Ed,

 But even your signature suggests we already have an environment like
that. Clearly you have become certfied, and most job ads I view
require some form of certification. Certification isn't missing from
the Programming profession - there is heaps of it.

 So what _is_ missing?

 We can assume that this certified people can actually program
'securely' (or can we?) so why aren't they? I still think it's because
the 'security' part of an application is considered 'extra' and hence
it is allowed to cut off in deadlines, or for customers who 'don't
care about' security at this time (but might later).

 Back to the bridge or house example, would you allow the builder to
leave off 'security' of the structure? Allow them to introduce some
design flaws to get it done earlier? Hopefully not ... so why is it
allowed for programming? Why can people cut out 'security' ? It's not
extra! It's fundamental to 'programming' (imho anyway).

-- Michael

On Apr 11, 2005 8:00 AM, Edward Rohwer <[EMAIL PROTECTED]> wrote:
> I my humble opinion, the bridge example gets to the heart of the
> matter. In the bridge example the bridge would have been design and
> engineered by licensed professionals, while we in the software business
> sometime call ourselves "engineers" but fall far short of the real,
> professional, licensed engineers other professions depend upon.  Until we as
> a profession are willing to put up with that sort of rigorous examination
> and certification process, we will always fall short in many area's and of
> many expectations.
> 
> Ed. Rohwer CISSP
> 
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of [EMAIL PROTECTED]
> Sent: Friday, April 08, 2005 10:54 PM
> To: Margus Freudenthal
> Cc: Secure Coding Mailing List
> Subject: [SC-L] Re: Application Insecurity --- Who is at Fault?
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Margus Freudenthal wrote:
> 
> >> Consider the bridge example brought up earlier. If your bridge builder
> >> finished the job but said: "ohh, the bridge isn't secure though. If
> >> someone tries to push it at a certain angle, it will fall".
> >
> > Ultimately it is a matter of economics. Sometimes releasing something
> earlier
> > is worth more than the cost of later patches. And managers/customers are
> aware
> > of it.
> 
> Unlike in the world of commercial software, I'm pretty sure you don't
> see a whole lot of construction contracts which absolve the architect of
> liability for design flaws.  I think that is at the root of our
> problems.  We know how to write secure software; there's simply precious
> little economic incentive to do so.
> 
> - --
> David Talkington
> [EMAIL PROTECTED]
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.6 (FreeBSD)
> 
> iD8DBQFCV24Q5FKhdwBLj4sRAoC9AKCb6j5dKOLgFwDMuVa8giSbMvmW2gCfdwn7
> QcS6J7NVPFsISzhLoBgQWHM=
> =0ZSy
> -----END PGP SIGNATURE-----
> 
>


Reply via email to