And don't forget about the compiler you will no doubt have to use.  Do you 
trust that?

You might want to read Thompson's classic "reflections on trusting trust".

All your compilers are belong to us.



 -----Original Message-----
From:   Dana Epp [mailto:[EMAIL PROTECTED]
Sent:   Thu Jul 20 12:14:54 2006
To:     Andrew van der Stock
Subject:        Re: [SC-L] bumper sticker slogan for secure software

> yeah.
> but none of this changes the fact that it IS possible to write
completely secure code.
> -- mic

And it IS possible that a man will walk on Mars someday. But its not
practical or realistic in the society we live in today. I'm sorry mic,
but I have to disagree with you here.

It is EXTREMELY difficult to have code be 100% correct if an application
has any level of real use or complexity. There will be security defects.
The weakest link here is the human factor, and people make mistakes.
More importantly, threats are constantly evolving and what you may
consider completely secure today may not be tomorrow when a new attack
vector is recognized that may attack your software. And unless you wrote
every single line of code yourself without calling out to ANY libraries,
you cannot rely on the security of other libraries or components that
may NOT have the same engineering discipline that you may have on your
own code base. 

Ross Anderson once said that secure software engineering is about
building systems to remain dependable in the face of malice, error, or
mischance. I think he has something there. If we build systems to
maintain confidentiality, integrity and availability, we have the
ability to fail gracefully in a manner to recover from unknown or
changing problems in our software without being detrimental to the user,
or their data.

I don't think we should ever stop striving to reach secure coding
nirvana. But I also understand that in the real world we are still in
our infancy when it comes to secure software as a discipline, and we
still have much to learn before we will reach it. 

Dana Epp
[Microsoft Security MVP]

Secure Coding mailing list (SC-L)
List information, subscriptions, etc -
List charter available at -

This electronic message transmission contains information that may be
confidential or privileged.  The information contained herein is intended
solely for the recipient and use by any other party is not authorized.  If
you are not the intended recipient (or otherwise authorized to receive this
message by the intended recipient), any disclosure, copying, distribution or
use of the contents of the information is prohibited.  If you have received
this electronic message transmission in error, please contact the sender by
reply email and delete all copies of this message.  Cigital, Inc. accepts no
responsibility for any loss or damage resulting directly or indirectly from
the use of this email or its contents.
Thank You.

Secure Coding mailing list (SC-L)
List information, subscriptions, etc -
List charter available at -

Reply via email to