On Thu, Jun 23, 2011 at 6:54 PM, walt <w41...@gmail.com> wrote: > My question: WTF uses these poorly written ftp servers? Why do they > exist? Who asked for them? Who wrote the code, and why? > > My tentative guess: either evil programmers, or incompetent programmers. > (I suspect the intersection of the two sets is very small.)
I think you get the one-man-Windows-shareware kind of projects, which are almost surely going to have holes caused by incompetence/inexperience. You have academic projects which are mostly abandoned or left in a state of disrepair (like wu-ftpd, remember that?). Then you get the huge-corporation kind of proejcts which have holes based on rushing to meet deadlines, undocumented decade-old legacy mystery code that nobody knows about, managers who don't care about security until after a bug is found, etc.
