From: Cory Foy (securityfocuscornetdesign.com)
Date: Fri Oct 01 2004 - 07:36:52 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In-Reply-To: <75C025AE395F374B81F6416B1D4BDEFB01C3C213mtv-corpmail.microfocus.com>

>I believe that if you surveyed car users and software users, you'd find far
>more of the former are conscious of safety issues, than the latter are of
>security issues.

What about surveying vehicle engineers on how they research and reuse other's mistakes? One thing I've noticed is that many applications are being developed by programmers who end up reinventing the wheel instead of following best practices, patterns, etc. The current client I am working for (large financial institution) has a difficult time with the concept of researching patterns, or having architects review systems to catch common patterns, etc.

If developers stopped reinventing the wheel, did research, reviewed and followed best practices and patterns, do you think that this would inherantly make security cheaper and easier to implement?

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]