?

Log in

No account? Create an account
November 2nd, 2007 - Adventures in Engineering — LiveJournal
The wanderings of a modern ronin.

Ben Cantrick
  Date: 2007-11-02 17:31
  Subject:   "Some thoughts on security after 10 years of qmail 1.0" by DJB.
Public
  Tags:  reddit, security

HOW CAN WE MAKE PROGRESS ON SECURITY?

"To this very day, idiot software managers measure ‘programmer productivity’ in terms of ‘lines of code produced,’ whereas the notion of ‘lines of code spent’ is much more appropriate.
—Dijkstra

Answer 1: Eliminating bugs
Answer 2: Eliminating code
Answer 3: Eliminating trusted code

Distraction 1: Chasing attackers
Distraction 2: Minimizing privlege
Distraction 3: Speed, speed, speed


http://cr.yp.to/qmail/qmailsec-20071101.pdf
1 Comment | Post A Comment | | Link



browse
May 2015