Slashdot Mirror

← Back to Stories (view on slashdot.org)

Do You Write Backdoors?

Posted by Cliff on from the is-'kt'-logged-in? dept.

quaxzarron asks: "I had a recent experience where one of our group of programmers wrote backdoors on some web applications we were developing, so that he could gain access to the main hosting server when the application went live. This got me thinking about how we are dependent on the integrity of the coders for the integrity of our applications. Yet in this case a more than casual glance would allow us to identify potentially malicious code. How does this work when the clients are companies who can't perform such checks - either because they don't know how, or because the code is too large or too complex? How often do companies developing code officially sanction backdoors...even if means calling them 'security features'? How often has the Slashdot crowd put a backdoor in the code they were developing either officially or otherwise? How sustainable is the 'trust' between the developer and the client?"

1 of 791 comments (clear)

  1. Re:trust... by klparrot · · Score: 1, Offtopic
    but when it came to stock option maturity time, I got laid-off

    How did that affect your ability to exercise your stock options? The options should have been mentioned in your employment contract as part of your salary.

    The employment contract, and the stock options themselves, are legally enforceable contracts. If they didn't let you excercise the options because you were laid off, it could be because you agreed to that possibility in the employment contract or in the contract of the stock option itself.

    If that wasn't in the contract, then you should be able to go after them to exercise your stock options.