It means one of two things; that people are programming more securely and
have no need for this list since they use the suggested best practices, or
that people are too busy fixing their existing broken code.
How about the notion that we've basically given up on security.
We can program securely, OpenBSD is proof enough of that. But most are not
after monastic precision, and security is not the prime motivator of this
industry. We must meet deadlines and security suffers because of it.
With all the viruses, cracking and phising going on people are simply turning
it into a law enforcement issue; copyright issues are contributing to a more
police minded way of handling security and ownership of software. If your
poorly written server gets cracked and your source code finds its way onto
the internet, just call the police and blame the thief.
Well that's what you'd do when your home gets broken into as well. But in the
latter case neither the police nor the insurance company will take kindly to
your not locking the place up properly. Software security is still in its
infancy as an issue and I guess we're just going with the flow until it
becomes a negative political issue.
On Tuesday 23 November 2004 01:36, Shelly D. wrote:
It means one of two things; that people are programming more securely and
have no need for this list since they use the suggested best practices, or
that people are too busy fixing their existing broken code.
The activity of other lists (bugtraq, incidents, vuln-dev, etc.) seems to
support *one* of those positions, but I'm not a statistician.
** It can also mean that computer work is on hold
due to the holidays coming up.
Happy Thanksgiving & holidays to everyone, Shelly
Shelly Daniel
Able Process Service & Investigative Research
Registered & Bonded in California
Office# 760-378-2329 Fax # 760-378-0055
Member of NAIS, Chamber Of Commerce,
FOE, International Internet Investigators
http://www.unitedstates-investigators.org/
Historical Society, etc..
E&OE. All spelling and grammatical errors are for your enjoyment and
entertainment only and are copyright Shelly Daniel. This message is
guaranteed free of exotic diseases. This e-mail message and any
attachments are confidential and may be privileged. If you are not the
intended recipient, please notify me immediately by replying to this
message and please destroy all copies of this message and attachments.
Please also try to forget everything you have read that was contained in
this E-Mail message, except this part, and you may not copy it. Thank you.
:o)
--phil
--
No virus found in this incoming message.
Checked by AVG Anti-Virus.
Version: 7.0.289 / Virus Database: 265.4.1 - Release Date: 11/19/2004
--
Jeroen van Drie
http://www.torque.3va.net
http://www.digitalbraintrust.org
