Secure Coding mailing list archives
Re: ACM Queue article and security education
From: ljknews <ljknews () mac com>
Date: Fri, 02 Jul 2004 13:48:14 +0100
At 1:02 PM -0700 7/1/04, Blue Boar wrote:
ljknews wrote:I think it will be properly considered when the most strict portion of the software world is using language X. I have used many programs where the flaws in the program make it clear that I care not one whit about whether the authors of that program have opinion about anything I might use. They are simply not competent, either as individuals or else as an organization.By "most strict portion", do you mean people that care most about correct code, proofs, and such?
And organizations that hire the people you describe below to test the software they build.
I don't deny that the bulk of the heavy lifting will be done by people well-qualified to do so. However, I'm of the school of thought that certain types of people who like to break things, and whose chief skill is breaking things, will always have a decent shot at finding a problem. There are people who couldn't build it, but they can sure break it.
You don't typically get their attention until something is really, really popular.
Lots of people bring their attention to issues they are paid to test. -- Larry Kilgallen
Current thread:
- Re: ACM Queue article and security education George Capehart (Jun 30)
- <Possible follow-ups>
- RE: ACM Queue article and security education Michael Canty (Jul 01)
- RE: ACM Queue article and security education Peter Amey (Jul 01)
- Re: ACM Queue article and security education Blue Boar (Jul 01)
- RE: ACM Queue article and security education Michael S Hines (Jul 01)
- Re: ACM Queue article and security education ljknews (Jul 01)
- Re: ACM Queue article and security education Blue Boar (Jul 01)
- Re: ACM Queue article and security education ljknews (Jul 02)
- Re: ACM Queue article and security education Blue Boar (Jul 01)
- Re: ACM Queue article and security education Blue Boar (Jul 02)