WebApp Sec mailing list archives
Of the three expensive vulnerability scanners
From: simon59 () gmx de
Date: Tue, 23 Nov 2004 09:04:02 +0100 (MET)
The mentality starting to permeate the sofwtare woprld is not new ; cf '80s manufacturing total quality management ideas: fixing errors after deployment costs a lot and has poor results, fixing errors in pilot and beta test phase has medium cost and medium effect fixing errors at development stage has low cost and huge results Therefore why are the huge software houses therefore producing millions of lines of buggy code which someone will then have to fix at huge cost?
Is it cheaper? Are users are only interested in the latest and greatest, not in what
works reliably!
Are users prepared to buy buggy code and fix it at their own cost? do supply contracts for software, protect the purchaser rather than the
supplier
Are exclusion clauses protecting the supplier form prosecution in EULAs
legitimate?
Can you sue a company for producing code which causes problems and costs? Is the legislature to blame? Are there efficient laws against writing faulty code? Are insurance premiums for companies who buy code from slop shops higher
than the ones for those who ensure that they buy quality products?
Would you buy a car with no guarantee it will not kill or maim you and
others? -- Geschenkt: 3 Monate GMX ProMail + 3 Top-Spielfilme auf DVD ++ Jetzt kostenlos testen http://www.gmx.net/de/go/mail ++
Current thread:
- Re: Of the three expensive vulnerability scanners, (continued)
- Re: Of the three expensive vulnerability scanners Adam Shostack (Nov 22)
- Re: Of the three expensive vulnerability scanners Jeff Williams (Nov 22)
- Re: Of the three expensive vulnerability scanners Adam Shostack (Nov 22)
- RE: Of the three expensive vulnerability scanners Michael Silk (Nov 22)
- Re: Of the three expensive vulnerability scanners Jim+Lisa Weiler (Nov 25)
- Re: Of the three expensive vulnerability scanners ban.marketing.bs (Nov 22)
- RE: Of the three expensive vulnerability scanners King, Stuart (REHQ-LON) (Nov 22)
- RE: Of the three expensive vulnerability scanners Mark Curphey (Nov 25)
- RE: Of the three expensive vulnerability scanners Michael Silk (Nov 22)
- Re: Of the three expensive vulnerability scanners Adam Shostack (Nov 22)
- RE: Of the three expensive vulnerability scanners Michael Silk (Nov 25)
- Of the three expensive vulnerability scanners simon59 (Nov 25)