Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

FW: What's the next tech problem to be solved in softwaresecurity?

From: secureCoding2dave at davearonson.com (SC-L Subscriber Dave Aronson)
Date: Thu, 07 Jun 2007 12:52:39 +0000
Michael S Hines [mailto:mshines at purdue.edu] writes:


Product integration - why have an editor, separate source code analizer,
separate 'lint' product, compiler, linker, object code analyzer, Fuzz
testing tools, etc...    apart from marketing and revenue stream - it
doesn't help the developer any.


It may.  IME, "all-in-one" products usually integrate the pieces well.  On the other claw, they don't tend to do most, 
if any, of the pieces well.  On the third hand, "integration" doesn't have to mean they're no longer "separate".  They 
can "play nicely together" if they adhere to relevant standards for interoperability.  Witness how you can develop a 
lot of software without leaving Emacs, or Eclipse.

However, I don't think that's all that relevant to software security in particular, as opposed to software development 
in general.

-Dave

-- 
Dave Aronson
"Specialization is for insects."  -Heinlein
Work: http://www.davearonson.com/
Play: http://www.davearonson.net/
Previous By Date Next
Previous By Thread Next

Current thread: