Tuesday, July 26, 2005

So how's your computer's diet?

At a presentation during OWASP's 2005 Application Security conference in Europe, Jeff Williams, the OWASP chair, proposed an idea that software should come with Software Facts. This information would be conveyed in a manner similar to the same Nutrional Facts chart on US Food.

Just as the Nutrional Facts chart raises consumer awareness of the health value of the foods that they are consuming, the Software Facts chart would inform the consumer how healthy the software that your computer is about to consume is.

This is an idea that intrigues me as I can only see it as a benefit to the consumer. Companies may have to doa little extra work to compile the required statistics, but if you ask me, it's stuff they should be testing for anyway.

Now there is the argument that the average consumer is not going to know what Cross Site Scripting or SQL Injection percentages actually mean. But the first step is to get the information out there and the next step is to educate.

Image from OWASP.org
Post a Comment