Insecure Code - Vendors or Developers To Blame?

Annto Dev writes "Computer security expert, Bruce Schneier feels that vendors are to blame for 'lousy software'. From the article: 'They try to balance the costs of more-secure software--extra developers, fewer features, longer time to market--against the costs of insecure software: expense to patch, occasional bad press, potential loss of sales. The end result is that insecure software is common...' he said. Last week Howard Schmidt, the former White House cybersecurity adviser, argued at a seminar in London that programmers should be held responsible for flaws in code they write."

Re:How about both?

[eln]

BTW, this topic seems vaugely familiar. Is this a dupe?

It's not a dupe, it's an "encore presentation."

Re:Howard Schmidt is incompetent.

[geomon]

Please stop your complaining until you show you actually know what you're talking about.

You, sir, have single-handedly brought Slashdot to a stand still.

I hope you are happy.

Pfft! You call this science?

[Quiet_Desperation]

Everyone knows that insecure code is caused by code rot and magical error pixies.

Next you'll be claiming that bad movies are the fault of the people making them, or that it's Britney Spears' fault she sounds like a howler monkey being run over by a bus.

Sheesh. Scientologists...

Re:IN SOVIET RUSSIA

[geomon]

Now why didn't I see that one coming?