lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <000601c45d0d$504a9680$c601140a@intranet.comnet.ca>
Date: Mon, 28 Jun 2004 08:41:40 -0400
From: "Justin Wheeler" <jwheeler@...ademons.com>
To: Radoslav Dejanović <radoslav.dejanovic@...us.hr>,
	<bugtraq@...urityfocus.com>
Subject: Re: Microsoft and Security


On Friday 25 June 2004 20:53, http-equiv@...ite.com wrote:
>> What's happening here. Where is the Microsoft representative
>> explaining all of this to the shareholders and "customers" they
>> so dearly wish to protect.  This is unacceptable.  Someone must
>> be held accountable.
>
>Although I do agree on most of your words, I hardly find this list
>appropriate for such rants. You're talking to people who already know
>this, and do not forget that Microsoft doesn't play security game like
>Open Source people do. It is two different worlds, really. While OS people
>might just sit down, write a patch and publish it, MS people would have to
>write patch, submit it to QA, see that it doesn't break something else,
>see that it doesn't make the end-user experience less comfortable, and
>only then release it to the public (takes time, doesn't it?).

*snip*

Perhaps that'd be a better argument, if there weren't countless patches
from MS in the past that broke other things..
(http://www.securityfocus.com/archive/1/OF6CB1254D.22B27464-ON85256E89.004FB
436-85256E89.0050E58D@...a.com/2004-06-25/2004-07-01/0 for example).

And I'd also be more likely to believe that if there weren't MS patches out
there that fix one particular bug, but completely ignore other ones that are
nearly IDENTICAL to it.

Justin



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ