Beefy Boxes and Bandwidth Generously Provided by pair Networks
We don't bite newbies here... much

Re: (OT) Black- vs. white-box testing

by idsfa (Vicar)
on Oct 25, 2005 at 16:00 UTC ( #502769=note: print w/replies, xml ) Need Help??

in reply to (OT) Black- vs. white-box testing

White-box testing — tests designed against the code which actually implements the functionality — is critical to evaluate the security of the code. Black-box (monkeys with typewriters) pounding at potential vulnerabilities is simply too inefficient to be valuable. It is good to have some standard black boxes (like buffer overflows), but even better to know "oh, this string gets eval'd — I'd better write a test to make sure it won't do anything stupid"

The intelligent reader will judge for himself. Without examining the facts fully and fairly, there is no way of knowing whether vox populi is really vox dei, or merely vox asinorum. — Cyrus H. Gordon

Replies are listed 'Best First'.
Re^2: (OT) Black- vs. white-box testing
by robharper (Pilgrim) on Oct 26, 2005 at 08:50 UTC
    ++ Thanks for that insight. For some reason I hadn't considered the security of code. But I guess that's why I'm not a programmer by trade. :o)

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://502769]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others studying the Monastery: (4)
As of 2021-04-18 05:15 GMT
Find Nodes?
    Voting Booth?

    No recent polls found