Additional profile information on Alfred Thompson at Google+
I found [via SlashDot] an interesting article at ZD/Net News. Howard Schmidt wants developers and their companies to be held liable for security issues in their code. But he doesn't completely blame developers. He also blames the companies they work for and their education.
Schmidt also referred to a recent survey from Microsoft which found that 64 percent of software developers were not confident they could write secure applications. For him, better training is the way forward.
"Most university courses traditionally focused on usability, scalability, and manageability, not security. Now a lot of universities are focusing on information assurance and security, but traditionally Web application development has been measured in mouse clicks — how to make users click through," said Schmidt.
I hear all the time from teachers who say they don't have time to include secure programming in their courses. The AP CS exam doesn't test it either. It seems to me that security along with ethics are two issues that must be concidered in all programming courses in today's world. It is just too late when someone starts programming for a living. It's all about priorities. Is there a particular coding concept that is more important than security? That's a loaded question of course. But we do need to start thinking about the value of adding one more data structure or one more type of sort weighed against adding a unit on secure design and programming.
- Alfred Thompson
Well it is not me doing the blogging. Do I wish it was? I'm not sure. Maybe I'll know after reading Kevin Schofield's new blog. Kevin is a General Manager with Microsoft Research and he is travelling with Bill Gates on his college tour. In the first entry Kevin talks about the logistics. It looks like a lot of work goes into one of these trips.
I assume that Bill will be talking up computer science as a field to go into. I know that Bill feels strongly about that. And I agree that we really need to get people excited about the field. But I'd like to see Bill Gates talk to high school and perhaps even middle school students though. College is pretty much too late to have this sort of discussion. Students are deciding earlier and earlier what to study in college. Oh, sure some students will change their minds. But in general there are not going to make huge changes once they declare their major. I've been meaning to write Bill about this. Maybe the start of the college tour will get me off the dime and do it.
- Alfred Thompson
The lunch speaker for ACET today was Diane Zak, noted text book author. This was the first time I have heard her talk or met her. She gave a very interesting talk about teaching with Visual Basic .NET. Like me, she is in the process of updating a book for Visual Studio .NET 2005 and excited about the new features that are coming. Of course she also complains a bit about how fast things in computer science change and how much work that creates for teachers. And that is an issue. It is a struggle to keep up with technology. One of the things I am hoping we at Microsoft can help with over the next year or so is ways to prepare teachers for these changes. I'm planning a number of web casts that I hope to start later this month.
The other think that Diane Zak talked about was the controversy over using console applications against GUI applications. Her opinion is to use both. That is what I have been doing in workshops lately. I still have mixed feelings about it. I like GUIs but I am aware of the issues that can cause. It will be interesting to see how she develops her ideas in a future textbook. I'm also always interested in what others think about this issue so feel free to leave comments.
By the way, tonight's dinner is at Billy Bob's Texas. Apparently they are the world’s largest honky tonk. Contrary to the suspicions of most students teachers do know how to have a good time so I am looking forward to this.