The Peon's Guide To Secure System Development

libertynews writes "Michael Bacarella has written an article on coding and security. He starts out by saying 'Increasingly incompetent developers are creeping their way into important projects. Considering that most good programmers are pretty bad at security, bad programmers with roles in important projects are guaranteed to doom the world to oblivion.' It is well worth the time to read it."

Engineers (again...sorry)

[jpt.d]

The P.Eng has one thing right - we need 'software engineers' or 'computer engineers' that are liable for their work (and the company that uses them are liable for too).

If Microsoft's products are so good, why do they disclaim liability on it?

Of course it isn't just microsoft doing this either. The whole licensing thing. If a 'license' is supposted to give you the privledge to do or use something, then in most things you are completely liable for your actions. For example, I have a drivers license, I kill somebody it is my fault. If Acme's Nuclear Control Software 2002 goes faulty and blows up part of the states - they would probably claim no fault (bad example I know - special case currently probably).

Re:Engineers (again...sorry)

[SerpentMage]

Sorry but there I think you are absolutely wrong. I happen to be an engineer, not because of an economic barrier, but because I managed to study x years in a University.

And since you are in Ontario, which is where I got my engineering degree you should know that money is not the issue to getting an education.

Also engineering certification does not mean quality. It means that you studied so many years and have gone through specific procedures. Just like police people and fire people. Some police people are good and some are baffoons, but regardless you know that they have gone through police trainning....

When engineers become liable for stuff that they design, people design very DIFFERENTLY. This is not to say that everybody has to be an engineer to work on software. Just like in a custom machinery shop not everybody is an engineer. You just need enough engineers to sign off legally on designs.

If something like Windows plays any part at all ..

[burgburgburg]

in your system design, you should probably give up now.

A non-Windows system is not a guarantee of invulnerability, but keeping a Windows system is guaranteed to put you at risk.

The real world seems to agree with him on these.

Better languages

[PylonHead]

It should be a crime to teach people C/C++.

High level languages like Ruby, Python, or even Java are strongly recommended for all new projects.

How about a high level, compiled language with static typing like Ocaml. More speed, more protection, and it's been officially certified as "The programming tool of choice for discriminating hackers".

Ocaml

things can be done with its credentials - nop

[DrSkwid]

that's the thing you see, trusting the client is plain wrong and assumptions made with that model will get you in trouble.

plan9 offers a model that doesn't require trusting the client. It runs a dedicated authentication server and a dedicated CPU server and a dedicated file server. The three talk to each other behind the client's back.

http://plan9.bell-labs.com/sys/doc/auth.html

Re:Crime to teach C/C++?

[J.+J.+Ramsey]

I started off with Java and perl and had to go back and learn so many fundamental, lower-level aspects of programming and computers in general. I think it's tougher to do it this way rather than starting off with something like C or Assembly.

Actually, you probably did things in the right order. Learning is often iterative. Sometimes you have to first learn the rough general picture and then fill in the details and more advanced stuff later, which is more or less what you did.