Decades of Code-Review Opportunity
Get this!!! The book Writing Solid Code (20th Anniversary 2nd Edition) written by a former Senior Level Microsoft developer has much to say about parameter checking and code validation. Clearly, the knowledge and ability to identify bad coding was there--two decades ago--at Microsoft (not to mention the rest of the in industry). That's two decades of opportunity for code review. Yet, the rate at which such bugs are being found doesn't seem to be slowing down. Is it that hackers are getting better at finding these things? Probably. But, if the hackers are getting better at finding these things--without the source code (supposedly), then why can't Microsoft get better at finding these things when they have all the source code? Oh yeah; the money thing, and people have been conditioned to accept that patching is a normal and regular thing, especially for companies with monopoly-like (not wanting to get sued for libel) market control. Welcome to the Borg collective! Aaaaaaaaaaaaahhhhhhhh!!!!!!!!!!!!!!
Biting the hand that feeds IT
