Security: The root of the problem

Wednesday, 30 June 2004 13:16 EST

It doesn't seem that a day goes by without someone announcing a critical flaw in some crucial piece of software or other. Is software that bad? Are programmers so inept? What the heck is going on, and why is the problem getting worse instead of better? One distressing aspect of software security is that we fundamentally don't seem to "get it." In the 15 years I've been working the security beat, I have lost track of the number of times I've seen (and taught) tutorials on "how to write secure code" or read books on that topic.

We're stuck in an endless loop on the education concept. We've been trying to educate programmers about writing secure code for at least a decade and it flat-out hasn't worked. While I'm the first to agree that beating one's head against the wall shows dedication, I am starting to wonder if we've chosen the wrong wall. What's Plan B?

Read Full Story

News

IM Threat Watch for June 2006
Jun 28, 2006, 14:58 EST

Backdoor Trojan Unleashes Dual-Media Attack
Jun 28, 2006, 10:58 EST

Firefox AJAX Security Risk
Jun 28, 2006, 06:34 EST

Data Security Grabs Attention of Lawmakers
Jun 28, 2006, 06:33 EST

Identity Theft at Work
Jun 28, 2006, 06:31 EST

Security software slaps IE in Sandbox
Jun 28, 2006, 06:26 EST

SPI simulates hackers' brains
Jun 27, 2006, 13:36 EST

Sponsors:
Prevent data theft & viruses through network connected USB sticks, PDAs & media players. Control user access to endpoint connections with GFI EndPointSecurity - Free trial!	Check your website security with a FREE website security audit by Acunetix. Audit your web applications for SQL injection, cross site scripting & more with Acunetix Web Vulnerability Scanner	Software security section is sponsored by GFI, a leading developer ofnetwork security, content security and messaging software - Free trial!


Copyright ? IT-Observer.com 2000 - 2006	Privacy Policy \| RSS Feeds