Everything new is old again – baked in security

Now, believe me, I have only the greatest of sympathy with the intent of this phrase.  Yes, I agree that we’ve been hamstrung and hampered by insecurities due to sloppy programming, and we desperately need to have more secure software development practices.

It’s just nothing  new, that’s all.

I mean, we’ve been preaching this for years.  Decades, really.  Ask any old programmer what he, she, or it was taught way back in the old days.

Structured programming.  Top-down programming.  The waterfall method.

And documentation.  I especially like internal documentation.  If you don’t like documentation you can have a moment of pity for my (occasional) programming students.  When they hand in a project it has to have internal documentation in the source code, and it has to be clear and make sense.  (They lose marks if they don’t and it doesn’t.)  As far as I’m concerned, if you can’t say what you are doing, you don’t know what you are doing.

And if you know what you are doing, you do it right.

Share
  • rj

    “If you don’t like documentation you can have a moment of pity for my (occasional) programming students. ”

    I pity the fool!