> From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Dave Aronson > If you really want to compress that to bumper-sticker size, how about > > "Secure Software: Does what it's meant to. Period." > > This encompasses both "can't be forced NOT to do what it's > meant to do", > and "can't be forced to do what it's NOT meant to do".
While I think this is the most concise formulation so far of what most readers on this list would mean and would understand, I think the non-security public does not think of security breaches in terms of software doing more than it was supposed to. My suggestion for a bumper sticker is therefore less conceptually crisp, but perhaps more accessible: "Secure Software: Works even if you try to dupe it" Nice question, though - Holger Peine -- Dr. Holger Peine, Security and Safety Fraunhofer IESE, Fraunhofer-Platz 1, 67663 Kaiserslautern, Germany Phone +49-631-6800-2134, Fax -1299 (shared) PGP key via http://pgp.mit.edu ; fingerprint is 1BFA 30CB E3ED BA99 E7AE 2BBB C126 A592 48EA F9F8 _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php