First of all, I hope that you enjoyed your Easter...I did and therefore I been away from my blog...
I have been involved in an discussion about how much better the world would be if all programmers could make applications more secure from start. Apparently this would save an awful amount of money and would make all security products unnecessary. In a way I think that the notion is fairly insulting to all programmers in the world, of course that are rotten eggs among the community, but I think that most wants to do a good job.
I claim that even if all applications where perfect (from a security point of view..) we still would need security applications as the biggest problem in security is the access problem. Who, when, how etc etc should get access to information. In general it is too easy to access information.
I do not believe that it is possible for all applications to have granular access control, encrypted transmission etc. I agree that applications (and especially operating systems) could more secure but believing that this is the “silver bullet” to make the world more secure is fairly naïve.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment