WebApp Sec mailing list archives
Re: Secure Coding? Bah!
From: Mark Curphey <mark () curphey com>
Date: Thu, 22 Jan 2004 23:01:58 -0500 (EST)
Interesting but I have exactly the opposite opinion and experience. I know you often get great buy in from developers interested in new techniques and new challenges. If you approach them with a whip you have to expect a fight, but when approached with compassion people almost always want to do the right thing. To use your dog analogy, if you dont train them then you will never get better. This is like saying, my dogs always going to poop on the front step, gotta use the back door and accept it! Just my humble opinion ;-) ---- Adam Tuliper <amt () gecko-software com> wrote:
credentials or not.. he's right on almost every aspect. Almost every company I've done work at had pretty insecure code that I had to fix. I know of almost no peer developers who are security conscious, as well as I know no developers personally that were taught security as part of their training. It never ceases to amaze me how many developers know next to nothing about writing secure code. You tell them about a sql injection attack and they look at you like a dog who just heard a funny noise and turns its head sideways. Ironically the only people I know who seme to have any idea about security are the same ones who could hack your systems. Seems like this needs to be more two-way knowledge but most developers just don't care. On Thu, 22 Jan 2004 21:42:24 -0500 (EST) Mark Curphey <mark () curphey com> wrote:Does anyone know of any information about this authors credentials to make these claims ?http://infosecuritymag.techtarget.com/ss/0,295796,sid6_iss306_art550,00.html --------------------------------------------------------------------- Web mail provided by NuNet, Inc. The Premier National provider. http://www.nni.com/
Current thread:
- Re: Secure Coding? Bah!, (continued)
- Re: Secure Coding? Bah! Juridian (Jan 23)
- Re: Secure Coding? Bah! Juridian (Jan 22)
- Re: Secure Coding? Bah! David Wall @ Yozons, Inc. (Jan 22)
- RE: Secure Coding? Bah! Taco Fleur (Jan 22)
- RE: Secure Coding? Bah! Tim Greer (Jan 23)
- RE: Secure Coding? Bah! Taco Fleur (Jan 23)
- RE: Secure Coding? Bah! Tim Greer (Jan 23)
- RE: Secure Coding? Bah! Taco Fleur (Jan 22)
- Re: Secure Coding? Bah! Adam Tuliper (Jan 22)
- RE: Secure Coding? Bah! Taco Fleur (Jan 22)
- Re: Secure Coding? Bah! Mike Hoskins (Jan 24)
- RE: Secure Coding? Bah! Tim Greer (Jan 24)