Re: How many people write secure programs?

From: Justin Young (justinat_private)
Date: Tue May 01 2001 - 08:50:37 PDT

  • Next message: Graham Coles: "guidelines for secure ASP pages"

    For the record everyone is throwing around this word secure as if it
    pertains to our industry. Nothing can ever be secure as that would be it
    could never be compromised. If anyone feels that your systems, networks,
    programs can never be compromised your sadly mistaken. The proper term that
    you should be using is TRUSTED.
    
    -----Original Message-----
    From: Secure Programming Mailing List
    [mailto:SECPROGat_private]On Behalf Of Jordan Dimov
    Sent: Monday, April 30, 2001 11:35 AM
    To: SECPROGat_private
    Subject: Re: How many people write secure programs?
    
    
    The point is that this attitude is wrong.  If you try to write your
    software right and if this encourages 10 other people to write their
    software right, the world will be a better place overall.
    
    On Mon, 30 Apr 2001, Steve McAlexander wrote:
    
    > What's really the point when everything else is not written or meant to be
    secure.
    >
    > Steve McAlexander
    > 830-627-7669 Offsite Office
    > 210-316-6489 Cellular
    >
    > "There is nothing more difficult to plan, more doubtful of success, nor
    more dangerous to manage than the creation of a new system. For the
    initiator has the enmity of all who would profit by the preservation of the
    old system and merely lukewarm defenders in those who would gain by the new
    one." --Machiavelli, 1513
    >
    > -----Original Message-----
    > From: Secure Programming Mailing List [mailto:SECPROGat_private]On
    Behalf Of Jordan Dimov
    > Sent: Friday, April 27, 2001 16:48
    > To: SECPROGat_private
    > Subject: Re: How many people write secure programs?
    >
    > No one ever writes secure programs.  Most people don't even try.  Those
    > who do try, fail almost by definition, although their products are
    > measurably more secure than if they hadn't tried.
    >
    > And I hate myself for answering your question.  It should have been
    > moderated to begin with.
    >
    >
    > On Fri, 27 Apr 2001, Douglas Ostling wrote:
    >
    > > Do more people write vulnerable programs than do secure ones?
    > > --
    > > :^Q
    > >         \/\/\/\/\/\/\/
    > >        Q U A S I S O F T
    > >
    >
    



    This archive was generated by hypermail 2b30 : Tue May 01 2001 - 10:59:16 PDT