credentials or not.. he's right on almost every aspect.
Almost every company I've done work at had pretty insecure
code that I had to fix. I know of almost no peer developers
who are security conscious, as well as I know no developers
personally that were taught security as part of their
training. It never ceases to amaze me how many developers
know next to nothing about writing secure code. You tell
them about a sql injection attack and they look at you like
a dog who just heard a funny noise and turns its head
sideways. Ironically the only people I know who seme to
have any idea about security are the same ones who could
hack your systems. Seems like this needs to be more two-way
knowledge but most developers just don't care.
On Thu, 22 Jan 2004 21:42:24 -0500 (EST)
Mark Curphey <mark_at_curphey.com> wrote:
> Does anyone know of any information about this authors
> credentials to make
> these claims ?
>
>
http://infosecuritymag.techtarget.com/ss/0,295796,sid6_iss306_art550,00.html
---------------------------------------------------------------------
Web mail provided by NuNet, Inc. The Premier National provider.
http://www.nni.com/
Received on Jan 23 2004
Intro
