[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <44B99E98.7090808@acm.org>
Date: Sat, 15 Jul 2006 22:04:08 -0400
From: George Capehart <gwc@....org>
To: Darren Reed <avalon@...igula.anu.edu.au>,
bugtraq@...urityfocus.com
Subject: Re: LAMP vs Microsoft
Bob Beck wrote:
<snip>
>
> The simple fact is most of the MS/PHP/JAVA web development will be
> being done by code monkeys, fresh out of school.. I'm pretty certain
> they will "inbug" the same average number of bugs per line of code
> they write no matter what platform it is. Development is often
> outsourced to an external coding haus, written to a spec, without
> complete info about what the whole final application is going to do.
> Frequently they don't even reuse "mature" code from past releases
> because you don't want to release it to the external people, or you're
> too busy chasing platform-du-jour (Want a great example of this? I'm
> betting Sun One, going from version 5 to version 6 is a good one)
<rant>
This is truer than you know. I've been writing code since 1974, and I
see the same mistakes being made over and over and over and over . . .
again. Just as in wars, it seems that every generation is destined to
make the mistakes that their elders made. There is no industry-wide
repository of "Lessons Learned." Each generation is left to make the
same mistakes over and over. If one were to do a root-cause analysis,
what would one find? Programming courses teach grammar and syntax.
They do not teach "safe programming." (Except Crispin and Dave, of
course . . .) Programming managers are programmers who grew up and
decided they'd had enough of the 80-hour weeks and wanted to become
managers. They don't know/care, either. It's only when the "powers
that be" decide that it's better business to deliver bug-free, secure
code than shipping mostly-working code out the door that things will
change. Wanna take a bet on how long that'll be?
</rant>
Apologies. Usually this rant appears on firewall wizards or dshield . .
. Just happened to be bugtraq this time
/g
--
George Capehart
PGP KeyID: 0xDD7034EA
"Sometimes you're the windshield, sometimes you're the bug."
-- Mark Knofler
Powered by blists - more mailing lists