Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Missing the point?

From: "Michael S Hines" <mshines () purdue edu>
Date: Fri, 23 Apr 2004 18:38:28 +0100
But don't the tools help the developer produce better quality code through
defect detection?

Mike Hines
-----------------------------------
Michael S Hines
[EMAIL PROTECTED]

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Michael A. Davis
Sent: Tuesday, April 20, 2004 11:34 AM
To: [EMAIL PROTECTED]
Subject: [SC-L] Missing the point?


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

A Network World article,
http://www.nwfusion.com/news/2004/0419codereview.html, discusses the
various MS patches that came out last week. Ellen Messmer, the
author, talks about the many companies and startups that are selling
products to help with code auditing and testing to help automate the
security review process.

Isn't she missing the point? It is not the source code that is the
problem -- it is the developer.

Thoughts?

Thanks,
Michael A. Davis
Chief Executive Officer
Savid Technologies, Inc.
http://www.savidtech.com

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3

iQA/AwUBQIVRFNo69WASbsMmEQIzpwCeMRWZWkLPDdu5Imw1QCTvYfKvWj0AniML
8NRPFtdgGl6GvwR5WOsuU/kT
=3oCH
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: