An authority on Microsoft's Security Development Lifecycle (SDL) - which aims to get developers to design more secure code - posted an extensive entry on the brand-new SDL blog that outlined lessons learned from the ANI vulnerability. "SDL is not perfect, nor will it ever be perfect," Howard acknowledged. "We still ...