FYI, there's a provocative article over on Dark Reading today.

The article quotes David Rice, who has a book out called "Geekconomics: The Real Cost of Insecure Software". In it, he tried to quantify how much insecure software costs the public and, more controversially, proposes a "vulnerability tax" on software developers. He believes such a tax would result in more secure software.

IMHO, if all developers paid the tax, then I can't see it resulting in anything other than more expensive software... Perhaps I'm just missing something, though.



Kenneth R. van Wyk
SC-L Moderator
KRvW Associates, LLC

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Secure Coding mailing list (SC-L)
List information, subscriptions, etc -
List charter available at -
SC-L is hosted and moderated by KRvW Associates, LLC (
as a free, non-commercial service to the software security community.

Reply via email to