[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Netscape rewards are an insult

>         The idea that Netscape (like Microsoft) thinks they can get free
> testing services from all over the net by real experts just by offerring
> a tee shirt is down right offensive.
>         I have a better idea.  How about an open market in break-in
> software.  We crack Netscape and offer the crack code to the highest
> bidder.  Bids start at US$25K per hole.  For the insult, Netscape has to
> outbid the competition by a factor of 2 to get the details of the hole.
> Here's how it works:

      [snip of judging, verification, bidding ...]

Hmmm.  I'm glad that some people still have a bit of a sense of haha about
these things.  It's only computer code, right?? 

Right??  ;-(

Your idea about a bidding war for this type of code is _interesting_ but
not something I'd really like to see develop.  Good security and good code
are possible without this. 

Good people are out there.  The *best* people might be in academia or they
might be in retirement or even on a sabbatical.  They might even be in
other fields, or other countries, or as Netscape discovered to its
chagrin, they might be Berkeley students.  The question is how to secure
co-operation when they aren't motivated by ego, need, or greed. 

How do you attract the ones who simply know who they are, and WHAT they
can do, and simply won't put up with twaddle?? 

And frankly offering someone a cup, or a shirt or even offering someone a
$1,000 isn't the way to bring them on side.  I can't even get my
lineprinter serviced on Christmas Eve for $1,000. 

There's always a fine line between an insult and an offer. 

>         I have an even better idea.  How about if Netscape gets some
> competent programmers with real security expertise, adds in some good
> change controls, a serious internal testing program, quality control ala
> ISO-9000, internal IT auditors, external IT auditors, training and
> education for their employees, and everything else it takes to be in the
> software business in a serious way.

This would be a *basic* start.  Whether or not ISO-9000 is the way to go,
or whether it should be TQM, or something more modern is moot.  In
addition to some of the above, I might suggest parallel development units. 

Two separate program teams kept completely apart from each other, each
duplicating the other's work with the eventual goal of utilizing the first
reconciliation sets of production code as "learning experience", and then,
as part of a planned design goal re-evaluation and refinement, disposing
of the reconciliation set before "Fresh-Start"(TM) implementation. 

(This might necessarily lead to attendant presentation of individual
outplacement opportunities to select persons, as a team regrouping

Essentially a real-life simulation of the anticipated code-writing

Each group could develop its own unique vision and approach within the
context of the design goal, and should have demonstrated a willingness to
utilize challenge and justification modelling.  The groups themselves
might be dynamically balanced and re-balanced vis-a-vis personality and
code-writing styles. 

A positive creative environment should be provided, possibly in an
incubator-type setting, which meets creative, psycho-social, and
psycho-physical requirements. 

Essentially, the right balance between spa and boot-camp, a realized
vision.  An evolutionary development of Scott Adams' "Vision: Empowered
Employees Working Toward A Common Plan". 

A plan that centers around People. 

A New Plan that views employees as assets to be developed, nurtured, and
cared for rather than as expenses to be eliminated or reduced. 

A New Vision emphasizing Quality by remedying the marginalization of the
companies prime assets -- the employees.  An applied corrective ...  a
focussed deemphasis on productivity in anorectic organizations.  I might,
humbly, suggest as a title: 

 A New Vision, A New Plan:  Applied Complexity Theory (A.C.T.) in Action.

It truly is a long list ... as part of an "ACT in Action Plan"(TM),
Netscape should source long-range planners who can meet and exceed
day-to-day corporate expectations. 

>         As an alternative, we could help them contact the shareholders
> for a lawsuit.  After all, they are a public company now and are responsible
> to the shareholders for the value of their stock.  If it goes down because
> they aren't doing an adequate job of software quality control, the officers
> may be personally liable.

I think whether or not it goes down, is not relevant.  If there has been
proper material event disclosure, then I doubt that there are actionable
grounds.  If there has been active acts of misrepresentation, then that's
simple fraud. 

Fiduciary obligations can be very complex without good counsel. 

Clearly by not having official announcements, it might lead a reasonable
man to believe that there might be trading improprieties through-out the
high-tech sector, among so-called "friends and family" or alternatively,
that Netscape's strategic misrepresentation program might be operative. 

Who know's??

One thing is certain though, disclosure obligations attach to all public
companies.  Sun, Microsoft, Netscape, AT&T, Viacom ... 

Maybe I should email postmaster??

Alice de 'nonymous ...

                                  ...just another one of those...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.