Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Peon's Guide To Secure System Development

Posted by michael on from the mincing-words dept.

libertynews writes "Michael Bacarella has written an article on coding and security. He starts out by saying 'Increasingly incompetent developers are creeping their way into important projects. Considering that most good programmers are pretty bad at security, bad programmers with roles in important projects are guaranteed to doom the world to oblivion.' It is well worth the time to read it."

15 of 326 comments (clear)

  1. a good read by lactose99 · · Score: 5, Funny

    I found 2 quotes particularly enjoyable:

    Call yourself a computer professional? Congratulations. You are responsible for the imminent collapse of civilization.

    and

    The user is pure evil.

    Very true and sometimes misunderstood bits of information.

    --
    Fully licensed blockchain psychiatrist
    1. Re:a good read by Digital+Mage · · Score: 5, Funny

      1) Users are pure evil.
      2) Civilization is made up of users.
      3) Computer professionals are responsible for the collapse of civilization.
      4) Computer professionals will therefore destroy all evil. ;^)...Cool!

    2. Re:a good read by Tack · · Score: 3, Funny

      This is almost true, unfortunately I must ammend 2) and 4):

      1) Users are pure evil. (Given.)
      2) Civilization is made up of users and computer professionals. (Assumption)
      3) Computer professionals are responsible for the collapse of civilization. (Given.)
      4) Computer professionals will therefore destroy all evil and take themselves out in the process. (Conclusion.)

      Jason.

  2. Of course... by ultramk · · Score: 3, Funny

    the real question that any developer needs to ask...

    "What you need doing? Daboo!"

    going back to minding my fortress now...

    m-

    --
    You catch enchiladas by picking them up behind the head and holding them underwater until they don't kick anymore -VeGas
    1. Re:Of course... by Anonymous Coward · · Score: 1, Funny

      da be good choice maaan

  3. Re:If something like Windows plays any part at all by ProtonMotiveForce · · Score: 1, Funny

    Yet more nonsense. Unix [in general, including Unix-typical tools] has had the most pathetic security history of any operating system.

    Cast ye not rocks from a precipice of cracked glass. Unix security is just as crappy as Windows, and has been for a lot longer.

  4. Peon?! by gergi · · Score: 5, Funny

    Everyone knows peons don't care about security. They just go around doing whatever they're told to do. Half the time, they're just standing around because there's nothing for them to do. They are oblivious to security breaches... I can't tell you how many peons I've seen getting hacked to death without them even noticing! And if they do notice, all they ever respond with is "Stop poking me!!!"

    Peons, indeed

    --
    Nosce te Ipsum
  5. Re:So basically... by Anonymous Coward · · Score: 4, Funny

    Writing Solid Code: Microsoft's Techniques for Developing Bug-Free C Programs by Steve Maguire (Paperback

    Also holds the world record for "Shortest Book".

  6. Your wife's in-laws? by Wee · · Score: 3, Funny
    One time I was in the next state visiting the wife's inlaws...

    Wouldn't your wife's in-laws be your parents?

    Sorry, couldn't resist... :-)

    -B

    --

    Ash and Hickory, straight-grained and true, make excellent bludgeons, dandy for the cudgeling of vegetarians.

  7. Re:Engineers (again...sorry) by ch-chuck · · Score: 2, Funny

    I think it, currently, is tied back to US 1st amendment Free Speech protection - a book is free speech, it doesn't have to be correct. If you read a book, follow it's advice and lose your shirt or damage something, the book publisher probably has a legal protection against being held liable for it ("we just published the false information, you're the one who acted upon it"). However, yelling 'fire' in a crowded theatre or 'fighting words'* is not protected speech - we might need to tie at least some software with potentially damaging consequences to something like that in some situations.

    *In 1942, the U.S. Supreme Court in Chaplinsky v. New Hampshire defined fighting words as words which are likely by their very utterance to inflict injury, or which tend to incite the average person to immediate violence. The high court said that fighting words receive no First Amendment protection.

    --
    try { do() || do_not(); } catch (JediException err) { yoda(err); }
  8. Re:We Need To Consider 1980s DOD Practices by malraid · · Score: 2, Funny

    Hey...
    We're talking important stuff here, like e-mail and P2P networks, not silly ICBM toys

    Now getting into a more serious attitude, the DOD has always done things in a way which is completly different from Corporate America, and Consumer America, where 2.0 is much better than 1.5, because it has more features, nicer GFX, whatever. Ohh, and 8.0 is much better, even if there was never a version 7.0, or 6.0, or 5.0, etc.

    Do you guys think that the Marketing people as Microsoft were thinking about security when they gave the 8.0 number to the new MSN?? Unfortunatly, this is a marketing world, and the best marketing almost always wins. And if the loose, the marketing people try to make it look like they won anyway !!

    --
    please excuse my apathy
  9. Re:Who the f*ck is this guy, anyway? by Anonymous Coward · · Score: 1, Funny

    Surf to his web site [bacarella.com], and it's just the same old self-absorbed bullshit that so many other people put up.

    Perhaps you shouldn't be talking-- http://www.finchhaven.com/pages/computers/webmaste r.html!

  10. Re:Who the f*ck is this guy, anyway? by Anonymous Coward · · Score: 1, Funny

    Quite a bit less insulting to the eyes than your fine site, sir. And I wouldn't be throwing stones about obsession with computers either.

    And when are you going to update your Datacenter blog?

  11. Re:Engineers (again...sorry) by jsahol · · Score: 2, Funny

    Agree 100%. That's the problem, you can't sell anything to mgmt unless it makes them look good somehow, and security is not as "sexy" as new features. Hence companies like Microsoft can sell the garbage they do, because they just add more bells and whistles (bloat) each version.

  12. Re:Who the f*ck is this guy, anyway? by Dalcius · · Score: 2, Funny

    Jesus, dude. Ouch.

    Parent of the parent: read own advice column. k thx d00d

    =)

    --
    ~Dalcius
    Rome wasn't burnt in a day.