Actually CJC, it's often even worse than that. In many cases, the customer or
consumer has an implicit requirement for security that remains unstated. Only
when the system fails and is successfully attacked does that requirement shift
from implicit to explicit. "You mean it wasn't secure?? Y
Martin Gilje Jaatun wrote:
> Karen, Matt & all,
>
> Goertzel, Karen [USA] wrote:
> > I'm more devious. I think what needs to happen is that we
> need to redefine what we mean by "functionally correct" or
> "quality" code. If determination of functional correctness
> were extended from "must o
Karen, Matt & all,
Goertzel, Karen [USA] wrote:
> I'm more devious. I think what needs to happen is that we need to redefine
> what we mean by "functionally correct" or "quality" code. If determination of
> functional correctness were extended from "must operate as specified under
> expected co