: EE BrightBox router hacked - bares all if you ask nicely

["Mikhail A. Utin" <mutin () commonwealthcare org>]

Hello list,
Understanding of cultural differences is not racism. It is understanding and appreciation of the diversity of our World.
So, I would not being apologetic to mentioning that "country culture" affects software development. "Culture" is very 
broad term to explain not only how people eat or pray but also how they think, understand governing (i.e. management 
process), and what is the background of technical education.
I'm Russian origin (see my full name) and know what is good in Russian culture concerning utilization in technical 
processes (like software development) and what is not. "Russian culture" surfaces in this country in any technical 
sphere from construction to computers.
Take a look at China and India history and what has been invented there last four - five centuries. None. Neither 
country had normal industry last two hundred years, and thus no technical background for normal technical education. 
Both countries started developing technical culture around 1980 - 1990. 
I have seen myself very bad software development, which is done for one US major banks by development team from India 
(actually working in US). And the problem was not having numerous random bugs, but complete out of common technical 
sense design, not coding. I have multiple examples of that. Should we blame people for poor education and the lack of 
technical culture? Of course not. We just need to understand that upper level US business management has been ignorant 
and still is, and tries to exploit people without giving them a chance for step by step development of modern technical 
culture.
The result is insecure software, and we get a lot of fun and work in security research. Management gets money, we get 
fun. A kind of profit sharing ...

Sorry for following the post and being a bit off the list topic. However, we sometimes should discuss things leading to 
insecurity.

Mikhail Utin, CISSP, PhD

----------------------------------------------------------------------

Message: 1
Date: Thu, 16 Jan 2014 12:00:18 +0100
From: ?micier Januszkiewicz <gauri () tut by>
To: gold flake <ptinstructor () gmail com>
Cc: "full-disclosure () lists grok org uk"
        <full-disclosure () lists grok org uk>
Subject: Re: [Full-disclosure] EE BrightBox router hacked - bares all
        if you ask nicely
Message-ID:
        <CAH72vigvpAwSQU6ncMwO8EfD7k4xGT8BAsiR=kd-e+fBAQqAOg () mail gmail com>
Content-Type: text/plain; charset=UTF-8

No sir, I believe I should have been more explicit at that than I was
-- I did not mean to say it is about nationalities. What I meant was a simple matter of development costs when hiring 
personnel, and I think you won't argue that a developer in UK costs less than a developer in e.g. China or Pakistan, or 
Poland, or Belarus to that matter, will you? It doesn't have anything to do with their culture at all, and this point 
is proven by businesses hiring more and more from those countries, simply because it is cheap. Please do not try to 
find any point to start a "is this because I'm {insert something here}" thread
-- there was no intention to hurt anyone, and I did mean no offense to any of the people of whatever race, nationality, 
or sexual preferences, or whatever else, and I apologise if it sounded like that. Let's abstract from whatever is used 
to differentiate between social groups and concentrate on costs and expenses alone, alright?

CONFIDENTIALITY NOTICE: This email communication and any attachments may contain confidential 
and privileged information for the use of the designated recipients named above. If you are 
not the intended recipient, you are hereby notified that you have received this communication 
in error and that any review, disclosure, dissemination, distribution or copying of it or its 
contents is prohibited. If you have received this communication in error, please reply to the 
sender immediately or by telephone at (617) 426-0600 and destroy all copies of this communication 
and any attachments. For further information regarding Commonwealth Care Alliance's privacy policy, 
please visit our Internet web site at http://www.commonwealthcare.org.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/