| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 19 Dec 2006 19:22:56 -0500 From: Nancy Kramer <nekramer@...dtheater.net> To: "KT" <ktriv3di@....com>, <full-disclosure@...ts.grok.org.uk>, <websecurity@...appsec.org> Subject: Re: comparing information security to other industries At 03:16 PM 12/19/2006, KT wrote: >What I am trying to figure out is how mature we are and how long will it >take for to get stable? Not very mature and it will take a long time to get stable because programmers are just beginning to be aware of application security requirements and then they need to figure out how to implement them. Remember most programmers came from a client server or mainframe world and they "don't get it". The consumer also doesn't "get it". They work great together. I went to a PHP Conference recently and the creator of PHP said that there is not such thing as a completely secure web application. When failure is a goal you will definitely get there. I know all this because I am a programmer by background. Most people designing web applications know so little about security it is scary. Regards, Nancy Kramer Webmaster http://www.americandreamcars.com Free Color Picture Ads for Collector Cars One of the Ten Best Places To Buy or Sell a Collector Car on the Web -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.409 / Virus Database: 268.15.23/591 - Release Date: 12/17/2006 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists