lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 4 Jul 2004 14:06:35 -0700
From: "Alun Jones" <alun@...is.com>
To: "'Justin Wheeler'" <jwheeler@...ademons.com>,
	"'Radoslav Dejanovic'" <radoslav.dejanovic@...us.hr>,
	<bugtraq@...urityfocus.com>
Subject: RE: Microsoft and Security


Justin Wheeler <mailto:jwheeler@...ademons.com> wrote on Monday, June
28, 2004 5:42 AM: 
> Perhaps that'd be a better argument, if there weren't
> countless patches
> from MS in the past that broke other things..

... okay, so you're arguing that even more QA and more testing should be
done... but in far less time.

> And I'd also be more likely to believe that if there weren't
> MS patches out
> there that fix one particular bug, but completely ignore
> other ones that are
> nearly IDENTICAL to it.

... and while you're at it, you'd like us to spend even more time searching
for ways to expand our search for the bug's potential impact, rather than
releasing a smaller fix, with minimal impact, as soon as possible.

I can't even remotely call myself a Microsoft spokesman - but I am trying to
figure out exactly what you're looking for.  Perhaps it's just a platform to
vent at Microsoft - fine, vent away.  If you have any suggestions for
improving the process, perhaps you should try and express those suggestions
in a coherent manner that could be used, rather than choosing several
contradictory stances and insisting that Microsoft satisfy them all.

Alun.
~~~~



Powered by blists - more mailing lists