WebApp Sec mailing list archives
Re: The biggest thing affecting software security? People, apparently.
From: Robert Hajime Lanning <robert.lanning () gmail com>
Date: Thu, 30 Jun 2005 10:52:19 -0700
On 6/30/05, PPowenski () oag com <PPowenski () oag com> wrote:
Your final statement still focus's only on technology i.e. educate programmers. Yes I agree they can play a significant part in security applications but in my experience the common theme of making everything transparent for the users is utter nonesene. Ordinary users should be educated in security principles to assist in understanding the value of data and how their actions could implicate an exposure. Especially since we still need to setup users as power users or admins in order to operate many third party apps.
Ahh... But you see, with proper security education of programmers, you wouldn't need to give end users "Power User" or "Administrator" access. You would teach the programmers how to use the available security framework. "The person is smart, people are dumb, stupid and panicky." - MIB You train the ones that build the world, that the end user "lives" in, about staying within a secure framework. -- END OF LINE -MCP
Current thread:
- RE: The biggest thing affecting software security? People, apparently. PPowenski (Jun 30)
- Re: The biggest thing affecting software security? People, apparently. Robert Hajime Lanning (Jun 30)