Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-disclosure] comparing information security to other industries

from [Nancy Kramer] Network Security [Permanent Link]
Subject: Re: [Full-disclosure] comparing information security to other industries
Date: Tue, 19 Dec 2006 19:22:56 -0500 
At 03:16 PM 12/19/2006, KT wrote:

What I am trying to figure out is how mature we are and how long will it 
take for to get stable?



Not very mature and it will take a long time to get stable because 
programmers are just beginning to be aware of application security 
requirements and then they need to figure out how to implement 
them.  Remember most programmers came from a client server or mainframe 
world and they "don't get it".  The consumer also doesn't "get it".  They 
work great together.

I went to a PHP Conference recently and the creator of PHP said that there 
is not such thing as a completely secure web application.  When failure is 
a goal you will definitely get there.

I know all this because I am a programmer by background.  Most people 
designing web applications know so little about security it is scary.

Regards,

Nancy Kramer
Webmaster http://www.americandreamcars.com
Free Color Picture Ads for Collector Cars
One of the Ten Best Places To Buy or Sell a Collector Car on the Web



-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.409 / Virus Database: 268.15.23/591 - Release Date: 12/17/2006


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-disclosure] comparing information security to other industries, coderman
Next by Date:  [Full-disclosure] ZDI-06-051: Mozilla Firefox SVG Processing Remote Code Execution Vulnerability, zdi-disclosures
Previous by Thread:  Re: [Full-disclosure] [WEB SECURITY] comparing information security to other industries, Will Jefferies
Next by Thread:  Re: [Full-disclosure] [WEB SECURITY] Re: comparing information security to other industries, Dinis Cruz
Indexes:  [Date] [Thread] [Top] [All Lists]