Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
View this topic in a long page with up to 500 replies per page Create new topic
1 | ... | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36
Awesome
4794 posts

Uber Geek
+1 received by user: 1060

Trusted
Subscriber

  Reply # 695644 3-Oct-2012 16:21
Send private message

Kyanar: I've seen some really bright cookies in India (and 90% of the team I work with now are Indian and do an exceptional job) and I've seen some terrible ones (in my previous job, the Indian outsourcing provider screwed up so badly, they flew their developer to us in NZ to do the job properly!) so it's not necessarily even the outsourcing that's the problem, it's just the fact that... well, the people they chose to do the job didn't know what they were doing.


I've been working with IT outsourced to India for a number of years now, and work with outsourced Indian dev's almost daily. They are great devs, but man the communications are hard sometimes. Language and culture have to be factored it, and it often take 3 or 4 times more effort on our part to fully communicate what we need from them than it would have if they were in the same room.

Getting outsourcing of any kind up and running is hard slog to start with. It's only once it becomes mature that it starts to deliver value (IMHO).




Twitter: ajobbins


17119 posts

Uber Geek
+1 received by user: 4857

Trusted
Lifetime subscriber

  Reply # 695650 3-Oct-2012 16:26
Send private message

I loved that show Outsourced, I was gutted when they cancelled it.

I think to be fair, working on development projects across ANY kind of divide geographically speaking is very hard. Having a language barrier and also a cultural one makes it so much harder.

One of the best things companies can do is have one of it's switched on people go where the team is.

I work with a company who supplies us software and the MD is based in China with half the Dev team, and that works fantastically, and he is there with them in case things go awry. He intends to stay there until the project is completed. He is talking about bringing some of those people back to Australia with him.


12442 posts

Uber Geek
+1 received by user: 5839

Trusted

  Reply # 695659 3-Oct-2012 16:37
Send private message

networkn:
KiwiNZ:
DonGould: Techday hit my email inbox this morning as well... seems the media are roasting and toasting this one...



I love Wheedle self description in their vacancy Ad  "Wheedle Limited is a successful online web service business with its head office located in Christchurch, New Zealand."

Say what now? successful? where?
 


Ah C'mon, what do you want them to say? Who wants to work for an unsuccessful company!




Honesty would have been a good start, state that they are a start up




Mike
Retired IT Manager. 
The views stated in my posts are my personal views and not that of any other organisation.

 

 It's our only home, lets clean it up then...

 

Take My Advice, Pull Down Your Pants And Slide On The Ice!

 

 


13990 posts

Uber Geek
+1 received by user: 1764


  Reply # 695663 3-Oct-2012 16:40
Send private message

networkn:
KiwiNZ:
DonGould: Techday hit my email inbox this morning as well... seems the media are roasting and toasting this one...



I love Wheedle self description in their vacancy Ad ?"Wheedle Limited is a successful online web service business with its head office located in Christchurch, New Zealand."

Say what now? successful? where?
?


Ah C'mon, what do you want them to say? Who wants to work for an unsuccessful company!




They would have been best not to mention it at all. They could have said they are a fresh exciting new company or something along those lines. Otherwise I think it gives a false impression of who they are and how successful they are. Not unless they have other products/websites we are not aware of that are successful?

gzt

9837 posts

Uber Geek
+1 received by user: 1472


  Reply # 695667 3-Oct-2012 16:46
Send private message

jbard: This part is interesting:

"Please rest assured that your password has been, at all times, strongly encrypted and stored in our database." 

It is very clear this wasn't the case at all. I wonder if this is something being spun to him by the Indian developers or if he actually believes this?


Yes. What a silly thing to say. My password was emailed to me in plain text and that clearly rules out being stored in the database at all times. Goodness me. Only the incredibly cheap and untrustworthy shopping cart things send plain text passwords in email these days. [Edit: Other users have said the password is also stored unencrypted in cookies on the local machine - so that is two places]

However, it is still possible the password was encrypted in the database - it is easy as custard pie to use SQL Server encryption for the password column.

Does this make the password secure? Absolutely not - where the rest of the system has gaping holes or has been implemented or architected in such a way that an attacker can gain enough access to the application (or other resources) to gain the encryption key. Has a security audit been performed?

Have they examined logs to determine if their entire database was downloaded at any point? Have they examined logs to determine if the encryption scheme has been compromised or looked for instances where compromise may have occured? Have they audited logs for instances where one user may have accessed another users resources including the password resource? Is the required level of logging enabled?

Has additional logging been implemented? In all but trivial instances logs do not give up these secrets easily.

These types of questions can go on and on.

This assurance might reassure some people but from a technical perspective it is almost meaningless.

17119 posts

Uber Geek
+1 received by user: 4857

Trusted
Lifetime subscriber

  Reply # 695680 3-Oct-2012 16:49
Send private message

It clearly states they are employing an agency to do an audit.


977 posts

Ultimate Geek
+1 received by user: 149

UberGroup

  Reply # 695689 3-Oct-2012 17:00
Send private message

networkn: It clearly states they are employing an agency to do an audit.



They going to get an Indian firm to do that too?

Outsourcing has it's place, that place isn't anywhere near this tho




Most problems are the result of previous solutions...

All comment's I make are my own personal opinion and do not in any way, shape or form reflect the views of current or former employers unless specifically stated 

325 posts

Ultimate Geek
+1 received by user: 7


  Reply # 695694 3-Oct-2012 17:09
Send private message

On Monday night our tech team made some tweaks and changes to the website to improve its performance and speed. These changes were deployed to the website without first passing through our normal test protocols. We quickly discovered that the changes were causing problems with the auction listing prices.

If they're trying to blame the problem where anyone could change anyone else's auction price on a bug fix pushed on Monday night, that's BS, it was happening on Monday morning.

66 posts

Master Geek


  Reply # 695699 3-Oct-2012 17:16
Send private message

Just got my own email message from Carl - I was feeling a bit left out for a while there. Thanks Carl.Kiss
Still waiting for my job offer tho.

gzt

9837 posts

Uber Geek
+1 received by user: 1472


  Reply # 695713 3-Oct-2012 17:30
Send private message

networkn: It clearly states they are employing an agency to do an audit.

Yes, it is clear they recognise the need. The exact quote:

"In light of these events, we are undertaking a complete review of the website including engaging an independent firm to carry out a full a check of the security of the website"

That could mean anything. Security audits come in a range of different styles, sizes and prices with different purposes. Which will they choose? Which firm will they choose to perform the audit? Will they engage a quality assurance security function of some kind to verify changes after the audit?

It goes on and on, and Wheedle have clearly not considered these issues in any depth as of yet.

My main point is their assurances about passwords are close to meaningless at this point - and also contradicted by simple facts.

3888 posts

Uber Geek
+1 received by user: 163


  Reply # 695723 3-Oct-2012 18:03
Send private message

rubygirl:  Thanks Carl.Kiss
Still waiting for my job offer tho.


Raises an interesting question though. 

Did this project get out sourced to India because local people just wouldn't touch it?

I mean if someone here came to you and said that they wanted you to replicate TM in this way, what would you really have said?






Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


13990 posts

Uber Geek
+1 received by user: 1764


  Reply # 695725 3-Oct-2012 18:07
Send private message

DonGould:
rubygirl:? Thanks Carl.Kiss
Still waiting for my job offer tho.


Raises an interesting question though.?

Did this project get out sourced to India because local people just wouldn't touch it?

I mean if someone here came to you and said that they wanted you to replicate TM in this way, what would you really have said?




I would doubt it, as there are many people who would want work on such a project. But obviously anyone locally would need to design it in their own style due to IP.

3888 posts

Uber Geek
+1 received by user: 163


  Reply # 695742 3-Oct-2012 18:24
Send private message

KiwiNZ:  I love Wheedle self description in their vacancy Ad  "Wheedle Limited is a successful online web service business with its head office located in Christchurch, New Zealand."

Say what now? successful? where?
 


Credit where credit is due.  I have a brother in law who owns a trucking company and so far we haven't managed to convince him to spring for a web site for his own business.

These guys have managed to get a trucking guy to spring a "$10 million dollar war chest" to take this on, I'd call that successful in its own right.

D





Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


gzt

9837 posts

Uber Geek
+1 received by user: 1472


  Reply # 695743 3-Oct-2012 18:25
Send private message

Beccara:
networkn: It clearly states they are employing an agency to do an audit.


They going to get an Indian firm to do that too?

Outsourcing has it's place, that place isn't anywhere near this tho


I'm not sure exactly what you are trying to say there.

The fact is a huge proportion of security work is performed on an outsource basis.

If the right person lives in India or if an outfit there has a genuine track record and reputation for the work required and India is the right place to deliver it from then so be it. I have no doubt there are plenty of rightly respected firms offering these services in India.

The real question is - are Wheedle willing to pay for the level of expertise and service required?

3888 posts

Uber Geek
+1 received by user: 163


  Reply # 695745 3-Oct-2012 18:30
Send private message

gzt: The real question is - are Wheedle willing to pay for the level of expertise and service required?


Job ads I've seen so far would suggest not. 

Please correct me if I'm wrong, but my impression of India is that it's getting to the point where people there with the same level of smarts as we have here in New Zealand know their worth on the international stage and are charging accordingly.






Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


1 | ... | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36
View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Cove sells NZ's first insurance policy via chatbot
Posted 25-Jun-2018 10:04


N4L helping TAKA Trust bridge the digital divide for Lower Hutt students
Posted 18-Jun-2018 13:08


Winners Announced for 2018 CIO Awards
Posted 18-Jun-2018 13:03


Logitech Rally sets new standard for USB-connected video conference cameras
Posted 18-Jun-2018 09:27


Russell Stanners steps down as Vodafone NZ CEO
Posted 12-Jun-2018 09:13


Intergen recognised as 2018 Microsoft Country Partner of the Year for New Zealand
Posted 12-Jun-2018 08:00


Finalists Announced For Microsoft NZ Partner Awards
Posted 6-Jun-2018 15:12


Vocus Group and Vodafone announce joint venture to accelerate fibre innovation
Posted 5-Jun-2018 10:52


Kogan.com to launch Kogan Mobile in New Zealand
Posted 4-Jun-2018 14:34


Enable doubles fibre broadband speeds for its most popular wholesale service in Christchurch
Posted 2-Jun-2018 20:07


All or Nothing: New Zealand All Blacks arrives on Amazon Prime Video
Posted 2-Jun-2018 16:21


Innovation Grant, High Tech Awards and new USA office for Kiwi tech company SwipedOn
Posted 1-Jun-2018 20:54


Commerce Commission warns Apple for misleading consumers about their rights
Posted 30-May-2018 13:15


IBM leads Call for Code to use cloud, data, AI, blockchain for natural disaster relief
Posted 25-May-2018 14:12


New FUJIFILM X-T100 aims to do better job than smartphones
Posted 24-May-2018 20:17



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.