 AkumalDaveLife's A BeachPremium,MVM
join:2001-04-20
Minneapolis, MN | reply to Nightfall
Yes, but... I've always felt that it's not particularly important IF something breaks - it's how the provider/vendor/dealer handles the situation WHEN something breaks.
In this case, MS has a long history of snubbing the "white hat hacker" community and refusing to admit their software had bugs (features, yes - bugs? never!). Their arrogant position has made them a target - just as much as being the number 1 software publisher has.
Yes, all software has bugs and will as long as humans are involved. But when MS makes public statements about their commitment to security, given their past performance, people have a right to be skeptical.
regards,
Dave |
|
 NightfallMy Goal Is To Deny YoursPremium,MVM
join:2001-08-03
Grand Rapids, MI
 ·Site5.com
 ·Comcast
 ·Callcentric
| Prior to Windows 98 I will agree with you. Microsoft had a really bad standing about not fixing bugs when they pop up. However, I can say as of recently they are a lot better. Example, the Nimda virus. The fix was out for this six months before it started to hit. Who is responsible? Users have to be placed to blame. Same with the administrators who don't apply the patches to their own systems. A responsible user or network engineer will do the best he can to make sure he reads security bulletins and applies patches promptly.
--
Nightfall - »www.nightfall.net |
|
| Agreed!
I am still getting hit 30+ times a day by bone heads that STILL haven't patched their servers.
I even got attacks by rackspace.com yesterday!
I KEEP TOLIN YOU PEOPLES!
USE THE STINKIN PATCHES! =o) |
|
| reply to Nightfall
No offense, but one example of MS being early on a defect fix does not mean they are now up to par; they just read the antivirus mailing list.
They still have items now on their "to fix" list. They responded extremely slow to the SuperCookie issue, plus a couple of other items that escaped my mind at the moment. Also, in Decemeber 2001 they had something like 13 outstanding security defects that have been around for a couple of months.
What needs to happen is MS needs to be proactive about security. They need to get to the point where their security bulletins primarily consist of theoretical attacks. The only OS I know like that right now is OpenBSD. |
|
|
|
