Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:Bolting On (Score 1) 145

by Chris Lawrence (#31331000) Attached to: Over Half of Software Fails First Security Tests

Sure, bugs can always be introduced, and some of these will open security holes. But as long as the fundamental design conforms to a sensible security model, this isn't a big deal. That type of bug can be found through additional code review. (Note that testing is *not* a method to find security bugs.)

Comment: Bolting On (Score 3, Insightful) 145

by Chris Lawrence (#31330788) Attached to: Over Half of Software Fails First Security Tests

As Bruce Schneier has said, trying to bolt on security to an existing product or application can be very difficult and time consuming. Sometimes you even have to redesign things. Designing for security and using secure coding practices from the beginning, however, makes it much, much easier.

Comment: Re:This is news? (Score 1) 416

by Chris Lawrence (#31224022) Attached to: Why You Can't Pry IE6 Out of Their Cold, Dead Hands

Yeah, Oracle Apps is in a different category from the Oracle DB. That runs on Linux, Windows, Solaris, HPUX, Mac, etc. No lock-in there. Oracle Apps? Something doesn't do what you want, put in a request, five years later you get it, if you're lucky. But at least it isn't IE only.

Theory is gray, but the golden tree of life is green. -- Goethe