On Mon, Jan 21, 2013 at 5:57 PM, Ian Hayes <cthulhucall...@gmail.com> wrote: > On Mon, Jan 21, 2013 at 2:54 PM, Jeffrey Walton <noloa...@gmail.com> wrote: >> On Mon, Jan 21, 2013 at 5:42 PM, Philip Whitehouse <phi...@whiuk.com> wrote: >>> a class A moron. >> What does that make Omnivox, which appears to have done no testing? > > The two conditions are not mutually exclusive. Hence the reason for "appears to have done no testing."
Developer driven security is some of the worst security I have seen. Its the reason for this (and few other) list. Obvious flaws (obvious to a security professional) tells me Omnivox has problems with their engineering process (perhaps incomplete testing, perhaps no testing). Jeff _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
