OK. So you decide to outsource your programming assignment to Asia and demand
that they deliver code that is so locked down that it cannot misbehave. How
can you tell that what they deliver is truly locked down? Will you wait until
it gets hacked? What simple yet thorough inspection process
Whenever I speak with a customer or any software decision makers, I
implore them, before buying another vendor's software, or
hiring/contracting a 3rd party development firm, to ask a couple of
simple questions: What do you do for software security?, and Can
you send me some documents about your
I'll preface what I'm going to say with:
- I don't work in the financial vertical or government defense, but
from conversations with colleagues, I think that they get it (they
have to)
- My sphere of experience excludes Australia, India, and Japan:
- Oz has on average a high skill set of s/w
... and demand that they deliver code that is so locked down that it
cannot misbehave.
Your premise is so incorrect that I advise that if you are truly
interested in answering your questions (as opposed to a purely
academic or other exercise), then you should hire a security
specialist to help
OK. So you decide to outsource your programming assignment to Asia
and demand that they deliver code that is so locked down that it cannot
misbehave. How can you tell that what they deliver is truly locked
down? Will you wait until it gets hacked? What simple yet thorough
inspection process
