Slashdot Mirror

← Back to Stories (view on slashdot.org)

Insecure Code - Vendors or Developers To Blame?

Posted by Zonk on Friday October 21, 2005 @04:45AM from the i-blame-code-gremlins dept.

Annto Dev writes "Computer security expert, Bruce Schneier feels that vendors are to blame for 'lousy software'. From the article: 'They try to balance the costs of more-secure software--extra developers, fewer features, longer time to market--against the costs of insecure software: expense to patch, occasional bad press, potential loss of sales. The end result is that insecure software is common...' he said. Last week Howard Schmidt, the former White House cybersecurity adviser, argued at a seminar in London that programmers should be held responsible for flaws in code they write."

2 of 284 comments (clear)

Min score:

Reason:

Sort:

it's all about EULA by Thud457 · 2005-10-21 04:51 · Score: 5, Informative

That's ok, it's covered in the EULA -- the vendor's not responsible for anything. Since the developers are either employed by or are contractors for the vendor, they're similarly protected from any responsibility. So it boils down to caveat emptor -- test, test, and retest before accepting any software product.
Too bad you have to click through the EULA before you can test it, suckers!

--
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
RTF-REAL-A from wired by dzfoo · 2005-10-21 05:06 · Score: 5, Informative

The real article by Bruce Schnier is in Wired:

http://www.wired.com/news/privacy/0,1848,69247,00. html

Its more interesting than the sound-bite-full ZD-Net summary.

-dZ.

--
Carol vs. Ghost
...Can you save Christmas?