lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200411151837.iAFIbDY09788@pop-4.dnv.wideopenwest.com>
From: mvp at joeware.net (joe)
Subject: [in] Re: IE is just as safe as FireFox

I think that this corporate policy will have far more impact on your company
than on Microsoft. As more and more people and companies deploy XP2, it
makes me wonder if you should just consider leaving the Microsoft market
entirely. 

As to why it isn't on Windows Update... I would guess that is because not
everyone is running your software or software that is impacted by what you
are complaining about. I have been running XP2 on several machines for some
time now and have no issues with it on them. My work laptop isn't running
XP2 but that is simply because I am waiting for the corporate go ahead once
they finish regression testing all apps. I have a virtual machine on the
laptop running XP2 that I have been testing it with the corporate network
and everything seems to be fine there. 

My question would be, did your app break only on the final release or did
you guys just ignore the public beta figuring you didn't need to test your
product because it was, IYO, MS's responsibility to make sure you worked
after the update? Does your company as a whole feel attempts at securing
machines shouldn't be attempted by Microsoft? I am curious what this says
about your company's take on security is.


  joe



-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Gregory Gilliss
Sent: Sunday, November 14, 2004 12:39 PM
To: full-disclosure@...ts.netsys.com
Subject: Re: [in] Re: [Full-Disclosure] IE is just as safe as FireFox

One comment about XP2 - the company where I work (which produces security
networking appliances) has a corporate policy - we do not support XP2. Sales
hates this (because all the numbnuts out there are pulling SP2 down with
autoupdate and they have no clue what they have brought upon themselves) but
since M$ was so idiotic as to disable the network functionality that allows
reverse proxies to function properly (and I'm not talking about Juniper's
back door where they pipe things straight through) it basically makes my
company's (and every other company's) product break.

The really dumb part is that M$ has a patch for their misdeeds and a
knowledge base article and everything - but it's not incoroporated into
autoupdate. Wonder why they would not include that fix for SP2 in
autoupdate? Maybe they *want* to break other company's products?
Nah ... <G>

G


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ