Why security bugs are different to other bugs

Red Light Way back in 2000 I had the following insight on security bugs and had this weird urge nine years later to share it. I can’t believe it’s original…

Security fixes are different from every other kind of fix. As every good troubleshooter knows, when problems occur something almost invariably has changed. For most bugs it is something like load, configuration and so on which can be undone.

With security bugs it is knowledge that has changed and a security weakness can’t be unlearned by the world at large.

I don’t have insights like that very often 🙂

Advertisements
Leave a comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: