Secure Coding mailing list archives
Re: The biggest thing affecting software security? People, apparently.
From: Robert Hajime Lanning <robert.lanning () gmail com>
Date: Fri, 01 Jul 2005 01:24:31 +0100
On 6/30/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Your final statement still focus's only on technology i.e. educate programmers. Yes I agree they can play a significant part in security applications but in my experience the common theme of making everything transparent for the users is utter nonesene. Ordinary users should be educated in security principles to assist in understanding the value of data and how their actions could implicate an exposure. Especially since we still need to setup users as power users or admins in order to operate many third party apps.
Ahh... But you see, with proper security education of programmers, you wouldn't need to give end users "Power User" or "Administrator" access. You would teach the programmers how to use the available security framework. "The person is smart, people are dumb, stupid and panicky." - MIB You train the ones that build the world, that the end user "lives" in, about staying within a secure framework. -- END OF LINE -MCP
Current thread:
- Re: The biggest thing affecting software security? People, apparently. Robert Hajime Lanning (Jun 30)
- <Possible follow-ups>
- Re: The biggest thing affecting software security? People, apparently. . . (Jun 30)
- Re: The biggest thing affecting software security? People, apparently. John Manko (Jun 30)
- RE: Re: The biggest thing affecting software security? People, apparently. Yousef Syed (Jul 03)
- Re: The biggest thing affecting software security? People, apparently. John Manko (Jun 30)
- Re: The biggest thing affecting software security? People, apparently. Steven M. Bellovin (Jul 03)