Linked by Andrew Youll on Sat 17th Sep 2005 11:22 UTC, submitted by JonasDue
"There's lots of innovation going on in security - we're inundated with a steady stream of new stuff and it all sounds like it works just great. Every couple of months I'm invited to a new computer security conference, or I'm asked to write a foreword for a new computer security book. And, thanks to the fact that it's a topic of public concern and a "safe issue" for politicians, we can expect a flood of computer security-related legislation from lawmakers. So: computer security is definitely still a "hot topic." But why are we spending all this time and money and still having problems?"
Thread beginning with comment 32881
To view parent comment, click here.
To read all comments associated with this story, please click here.
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:
2005-07-06
The insinuation is that if programs were secure by design, patches would only be required for bugs, not design flaws. He points to QMail and Postfix as examples of programs that have required very few patches, because they are secure by design.