Security Is in the Process

Security features like UAC are cool and useful, at least to a degree, but the more important changes come from careful attention to how you write programs.

It's tempting for most people to be attracted to specific security gimmicks like UAC (User Access Control) when judging how secure a product like Windows Vista is, but that's not what Microsoft people talk about.

When you talk to Microsoft technical people (or read their blogs), they talk incessantly about the SDL or Security Development Lifecycle. This is the new way of life at Microsoft that will lessen the number of vulnerabilities in their products. At least that's the plan. Security Is in the Process

Linked by shanmuga Tuesday, 13th March 2007 1:18AM