Re: Variable comparisons

[Dave Aronson <securecoding () dja mailme org>]

On Tue December 2 2003 15:16, Chris Richards wrote:

> I may actually buy this book.  Despite the fact that it is from
> Microsoft.
>
> :-)

Actually, from the much I've read *about* them and little I've read *of* 
them, Microsoft Press books tend to be pretty good!  Some theorize that 
the documentation that ships with MS products is so bad, in order to 
get you to buy the MS Press books about the product.  However, since 
the ones on SE often contain excellent advice on robustness, security, 
etc., that MS obviously does not follow, there may be a clear 
separation between the software and book lines of business.  B-)/2

> it is far cheaper to design a problem out of a
> product than it is to test a problem out of a product.  It seems to
> me that a large part of the software industry has yet to figure this
> out; it doesn't seem to get taught to the young people coming out of
> University,

It was taught to me in 1983, and I've seen it in professional 
periodicals (usually as a basic axiom, used to support something else) 
frequently since then.  Maybe it's not taught *any more*, but I very 
much doubt it, as awareness of the importance of design (vs. sit down 
and hack it out) seems to have only increased since then.

Unfortunately, this is only well-known THEORY, and rarely PRACTICED.  
The big question is why?  My guess is the standard excuse of schedule 
pressure, plus a desire to get quickly to what so many consider the fun 
part, the coding.  Any others?

-- 
Dave Aronson, Senior Software Engineer, Secure Software Inc.
(Opinions above NOT those of securesw.com unless so stated!)
Email me at: work (D0T) 2004 (@T) dja (D0T) mailme (D0T) org
Web: http://destined.to/program http://listen.to/davearonson