Well, this topic gets muddy pretty quickly since I agree with many of
the comments made on this thread. We have to be careful with hype and
claims made by new models (BSIMM and OpenSAMM in particular) since
depending on how the 'rest of the world' sees them speaks directly to
our credibility as
Hello SC-L!
The OWASP Podcast Series continues to accelerate! We released 5 podcasts
this month which I hope you find to be of value.
39August 25, 2009Listen
Nowhttp://www.owasp.org/download/jmanico/owasp_podcast_39.mp3
| Show Notes /index.php/Podcast_39Interview with Gunnar Peterson
On Aug 25, 2009, at 02:35, Benjamin Tomhave wrote:
First, security in the software development concept is at least an
intermediate concept, if not advanced.
Not at all. That would be like saying that correctness is also an
advanced concept, because it gets in the way of coding. Security is
For consistency's sake, I hope you agree that if security is an
intermediate-to-advanced concept in software development, then all the other
-ilities (goodness properties, if you will), such as quality, reliability,
usability, safety, etc. that go beyond just get the bloody thing to work are
On Aug 25, 2009, at 17:35, Benjamin Tomhave wrote:
You don't teach proofs - not really. The elementary and junior high
curriculum generally does not contain anything about proofs
I was talking about college students because that's when I was
properly taught programming. That may no longer
On Tue, Aug 25, 2009 at 4:09 AM, Stephan
Neuhausstephan.neuh...@disi.unitn.it wrote:
On Aug 25, 2009, at 02:35, Benjamin Tomhave wrote:
First, security in the software development concept is at least an
intermediate concept, if not advanced.
Not at all. That would be like saying that
On Aug 25, 2009, at 18:07, Andy Steingruebl wrote:
Sarcasmreally? First graders are learning to do math proofs instead
of basic addition? I'm quite surprised by this./Sarcasm
Yeah, sorry. When I wrote about students I meant college
students. I don't know, is that a difference between
Ben,
First, security in the software development concept is at least an
intermediate concept, if not advanced. Riffing on Brad's comments, it
seems irrational to think that you can jump straight from structural
basics with which many students struggle (OO anybody?) directly to
concepts that
The just get the bloody thing to work is usually an attitude foisted
on developers by the business side.
I work in an internal application security function for a large
enterprise and i'm yet to meet a developer who wasn't concerned about
security.
Developer education is very important and we
We teach toddlers from the time they can walk that they shouldn't play in
traffic. A year or two later, we teach them to look both ways before crossing
the street. Even later - usually when they're approaching their teens, and can
deal with grim reality, we give examples that illustrate exactly
10 matches
Mail list logo
