WANTED: ISPs with DDoS defense solutions

Private deployment of software written in C is very different from a
major public release, especially so when included with source code.

you're right. when i've been involved in non-opensource products which
were written in C and then shipped as binaries, i was scared to death
about the lack of public review relative to the size of the user base,
and i always argued for rather expen$ive SQA to make up for the weakness
of not getting free SQA from all those security companies looking to
make a name for themselves by being first to discover a vulnerability.

or was that not what you meant?