lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <40586B93.26478.18F55B1@localhost>
From: nick at virus-l.demon.co.uk (Nick FitzGerald)
Subject: Re: Microsoft Security, baby steps ?

Troy <th@...o.com> wrote:

> Actually, that CD only includes the updates as of October 2003. It is
> not meant as a replacement for security updates, but just to make it
> easier to do a clean install of Windows. I suppose part of it is to
> lessen the load on Microsoft's Windows Updates servers, ...

Perhaps, but I doubt it...  I can't see the bandwidth costs (at the 
relatively high discount rate MS must get for all its bandwidth) of the 
necessary downloads for all those unpatched users who order this CD 
outweighing the P&P for fulfilling the CD orders.

I think MS has finally realized that while dial-up users are not at all 
likely to get the large security updates (IE version upgrades, OS 
service packs), they can be significant combined part in the overall 
problem of unpatched machines.  This is the easy way for such users to 
"catch up" (it's just a pity that there is such a huge lag between MS 
freezing the disk's contents and pressing and shipping it -- for moost 
Xp users it will arrive about a wek before they face downloading SP2 
and that is likely to be around 150MB I hear...).

> ... but it does make
> re-installing Windows much easier and faster for the average user who
> does not know how to slipstream the updates into the Windows install CD.

That is an additional benefit, but I suspect not the main concern...


Regards,

Nick FitzGerald


Powered by blists - more mailing lists