Secure Coding mailing list archives
Re: Why Software Will Continue to Be Vulnerable
From: Michael Silk <michaelslists () gmail com>
Date: Tue, 03 May 2005 12:52:30 +0100
On 5/2/05, Kenneth R. van Wyk <[EMAIL PROTECTED]> wrote:
Michael Silk wrote:I honestly don't believe that the consumers will _EVER_ care, and I don't believe that should have to. At most maybe they should just need to keep an eye out for a sticker, or star-rating (government approved) or something. But as you say, 'security' is 'hard to measure', so an approach like that won't work.As the saying goes, give the consumer the choice between security and dancing pigs, and they'll pick dancing pigs every single time. There's probably more than just a grain of truth to that.
I would too; I've never seen a dancing pig ... :)
Yet, despite that pessimistic outlook -- and the survey that forked this thread -- I do think that companies are demanding more in software security, even though consumers are not. I'm not aware of surveys that directly address that, but it sure seems obvious to me that they are.
Demanding more maybe, but getting charged for it too... so the problem is still there: security as a 'feature'. 'Security' needs to become a baseline, just like any other programming construct (maths, ...) But anyway, ...
Here's to wishful thinking, anyway!
Agreed! -- Michael
Current thread:
- Why Software Will Continue to Be Vulnerable Crispin Cowan (Apr 30)
- RE: Why Software Will Continue to Be Vulnerable Arian J. Evans (May 01)
- Re: Why Software Will Continue to Be Vulnerable Greenarrow 1 (May 01)
- Re: Why Software Will Continue to Be Vulnerable Crispin Cowan (May 01)
- Re: Why Software Will Continue to Be Vulnerable Dave Aronson (May 01)
- Re: Why Software Will Continue to Be Vulnerable Jeff Williams (May 01)
- Re: Why Software Will Continue to Be Vulnerable Michael Silk (May 02)
- Re: Why Software Will Continue to Be Vulnerable Kenneth R. van Wyk (May 02)
- Re: Why Software Will Continue to Be Vulnerable ljknews (May 02)
- Re: Why Software Will Continue to Be Vulnerable Crispin Cowan (May 03)
- Re: Why Software Will Continue to Be Vulnerable Michael Silk (May 03)
- Re: Why Software Will Continue to Be Vulnerable Crispin Cowan (May 01)
- <Possible follow-ups>
- re: Why Software Will Continue to Be Vulnerable Bill Cheswick (May 02)
- Re: re: Why Software Will Continue to Be Vulnerable Gunnar Peterson (May 02)
- Re: re: Why Software Will Continue to Be Vulnerable Blue Boar (May 03)