At 09:06 PM 28/09/00 -0500, Jim Choate wrote:
On Thu, 28 Sep 2000, Steve Furlong wrote:
Also, I should note that an ISO-900x shop will have procedures that should be followed for all aspects of development. The procedures aren't a cure-all, but they do make surreptitious bad behavior much less likely. Alas, not many software shops have ISO-900x certification.
The trick would be to subvert the code management system and the build
of a system that inserts "CDR"'s would it not? so we could avoid subject lines like "Re: CDR: Re:" in the subject line??? What? Speak louder, use English too. traffic analysis? For WHAT? why do you need to anal-ize the traffic? who's your daddy? who's paying the bill? or is there a sword of Damocles dangling not far from you? Bad Coding Practices, heh. You're busted, big time pal,,,
shop. That would generaly require higher access than the programmers have. Not that it couldn't be hacked, but you'd have a lot of logs (and if they're using a journaling filesystem that adds yet another layer) to wipe. That means time. Such a hack would take a planned extended effort. It generaly wouldn't be spur of the moment.
Then again, code reviews on future releases of that code base and the patch shop roaming around would provide post facto mechanisms for finding such kludges.
____________________________________________________________________
He is able who thinks he is able.
Buddha
The Armadillo Group ,::////;::-. James Choate Austin, Tx /:'///// ``::>/|/ ravage@ssz.com www.ssz.com .', |||| `/( e\ 512-451-7087 -====~~mm-'`-```-mm --'- --------------------------------------------------------------------