Re: Application Insecurity --- Who is at Fault?

[Margus Freudenthal <margusf () solo ee>]

Michael Silk wrote:


Consider the bridge example brought up earlier. If your bridge builder
finished the job but said: "ohh, the bridge isn't secure though. If
someone tries to push it at a certain angle, it will fall".


All bridges have certain limits. There is difference between a 
footbridge and bridge that can be driven over with a tank. The 
difference is also reflected in cost. You are advocating always building 
"tank" bridge. Which is understandable attitude - this way you are 
mostly safe. However, in some cases it is *economically feasible* to 
just build a simpler bridge and accept the fact that it will break under 
some conditions.


Ultimately it is a matter of economics. Sometimes releasing something 
earlier is worth more than the cost of later patches. And 
managers/customers are aware of it.



--
Margus