home
New Diebold Security Concerns | 13 comments (13 topical)
Re: New Diebold Security Concerns (none / 0) (#8)
by Edger on Sat May 13, 2006 at 10:14:44 AM EST
orionATL: could these three levels of potential invasion have found their way into the code accidentally? Security holes in the code of any software, regardless of the programming language used, can be purposely programmed in, and can be left in by a programmer purposely not programming an action to be taken for all data variables, but most often are there through a programmer forgetting to program actions to be taken for all data variables, and usually end up in the final product because proper and thorough testing was rushed or not completed, in the haste to complete development on time and within budget - in other words - the least amount of work was done to produce a functioning software product: Introduction to Software Security
The extra twist in the security situation is that a bad guy is actively trying to make your software misbehave. This certainly makes security a tricky proposition. Malicious hackers don't create security holes; they simply exploit them. Security holes and vulnerabilities--the real root cause of the problem--are the result of bad software design and implementation. Bad guys build exploits (often widely distributed as scripts) that exploit the holes. (By the way, we try to refer to bad guys who exploit security holes as malicious hackers instead of simply hackers throughout this book.

New Diebold Security Concerns | 13 comments (13 topical)

  • Premium Ads

  • Blog Ads

  • Contribute To TalkLeft

    donate to TalkLeft