Tuesday, June 29, 2004

Secure Programming and the Network Effect

With the latest report of of a security exploit in Internet Explorer, the hackers seem to be taking it to a new level. One article suggests that the problem is in the programming languages and programming tools that we use. While I agree that we could certainly use better tools, I think that a lot of the insecurity in Internet Explorer is caused by deliberate "design features", put in by some very misguided people.

The article on better programming languages is well worth reading. On a different topic, I was struck by this quote towards the end:
This is one area where I believe the open source movement has hurt us more than it has helped us: the availability of free, adequate tools for Unix has gutted the potential market for commercial high-quality tools. Very few programmers are willing to pay thousands of dollars for a better programming environment, when the customer can't tell the difference by how the resulting software runs. The Windows programmer has access to fully integrated environments that manage dependencies, debuggers that render execution with amazing detail, and visual development engines that take most of the work (and all of the errors) out of user-interface code.

The network effect that has allowed Microsoft to take over the Operating System world and then stifle progress, operates in other areas as well. I am sure I will have more to say on this topic.

No comments: