lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 12 Jan 2006 13:13:13 -0500
From: wac <waldoalvarez00@...il.com>
To: "Matt.Carpenter@...icor.com" <Matt.Carpenter@...icor.com>
Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>,
	bugtraq@...urityfocus.com, ge@...uxbox.org
Subject: Re: Re: what we REALLY learned from WMF

Hi:

I think it would be good if Microsoft releases patches a la opensource. But
I think since M$ does the whole thing is their decision after all to do it
one way or another. I understand that sometimes is a matter that customers
have no other choice than take things as they decide. The normal answer
would be fine don't use my systems and they would be right on the other side
you can't stop using their systems. Ahhh but then there are other ppl that
realized the whole trick and started to take action since 1995 and will let
you take action too ;). Take a look at this website [
http://www.reactos.com] and start to taste our freedom in an alpha
stage but close to beta. And
yes I hope to get an avalanche with this since I'm tired of huge downloads,
tons of closed information huge amounts of non documented stuff, licensisng
issues, limits on the number of connections no more RAW sockets and a tons
of more stuff that makes a big chain in my neck and tons of other more ppl.
Some of this chains were set up even before I was born. So I guess that I as
a number of more ppl really had no chances. I expect to break them some day
and surely not alone. In that case I could say that maybe I really was alive
and in this world.

Regards
Waldo

On 1/6/06, Matt.Carpenter@...icor.com <Matt.Carpenter@...icor.com> wrote:
>
> Gadi Evron <ge@...uxbox.org> wrote on 01/05/2006 04:53:45 PM:
>
> <snip>
> > 2. Microsoft decided to jump through a few QA tests this time, and
> > release a patch.
> >
> > Why should they be releasing BETA patches?
> > If they do, maybe they should release BETA patches more often, let those
>
> > who want to - use them. It can probably also shorten the testing period
> > considerably.
> > If this patch is not BETA, but things did just /happen/ to progress more
>
> > swiftly.. than maybe we should re-visit option #1 above.
> >
> > ...
> >
> > Maybe it?s just that we are used to sluggishness. Perhaps it is time we,
>
> > as users and clients, started DEMANDING of Microsoft to push things up a
>
> > notch.
> >
> > ...
> >
> > Put in the necessary resources, and release patches within days of first
>
> > discovery. I?m willing to live with weeks and months in comparison to
> > the year+ that we have seen sometimes. Naturally some problems take
> > longer to fix, but you get my drift.
> <snip>
>
> Way to go, Gadi.  Nicely put.
>
> The opensource guys almost always have different repositories for preview
> and testing.  Ubuntu currently has Dapper available for download and the
> repositories are available, even though it's not due for release until
> April.  Debian has multiple levels of testing platforms, depending on how
> insane you happen to be.  On the consumer end, many customers will also
> maintain two repositories.  One for production, the other to test what
> they're about to push out.
>
> While Microsoft doesn't open their code to the world early, they could
> selectively involve key customers which are willing to have a couple of
> their PC's run with a different update site.  A
> "test.windowsupdate.microsoft.com" if you will (or the SUS equivalent).
>
> Why should the OSS people have all the fun!?  ;)
> Or rather, why should the pay-for customers get the shaft when the free
> stuff is doing it "More Right".
>
> Matt
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ