[SCADASEC] SAFECode on software assurance
Brodsky, Jake
jBrodsk at wsscwater.com
Thu Feb 14 10:25:57 CST 2008
Amen Brother Larry, AMEN!
-----Original Message-----
From: scadasec-bounces at news.infracritical.com
[mailto:scadasec-bounces at news.infracritical.com] On Behalf Of ljknews
Sent: Thursday, February 14, 2008 11:06 AM
To: scadasec at news.infracritical.com
Subject: Re: [SCADASEC] SAFECode on software assurance
At 9:48 AM -0600 2/14/08, Bob Radvanovsky wrote:
> URL: http://www.gcn.com/online/vol1_no1/45811-1.html
> The paper identifies and explains security best practices
> and controls currently used by SAFECode members:
> * Secure source code handling: The integrity and
> confidentiality of source code must be protected.
Confidentiality ? That sounds like security-by-obscurity if
intended as a security measure.
I realize that "SAFECode members" may have business reasons
for confidentiality, but security is not a reason.
--
Larry Kilgallen
_______________________________________________
To unsubscribe from this mailing list, please visit:
http://news.infracritical.com/mailman/listinfo/scadasec
To review our privacy statement, please visit:
http://www.infracritical.com/privacy.html
scadasec at news.infracritical.com
http://news.infracritical.com/mailman/listinfo/scadasec
More information about the scadasec
mailing list