On Thu, 2003-03-13 at 05:41, G.D.Thurman wrote: > On 12 Mar 2003, David Mandala wrote: > > > Since their quality can be outstanding that is going to be hard. > > American Express is now more then 75% sourced in India where they have > > PhD programmers getting and happy with $7 per hour. > > > If company Foo outsources computing work to > company Bar, then what about Homeland Security? > [It doesn't matter what country Bar is headquartered > because allies are not necessarily trustworthy.] > > Does the following happen? Foo outsources work to Bar > and accepts/uses an executable in lieu of source code. > > Even if Foo receives code and builds the executable, > how extensively does Foo review the code? > > Can the computing profession argue against some > outsourcing practices based on Homeland Security? > > Thurman I've had this discussion with my parents. The main point forgotten is that we've been doing this for YEARS now; in fact, it is how we've gotten ourselves into adolescent global economy. If we are THAT worried about off-shore outsourced threats in our software, then we should also be worried about off-shore outsourced threats in our manufactured goods. Just how hard is it for a Korean, Chinese, or Indian semiconductor plant to take the designs of a chip, introduce some backdoor, or worse, a FLAW, into the production run a three months after it's had a chance to saturate the market? Remember the dollars lost when Firestone produced a faulty batch of tires installed on a popular S.U.V. ? In addition to the dollars lost, the US people lost faith in both companies, which means we don't buy their product, and thus more jobs and dollars are lost. The fact is, we _do_not_ inspect every piece of car manufactured overseas; we don't do the same for semiconductors, we don't do the same for tires, etc. etc. So why should we give Special attention to software? No, the threat has always been there; if you want to horde the software jobs, that's one thing. But the sad fact of the matter is that the big firms are treating the manufacture of software the same way they treat the manufacture of clothes. If you want to inspect every piece of code imported into the US, then i ask you inspect every logic gate of a chip, every brake of a car, every tire, and every stitch of clothing.