lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <40D826F5.22771.A767C721@localhost>
From: nick at virus-l.demon.co.uk (Nick FitzGerald)
Subject: M$ - so what should they do?

Valdis.Kletnieks@...edu wrote:

> Actually, just doing that one *alone* (splitting it out so it isn't entwined into
> the OS) would probably do more than anything else.  But we're not likely to see
> that happen, not since the Microsoft witnesses swore on a Bible that IE was an
> integral part of the OS....

Yep -- the DoJ defense has many long and nasty tentacles that will 
ensure shoddiness and ongoing bad design "decisions" in MS software for 
many years to come.

Is this the first major case of "insecurity by enforced legal defense"?

Perhaps our law schools need to introduce a new course: "Software 
architecture priciples for Lawyers" ??


Regards,

Nick FitzGerald


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ