Secure Coding mailing list archives
OWASP Publicity
From: leichter_jerrold at emc.com (Leichter, Jerry)
Date: Fri, 16 Nov 2007 09:24:10 -0500 (EST)
| ...I've never understood why it is that managers who would never dream | of second-guessing an electrician about electrical wiring, a | construction engineer about wall bracing, a mechanic about car | repairs, will not hesitate to believe - or at least act as though they | believe - they know better than their in-house experts when it comes | to what computer, especially software, decisions are appropriate, and | use their management position to dictate choices based on their | inexpert, incompletely informed, and often totally incompetent | opinions. (Not just security decisions, either, though that's one of | the cases with the most unfortunate consequences.) This is perhaps the most significant advantage to licensing and other forms of official recognition of competence. At least in theory, a licensed professional is bound by an officially-sanctioned code of conduct to which he has to answer, regardless of his employment chain of command. In reality, of course, things are not nearly so simple, along many dimensions. Theory and practice are often very different. However ... the next time you run into a situation where you are forced into a technically bad decision because some salesman took a VP to a nice golf course - imagine that you could pull down some official regulation that supported your argument. The world has many shades of gray.... -- Jerry
Current thread:
- Code review pool Paolo Perego (Nov 05)
- Code review pool ljknews (Nov 05)
- Message not available
- Code review pool Paolo Perego (Nov 05)
- OWASP Publicity McGovern, James F (HTSC, IT) (Nov 15)
- OWASP Publicity Crispin Cowan (Nov 15)
- OWASP Publicity Bernie Rosen (Nov 15)
- OWASP Publicity der Mouse (Nov 15)
- OWASP Publicity Leichter, Jerry (Nov 16)
- OWASP Publicity Crispin Cowan (Nov 16)
- OWASP Publicity Benjamin Tomhave (Nov 18)
- OWASP Publicity James Stibbards (Nov 19)
- OWASP Publicity Benjamin Tomhave (Nov 19)
- OWASP Publicity Crispin Cowan (Nov 15)
- OWASP Publicity McGovern, James F (HTSC, IT) (Nov 19)