Secure Coding mailing list archives
Root Canal Treatment vs Source Code Review
From: jleffler at us.ibm.com (Jonathan Leffler)
Date: Mon, 30 Jun 2008 10:32:28 -0600
Under the subject "InternetNews Realtime IT News - Merchants Cope With PCI Compliance", Kenneth Van Wyk <ken at krvw.com> wrote: [...] In talking with my customers over the past several months, I always find it interesting that the vast majority would sooner have root canal than submit their source code to anyone for external review. [...] There's a simple reason for that reluctance - most people are painfully aware that their software won't stand the scrutiny that an external review would entail. -- Jonathan Leffler (jleffler at us.ibm.com) STSM, Informix Database Engineering, IBM Information Management 4400 N First St, San Jose, CA 95134-1257 Tel: +1 408-956-2436 Tieline: 475-2436 "I don't suffer from insanity; I enjoy every minute of it!" -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 4441 bytes Desc: S/MIME Cryptographic Signature Url : http://krvw.com/pipermail/sc-l/attachments/20080630/41546f6e/attachment.bin
Current thread:
- Root Canal Treatment vs Source Code Review Jonathan Leffler (Jun 30)
- Root Canal Treatment vs Source Code Review Mary and Glenn Everhart (Jun 30)