Forgot your password?
typodupeerror

Comment: Re:Bolting On (Score 1) 145

by Chris Lawrence (#31331000) Attached to: Over Half of Software Fails First Security Tests

Sure, bugs can always be introduced, and some of these will open security holes. But as long as the fundamental design conforms to a sensible security model, this isn't a big deal. That type of bug can be found through additional code review. (Note that testing is *not* a method to find security bugs.)

Comment: Bolting On (Score 3, Insightful) 145

by Chris Lawrence (#31330788) Attached to: Over Half of Software Fails First Security Tests

As Bruce Schneier has said, trying to bolt on security to an existing product or application can be very difficult and time consuming. Sometimes you even have to redesign things. Designing for security and using secure coding practices from the beginning, however, makes it much, much easier.

Comment: Re:This is news? (Score 1) 416

by Chris Lawrence (#31224022) Attached to: Why You Can't Pry IE6 Out of Their Cold, Dead Hands

Yeah, Oracle Apps is in a different category from the Oracle DB. That runs on Linux, Windows, Solaris, HPUX, Mac, etc. No lock-in there. Oracle Apps? Something doesn't do what you want, put in a request, five years later you get it, if you're lucky. But at least it isn't IE only.

Every young man should have a hobby: learning how to handle money is the best one. -- Jack Hurley

Working...