Valid point, and to clarify...I don't knowingly make my code insecure. I try to practice Good Habits. My point was that I don't spend the extra time and effort to truly bullet proof my code simply due to it's use. Most of my code would only take a few modifications to make bullet proof, the problem is that the modifications in question take a lot of time, both to develop and to test. And since security is almost always a time trade (IE: any encryption can be broken, but will the data be obsolete by the time it is broken?) I usually focus more on stability than security for my situation. Again, for me that is a good trade.
in reply to Re: Devil's (BSD) Advocate
in thread (OT) Security Rant
I would also like to reiterate that I DO agree with the original post, and my reply was NOT meant to advocate sloppiness! It was meant as the "time and place for everything" side of this equation.
And yes that means the original post got a ++ from me, because it was well thought out and presented, and more importantly...RIGHT!
"Nothing is sure but death and taxes" I say combine the two and its death to all taxes!