Re: Sad state of affairs

[Prasad Shenoy <prasad.shenoy () gmail com>]

Well, one of the objectives of employing secure coding practices is just that - to raise the cost and complexity of 
exploiting bugs. 

Cheers,
Prasad

> On Sep 20, 2013, at 7:47 PM, "Bobby G. Miller" <b.g.miller () gmail com> wrote:
>
> I was just listening to a podcast interviewing a security executive from a prominent vendor.  The response to 
> vulnerabilities was to raise the cost/complexity of exploiting bugs rather than actually employing secure coding 
> practices.  What saddened me most was that the approach was apparently effective enough.
>
> _______________________________________________
> Secure Coding mailing list (SC-L) SC-L () securecoding org
> List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
> List charter available at - http://www.securecoding.org/list/charter.php
> SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
> as a free, non-commercial service to the software security community.
> Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
> _______________________________________________

_______________________________________________
Secure Coding mailing list (SC-L) SC-L () securecoding org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
_______________________________________________