North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Networking Pearl Harbor in the Making

  • From: Christian Kuhtz
  • Date: Mon Nov 07 12:40:52 2005

On Nov 7, 2005, at 12:16 PM, Todd Vierling wrote:

On Mon, 7 Nov 2005, Christian Kuhtz wrote:

How so? Haven't we recently seen an across the board bug in
multiple version of $vendor code?
And that's evidence of what other than nobody is willing to pay for what it
takes to get better code out of $vendor?

Code can be built better. It just isn't always economical to do so.
In some business models.

Financial reports regularly hint that $vendor has margins far exceeding the
costs necessity to clean up security-critical code. When the aggregate
margins drop thanks to folks choosing $vendor2 because $vendor has decided
to let security flaws stew, it's time for $vendor to reevaluate that
business model -- at least a little.
Apparently they're still in business, and they're making money, and that means people are still buying their stuff. And as long as that's true, nothing will change. Correlating a margins over a very large product range with bugs specifically in service provider gear is problematic in my opinion. Apples v Oranges. Whatever, it really doesn't matter.

Reliability should be engineered by the SP, not exclusively expected from any one vendor. And you can improve reliability by using same devices in a particular fashion, not just by using different devices, which was my whole point about calculating reliability in the first place.