Full Disclosure mailing list archives
RE: NASA.GOV SQL Injections
From: "Joe" <mvp () joeware net>
Date: Sat, 18 Oct 2003 11:02:32 -0400
I have no personal information on NASA but would expect it works like any large enterprise company or other government organization which I do have experience with. You tend to have a few really good folks and a bunch of so so folks and some really bad folks. The bigger the organization the easier to hide mediocrity and incompetence. The really good ones tend to set standards and the rest try to follow them or think they know better and do something else. The good ones then have to try to touch base once in a while to make sure those standards are still being set. The idea that a government organization is going to get the cream of the bell curve for Office IT is probably overstating since the government (like most large companies) does a lot of "lowest bidder" type of work for things not in their direct main line. Office IT is not what NASA is there for, the people responsible for the web sites and word processing tools running are not the people writing the code for the next satellite or space station. Heck the mindsets of those two groups of people is probably extremely different. The folks working on the word processors and web sites are working and this is the best or only job they could get... The people doing the work on the landers and space stations and such are trying to change the world and money probably isn't the main drive - there aren't many places they can go to do what they want to do. As for the janitors, I would bet that they need high security clearance for some of the areas, but having that high security clearance doesn't mean they are the best janitors. They are the best janitors with that security clearance that would work for whatever the pay scale was. That translates to the Office IT workers as well. joe -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Jonathan A. Zdziarski Sent: Friday, October 17, 2003 12:28 PM To: Schmehl, Paul L Cc: full-disclosure Maybe I'm not as familiar with NASA as others might be, but I would think NASA would try and hire the most gifted IT people they could find (e.g. the cream of the crop). Since I've never run into one, I can't prove this theory - I suppose it's possible they're all morons...but if I had the resources NASA has, there wouldn't be any idiots working for me. I wonder if their janitors require security clearance just to work there...if that's the case their IT people are most likely l33t. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: NASA.GOV SQL Injections, (continued)
- RE: NASA.GOV SQL Injections Ron DuFresne (Oct 17)
- RE: NASA.GOV SQL Injections Jonathan A. Zdziarski (Oct 17)
- RE: NASA.GOV SQL Injections Ron DuFresne (Oct 17)
- RE: NASA.GOV SQL Injections madsaxon (Oct 17)
- Re: NASA.GOV SQL Injections Gregory A. Gilliss (Oct 17)
- Re: NASA.GOV SQL Injections Ron DuFresne (Oct 17)
- Re: [SD:jason.full-disclosure] RE: NASA.GOV SQL Injections Jason Freidman (Oct 17)
- Re: NASA.GOV SQL Injections Valdis . Kletnieks (Oct 18)
- Re: NASA.GOV SQL Injections Ron DuFresne (Oct 20)
- Re: NASA.GOV SQL Injections Exibar (Oct 17)
- RE: NASA.GOV SQL Injections Joe (Oct 18)
- Re: NASA.GOV SQL Injections Jonathan A. Zdziarski (Oct 18)
- Re: NASA.GOV SQL Injections Paul Schmehl (Oct 18)
- Re: NASA.GOV SQL Injections Valdis . Kletnieks (Oct 19)
- Re: NASA.GOV SQL Injections Paul Schmehl (Oct 19)
- Re: NASA.GOV SQL Injections Valdis . Kletnieks (Oct 19)