Hacker News new | past | comments | ask | show | jobs | submit login

"Security" is a stupid goal to have: if your specifications (and their implementation) is correct then the software will be secure.

Correctness is a goal of many operating systems.




You can obviously correctly implement a wrong specification which doesn't provide security.

Common Criteria distinguishes security in security functions and assurance (the effort spent in the verification of the implementation).


This is a very surprising point of view. I hope you don't work with avionics, or nuclear power plant control software, or something that has a potential to inflict a lot of harm.

You may not always foresee the requirements for 'correctness'.




Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: