[WEB SECURITY] code review techniques for when you don't trust your developers or testers

travis at subspacefield.org travis at subspacefield.org
Thu Aug 13 18:59:29 EDT 2009

On Thu, Aug 13, 2009 at 06:14:45PM -0400, Steven M. Christey wrote:
> If you could do
> that type of analysis, then you would also probably have the ability to
> detect and produce a bug-free system.  The theorists throw around the
> "undecidable" term a lot when it comes to proving that code doesn't have
> any bugs, and the evil-developer problem may be an alternate expression of
> that.

While automated "understanding" of what an arbitrary program does is
essentially the halting problem, it is not the case that a given
program is impossible to analyze.  They just have to be written to be
amenable to analysis (much easier said than done).

By analogy, peer code review may also be a useful tool here; if the
program can't be understood by a different and suitably competent
programmer, then one could argue that it should be rewritten with a
cleaner design, as it is also probably too complex to maintain.
Obama Nation | My emails do not have attachments; it's a digital signature
that your mail program doesn't understand. | http://www.subspacefield.org/~travis/ 
If you are a spammer, please email john at subspacefield.org to get blacklisted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20090813/453ece52/attachment.bin>

More information about the websecurity mailing list