On Fri, Mar 21, 2008 at 10:45 AM, Angus Scott-Fleming <[EMAIL PROTECTED]> wrote: > Very interesting article by Bruce Schneier:
Apt, also. (But he usually is.) One thing I might quibble with: "Good engineering involves thinking about how things can be made to work ...". That's not entirely true. A really good engineer is always thinking about failures, too. Not just how it will be used, but how it will be abused. This is an extremely common failing in software design -- programmers just never think about the failure modes. When it is pointed out that if given bad input X, the program will misbehave in some way, they're often stunned to hear someone complaining that a bad input yields bad behavior. The thing so many people don't consciously realize is that *bad things happen*. Hardware malfunctions, software gets misconfigured, people make mistakes, new users experiment, sometimes people panic and do dumb things. A good design has to take that into account. Security is good engineering. -- Ben ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
