I had to take a double take on this for a second when I saw that it was you posting such filth Gary.
Gary McGraw wrote:
Hi all,
I have done lots of soul searching lately and have come to the conclusion that trying to make software secure is not worth the effort. I think instead we should concentrate more effort on protection technologies such as advanced stateful firewalls, intrusion detection mechanisms, host-based behavior control, and above all policy. We simply can't make software work effectively in a cost effective manner.
I hope all of you will agree.
My plan is to create a new mailing list (hope Ken lets this one by) called nsbsc-l [network-security-beats-secure-coding-list]. Look for more information about that from me soon.
gem
Gary McGraw, Ph.D. CTO, Cigital http://www.cigital.com
-- Regards, Dana Epp [Blog: http://silverstr.ufies.org/blog/]
