Secure Coding mailing list archives

Re: Change of position

From: Dana Epp <dana () vulscan com>
Date: Thu, 01 Apr 2004 20:31:52 +0100


God I hate April 1st.

I had to take a double take on this for a second when I saw that it was 
you posting such filth Gary.


Gary McGraw wrote:


Hi all,

I have done lots of soul searching lately and have come to the
conclusion that trying to make software secure is not worth the effort.
I think instead we should concentrate more effort on protection
technologies such as advanced stateful firewalls, intrusion detection
mechanisms, host-based behavior control, and above all policy.  We
simply can't make software work effectively in a cost effective manner.

I hope all of you will agree.  


My plan is to create a new mailing list (hope Ken lets this one by)
called nsbsc-l [network-security-beats-secure-coding-list].  Look for
more information about that from me soon.

gem

Gary McGraw, Ph.D.
CTO, Cigital
http://www.cigital.com



--
Regards,
Dana Epp
[Blog: http://silverstr.ufies.org/blog/]

Current thread:

Change of position Gary McGraw (Apr 01)
- Re: Change of position Dana Epp (Apr 01)
- Re: Change of position ljknews (Apr 01)
- <Possible follow-ups>
- RE: Change of position Gary McGraw (Apr 01)
  - RE: Change of position Dave Paris (Apr 02)
- Re: Change of position Peter G. Neumann (Apr 02)