If someone ever writes a proposal for you priced by the lines of code, run in the other direction. It's one of the big scams in our industry, the "oh, we'll just scope the project directly off your estimated line count" thing.
Our practice focus is on code-assisted penetration testing; in other words, we'll read your code, but mostly to get a sense of what it does and how it's articulated. Then we'll write software to beat the shit out of it.
The nice thing about this is, projects are scoped by what the code does, and how exposed it is to attack, not by some arbitrary number.
I'd love to talk about the specifics of what we did for this customer, but I'm only able to say "Vista" because Microsoft publicly said we worked on it.
I'm impressed. You probably can't tell me, but just in case... how much do you charge for this?
Considering how many LOC there are in Vista, either you're far cheaper per LOC than I expected, or Microsoft put up a huge amount of money.