SIGIA-L Mail Archives: RE: [Sigia-l] By design or by test?
RE: [Sigia-l] By design or by test?
From: Boniface Lau (boniface_lau_at_compuserve.com)
Date: Fri May 09 2003 - 19:39:59 EDT
> From: sigia-l-admin_at_asis.org [mailto:sigia-l-admin_at_asis.org]On
> Behalf Of Listera
>
[...]
> You just can't make up stuff like this. It's beyond Security Design
> 101. If the level of commitment and foresight *while* designing
> software is this low,
Whoever developing the software might very well be hacking, instead of
designing. In that case, all bets were off. Time to be reminded of Paul
Graham's observation (http://www.paulgraham.com/hp.html):
PG> Only a small percentage of hackers can actually design software
> there just isn't any amount testing that can expose the full gamut
> of flaws that will surely ensue. So yes, first get yourself 200
> million captive users, test often and test again on Tuesdays. What a
> racket!
Hacking produces results laden with defects. As a bandage for the
symptom, some people do ongoing testing. But ongoing testing
encourages hacking, instead of designing. Thus, a vicious circle.
Boniface
------------
When replying, please *trim your post* as much as possible.
*Plain text, please; NO Attachments
Searchable list archive: http://www.info-arch.org/lists/sigia-l/
________________________________________
Sigia-l mailing list -- post to: Sigia-l_at_asis.org
Changes to subscription: http://mail.asis.org/mailman/listinfo/sigia-l
This archive was generated by hypermail 2.1.2
: Sun Nov 23 2003 - 22:55:48 EST
|
