al Qaeda Hacks XP?

acaird writes "According to this article at Newbytes, members of al Qaeda may have worked for Microsoft and planted "trojans, trapdoors, and bugs in Windows XP"." This stuff screams of hoax to me, but it is showing up on the Washington Post.

not as easy as you might think

[psyklopz]

Speaking as a programmer who works for a big software company, it's unlikely that anything like that would be able to get through.

Code generally goes through peer reviews and quality assurance before it is accepted into the main stream. Say waht you want about MS, but I'm sure they do these things (they can afford it!)

To bypass these failsafes would require a lot of people along the line allowing it to slip through.

Re:not as easy as you might think

Yeah, right. All code gets peer reviewed, and it's also verified that the version that's peer reviewed is exactly what's under source control, and QA reads code? That's a fucking joke.

QA generally does not read any code at all, they take the specs for how a routine works, and maybe write some regression tests to make sure it does what it's supposed to, and breaks properly. There's no digging around in the code itself.

As for peer review, when it happens (which it doesn't for every line of code by a long shot) they don't make sure that nobody ever updates that code again without more peer review.

While I don't believe the allegation for a second, it's definitely extremely possible.