Monthly Archives: January 2012

Security: probably doing it wrong

Being knowledgable in the field of information security is useful and beneficial. However, it’s not sufficient, and while it’s (somewhat) easy to argue that it’s necessary there’s a big gap between being a security expert and making software better, or … Continue reading

Posted in software-engineering | Comments Off on Security: probably doing it wrong

Irresponsible tolerance

Context @unclebobmartin said: One of the bad behaviors that destroys projects is “irresponsible tolerance”. Tolerating what you know you should fix. This triggered a discussion between @phil_nash and myself. As far as this got on the Twitters, we agreed that … Continue reading

Posted in Uncategorized | Comments Off on Irresponsible tolerance

On standards in free software engineering

I have previously written on the economics of software insecurity, and I quote a couple of paragraphs from that post below: One option that is not fully explored in the book, but which I believe could be worth exploring, is … Continue reading

Posted in Business, software-engineering | Comments Off on On standards in free software engineering

On the economics of software insecurity

This post is mainly motivated by having read Geekonomics: the real cost of insecure software, by David Rice. Since writing the book Rice has apparently been hired by Apple, though his bio at the Geekonomics site doesn’t mention that (nor … Continue reading

Posted in software-engineering | 1 Comment