PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
June 2012

Marcus Ranum chat: Software development practices and security

Marcus Ranum: Brian, thank you for taking the time to chat! I hope I'm not going to frustrate you too much if we jump straight in to what I suspect is a pain point for you. It seems to me computer programming is a game of "one step forward, two steps back" and every time there's a push for quality improvements, it's immediately offset by something that seems to encourage throwing quality to the winds. Is it a lack of tools, or are the incentives wrong/backwards? Do people just not care if their programs are buggy or full of malware? I am still semi-stunned by the fact that most "Web programming" is done in an environment of trial and error. Is that an accurate perception? What's going on? Brian Chess: This is a pain point for me, but perhaps not for the reason you suspect. I've recently taken off my code analysis hat and gotten back to writing some Web software from scratch. The last time I started this fresh was around 2000 when we were building the foundation that became NetSuite. Here are some of the things that stand out to ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

Columns in this issue