31 Jul
2003
31 Jul
'03
7:39 p.m.
Private deployment of software written in C is very different from a major public release, especially so when included with source code.
you're right. when i've been involved in non-opensource products which were written in C and then shipped as binaries, i was scared to death about the lack of public review relative to the size of the user base, and i always argued for rather expen$ive SQA to make up for the weakness of not getting free SQA from all those security companies looking to make a name for themselves by being first to discover a vulnerability. or was that not what you meant?