per spective: no such thing

2011-01-22

no such thing

If I could only... would that make me safe? Is there a recipe for removing or mitigating all risk? Not in life. Not in software. In practice, everyday software is infinitely complex. Foreseeing and countering everything that could go wrong - however desirable - is not realistic. That's why I prefer not to talk about "secure" software. A desirable goal indeed but not within our reach. That'd be promising something we can't deliver. Software security is not absolute. It's about gray-scales and risk.

4 comments:

Kris McCracken said...: As it is with most things!; Monday, January 31, 2011 3:44:00 am
stromsjo said...: Good point. Even somewhat specialized fields tend to reflect facts of life.

Thanks, Kris.; Tuesday, February 01, 2011 9:27:00 pm
tommy said...: Strumpan, you might want to consider joining http://groups.google.com/group/sw-dev-musings for some interesting discussions...

--tole; Wednesday, April 13, 2011 9:37:00 pm
stromsjo said...: Ah, yet another social arena to monitor. Hopefully more active than this semi-dormant blog.

Thanks for the heads up!; Thursday, April 14, 2011 8:19:00 pm

per spective

Pages

(some of) my events

2011-01-22

no such thing

4 comments: