[60106] in North American Network Operators' Group
Re: WANTED: ISPs with DDoS defense solutions
daemon@ATHENA.MIT.EDU (Paul Vixie)
Thu Jul 31 19:40:22 2003
From: Paul Vixie <paul@vix.com>
To: nanog@merit.edu
In-Reply-To: Message from "Stephen J. Wilcox" <steve@telecomplete.co.uk>
of "Thu, 31 Jul 2003 19:21:44 +0100."
<Pine.LNX.4.44.0307311920110.31412-100000@MrServer>
Date: Thu, 31 Jul 2003 23:39:45 +0000
Errors-To: owner-nanog-outgoing@merit.edu
> Private deployment of software written in C is very different from a
> major public release, especially so when included with source code.
you're right. when i've been involved in non-opensource products which
were written in C and then shipped as binaries, i was scared to death
about the lack of public review relative to the size of the user base,
and i always argued for rather expen$ive SQA to make up for the weakness
of not getting free SQA from all those security companies looking to
make a name for themselves by being first to discover a vulnerability.
or was that not what you meant?
