Well, one of the objectives of employing secure coding practices is just that - to raise the cost and complexity of exploiting bugs.
Cheers, Prasad > On Sep 20, 2013, at 7:47 PM, "Bobby G. Miller" <b.g.mil...@gmail.com> wrote: > > I was just listening to a podcast interviewing a security executive from a > prominent vendor. The response to vulnerabilities was to raise the > cost/complexity of exploiting bugs rather than actually employing secure > coding practices. What saddened me most was that the approach was apparently > effective enough. > > _______________________________________________ > Secure Coding mailing list (SC-L) SC-L@securecoding.org > List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l > List charter available at - http://www.securecoding.org/list/charter.php > SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) > as a free, non-commercial service to the software security community. > Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates > _______________________________________________ _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________