Overall, I like and agree with much of what Marcus said in the article. I don't, however, believe that we can count on completely putting security "below the radar" for developers. Having strong languages, compilers, and run-time environments that actively look out for and prevent common problems like buffer overruns are worthy goals, to be sure, but counting solely on them presumes that there are no security problems at the design, integration, or operations stages of the lifecycle. Even if the run-time environment that Marcus advocates is _perfect_ in its protection, these other issues are still problematic and require the developers and operations staff to understand the problems.
I agree that you can't solve all security problems with development tools, but I think security tools are a worthwhile investment because deploying tools can be accomplished much more quickly than educating developers, tools can help experienced developers, and tools can raise awareness of software security issues. The article's mention of people creating patches to eliminate compiler security warnings may indicate that I'm too optimistic about tools raising awareness, but I think that some developers will learn from their tools.
Yup, but in the "belt and suspenders" approach that I like to advocate, I'd like to see software security in our undergrad cirricula as well as professional training that helps developers understand the security touch points throughout the development process -- not just during the implementation phase.
I agree. Students should see software security in all development phases relevant to each software course that they take; software engineering in particular should address security topics in all phases of the development process. I think there's an additional need for a class focused purely on security to put all the elements of security together.
Peter G. Neumann wrote: > Gee, Some of us have been saying that for 40 years.
I can't deny that even if I have only been reading your comp.risks digest for a little more than a third of that span, but I think the fact that today's security problems are directly and indirectly impacting large segments of the population has increased awareness of security problems, and, as a result, we're seeing a rise in security education. Many of us like to think that computer science changes rapidly, and it does compared to older fields like physics, where you have to go to graduate school to study much that was developed after the 1930's, but I suspect most people in any field avoid change until it's forced upon them.
-- James Walden, Ph.D. Visiting Assistant Professor of EECS The University of Toledo @ LCCC http://www.eecs.utoledo.edu/~jwalden/ [EMAIL PROTECTED]