[WEB SECURITY] Great article outlining a core issue with many in the security community

Tasos Laskos tasos.laskos at gmail.com
Sun Feb 13 18:05:49 EST 2011

I don't think that a guy saying "Developers don't know shit about 
security" (blaming developers) should be taken seriously by security 
specialists and developers alike.
That goes for most generalizations I suppose (see, I side stepped that 
land-mine ;) ).

I'm not really sure what to comment here...(yes I know I don't *have* to 
comment) so I'll utilize a philosophical device:
* To each his own

In more clear terms:
* Would this guy be happy if everything was perfectly secure and he 
didn't have a job?

And now for a more humoristic analogy:
* I feel about the lack of security like I feel about gay men, I'm glad 
they exist 'cause this means there's more work/women for me to do.

Now, if this is a more wide-spread belief, of which I'm unaware, I kinda 
pity these fools. (heh...)

Tasos L.

On 13/02/2011 11:27 μμ, robert at webappsec.org wrote:
> I saw this posted via twitter and thought it was worth mentioning here. While the example specifies owasp, I am not posting this link to slam
> them in particular. I think that the point applies to MANY folks in the security industry.
> Security Vs Developers
> http://appsandsecurity.blogspot.com/2011/02/security-people-vs-developers.html
> Regards,
> - Robert Auger
> WASC Co Founder/Moderator of The Web Security Mailing List
> http://www.qasec.com/
> http://www.webappsec.org/
> _______________________________________________
> The Web Security Mailing List
> WebSecurity RSS Feed
> http://www.webappsec.org/rss/websecurity.rss
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
> WASC on Twitter
> http://twitter.com/wascupdates
> websecurity at lists.webappsec.org
> http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org

More information about the websecurity mailing list