CDR: Re: Bad Coding Practices
Steve Furlong
sfurlong at acmenet.net
Thu Sep 28 18:39:20 PDT 2000
Steven Furlong wrote:
> Now, I think your general point is right, that it would be somewhat
> difficult for a subverted programmer to insert deliberately broken
> crypto, and a very bet to expect it to stay in for any length of time.
^---
> However, if the privacy software companies operate anything like the
> companies I've worked for or consulted at, it could well happen.
Duh, that's supposed to be "very bad bet".
Also, I should note that an ISO-900x shop will have procedures that
should be followed for all aspects of development. The procedures aren't
a cure-all, but they do make surreptitious bad behavior much less
likely. Alas, not many software shops have ISO-900x certification.
--
Steve Furlong, Computer Condottiere Have GNU, will travel
518-374-4720 sfurlong at acmenet.net
More information about the cypherpunks-legacy
mailing list