Monday, April 11, 2005

New startup

Software startup seeks summer interns and permanent employees

We are a venture-backed software startup in silicon valley, building an innovative security product. The two founders are PhDs and experienced entrepreneurs. Our previous startup successfully shipped a pioneering product (SSL VPN) and was acquired by Symantec in 2003.

CS or strong computing backgrounds preferred. Especially interested in the following skill sets (requirements for summer students are less stringent):

• Programming on a Microsoft Windows platform (NT, 2000, XP, or 2003)
• Knowledge of MFC, ATL, and Win32 programming in Visual Studio
• A background in unmanaged C and C++, with a willingness and understanding on how to work in managed C++ and C# as is needed
• The ability to administer Windows 2000, XP and 2003 (set up and debug)
• Device driver experience
• Object-oriented programming and design experience
• An understanding of the software development cycle, versioning systems, and bug management systems
• Solid communication skills
• A desire to work in the challenging and rewarding startup environment.

Compensation is competitive, including stock options.

Contact: Steve Hsu

2 comments:

Anonymous said...

Well, I could commute :) Every software start-up needs a philosopher. Really, really.

Anne

Quantoken said...

Just curious why in your recruitment requirements, you do not request any skillset that has anything to do with security and cryptography? That's very odd. All you ever want is just a good C/C++ programmer. You know that type of people are nowadays a dime a dozen on the street. People who really know some REAL technology, that's a different story.

I looked at your SafeWeb, and do not think it is a good security product. You rely on Windows web browser to provide security. Don't you know that security of Microsoft product is a joke?

I happen to know SSL and RSA public key cryptography. Let me give you one example why the IE is a crap security wise. When you connect through SSL and it does key exchange. The server sends you a bunch of certificates, one thing that IE never implemented correctly is that it should NEVER accept a root certificate that is sent over the network in this fashion. That's because ANY one can create a root certificate, so a root certificate received over the wire has no basis for trust. I could easily replace all the certificate, including the root, in the midst of communication, and therefore launch a successful man-in-the-middle attack.

One example is the https://www.WellsFargo.com web site for the bank of the same name. They send over their own root over the wire. And IE simply accept it without giving out any warning. That provides plenty of opportunity for a potential hacker to launch a phish and then man-in-the-middle attach, and steal private user access information, with no possibility for the user to become aware of it happening.

Quantoken

Blog Archive

Labels