On GameSpot: Get ready for the Best of 2009 Awards!
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 15 of 37:
Next »
« Previous
Important possibilities
As many know, static analysis tools have been around for a while, so technically this article does not add much.
But on a policy level, there are two very important points.

First, quoting:
The company, which hopes to launch its code-analysis product in June, announced on Tuesday that it had created a boilerplate contract addendum that holds software makers responsible for guaranteeing the security of their software. CEO Jack Danahy believes that if companies start adding the wording to contracts, developers will then proactively start checking their software for flaws. And that means more customers for those that make analysis tools.

Okay, so this is a startup making a suggestion that will increase the need for its products. No big deal.
But the important point is: potential customer demand for a EULA that doesn't deny all liability for the result of code flaws.
Imagine the results if every important enterprise customer demanded that kind of a rider!


The second interesting point is that these code checkers are being used for applications.
Suppose that there were a program for applications similar to the one which Microsoft runs, certifying the program's compatibility with Windows.
If the issue becomes important enough, such security certification could be run by a third party.
That, too, would be new and interesting.

Either possibility seem likely to you?
Posted by: Anton Philidor   Posted on: 05/26/04 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

Laughable PR flannel  jellyclock | 05/26/04
Yawn. Nothing new here.  BruceS_z | 05/26/04
MS, please get your money back... it didn't work.  Xunil_Sierutuf | 05/26/04
You mean like all the Apache flaws?  No_Ax_to_Grind | 05/26/04
The web servers with the most flaws that cause the most problems is IIS  DonnieBoy | 05/26/04
But is it the server of choice  John Dulles | 05/27/04
ha ha ha  FreeBSD | 05/27/04
Biased? surely not!  agottschald | 05/27/04
Lesson learned from Firestone!  kd5auq | 05/26/04
Bad Analogy  IH8DOTNET | 05/26/04
Not quite...  ryusen | 05/26/04
Fire Up the Lawyers  IH8DOTNET | 05/27/04
and you so cleverly ignored a key part of my argument  ryusen | 05/28/04
There are laws  michael-t | 05/26/04
Important possibilities  Anton Philidor | 05/26/04
Addendum  Anton Philidor | 05/26/04
Post-addendum...  Confused by religion | 05/26/04
How is that a change?  Anton Philidor | 05/26/04
You get what you pay for  seosamh_z | 05/26/04
You forgot about one thing........  middle of nowhere | 05/26/04
you're assuming...  stephen732@... | 05/26/04
C/C++ Considered Harmful  awalkerco | 05/26/04
c# is a cheap knockoff - nt  stephen732@... | 05/26/04
You're right about C/C++  John Carroll ZDNet Moderator | 05/27/04
Ada runtime makes many checks  Andyvan | 05/27/04
Yes, but not for the reasons you might think....  jdickey_z | 05/27/04
More innovation.  Cardinal_Bill | 05/26/04
Come on Bill, you know better.  No_Ax_to_Grind | 05/26/04
A Yes or No answer only to this question.  Cardinal_Bill | 05/26/04
Waste of Space  agottschald | 05/27/04
(NT)Hey look who we got here taking odd pot shots, you'r like semi-retired?  Spin_Masterz | 05/26/04
Bitty, Bitty, you've acquired Foot-In-Mouth Disease! Heh, heh  dicktaurus@... | 05/27/04
How useful is this argument?  John Dulles | 05/27/04
Microsoft, as an example, makes a spesification each year!  B.O.F.H. | 05/27/04
You're right on target  springerj | 05/27/04
It is a reality  michael-t | 05/26/04
The buck stops where...  limelight | 05/27/04

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement

SmartPlanet

Click Here