Software Security: Building Security In by Gary McGraw
Software Security: Building Security In Gary McGraw ebook
ISBN: 0321356705, 9780321356703
Publisher: Addison-Wesley Professional
@W The chance is pretty low, but if it fails all of the hardware and software depending on its security is instantly obsolete, so the overall risk is unacceptably high. To address this, high-quality security building blocks (e.g., cryptographic components) are necessary, but insufficient. The granddaddy of maturity models is Carnegie Mellon University's software development Capability Maturity Model which was started in 1987. Software Security is about putting the touchpoints to work for you. This is an old debate, and one we've been through many times. We have to choose one or the other. Every software application or product is developed based on business expectations. The new proposal reportedly allows the FBI to listen in on any conversation online, regardless of the technology used, by mandating engineers build "backdoors" into communications software. The rumored proposal is a tremendous blow to security and privacy and is based on the FBI's complaint that it is "Going Dark," or unable to listen in on Internet users' communications. The three of them were on a whirlwind tour of software security teams across the IT industry with the objective of building an industry picture of best practices in secure development. When it comes to security, we have two options: We can build our systems to be as secure as possible from eavesdropping, or we can deliberately weaken their security. We urge EFF supporters to tell the provisionally called CALEA II.