Secure Coding mailing list archives
What's the next tech problem to be solved in software security?
From: wietse at porcupine.org (Wietse Venema)
Date: Wed, 6 Jun 2007 10:01:48 -0400 (EDT)
Kenneth Van Wyk:
What do you think is the _next_ technological problem for the software security community to solve? PLEASE, let's NOT go down the rat hole of senior management buy-in, use [this language], etc. (In fact, be warned that I will /dev/null any responses in this thread that go there.) So, what technology could/would make life easier for a secure software developer? Better source code analysis? High(er) level languages to help automate design reviews? Better security testing tools? To any of these, *better* in what ways, specifically?
I've often said that programming should be a million times more difficult, so that fewer people will be able to write code. However, that is not the direction where things evolve. Instead, more and more people, with less and less experience, will be "programming" computer systems. The challenge is to provide environments that allow less experienced people to "program" computer systems without introducing gaping holes or other unexpected behavior. An example is the popular PHP language. Writing code is comparatively easy, but writing secure code is comparatively hard. I'm working on the second part, but I don't expect miracles. The solution is likely to be a completely different programming model. The spreadsheet is approaching its 30th birthday. That is too long ago. Wietse
Current thread:
- What's the next tech problem to be solved in software security? Kenneth Van Wyk (Jun 06)
- What's the next tech problem to be solved in software security? Michael Silk (Jun 06)
- What's the next tech problem to be solved in software security? Wietse Venema (Jun 06)
- What's the next tech problem to be solved in softwaresecurity? Michael S Hines (Jun 06)
- What's the next tech problem to be solved in software security? Steven M. Christey (Jun 07)
- What's the next tech problem to be solved in software bugtraq at cgisecurity.net (Jun 07)
- What's the next tech problem to be solved in software security? Benjamin Livshits (Jun 07)
- What's the next tech problem to be solved in software security? Stephen de Vries (Jun 08)
- What's the next tech problem to be solved in software security? ljknews (Jun 08)
- What's the next tech problem to be solved in software security? der Mouse (Jun 09)
- What's the next tech problem to be solved in software security? ljknews (Jun 09)
- What's the next tech problem to be solved in software security? Leichter, Jerry (Jun 08)