Forgot your password?

+ - I am nearly finished my Computer Science degree

Submitted by Abolo
Abolo (932400) writes "So, I am nearly finished my Computer Science degree. I have "studied" for nearly 3 1/2 years, got a first class honors each year, and hopefully the same for this. The question begs though, what now? Yes, I've a lot of interests, everything from wsn technology to obscure programming languages. In essence each choice of future profession can be narrowed down to the commercial world, or the not so commercial academic world (PhD program). I cannot ever see myself drifting from the technical world, to the "management" world. However, I am still young, and money makes better sauce than life philosophy when I discover I have bills to pay. I understand it's a pretty relative question, but you can see what I am attempting to ask. Of all the older slashdotters, which choice did you make, and did you regret it?"

Comment: True Story. (Score 1) 196

by Abolo (#19908033) Attached to: Bill Gates Should Buy Your Buffer Overruns

"Obviously if Microsoft offered more than the black-market prices, everyone would just sell their exploits to them."

Yes, however from a business orientated viewpoint this portrays the company having its balls in the hands of 'outsiders'. As a smart 'enterprisingly minded' human being would you buy software from a company which you plan to deploy on thousands of machines, if you knew that some of the security testing and possible patch submissions on it may have been handled by x-cons/hackers/crackers/stfu/criminals/etc.

I am not saying it would be substandard, but I think that a lot of people would feel something intuitively wrong with that. In a lot of ways it's like saying you got a friends friend who is a robber to test out your alarm for you.

However, at the same time, as pointed out "The people they would be paying money to are not criminals or bad people, they're legitimate researchers who just can't afford to do work for Microsoft for free when they could be doing something else for money."

Yes, there is a lot of legitimate security researchers out there, but let's say the CashPerExploit deal was introduced. Do you not think there would be an adequate amount of better trained 'nefariously minded' exploit finders? One bad apple fucks up the box. If companies got the impression that there is a possibility their software supplier uses such people, I think their confidence in the company would loosen.

But having said that, once it becomes a business enough people might get 'trained up' quickly.

I work for a company who uses a variety of Microsoft Technologies deployed over quite a few machines. Not hundreds, or thousands, just a tad higher! You'd be surprised at how relaxed they are about security, but me, I am generally just paranoid anyway. This is the first experience I have had in an 'enterprise environment', but all of the above is just me suspecting that other companies have a different corporate strategy to their security. I must say, for how successful they are, they really do believe in solely using M$ products, and products developed by companies who have good relations with M$.

I don't know, maybe it's like being with a gang of people. You're either on the FSF's land or somewhere in Redmond. A sense of security fostered by a recorded long term relationship of software development companies. Maybe it's less about the company, and more about consistency derived from their strong relationship. Patches each month, deployment Friday, etc... A big corporate bureaucratic machine survives on things like this, a bit like the x86 idea, make it simple, and make it fast/reliable. Hah, I'm laughing too....

"Deco, ya stallin' it up to mouseys gaff? We'll get mad ourra'vih!"

Support Mental Health. Or I'll kill you.