This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Template:Application Security News"
From OWASP
| Line 3: | Line 3: | ||
: "Quote" | : "Quote" | ||
--> | --> | ||
| + | |||
| + | ; '''Jun 13 - [http://www.eweek.com/article2/0,1895,1972593,00.asp Bad things happen to smart developers]''' | ||
| + | : "A lot of people think that errors and defects and stupid mistakes are things that the "lesser programmers" make. One of the things that I've found is that tools find insanely embarrassing bugs, written in production code, by some of the very best programmers I know. People start thinking, "Because we have smart employees, we have a good development process; we're not going to have stupid bugs." But no. Everybody, every process, every person makes stupid mistakes. It just happens. The question is, What do you do to find and eliminate your stupid mistakes after they occur? Because they're going to occur." | ||
; '''Jun 11 - [http://www.itweek.co.uk/itweek/comment/2157646/dot-com-firms-learn-security Flash! Reporter says customers might actually want security]''' | ; '''Jun 11 - [http://www.itweek.co.uk/itweek/comment/2157646/dot-com-firms-learn-security Flash! Reporter says customers might actually want security]''' | ||
| Line 12: | Line 15: | ||
; '''Jun 4 - [http://online.wsj.com/public/article/SB114903737427467003.html How to irritate users in the name of security]''' | ; '''Jun 4 - [http://online.wsj.com/public/article/SB114903737427467003.html How to irritate users in the name of security]''' | ||
: "CAPTCHA's flaws are prompting academics, independent computer programmers and some Web companies to craft new variations that they hope will be easier for humans to decipher but harder for computer programs." | : "CAPTCHA's flaws are prompting academics, independent computer programmers and some Web companies to craft new variations that they hope will be easier for humans to decipher but harder for computer programs." | ||
| − | |||
| − | |||
| − | |||
; [[Application Security News|Older news...]] | ; [[Application Security News|Older news...]] | ||
Revision as of 15:19, 13 June 2006
- Jun 13 - Bad things happen to smart developers
- "A lot of people think that errors and defects and stupid mistakes are things that the "lesser programmers" make. One of the things that I've found is that tools find insanely embarrassing bugs, written in production code, by some of the very best programmers I know. People start thinking, "Because we have smart employees, we have a good development process; we're not going to have stupid bugs." But no. Everybody, every process, every person makes stupid mistakes. It just happens. The question is, What do you do to find and eliminate your stupid mistakes after they occur? Because they're going to occur."
- Jun 11 - Flash! Reporter says customers might actually want security
- "...Customers now want more assurance about information security. In the early days, the client-to-server connection for payment was encrypted with SSL, giving the illusion that the transaction was protected. But information security is much more than a requirement to protect credit card details in transit between a client and a server. It is built on three legs: confidentiality, availability and integrity."
- Jun 5 - Ballmer sneaks in 'security'
- "All I said anywhere is quality, quality, quality, quality, quality. The betas are just out: Quality, quality. I get an e-mail from a customer who's says 'I'm worried about the following problem with the beta.' That's what betas are about. I say: 'don't worry. Quality, quality. We're just working on quality.' We will ship quality, security, quality. The features set is all there. Now it's all about performance, quality, quality. If I get e-mail 'Should I worry about what you're going to ship if you're forced to ship on blah blah blah?', I say 'quality."
- Jun 4 - How to irritate users in the name of security
- "CAPTCHA's flaws are prompting academics, independent computer programmers and some Web companies to craft new variations that they hope will be easier for humans to decipher but harder for computer programs."
