I found this interesting bit about holding developers personally responsible for the code that they produce. Not only do I think it’s unfair to the developer, I think it would be higly inefficient. You think it takes a long time to develop an app now? Wait until the developer learns that should his software have security flaws, his next cubical with be a 9’ x 9’ cement cell. Not cool…

Expert: Hold developers liable for flaws

“In software development, we need to have personal quality assurances from developers that the code they write is secure,” said Schmidt, who cited the example of some developers he recently met who had created a Web application to talk to a back-end database using SSL.

<p>I do agree with the fact that developers <strong>do</strong> need more training in the security arena. Personally, I graduated with a design degree (completely non-IT) so I can&#8217;t say how much of <a href="http://www.csuchico.edu"><span class="caps">CSU</span> Chico&#8217;s</a> CS degree focuses on security.</p>

Schmidt also referred to a recent survey from Microsoft that found that 64 percent of software developers were not confident they could write secure applications. For him, better training is the way forward.

“Most university courses traditionally focused on usability, scalability and manageability-not security. Now a lot of universities are focusing on information assurance and security, but traditionally Web application development has been measured in mouse clicks-how to make users click through,” Schmidt said.

<p>In the end, it should be on the companies shoulders whether their applications are secure or not. Companies should be held accountable for hiring and training employees. Since most companies force you to sign NDAs, it would be a slap in the face&#8230;</p>


<p>&#8220;<strong>All the code you write is ours&#8230; except in the case of security flaws. Then we&#8217;ll be blaming you and detach ourselves of any and all responsibility.</strong>&#8220;</p>


<p>What do you suppose the turnover rate for developers would be over at Microsoft?</p>

I received all the parts for my PC last Saturday. I said I wouldn’t jump into putting it together right away, and I didn’t (kind of). I did un pack some things to have a look at some of the goodies though. However, once I started looking at stuff, I couldn’t help myself.

<p>The build went really smooth. No <span class="caps">DOA</span> parts (thanks to <a href="http://www.newegg.com" title="Once you know, you newegg">Newegg</a> and <a href="http://www.mwave.com">MWave</a> for excellent service), no incompatibilities, nothing. Since it was my first build ever, I was a little concerned when installing the <span class="caps">CPU</span>, heatsink and fan. Also, installing the motherboard in the case was a bit challenging. Between lining up the mounting holes on the motherboard with the brass nuts on the case and the rear I/O panel, it was king of a pain. But it worked out fine. The rest of the parts (graphics card, memory, etc) was all pretty basic stuff I&#8217;ve done before, so nothing new there. I&#8217;ve read several reviews on the <a href="http://www.amazon.com/exec/obidos/redirect?tag=randysorg-20%26link_code=xm2%26camp=2025%26creative=165953%26path=http://www.amazon.com/gp/redirect.html%253fASIN=B0009VC6P2%2526tag=randysorg-20%2526lcode=xm2%2526cID=2025%2526ccmID=165953%2526location=/o/ASIN/B0009VC6P2%25253FSubscriptionId=1RAQ5DCSE2BQFFQ03F82">EPoX 9NPA+ Ultra</a> that the placement of the 24-pin <span class="caps">ATX</span> power connector wasn&#8217;t <strong>ideal</strong> but I didn&#8217;t have a real problem with it. Granted, I don&#8217;t have a lot of drives installed so there&#8217;s not a big mess of cables I had to worry about (one <span class="caps">SATAII HD</span>, one optical and one floppy). Great thing about this motherboard is that EPoX includes some nifty &#8220;round&#8221; <span class="caps">ATA</span> cables which helps limit the air restriction that normal <strong>flat</strong> ribbon style <span class="caps">ATA</span> cables can cause.</p>


<p>First boot when off without a hitch. The mother board detected all my hardware and configured the settings and I was up and booted (with no OS) right away. I checked out the Phoenix Award <span class="caps">BIOS</span> real quick and there seems to be quite a few options if I should ever need to <strong>squeeze</strong> a little bit of extra power out of my <a href="http://www.amazon.com/exec/obidos/redirect?tag=randysorg-20%26link_code=xm2%26camp=2025%26creative=165953%26path=http://www.amazon.com/gp/redirect.html%253fASIN=B0009B0KR8%2526tag=randysorg-20%2526lcode=xm2%2526cID=2025%2526ccmID=165953%2526location=/o/ASIN/B0009B0KR8%25253FSubscriptionId=1RAQ5DCSE2BQFFQ03F82"><span class="caps">AMD</span> Athlon 64 3000+</a> CPU. I&#8217;ll mess with that later.</p>


<p>The case is nice too. The last case (PC case that is, Apple has always had supperior cases in my ming) I had to deal with was my mother&#8217;s ancient case. I must say, the whole tool-less thing is friggin great. Can install a drive in seconds&#8230; no screwdriver needed. The <span class="caps">PCI</span> slots in the back are just as friendly. My only complaint about the case is the supplied fans. I disconnected the from 80mm fan as it was just too lound (and it didn&#8217;t seem to affect <span class="caps">CPU</span>/case temps all that much since the front of the case is a metal mesh material). The rear 120mm fan would be quiet, but there&#8217;s an annoying <strong>&#8216;tick&#8217;</strong> that I can hear as it spins. Just might have to replace that thing. While I&#8217;m talking fans, the <span class="caps">PSU</span> is super quiet. The fan on the <span class="caps">CPU</span> is probably the loudest component in the system with the 120mm fan in the back taking a close 2nd.</p>


<p>I needed a dual boot system (I know, but, I need to have Windows on there for the wife unit) so I set up a partition scheme that I think will work out well. Installed XP Pro (SP2) without any issues and installed the required drivers for the nVidia chipset (since it controls the onboard sound and GB ethernet, I didn&#8217;t really have a choice). Installed the graphics card drivers for the <a href="http://www.amazon.com/exec/obidos/redirect?tag=randysorg-20%26link_code=xm2%26camp=2025%26creative=165953%26path=http://www.amazon.com/gp/redirect.html%253fASIN=B000B7C2J4%2526tag=randysorg-20%2526lcode=xm2%2526cID=2025%2526ccmID=165953%2526location=/o/ASIN/B000B7C2J4%25253FSubscriptionId=1RAQ5DCSE2BQFFQ03F82"><span class="caps">XFX</span> GeForce 6600LE</a> and I was done.</p>


<p>Now, for <a href="http://www.gentoo.org">Gentoo</a>! This went surprisingly well considering nVidia isn&#8217;t sharing specs or code for it&#8217;s products (or so I&#8217;ve heard) making it hard for the open-source community to develop drivers for the hardware. Nevertheless, I got it installed and had everything working relatively quickly using a stage 3 install. After emerging X and <a href="http://www.gnome.org">Gnome</a> I had to get my graphics card set up. I&#8217;m using nVidia&#8217;s kernel modules and glx drivers. Again, no problems. I have working sound a la <span class="caps">ALSA</span> (haven&#8217;t tested the 7.1 channels yet, but stereo is good enough for me&#8230; I have a nice surround sound setup in the living room that works just fine), ethernet, video, mouse, keyboard&#8230; pretty much everything I need. Even have my external firewire disk setup and working with no problems. Sure, some of these things required a little research and effort to get working, but the <a href="http://www.gentoo.org/doc/en/handbook/handbook-x86.xml">Gentoo Handbook</a> helped out <strong>a lot</strong>.</p>


<p>I&#8217;ll post more on Gentoo if anyone is curious about getting it installed.</p>