« Reorienting Towards Security Integration | Main | Avoiding the Mobile Blindside »



The trick is applying the right checklist.

Because security practitioners tend to be unplugged from the day-to-day of software and even architecture, you are likely to find them using the checklist for flying a plane for a project that involves train schedules.

Sometimes simplification leads to no good... and worse. The popular aversion to nuance has led to a generation that is especially vulnerable to sociopathic leadership, for example.

Andre Gironda

"Everyone knows that debugging is twice as hard as writing a program in the first place. So if you're as clever as you can be when you write it, how will you ever debug it?" quote from Brian Kernighan

"Allow yourself to be bored. Don’t be afraid of the vacant moment. You are a human being, not a “human doing,” so just be and consider your boredness. You may be surprised at how it clears the mind (after getting over the initial discomfort) and provides new thoughts." quote from Richard Carlson

Joeri Sebrechts

It's not just security that should be boring, it's everything to do with the technical details. Complexity leads to bugs. The cleverness should be in the user's experience, not in the code that delivers that experience.

The comments to this entry are closed.