Secure Coding mailing list archives

Re: free lunch almost over

From: "Jeff Williams" <jeff.williams () aspectsecurity com>
Date: Wed, 02 Feb 2005 15:43:46 +0000

I think we're focused on different aspects of 'important.' The sheer number 
of web applications does make concurrency in that environment an important 
issue for this list. Concurrency used to be the province of a relatively 
small number of developers who understood that were working in a 
multithreaded environment. Now the number of programmers who need to 
understand concurrency is, well, almost all of them. That's why the issue is 
important for the list (or at least to me).


I think the "some web site going down" comment doesn't reflect the reality 
of how web technology is used. Virtually every sector (including finance, 
banking, healthcare, defense) depends of web apps. Our economy would 
literally stop if certain web applications failed. Anyway, I think we 
probably agree here that concurrency is a tough issue and pretty 
'important'.


--Jeff

----- Original Message ----- 
From: "ljknews" <[EMAIL PROTECTED]>

To: "Secure Coding Mailing List" <[EMAIL PROTECTED]>
Sent: Tuesday, February 01, 2005 6:50 PM
Subject: Re: [SC-L] free lunch almost over



At 6:14 PM -0500 2/1/05, Jeff Williams wrote:

Sure. How many of those are there?

--Jeff

----- Original Message ----- From: "ljknews" <[EMAIL PROTECTED]>
To: "Secure Coding Mailing List" <[EMAIL PROTECTED]>
Sent: Tuesday, February 01, 2005 4:11 PM
Subject: Re: [SC-L] free lunch almost over



At 3:23 PM -0500 2/1/05, Jeff Williams wrote:

Concurrency is a huge issue and nowhere more important than web 
applications.


Ummm...  How about realtime fly-by-wire control systems ?
-- Larry Kilgallen


I have no idea, but certainly the number of them has no bearing
on how important they are.  The Boeing 777 is a good example --
having a few of those fall out of the sky is considerably more
important (which was the issue raised) than some web site going
down.

The newest Airbus models use fly-by-wire as well, lest it seem
to be a US-only thing.

Of course if the web site people used the strong software engineering
techniques common in safety critical areas, we would not be having
this discussion, and possibly not this mailing list.
--
Larry Kilgallen

Current thread:

free lunch almost over Gunnar Peterson (Feb 01)
- Re: free lunch almost over Jeff Williams (Feb 01)
  - Re: free lunch almost over ljknews (Feb 01)
    - Re: free lunch almost over Jeff Williams (Feb 01)
    - Re: free lunch almost over ljknews (Feb 02)
    - Re: free lunch almost over Jeff Williams (Feb 02)
    - Re: free lunch almost over ljknews (Feb 02)
  - Secure software development contract annex Jeff Williams (Feb 22)
- <Possible follow-ups>
- Re: free lunch almost over Steven M. Bellovin (Feb 01)
  - Re: free lunch almost over Gunnar Peterson (Feb 01)
- Re: free lunch almost over Carl G. Alphonce (Feb 02)
- RE: free lunch almost over Wall, Kevin (Feb 02)