On Wed, Jan 11, 2012 at 9:40 AM, Kyle Creyts <[email protected]> wrote:
> I would also like to point out that "finding the bugs" is not theĀ same as
> "fixing the bugs," and that for all the focus that is placed on finding
> them, and lauding the people that do, fixing them is usually pretty
> thankless.
finding the bugs before a product or service is released is also
thankless. as is verifying that bugs are never re-introduced due to
carelessness or oversight.
implementing with robustness, vs. implementing with haste, also
thwarted & thankless pursuit in these times.
not a gap in knowledge or skill, but a gap in practice that dooms
infosec so many places.
> I think shifting that dynamic would be more rewarding if
> "advancing the state of the industry" is really what is valued.
keep up the good fight, sir!
... and don't hold your breath.
;)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
