[WEB SECURITY] Great article outlining a core issue with many in the security community

Tasos Laskos tasos.laskos at gmail.com
Sun Feb 13 18:05:49 EST 2011


I don't think that a guy saying "Developers don't know shit about 
security" (blaming developers) should be taken seriously by security 
specialists and developers alike.
That goes for most generalizations I suppose (see, I side stepped that 
land-mine ;) ).

I'm not really sure what to comment here...(yes I know I don't *have* to 
comment) so I'll utilize a philosophical device:
* To each his own

In more clear terms:
* Would this guy be happy if everything was perfectly secure and he 
didn't have a job?

And now for a more humoristic analogy:
* I feel about the lack of security like I feel about gay men, I'm glad 
they exist 'cause this means there's more work/women for me to do.

Now, if this is a more wide-spread belief, of which I'm unaware, I kinda 
pity these fools. (heh...)

Cheers,
Tasos L.

On 13/02/2011 11:27 μμ, robert at webappsec.org wrote:
> I saw this posted via twitter and thought it was worth mentioning here. While the example specifies owasp, I am not posting this link to slam
> them in particular. I think that the point applies to MANY folks in the security industry.
>
> Security Vs Developers
> http://appsandsecurity.blogspot.com/2011/02/security-people-vs-developers.html
>
> Regards,
> - Robert Auger
> WASC Co Founder/Moderator of The Web Security Mailing List
> http://www.qasec.com/
> http://www.webappsec.org/
>
>
> _______________________________________________
> The Web Security Mailing List
>
> WebSecurity RSS Feed
> http://www.webappsec.org/rss/websecurity.rss
>
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>
> WASC on Twitter
> http://twitter.com/wascupdates
>
> websecurity at lists.webappsec.org
> http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
>





More information about the websecurity mailing list