Monday, January 12, 2009

Top 25 most Dangerous Programming Errors

The SANS has published a list of the top 25 most dangerous programming errors. What does this have to do with computational biology? From my observation, it seems that software in compbio labs goes by the following time-line:

1) Research and Develop a new technique
2) Setup web-server before paper goes to print
3) Profit!!! (writing more grants)

The software is written during Research and Development of a new analytical technique. This means very little software design goes into its development. Once there is a working technique, a paper is written and a web server to provide the tool is setup. The web service is mostly just advertising for the paper and helps argue the point that the lab is worthy of more grant money. Very little time is actually spent on proper software engineering, and even less time on security analysis. This could turn a lot of compbio labs into rather soft targets for hackers.

Via Information week

No comments: