Secure Coding mailing list archives
RE: Hypothetical design question
From: Andreas Saurwein <saurwein () uniwares com>
Date: Wed, 28 Jan 2004 17:20:30 +0000
At 28/1/2004 13:37 Wednesday, "Dave Paris" wrote: Not to wander from the strict topic or be inflamatory but more often than not it's the marketing department mandating "features". Not too many programmers I know are in the position to just add features during their implementation. (at least in commercial-ware) Heck, most programmers I know have sufficient intellectual agility to realize that a lot of features currently found in common applications are just Really Bad Ideas [tm] from any number of angles, security ranking at or near the top. So far my experience has been that "marketing department" has practically no technical knowledge and usually consults one of those "system analysts" which do not know much about programming, nothing about security and just as much about user interface design and usability. That the programmers are often just confronted with the facts after the design is part of a bad design process. In short, please don't shoot the messenger. The messenger is the first to shoot in order to avoid worse :) cheers Andreas
Current thread:
- Hypothetical design question Kenneth R. van Wyk (Jan 27)
- Re: Hypothetical design question Paco Hope (Jan 27)
- Re: Hypothetical design question Andreas Saurwein (Jan 28)
- RE: Hypothetical design question Dave Paris (Jan 28)
- RE: Hypothetical design question Andreas Saurwein (Jan 28)
- RE: Hypothetical design question Dave Paris (Jan 28)
- RE: Hypothetical design question Michael S Hines (Jan 28)
- Re: Hypothetical design question Kenneth R. van Wyk (Jan 29)
- Re: Hypothetical design question Andreas Saurwein (Jan 28)
- Re: Hypothetical design question Paco Hope (Jan 27)
- Re: Hypothetical design question Paco Hope (Jan 28)
- Re: Hypothetical design question Dave Aronson (Jan 28)
- Re: Hypothetical design question Andreas Saurwein (Jan 28)
- RE: Hypothetical design question Michael S Hines (Feb 02)
- Re: Hypothetical design question Louis Solomon [SteelBytes] (Feb 03)