Builders, breakers, and malicious hackers
There is a new meme in Web security that states we should focus the bulk of our attention on building secure software instead of breaking it. As Jeff Williams of Aspect Security says, we are not going to “hack our way secure.” For example, repeatedly crash-testing the same automobile without taking further action would not directly result in saving lives. However, what crashing cars and breaking software does provide is proof.
At Jeremiah Grossman's blog.
[ Read more ]