Re: Why Software Will Continue to Be Vulnerable

[Michael Silk <michaelslists () gmail com>]

On 5/2/05, Kenneth R. van Wyk <[EMAIL PROTECTED]> wrote:
> Michael Silk wrote:
> > I honestly don't believe that the consumers will _EVER_ care, and I
> > don't believe that should have to. At most maybe they should just need
> > to keep an eye out for a sticker, or star-rating (government approved)
> > or something. But as you say, 'security' is 'hard to measure', so an
> > approach like that won't work.
>
> As the saying goes, give the consumer the choice between security and
> dancing pigs, and they'll pick dancing pigs every single time.  There's
> probably more than just a grain of truth to that.

I would too; I've never seen a dancing pig ... :)

 
> Yet, despite that pessimistic outlook -- and the survey that forked this
> thread -- I do think that companies are demanding more in software
> security, even though consumers are not.  I'm not aware of surveys that
> directly address that, but it sure seems obvious to me that they are.

Demanding more maybe, but getting charged for it too... so the problem
is still there: security as a 'feature'. 'Security' needs to become a
baseline, just like any other programming construct (maths, ...) But
anyway, ...


> Here's to wishful thinking, anyway!

Agreed!

-- Michael