Full Disclosure mailing list archives

Re: RE: Published exploit codes foo foo foo

From: "Eric Paynter" <eric () arcticbears com>
Date: Mon, 4 Jul 2005 13:05:19 -0700 (PDT)

On Thu, June 30, 2005 12:40 pm, J. Oquendo said:

I wonder how
many of these bigger boys' products that have had vulnerabilities
discovered, I wonder how many of that coding came from outsourced vendors.
Meaning... "Well we thought we would save money by having
_INSERT_COUNTRY_HERE code for us." Would be interesting to see where the
majority of sloppy coders, whose projects have been exploited, come from.


Like anybody fighting against prejudices, most offshore companies that
offer outsourced coding are fighting an uphill battle. Any mistake is seen
as proof of inadequacy. Therefore, the rule for the minority is perfection
for cheap, and any mistake is unacceptable.

Last I heard, Microsoft does 0% outsourcing of coding. All Microsoft code
is 100% USA Quality.

-Eric

--
arctic bears - email and dns services
http://www.arcticbears.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Published exploit codes foo foo foo Dave Korn (Jul 01)
- <Possible follow-ups>
- Re: RE: Published exploit codes foo foo foo Eric Paynter (Jul 04)