Don Parker, 2008-07-08
The current state of secure software development by corporations both large and small is a mess.
Colapse all |
Post comment
Bad-Code Blues
2008-07-09
Anonymous (1 replies)
Anonymous (1 replies)
Excellent point, Don.
What you failed to mention, however, is the motivation behind lazy SDLC practices -- many development team managers dislike or even disdain security, in the same way that most people dislike eating green vegetables with their meal. People who take an active interest in secu...
[ more ] [ reply ]
What you failed to mention, however, is the motivation behind lazy SDLC practices -- many development team managers dislike or even disdain security, in the same way that most people dislike eating green vegetables with their meal. People who take an active interest in secu...
[ more ] [ reply ]
Re: Bad-Code Blues
2008-09-09
Anonymous
Anonymous
And what about the security side, where lazy firewall rules, ignored IDS monitors and 10 year old draconian-yet-ineffective security policies leave almost every organization wide open for any script-kiddie to exploit? What? You don't have an infinite budget to upgrade to the latest and greatest ev...
[ more ] [ reply ]
[ more ] [ reply ]
Bad-Code Blues
2008-07-09
Anonymous
Anonymous
Agreed on many points, however as a software consumer (large-scale), I have found that my ability to get software that has been more thoroughly tested and has undergone third-party review has been aided by my willingness to pay for it. Finding the lowest price and the best development practices in o...
[ more ] [ reply ]
[ more ] [ reply ]
Bad-Code Blues
2008-07-18
Anonymous (1 replies)
Anonymous (1 replies)
Why do you insist on caring so much?? Did you need something to talk about, and any old thing would do, so long as it appeased your editor? You write a column for a ::Security:: site.
Besides, those poor, misguided coders are your bread and butter. ...
[ more ] [ reply ]
Besides, those poor, misguided coders are your bread and butter. ...
[ more ] [ reply ]
Re: Bad-Code Blues
2008-07-21
Don Parker (1 replies)
Don Parker (1 replies)
Hey ho anonymous,
Actually the editor here is pretty easy to work with. Seen as you did not care for the content of my column and you suggested this is a security site perhaps you would care to give me some suggestions for future columns? That is a serious offer with no attitude included. Drop me...
[ more ] [ reply ]
Actually the editor here is pretty easy to work with. Seen as you did not care for the content of my column and you suggested this is a security site perhaps you would care to give me some suggestions for future columns? That is a serious offer with no attitude included. Drop me...
[ more ] [ reply ]
Bad-Code Blues
2008-07-28
Purple Ronnie
Purple Ronnie
If only it were so simple as code.
Beginning - Poor requirements and poor design corrupt the coder from above.
Middle - Testing is strangled between the rock of development overruns and the hardplace of fixed delivery dates.
End - bad architectures and poor system maintenance erode from be...
[ more ] [ reply ]
Beginning - Poor requirements and poor design corrupt the coder from above.
Middle - Testing is strangled between the rock of development overruns and the hardplace of fixed delivery dates.
End - bad architectures and poor system maintenance erode from be...
[ more ] [ reply ]
Audited base system code,improved and more secure versions of programs from third vendors,good dev,sec and server platform and so on........
[ more ] [ reply ]