lists.openwall.net   lists  /  announce  john-users  owl-users  popa3d-users  /  xvendor  oss-security  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4 
Open Source and information security mailing list archives
 
Order Openwall GNU/*/Linux 2.0 on a CD with delivery worldwide
[<prev] [next>] [<thread-prev] [month] [year] [list] 
Date: Mon Jul  4 21:06:33 2005
From: eric at arcticbears.com (Eric Paynter)
Subject: RE: Published exploit codes foo foo foo

On Thu, June 30, 2005 12:40 pm, J. Oquendo said:
> I wonder how
> many of these bigger boys' products that have had vulnerabilities
> discovered, I wonder how many of that coding came from outsourced vendors.
> Meaning... "Well we thought we would save money by having
> _INSERT_COUNTRY_HERE code for us." Would be interesting to see where the
> majority of sloppy coders, whose projects have been exploited, come from.

Like anybody fighting against prejudices, most offshore companies that
offer outsourced coding are fighting an uphill battle. Any mistake is seen
as proof of inadequacy. Therefore, the rule for the minority is perfection
for cheap, and any mistake is unacceptable.

Last I heard, Microsoft does 0% outsourcing of coding. All Microsoft code
is 100% USA Quality.

-Eric

--
arctic bears - email and dns services
http://www.arcticbears.com

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux