Re: Application Insecurity - Who is at Fault?

["Greenarrow 1" <Greenarrow1 () msn com>]

Government is not the answer.  Just how would one get the numerous 
governments to agree on a law
that most likely be impossible to enforce?  Soft ware made in the European 
Union is not enforceable in the United States and visa versa, ie.

Mapping out a plan to the various companies' management would be a better 
goal but how to enforce this plan is the question?  Showing companies the 
actual costs to patch flaws comparing securing the soft ware at the onset 
might shock them into reality.  Who is to take charge to implement or start 
a project like this?  Does a company have to implement recommendations made 
by anyone?

If one could actually prove to the makers that the costs of patching could 
actually exceed the cost of the program then maybe this would achieve some 
lead way into secured coding.  Money is the answer and if someone could 
prove this I feel it would be a start into securing soft wares.

I am open to any and all suggestions that would benefit showing the way to 
proceed.

Regards,
George
Greenarrow1
InNetInvestigations-Forensics