> [mailto:[EMAIL PROTECTED] On Behalf Of Dave Aronson
> If you really want to compress that to bumper-sticker size, how about
>   "Secure Software:  Does what it's meant to.  Period."
> This encompasses both "can't be forced NOT to do what it's 
> meant to do", 
> and "can't be forced to do what it's NOT meant to do".

While I think this is the most concise formulation so far of what 
most readers on this list would mean and would understand, I think
the non-security public does not think of security breaches in
terms of software doing more than it was supposed to. My suggestion
for a bumper sticker is therefore less conceptually crisp, but perhaps 
more accessible:

"Secure Software: Works even if you try to dupe it"

Nice question, though -
Holger Peine

Dr. Holger Peine, Security and Safety
Fraunhofer IESE, Fraunhofer-Platz 1, 67663 Kaiserslautern, Germany
Phone +49-631-6800-2134, Fax -1299 (shared)
PGP key via http://pgp.mit.edu ; fingerprint is 1BFA 30CB E3ED BA99 E7AE
2BBB C126 A592 48EA F9F8

Secure Coding mailing list (SC-L)
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php

Reply via email to