Read the article here.
Computer software is far from perfect. Everyone knows that, especially programmers. So, when a major exploit in a ubiquitous program is revealed, it shouldn't come as a major shock to anyone. However, it does bring up some significant topics of conversation. I linked to the above article, not because it talks about the Shellshock bug, but because it discusses the importance of ensuring the quality of any software we write. We don't want to have to re-invent the wheel every time we write software. We certainly don't want to have to start from scratch when updating an existing product! However, there seems to be so much innate trust in existing code that we often take for granted the security of what we're building on top of. I feel like there needs to be a shift in the mentality of programmers everywhere. We need to not wait for our code to become battle-hardened by having problems discovered 'in the field', as it were; we must become diligent in our testing in development.
It's weird t see bugs like Shellshock, Heartbleed, and now BadUSB coming to light. All of those technologies have been used for years. I must wonder if it's related to the call for more security researchers. As we get more researchers, we have more people finding bugs.
ReplyDelete