Instead of Apple tasking a coder to work on cracking that iPhone...

Steve Kinney admin at pilobilus.net
Fri Feb 26 08:24:20 PST 2016 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/26/2016 10:46 AM, Georgi Guninski wrote:
> On Fri, Feb 26, 2016 at 08:45:11AM -0500, Steve Kinney wrote:
>> The division of labor relevant to QA breaks down like this:
>> 
> 
> /me thinks you are operating in purely theoretic model or
> perfect world, that has nothing to do with the real world.

I have designed and implemented ISO 9001 quality programs for
engineering firms.  The paychecks were real, the external audits
were real, the reliability of deliverables was real.

> in the real world QA just wants the stuff to not crash (often)
> on well formed input.

In the real world, the QA game is about compromises:  No company
is ever fully compliant; success is measured in "failure to fail"
in the real world, despite documented and undocumented variances
in QA compliance.  And of course, the ability to pass external audit
s.

So, since when does the ability of the QA department to verify
that stuff does not crash (often) on well formed input, mean that
the QA department is qualified to reverse engineer and "break"
cryptographic protocols on demand?  That was the origin of this
whole discussion, with me on the "not QA's job" side.

:)

> e.g. apple's QA from today:
> 
> http://www.theregister.co.uk/2016/02/26/remote_god_mode_code_exec_
star_in_apple_tv_3_patch_party_premiere/
>
>  Apple TV can p0wn you in more ways than it entertains you 
> Thirty-three fixes flung at Cupertino's telly-enhancer
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAEBAgAGBQJW0HwzAAoJEDZ0Gg87KR0LjJQP/iY+EBL74T36AbXmHldzMJh6
Ox5PDPV1gBK1C4OwJAQCcB2tvhrStN+2QejPnV2rbRiipHUvF7NttSRvbzARVVZ8
Xn+oJDDvfZF1X2GF2iNcJ+SbkjK7FMFo/GYUbt6X0r0oia67tGU/wBcYQD1C2tuL
fK5Of66rMox06TdzBbb3FAc6y+9mbo34Rt6/+whRiE9Jd/hdlEvuBBtjoMbbGldu
637zmPQggt63nda8H1VzNP/NQa1WAvHagi0B6D7sPRi/ua+SkwcG9e1SSAQX3MjH
rZR+a4mN+/0InlTQsaixlBlijm6hw7VXL+BRaErjIh8rsSn+DStAg22KqoSveLgj
lL47rdiuuNFQfOm+N+NpycNmBQm27FvwRxn1UTcNwTeUsvWWLA9s0WT2qkDxdcUq
3XmGxgirGrQjYs66BtVT8kQPLXJkqC+0ob+t2XxLFsMClLO3olgykfnV8NyoeMoY
ekaz33oEAcEWUqLv9+NhgDH5y6A3/t+pzTseVOrZfvJoY/LI4zWk1wvf97eUCEhG
8jXD3+E6FNI6gfHKNjzlGyc5iVGN5TWMP5A1HyujiMTCus26Xvl7dVepJNxWuXlP
CH4hKUi8jt8tQ4PHtYPuf8h29Znjxue/7Z/ryGPAaBivKm3dCQoZsB0tkTSfTdSg
GeTl6CicHNARf//I8voL
=kfyT
-----END PGP SIGNATURE-----

More information about the cypherpunks mailing list