"All software has security defects," insists Michael Howard, senior security program manager at Microsoft. "You either do something about it, or you don't." In the past few years, Microsoft has learned to write more secure code. In a session given at last week's TechEd conference, Howard explained some of the lessons that the company has learned in developing its Security Development Lifecycle, and shared advice for developers who want to improve the quality of their own code.
To read all comments associated with this story, please click here.
Member since:2005-11-27
Actually, it's probably the other way around. Microsoft is actually a fairly nice environment to work in with regards to programming from what I've heard. It seems to me that you're just trolling, so I'm not particularly worried about convincing you, which is probably an unlikely event, although I did feel that somebody needs to be sticking up for them.
Member since:2006-05-26
I may have written it with my tongue-in-cheek but not trolling. While I doubt the programmers at Microsoft scan open source software to learn how to write more secure code, I believe open source has helped put a public emphasis on security rather than just features.
I have a lot of respect for all programmers and those at Microsoft are no exception. My views on PHB's are quite the opposite.
desNotes
Member since:2005-10-27
Microsoft is actually a fairly nice environment to work in with regards to programming from what I've heard.
You have just heard, that's the problem. If you had tried to develop .NET applications (not just a little minesweeper please, real apps.) without running into the many configurations problems brought by this heavily integrated environement, then I'd have liked to meet you. Since you haven't, I'd like to meet the guy from whom you've heard it was fairly nice.
Member since:
2006-05-26
"In the past few years, Microsoft has learned to write more secure code."
Maybe they have taken a serious look at open souce in order to learn how to write more secure code.