16 February 2009

Insecure Security Products

You'd be surprised how many coders of computer security products don't know how to code securely. They weren't trained in it. They don't really care about it, and they aren't paid more for making their code more secure. Many crypto software developers don't know about Security Development Lifecycle (SDL), buffer overflows, input parameter checking, and so on. It's ironic.


Top Security Suites Fail Exploit Tests

Is Security Software A Security Risk?

Security - Back To Basics

No comments: