lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed Jan 18 18:00:09 2006
From: yboily at gmail.com (Yvan Boily)
Subject: Vulnerability/Penetration Testing Tools

I don't want to work as a programmer for you.  2080 hours a year
leaves no time for vacation, and that would suck.

On 1/18/06, Madison, Marc <mmadison@...i.com> wrote:
>
> Valdis Kletnieks wrote:
>
> >Something to keep in mind however - many people make that comparison,
> and don't calculate the *TOTAL* cost.
>
> >If your developer is getting paid $60K/year, the *encumbered* cost
> (benefits, office, etc) is close to twice
> >that.  And if he's writing an in-house BidiBLAh, that's time he's *not*
> writing stuff you *can't* buy
> >off-the-shelf.
> >As a result, it breaks out as:
>
> >BidiBLAH:         $10,000
>
> >scripting clss:             $350
> >6 man-weeks time: $15,000
>
> >OK? Got that?  Suddenly doesn't look like such a good deal, does it?
> Maybe you *should* just buy
> >BidiBLAH, and have that guy coding that custom interface between two
> in-house systems instead....
>
> >(And don't say "I only pay my developer $30K, so he can take 2
> man-months to do it" - the kind of
> >developer you can >keep for $30K is probably going to take a lot more
> than twice as long as the $60K
> >developer.....)
>
>
> I understand your point about TCO, even though you don't make a very
> good case for it.  As for BidiBLAH, maybe you should look at the product
> before speaking about it!  If you have used this product then please
> give me your insight as to what you think and why.  Really if your
> currently using this product I want to know what you think!
>
> Now for the Math, and why your TCO argument wasn't so good,
>
> Developer $60K/year divided by the adopted 2080 man hours year (this is
> the average hours work, 40 hour week, 5 days, etc...) = $28.85/hourly,
> so.....
>
>
> BidiBLAH:                       $10,000
> Scripting class:                $350
>
> 6 man-weeks time:               $6924.00
>
>
> Like you said, "many people make that comparison, and don't calculate
> the *TOTAL* cost".
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>


--
____
ygjb
Computer Science is no more about computers than astronomy is about
telescopes. E. W. Dijkstra

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ