Securing an insecure world

Wednesday, 5 May 2004 22:59 EST

Why do we have insecure software? That is a question Edward Roback, a computer security expert, is often asked. "There are many answers," said Roback, chief of the computer security division at the National Institute of Standards and Technology. The first is that anything to do with software is complex, he said, and security is no exception. A second reason is a lack of standards for secure software. Consequently, everybody tends to have unique ideas about it, Roback told Federal Computer Week.

But even where standards for secure software exist, software testing reveals that programmers often fail to translate standards into correct code, Roback said. Most software is not adequately tested before it is sold and used.

And why is software not thoroughly tested before people start using it? In part, Roback said, because there are few tests available for examining software that are quick, cheap and fast.

Read Full Story

News

IM Threat Watch for June 2006
Jun 28, 2006, 14:58 EST

Backdoor Trojan Unleashes Dual-Media Attack
Jun 28, 2006, 10:58 EST

Firefox AJAX Security Risk
Jun 28, 2006, 06:34 EST

Data Security Grabs Attention of Lawmakers
Jun 28, 2006, 06:33 EST

Identity Theft at Work
Jun 28, 2006, 06:31 EST

Security software slaps IE in Sandbox
Jun 28, 2006, 06:26 EST

SPI simulates hackers' brains
Jun 27, 2006, 13:36 EST

Sponsors:
Prevent data theft & viruses through network connected USB sticks, PDAs & media players. Control user access to endpoint connections with GFI EndPointSecurity - Free trial!	Check your website security with a FREE website security audit by Acunetix. Audit your web applications for SQL injection, cross site scripting & more with Acunetix Web Vulnerability Scanner	Software security section is sponsored by GFI, a leading developer ofnetwork security, content security and messaging software - Free trial!


Copyright ? IT-Observer.com 2000 - 2006	Privacy Policy \| RSS Feeds