Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

Where Does Secure Coding Belong In the Curriculum?

From: goertzel_karen at bah.com (Goertzel, Karen [USA])
Date: Tue, 25 Aug 2009 10:26:43 -0400
For consistency's sake, I hope you agree that if security is an intermediate-to-advanced concept in software 
development, then all the other "-ilities" ("goodness" properties, if you will), such as quality, reliability, 
usability, safety, etc. that go beyond "just get the bloody thing to work" are also intermediate-to-advanced concepts. 

In other words, teach the "goodness" properties to developers only after they've inculcated all the bad habits they 
possibly can, and then, when they are out in the marketplace and never again incentivised to actually unlearn those bad 
habits, TRY desperately to change their minds using nothing but F.U.D. and various other psychological means of dubious 
effectiveness.

Great strategy! Our hacker friends will love it.

Karen Mercedes Goertzel, CISSP
Associate
703.698.7454
goertzel_karen at bah.com
________________________________________
From: sc-l-bounces at securecoding.org [sc-l-bounces at securecoding.org] On Behalf Of Benjamin Tomhave [list-spam at 
secureconsulting.net]
Sent: Monday, August 24, 2009 8:35 PM
To: sc-l at securecoding.org
Subject: Re: [SC-L] Where Does Secure Coding Belong In the Curriculum?

Two quick comments in catching up on the thread...

First, security in the software development concept is at least an
intermediate concept, if not advanced....
Previous By Date Next
Previous By Thread Next

Current thread: