My good friend, Eileen Rumwell, has started blogging.  Her blog is something I plan to keep watching especially since in the short time it has been up she has already thrown out some great insights.  The really cool thing is that having come from a marketing background, Eileen has been thrust among developers for quite a few years now.  Working at Microsoft she has great insight and maybe more importantly she also has insight into how we developers outside MS work and think about our role.

Eileen’s latest post starts off talking about her dogs and quickly points out that developers seem to think that security is not their problem.  I have seen this attitude quite a bit, but typically I get to beat it out of those who exhibit it to me since I am often cleaning up after a problem or onsite to beat it out of them.

Ignorance and apathy are both alive and well in the development community.  It isn’t the people who are motivated and willing to drag themselves to the user group meetings that are the problem it is those that are likely too lazy to even read a blog about their chosen profession let alone one about something tangential to it.  If we hold our breath long enough the world will evolve and security will be baked in to everything that matters, but that is still a long way off if a majority of those building the future think that this whole security thing is a fad.  Lets vote them off the island.

Microsoft has just released their new Anti-XSS library which helps developers do the right thing more often without as much effort as before.

If you are interested in this (and trust me, you are) your first stop is to go to the tutorial and see how it is done.  As you will see it isn’t stupid simple, but an improvement.

Once you get confortable then go to the official page and download the library and make it part of all your web projects.