Why can't these billion-dollar companies create a consortium to make a systematic audit of such code from start to finish? They'd all benefit enormously.
Oh, that's actually simple to answer. To the very last man, they'd all rather die than do anything that helps their competition even one tiny bit, even if they would have come out well ahead in the end. They simply don't buy into the old "a rising tide raises all ships" adage, and they're not interested enough in benevolent gestures to even invest serious time finding out it's true.
No. The answer to the question is that the ones most effected by an exploit are not IT companies. They are businesses that build, buy, and use applications. Well known OS and other low level infrastructure components are assumed to be reliable and if a problem does occur they will kick the problem up to where they got it and depend on someone fixing the problem for them. There are not many corporations who will fund a group of in-house OS developers who sit around scrolling through source code. Counting on
You'd think they'd put their money to good use! (Score:0)
Why can't these billion-dollar companies create a consortium to make a systematic audit of such code from start to finish? They'd all benefit enormously.
Re:You'd think they'd put their money to good use! (Score:2)
Oh, that's actually simple to answer. To the very last man, they'd all rather die than do anything that helps their competition even one tiny bit, even if they would have come out well ahead in the end. They simply don't buy into the old "a rising tide raises all ships" adage, and they're not interested enough in benevolent gestures to even invest serious time finding out it's true.
Re: (Score:0)
No. The answer to the question is that the ones most effected by an exploit are not IT companies. They are businesses that build, buy, and use applications. Well known OS and other low level infrastructure components are assumed to be reliable and if a problem does occur they will kick the problem up to where they got it and depend on someone fixing the problem for them. There are not many corporations who will fund a group of in-house OS developers who sit around scrolling through source code. Counting on
Re: (Score:1)
A rising tide raises all ships, so the other captains will have to come up with a solution and then we'll just piggy-back it.