Nickname: vampares

Review: USAID is a trivial example. There is obviously a disconnect between applications. The absence of "situational awareness" in the software is an accident waiting to happen. Open source approach does discourage this. Just the comprehension of secure connections and the like is difficult to grasp for programmers who are not intimately involved with it. Hence 17 passwords.

Date reviewed: Mar 28, 2006 12:19 AM

Nickname: RedM3

Review: I agree; get off the Windows bashing bandwagon and get a clue. This is a government agency problem, not an O/S problem.

Date reviewed: Mar 21, 2006 9:45 PM

Nickname: Ely

Review: It has very little to do with the operating system. If it were, then all agencies would have failing grades. USAID uses the same software, but received A+ for two consecutive years. Other government agencies also made dramatic progress. OPM went from a C- to an A+. So the problem lies elsewhere. Start looking at the top.

Date reviewed: Mar 21, 2006 3:25 PM

Nickname: secure not

Review: A big part of the problem is Windows. It's chock full of holes! Not once in this article is the Windows OS mentioned, but you know if you had an open source server or Unix-based device of some kind security would be a more predictable issue to manage.

Date reviewed: Mar 18, 2006 5:14 PM

Nickname: EDG

Review: The real problem is software security! You should check out Dr. Gary McGraw's latest book that teaches you how to put software security into practice. www.awprofessional.com/title/0321356705 The software security best practices, or touchpoints, described in this book have their basis in good software engineering and involve explicitly pondering security throughout the software development lifecycle.

Date reviewed: Mar 17, 2006 5:08 PM