David Crocker wrote:
I don't think this analogy between software development and manufacturing holds.
There are no manufacturing defects in software construction
For software:
A design defect is when you correctly implement what you wanted, and you
wanted the wrong thing. A manufacturing
Ah,
The age-old Gary vs. jOHN debate. I do believe along the continuum of
architecture--design--impl. that I've shown the ability to discern flawed
design from source code in source code reviews.
Cigital guys reading this thread have an advantage in that they know both
the shared and exclusive
Hi Gary,
In one of your prior posts you mentioned documentation. I believe that the
problem with WMF was that someone had not examined WMF as a postential
source of vulnerabilities, since the embedded code was an legacy capability.
My belief is that one of the keys to finding flaws lies in the
Title: The role static analysis tools play in uncovering elements of design
Jeff,
An unpopular opinion Ive held is that static analysis tools, while very helpful in finding problems, inhibit a reviewers ability to find collect as much information about the structure, flow, and idiom of codes
Gary McGraw wrote:
To cycle this all back around to the original posting, lets talk about
the WMF flaw in particular. Do we believe that the best way for
Microsoft to find similar design problems is to do code review? Or
should they use a higher level approach?
Were they correct in saying
Title: Re: [SC-L] Bugs and flaws
I think I would word that
differently. The design defect was when Microsoft decided to allow meta data to
call GDI functions.
Around 1990 when this was
introduced the threat profile was entirely different; the operating system could
trust the metadata.
John, I think this has to do with what you want to achieve when you explore
code.
A static analysis tool is a fancy sort of pattern matcher. If the kinds of
patterns you're interested in aren't that fancy, (does the program use
function X()?; what is the class hierarchy?) then a fancy pattern
Gary McGraw [EMAIL PROTECTED] wrote:
To cycle this all back around to the original posting, lets talk about
the WMF flaw in particular. Do we believe that the best way for
Microsoft to find similar design problems is to do code review? Or
should they use a higher level approach?
I'll leave
Al Eridani [EMAIL PROTECTED] wrote:
If the design says For each fund that the user owns, do X and my
code does X for
all the funds but it skips the most recently acquired fund, I see it as a
manufacturing error.
On the other hand, if a user sells all of her funds and the design
does not
