Secure Coding mailing list archives
bumper sticker slogan for secure software
From: leichter_jerrold at emc.com (leichter_jerrold at emc.com)
Date: Thu, 20 Jul 2006 15:33:30 -0400
| >>>> Absolute security is a myth. As is designing absolutely secure | >>>> software. | >> | >>> I have high hopes in formal methods. | >> | >> All formal methods do is push bugs around... | > | > But people are forced to spend more time with the code, which | > generally helps them (in particular smart people) to eradicate bugs.... | | Also, writing it twice with different languages, especially at different | levels of abstraction, makes it less likely that the same bugs will appear | in both. You can choose the higher level language so that it has great | expressive power exactly for the things that are a pain to capture and | verify (and thus a source of bugs) in the lower-level language.... But always keep in mind a comment (allegedly, I've never actually seen this) present at the top of something Don Knuth wrote: Be careful with this code. I've only proved it correct, not actually tested it. If Don Knuth can say that about code, the rest of us should be very humble about our correctness proofs. -- Jerry
Current thread:
- bumper sticker slogan for secure software, (continued)
- bumper sticker slogan for secure software Blue Boar (Jul 20)
- bumper sticker slogan for secure software der Mouse (Jul 20)
- bumper sticker slogan for secure software Blue Boar (Jul 20)
- bumper sticker slogan for secure software Wall, Kevin (Jul 20)
- bumper sticker slogan for secure software Gary McGraw (Jul 20)
- bumper sticker slogan for secure software Pascal Meunier (Jul 20)
- bumper sticker slogan for secure software Florian Weimer (Jul 20)
- bumper sticker slogan for secure software Pascal Meunier (Jul 20)
- bumper sticker slogan for secure software der Mouse (Jul 20)
- bumper sticker slogan for secure software ljknews (Jul 20)
- bumper sticker slogan for secure software John Wilander (Jul 21)
- bumper sticker slogan for secure software Pascal Meunier (Jul 20)
- bumper sticker slogan for secure software Crispin Cowan (Jul 21)
- Cost of provably-correct code (was: bumper sticker slogan for secure software) David Crocker (Jul 21)
- Cost of provably-correct code (was: bumper sticker slogan for secure software) der Mouse (Jul 22)
- Cost of provably-correct code Crispin Cowan (Jul 23)
- bumper sticker slogan for secure software mikeiscool (Jul 23)
- security half-life and critical mass securecoding2dave at davearonson.com (Jul 21)