Open Source Security: Still a Myth
Subject:   a little editing --
Date:   2004-09-17 18:05:27
From:   joelrees

In the paragraph before "The Market for Secure Software", shifting from the problems amateurs have with SSL (TLS?) to the laziness amateurs have when faced with complex security interactions, you say:

That is, instead of fixing potential problems and moving on, they'll try to force security auditors to spend hours of precious time demonstrating exploitability. This actually tends to be more of a problem in the open source world than in the commercial world, because commercial projects typically are driven more by schedules. Managers often are already worried about sticking to their schedule and will try to railroad developers into taking the easy road, ...

Are you sure you didn't mean to say, it actually tends to be more of a problem in the commercial world because of the schedules?

1 to 2 of 2
  1. a little editing --
    2004-09-18 09:54:11  stinkingpig [View]

  2. a little editing --
    2004-09-17 18:20:48  joelrees [View]

1 to 2 of 2