ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Prices
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


IT Jobs

Security threats Toolkit

Talkback

Post a comment


Story: Developers 'should be accountable' for security holes

  • Previous comment

Posted by: Anonymous (Wednesday 12 October 2005, 4:58 PM)

  • Reply

Kiss my donkey Mr. Schmidt!! I wouldn't accept such responsibility even if I had absolute authority to decide deadlines, budget, products and platform used, the client's operating environment, and so on.

Let me introduce you to The Real World(tm). I am required to have a system up and running in an unrealistic timeframe (which I never approved), so the system does not get the amount of testing that I'm happy with. I am assigned new and inexperienced programmers to work on the project, so I end up spending lots of time checking their work and helping them along. I am required to produce a system for an operating system and platform that I personally have exorcised from my own computers. When the system goes live, I immediately have to start on the next project which has an even tighter deadline so I have no time to keep an eye on the system as it starts to be used. Of course, once it's up and running the only time it will be revised is if the client requires some change to the system, so often there's no ongoing tests and improvements being done to the overall quality of the system. And if any changes get done they may well be done by someone else because by now I'm working on something else. Not to mention that there are people out there constantly trying to discover new ways of breaking other people's software - which were not known at the time the software was written.

Of course if my employer were to try to do things properly, with the right amount of testing and code reviews and so on, then we'd never make any money because the same clients who are so concerned about security are even more concerned about how much they're paying for their systems.

Want security? Take regular backups and have a duplicate installation ready to be rolled out.

  • Previous comment

  • Reply to this comment
  • Return to story
  • Report this as offensive


Full Talkback thread

Story: Developers 'should be accountable' for security holes

  1. If you are writing programs for a specific OS then... oldator
  2. Howard Schmidt sounds like yet another egghea... Bruce Allen
  3. Schmidt seems to be suggesting that the... jim bob
  4. Some of you guys are amazing. It's... Big Al
  5. Hmmm.. certainly got everyone... Stevie
  6. BUNK! Absolute bunk! Unless Schmidt acknowledges... Floyd May
  7. Brilliant...This is the fastest way I can thi... Stan Fisher
  8. This is nonsense. The company should be liable for... Anonymous
  9. Is an auto designer personnally liable for a... Glenn Branch
  10. Dammit! I'm so fscking SICK of these people who tr... Anonymous
  11. agree with software application security - th... Bill Dobson
  12. Bill - Let me guess... the additional pr... Coleman
  13. You can hold developers responsible... Rob Fielding
  14. Customers want developers to write software that d... Anonymous
  15. In most cases, the developer does not own the... Anonymous
  16. Developers don't make the decisions as to what is... Anonymous
  17. As a software developer my manager gives me a... Tom Jones
  18. I am sure he writes code every day!! Here is anoth... Anonymous
  19. This won't work for several reasons: ** Since most... Anonymous
  20. Software is extremely complex and will always be c... Jose Sandoval
  21. Consumers should be (and ultimately are, through l... Nathan Tenney
  22. If we take this to its logical conclusion we have... Anonymous
  23. Well this will certainly have the effect of gettin... Lawrence Foard
  24. CMM doesn't represent how good your developers are... Anonymous
  25. WHAT CONSTITUTES A SECURITY HOLE? WHAT ABOUT MISU... Dave Monk
  26. I'd love the time to make all my code completely s... Anonymous
  27. There are huge problems with this idea: a) develop... Ian Woollard
  28. Training is just one of the variables in this equa... Anonymous
  29. This is a clearly a bureaucrat tooting his own hor... Coleman
  30. Kiss my donkey Mr. Schmidt!! I wouldn't accept suc... Anonymous
  31. Not to speak lowly of a mans education, but Mr. Sc... Anonymous
  32. Has this person ever worked in a 'real world' prog... Anonymous
  33. Mr. Schmidt is gone senile Software products will... aspen
  34. Should a developer be held accountable for a secur... Anonymous
  35. Here's why Schmidt is an idiot. Individual develop... John Boe
  36. This is pure insanity and a perfect example of a p... Anonymous
  37. Mr. Howard Schmidt has no clue about software deve... Anonymous
  38. Let me guess... BUSH White House advisor. The arti... John Boe
  39. another idiot suit who got his job through cr... Anonymous
  40. Sounds like a great idea to me... What about other... Anonymous
  41. Bad idea. Here's why: 1) Developers generally tak... Joe Cochran
  42. If this guys is an "expert" I'm a pink flying elep... Brendan
  43. Mr Espiner, Thank you for publishing this article... Anonymous
  44. I love this idea! You see, I own and manage a soft... Anonymous
  45. just as soon as ass-hat politicians and televangel... who cares
  46. If Developers should be liable for security holes... Anonymous
  47. It's freaking' time... the difference between free... T2k
  48. I love the idea. But if I wonder if any employer... Twan
  49. If the developer is legally liable for his own cod... Bill Hauck
  50. This is a standard business tatic...the compa... Charles H Martin, PhD
  51. Poor Howard embarasses himself with this one. Anonymous
  52. CEO's should be liable for company failures. The... Bernard Deuce
  53. Howard Schmidt obviously has no understanding of h... Anonymous
  54. Step up to plate Developers - don't just hide... Ben Williams
  55. Great idea if .... - You want to ensure that all s... Anonymous
  56. Schmidt almost certainly doesn't know what he's ta... Rex Page
  57. So going by Mr. Schmidt's logic, if tomorrow there... Rajesh Sharma
  58. Seeing that lawyers have squeezed every drop of li... Anonymous
  59. Ex-White House huh? Let me guess -- Bush crony?... Anonymous
  60. Anyone who works in software security (and has a c... Anonymous
  61. As a professional software engineer, I strongly di... Andrew Rondeau
  62. He is a cowboy. Security is moving target dumber.... Anonymous
  63. Mr. Schmidt is obviously a fool. But if he is will... Sam
  64. There is a total disconnect with reality! Quality... Franz
  65. Howard Schmidt is so naive about the subject of so... Rob C
  66. Somebody has to stand up and say these things... Rob Lewis
  67. I agree that software companies should try to make... Anonymous
  68. How about to include any type of bug into company'... marius herghelegiu
  69. The problem is that customers and employers don't... Anonymous
  70. Mr. Schmidth seems to have found a way to quickly... Arthur B.
  71. So, according to his theory, if someone hot-wires... Anonymous
  72. Schmidt is unskiled and unaware of it. His inflate... Kathleen Fasanella
  73. So, I assume he also wants to hold assembly line w... Anonymous
  74. Another management guy pushing responsibility down... Anonymous
  75. Does he believe that developers have the ultimate... Anonymous
  76. As much as I'd like to be accountable, the level o... Anonymous
  77. [rant type="trolling back at the article's antagon... Anonymous

Back to: Developers 'should be accountable' for security holes

More In Security threats


Featured Talkback

What was achieved there is recognised to be of fundamental importance to both winning the war (Churchill visited to say 'thank you' to them) and the development of the computer. Maybe Bill Gates doesn't want to support this museum because it underlines where electronic computing started i.e. here, not the U.S.

By: 1000103773

Read full story:
Bletchley Park faces bleak future

Sentry Posts Blog

Mobile Security Expert: Your Camera Ph...

Mobile Security Expert: Your Camera Phone Got Hacked Author: Eric Everson, Founder MyMobiSafe.com Have you ever heard someone say “I’d like to be a fly on the wall in that room.”?... More

Post a comment

Skype - The Roach Motel

Here is an interesting article from The National Business Review, pointing out once again that you can never delete a Skype account. Never. Period. This is something I am familiar... More

Post a comment

The vPhone: Why Visa Should Go Mobile

The vPhone: Why Visa Should Go Mobile Author: Eric Everson, Founder MyMobiSafe.com With all of the success of Apple’s iPhone, there is a growing case to support a company like Visa... More

Post a comment

Featured Oracle Resources

businessfirst: Ideas to help small companies retain their successful entrepreneurial spirit

Oracle ONE Magazine: Technology solutions for midsized businesses February 2008 edition

Choosing a Reliable and Powerful IT Infrastructure at a Price You Can Afford

Database Consolidation: Reducing Cost and Complexity

Ensuring Data Protection for Growing Business

Oracle for medium and emerging businesses: protect, strengthen and enhance your organisation

Oracle partner network solutions catalogue

See All White Papers