, and we depend upon it. Let's protect it with a secure coding policy, now.
Encryption is only mentioned 4 times. Also this is just wrong: Do not accept serialized objects from untrusted sources, and if you must send one yourself across a network, encrypt it first with a private key, then decrypt it on the other end to ensure its integrity before deserializing it