Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

"Bumper sticker" definition of secure software

From: Holger.Peine at iese.fraunhofer.de (Holger.Peine at iese.fraunhofer.de)
Date: Mon, 17 Jul 2006 08:32:40 +0200
From: sc-l-bounces at securecoding.org 
[mailto:sc-l-bounces at securecoding.org] On Behalf Of Dave Aronson
If you really want to compress that to bumper-sticker size, how about

  "Secure Software:  Does what it's meant to.  Period."

This encompasses both "can't be forced NOT to do what it's 
meant to do", 
and "can't be forced to do what it's NOT meant to do".


While I think this is the most concise formulation so far of what 
most readers on this list would mean and would understand, I think
the non-security public does not think of security breaches in
terms of software doing more than it was supposed to. My suggestion
for a bumper sticker is therefore less conceptually crisp, but perhaps 
more accessible:

"Secure Software: Works even if you try to dupe it"

Nice question, though -
Holger Peine

-- 
Dr. Holger Peine, Security and Safety
Fraunhofer IESE, Fraunhofer-Platz 1, 67663 Kaiserslautern, Germany
Phone +49-631-6800-2134, Fax -1299 (shared)
PGP key via http://pgp.mit.edu ; fingerprint is 1BFA 30CB E3ED BA99 E7AE
2BBB C126 A592 48EA F9F8
Previous By Date Next
Previous By Thread Next

Current thread: