Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security SecProg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: The biggest thing affecting software security? People, apparently.

from [Robert Hajime Lanning] Network Security [Permanent Link]
Subject: Re: The biggest thing affecting software security? People, apparently.
Date: Thu, 30 Jun 2005 10:52:19 -0700 
On 6/30/05, PPowenski@oag.com <PPowenski@oag.com> wrote:

Your final statement still focus's only on technology i.e. educate 
programmers.
Yes I agree they can play a significant part in security applications
but in my experience the common theme of making everything transparent
for the users is utter nonesene.

Ordinary users should be educated in security principles to assist in
understanding the value of data and how their actions could implicate an
exposure. Especially since we still need to setup users as power users
or admins in order to operate many third party apps.


Ahh... But you see, with proper security education of programmers, you
wouldn't need to give end users "Power User" or "Administrator" access.
You would teach the programmers how to use the available security framework.

"The person is smart, people are dumb, stupid and panicky." - MIB

You train the ones that build the world, that the end user "lives" in,  about
staying within a secure framework.

-- 
END OF LINE
       -MCP
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: The biggest thing affecting software security? People, apparently., John Manko
Next by Date:  Trike threat modeling methodology v1 paper release, Paul B. Saitta
Previous by Thread:  RE: The biggest thing affecting software security? People, apparently., PPowenski
Next by Thread:  Trike threat modeling methodology v1 paper release, Paul B. Saitta
Indexes:  [Date] [Thread] [Top] [All Lists]