Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security SecProg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: .Net and security

from [Michael Silk] Network Security [Permanent Link]
Subject: RE: .Net and security
Date: Thu, 25 Nov 2004 09:29:25 +1100 
Hi,

        That is not the way it is here ... My co-worker is consistently
telling me "but Microsoft does it this way ..." and refuses to discuss
alternatives. The problem being the environment in MS is totally
different from our own so most of the development strategies are not
appropriate.

-- Michael 

-----Original Message-----
From: Damhuis Anton [mailto:DamhuisA@aforbes.co.za] 
Sent: Wednesday, 24 November 2004 4:57 PM
To: secprog@securityfocus.com
Subject: RE: .Net and security


Hi Craig


From your email

I find that many programmers blame their bad coding practices on

Microsoft.


Why would you say "blame their bad coding practices on Microsoft"?

If referring to the "best practice"
Surely, one should not blindly follow any "best practices", but rather
analyze why it is a best practice, understand it and then only implement
it. And make a note where the best practice was not adhered to.

But if blaming it on MS, it sounds more like not wanting to take
ownership of a problem. (I am speaking in very general terms)

Also the lead programmer / team leader / technical architect should
review the code and make recommendations.

Regards
  Anton

Confidentiality Warning
=======================
The contents of this e-mail and any accompanying documentation are
confidential and any use thereof, in what ever form, by anyone other
than the addressee is strictly prohibited.




**********************************************************************
This email message and accompanying data may contain information that is 
confidential and/or subject to legal privilege. If you are not the intended 
recipient, you are notified that any use, dissemination, distribution or 
copying of this message or data is prohibited. If you have received this email 
message in error, please notify us immediately and erase all copies of this 
message and attachments.

This email is for your convenience only, you should not rely on any information 
contained herein for contractual or legal purposes. You should only rely on 
information and/or instructions in writing and on company letterhead signed by 
authorised persons.
**********************************************************************
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Is this list still active?, Jeroen van Drie
Next by Date:  Java Inner Classes Insecure?, Craig E. Ward
Previous by Thread:  RE: .Net and security, Damhuis Anton
Next by Thread:  RE: .Net and security, Damhuis Anton
Indexes:  [Date] [Thread] [Top] [All Lists]