Secure Coding mailing list archives
bumper sticker slogan for secure software
From: michaelslists at gmail.com (mikeiscool)
Date: Thu, 20 Jul 2006 08:53:22 +1000
On 7/20/06, Andrew van der Stock <vanderaj at greebo.net> wrote:
Actually, it is a myth. For every non-trivial system, there are business pressures on resourcing, deadlines, and acceptable quality (pick any two). Once a business has set their taste for risk, it makes no sense to spend say $10m on security controls on a product and delay it for six months which may only bring in $2m in revenue in total, or none at all if the company runs out of money to bring it to market. At the moment, most companies neither accept or assign the risk, enumerate the risk correctly, nor take adequate steps to eliminate as much risk as possible. We need to improve all three aspects. Even in a perfect world, there will still be bugs and security defects. Let's make sure that the remaining ones are really hard to exploit, and when the exploit happens, not much loss occurs.
yeah. but none of this changes the fact that it IS possible to write completely secure code.
thanks, Andrew
-- mic
Current thread:
- bumper sticker slogan for secure software SC-L Subscriber Dave Aronson (Jul 17)
- bumper sticker slogan for secure software ... (Jul 18)
- <Possible follow-ups>
- bumper sticker slogan for secure software Goertzel Karen (Jul 17)
- bumper sticker slogan for secure software SC-L Subscriber Dave Aronson (Jul 18)
- bumper sticker slogan for secure software Dana Epp (Jul 18)
- bumper sticker slogan for secure software Andrew van der Stock (Jul 18)
- bumper sticker slogan for secure software Wietse Venema (Jul 18)
- bumper sticker slogan for secure software mikeiscool (Jul 18)
- bumper sticker slogan for secure software Andrew van der Stock (Jul 19)
- bumper sticker slogan for secure software mikeiscool (Jul 19)
- code review tools for tcl? j eric townsend (Jul 20)
- bumper sticker slogan for secure software Pascal Meunier (Jul 19)
- bumper sticker slogan for secure software der Mouse (Jul 19)
- bumper sticker slogan for secure software Florian Weimer (Jul 20)
- bumper sticker slogan for secure software Pascal Meunier (Jul 20)
- bumper sticker slogan for secure software Florian Weimer (Jul 20)
- bumper sticker slogan for secure software Pascal Meunier (Jul 20)
- bumper sticker slogan for secure software ljknews (Jul 20)