|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Dailydave] Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did
From: Anton A. Chuvakin (anton
chuvakin.org)
Date: Wed Feb 04 2004 - 09:33:19 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
>This is crap. If you spend your whole life looking for security bugs in
>your product, then you find them. Continuously. You'll end up finding at
It well might be crap (I personally don't know), but I think his main
point was:
"Yes, it's faster and cheaper to design security into software than bolt
it on afterward. But it's even fasterer and cheaperer to build crappy
software to get the project rolled out immediately, please your boss and
help the company make its quarterly number. Guess which path most
organizations will always take."
rather than whatever "6.5" times numbers to compare before and after QA.
Best,
--
Anton A. Chuvakin, Ph.D., GCIA, GCIH
http://www.info-secure.org
http://www.securitywarrior.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]