WebApp Sec mailing list archives
Re: Secure Coding? Bah!
From: ONEILL David J <David.J.Oneill () state or us>
Date: 23 Jan 2004 07:40:05 -0800
GREAT! More Architect/Developer bashing. As a person who builds architecture and develops software, I'm sure tired of the beating we get for all the security woes of the planet. Although I have never spent a day in a classroom studying methods to make applications more secure, I do have a Computer Science degree and around thirty six years of experience building applications on platforms ranging from the very first microprocessors, to mainframes, to IBM's new P series machines. And from what I've experienced the majority of breaches come from networks and network devices being hacked. I have met numerous people in my field that were security conscious. And I have never met anyone who said that they did not have the time or aspiration to make their code more secure. And in this context, the only bad code that I have had to work with, is code that was developed overseas. My opinion, outsourcing companies really don't care what the code works like as long as they get paid. Our problem is that we do care, so we fix the problems we find before they cause any issues that management would here about. And this is how we shot ourselves in the foot, we tell management what we found but it never sinks in because they did not see any cost penalty. My 0.02 rant, David J. O'Neill Senior Systems Analyst Parkway Bldg., 2nd Floor Phone: (503) 378-2101 ext. 364 FAX: (503) 378-2103
mark () curphey com 01/22/04 07:23PM >>>
Does anyone know of any information about this authors credentials to make these claims ? http://infosecuritymag.techtarget.com/ss/0,295796,sid6_iss306_art550,00.html
Current thread:
- RE: Secure Coding? Bah!, (continued)
- RE: Secure Coding? Bah! Tim Greer (Jan 23)
- RE: Secure Coding? Bah! Taco Fleur (Jan 22)
- Re: Secure Coding? Bah! Chris DeVoney (Jan 22)
- Re: Secure Coding? Bah! Chris Kirschke (Jan 22)
- Re: Secure Coding? Bah! Mark Curphey (Jan 22)
- Re: Secure Coding? Bah! Adam Tuliper (Jan 22)
- Re: Secure Coding? Bah! Mark Curphey (Jan 22)
- RE: Secure Coding? Bah! Taco Fleur (Jan 22)
- Re: Secure Coding? Bah! Mark Curphey (Jan 23)
- RE: Secure Coding? Bah! Taco Fleur (Jan 23)
- Re: Secure Coding? Bah! ONEILL David J (Jan 23)
- Re: Secure Coding? Bah! Mike Hoskins (Jan 24)
- RE: Secure Coding? Bah! Robert Paris (Jan 23)
- RE: Secure Coding? Bah! Tim Greer (Jan 24)
- RE: Secure Coding? Bah! Glenn_Everhart (Jan 23)
- RE: Secure Coding? Bah! Dinis Cruz (Jan 25)