Why security bugs are different to other bugs

Red Light Way back in 2000 I had the following insight on security bugs and had this weird urge nine years later to share it. I can't believe it's original...

Security fixes are different from every other kind of fix. As every good troubleshooter knows, when problems occur something almost invariably has changed. For most bugs it is something like load, configuration and so on which can be undone.

With security bugs it is knowledge that has changed and a security weakness can't be unlearned by the world at large.

I don't have insights like that very often :-)

Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

PeteH

Search

Archives
« April 2014
MonTueWedThuFriSatSun
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
    
       
Today