lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Thu, 16 Jan 2014 10:45:06 -0500
From: "Mikhail A. Utin" <mutin@...monwealthcare.org>
To: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: : EE BrightBox router hacked - bares all if you
	ask nicely

Hello list,
Understanding of cultural differences is not racism. It is understanding and appreciation of the diversity of our World.
So, I would not being apologetic to mentioning that "country culture" affects software development. "Culture" is very broad term to explain not only how people eat or pray but also how they think, understand governing (i.e. management process), and what is the background of technical education.
I'm Russian origin (see my full name) and know what is good in Russian culture concerning utilization in technical processes (like software development) and what is not. "Russian culture" surfaces in this country in any technical sphere from construction to computers.
Take a look at China and India history and what has been invented there last four - five centuries. None. Neither country had normal industry last two hundred years, and thus no technical background for normal technical education. Both countries started developing technical culture around 1980 - 1990. 
I have seen myself very bad software development, which is done for one US major banks by development team from India (actually working in US). And the problem was not having numerous random bugs, but complete out of common technical sense design, not coding. I have multiple examples of that. Should we blame people for poor education and the lack of technical culture? Of course not. We just need to understand that upper level US business management has been ignorant and still is, and tries to exploit people without giving them a chance for step by step development of modern technical culture.
The result is insecure software, and we get a lot of fun and work in security research. Management gets money, we get fun. A kind of profit sharing ...

Sorry for following the post and being a bit off the list topic. However, we sometimes should discuss things leading to insecurity.

Mikhail Utin, CISSP, PhD

----------------------------------------------------------------------

Message: 1
Date: Thu, 16 Jan 2014 12:00:18 +0100
From: ?micier Januszkiewicz <gauri@....by>
To: gold flake <ptinstructor@...il.com>
Cc: "full-disclosure@...ts.grok.org.uk"
	<full-disclosure@...ts.grok.org.uk>
Subject: Re: [Full-disclosure] EE BrightBox router hacked - bares all
	if you ask nicely
Message-ID:
	<CAH72vigvpAwSQU6ncMwO8EfD7k4xGT8BAsiR=kd-e+fBAQqAOg@...l.gmail.com>
Content-Type: text/plain; charset=UTF-8

No sir, I believe I should have been more explicit at that than I was
-- I did not mean to say it is about nationalities. What I meant was a simple matter of development costs when hiring personnel, and I think you won't argue that a developer in UK costs less than a developer in e.g. China or Pakistan, or Poland, or Belarus to that matter, will you? It doesn't have anything to do with their culture at all, and this point is proven by businesses hiring more and more from those countries, simply because it is cheap. Please do not try to find any point to start a "is this because I'm {insert something here}" thread
-- there was no intention to hurt anyone, and I did mean no offense to any of the people of whatever race, nationality, or sexual preferences, or whatever else, and I apologise if it sounded like that. Let's abstract from whatever is used to differentiate between social groups and concentrate on costs and expenses alone, alright?

CONFIDENTIALITY NOTICE: This email communication and any attachments may contain confidential 
and privileged information for the use of the designated recipients named above. If you are 
not the intended recipient, you are hereby notified that you have received this communication 
in error and that any review, disclosure, dissemination, distribution or copying of it or its 
contents is prohibited. If you have received this communication in error, please reply to the 
sender immediately or by telephone at (617) 426-0600 and destroy all copies of this communication 
and any attachments. For further information regarding Commonwealth Care Alliance's privacy policy, 
please visit our Internet web site at http://www.commonwealthcare.org.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists