|
|
2004-05-29Out, Out, Cursed BugACM News Service - Will Code Check Tools Yield Worm-Proof Software?. According to this blurb, the Business Roundtable "blames buggy and vulnerable software code for most of the major cyberattacks and network breaches that have harried American consumers and businesses in recent years." Focus is on defective software-development processes.I don't want to diminish the importance of improved software-development practice, transparency, accountability, and liability for failure to apply recognized best practices. I think those are all great moves. I also think that it won't work if purchasers don't require it, whether it is something like a Good Housekeeping seal or anything else. And there is something more about due diligence that IT organizations and CIOs must have to deal with. Finally, it won't be enough. We must deal with the prospect that the criminal element that is training itself to exploit system vulnerabilities is not going to let up, and that perfectly-working code does not assure a safe and secure business system. We will learn that, whether we want to or not, like it or not. The Robert Lemos 2004-05-26 CNET News article provides an extensive, balanced treatment. The move to demonstrable diligence is important. It is a time that we took seriously the lessons learned in the development of traditional engineering disciplines.
Comments:
Post a Comment
|
|||
