On Mon, Apr 11, 2005 at 12:21:30PM +1000, Michael Silk wrote: > Back to the bridge or house example, would you allow the builder to > leave off 'security' of the structure? Allow them to introduce some > design flaws to get it done earlier? Hopefully not ... so why is it > allowed for programming? Why can people cut out 'security' ? It's not > extra! It's fundamental to 'programming' (imho anyway).
Even builders and architects do experiment and introduce new things. Not all of these are outright success. We have a wobbly bridge in UK and there is(was) new terminal at Charles de Gaulle airport in Paris. Every profession makes mistakes. Some are more obvious and some not. I am almost certain that architects can tell you many more stories where things were not done as secure as they should have been. Comparisons can be misleading. Gaus ============== Damir Rajnovic <[EMAIL PROTECTED]>, PSIRT Incident Manager, Cisco Systems <http://www.cisco.com/go/psirt> Telephone: +44 7715 546 033 200 Longwater Avenue, Green Park, Reading, Berkshire RG2 6GB, GB ============== There are no insolvable problems. The question is can you accept the solution?