Full Disclosure mailing list archives
Microsoft takes 7 years to 'solve' a problem?!
From: "Memisyazici, Aras" <arasm () vt edu>
Date: Tue, 25 Nov 2008 01:44:08 -0500
<RANT> <snip:: taken from MSRC Blog: http://blogs.technet.com/msrc/archive/2008/11/11/ms08-068-and-smbrelay.aspx> What we released today with MS08-068 is that security update. It addresses the SMBRelay issue (discovered in 2001) does so in a way that doesnt have the negative impact on applications that we originally believed addressing this issue would have. </snip> So... Hmm... I wonder what would happen if the rest of the world followed suit with M$' approach, and took 7 years to "fix" an issue in order to "not cause a significant impact"... Scenario: Ppl: Hey Ford, if one brute-forces the keyless entry on the door, you're car explodes... Ford: well... I'll offer you three choices, two immediately, and the last one 7 yrs later. You can either not use the keyless entry system (we'll give you some shiny duck-tape to cover it) or you can use the biometric-knub system which requires that you have a knub... So those who have arms & legs can't use the system... (btw this will give birth to a whole new industry that will allow ppl to pay money for a product that fakes a knub for people with appendages) But it's biometric & cool this way! Or you can wait for 7 years and we'll release a non-exploding version of the keyless-entry system. *************************************** OK... Maybe I'm going a bit extreme, but WTH?! Am I the only one who is interpreting this, this way? Really? When has releasing a solution to a problem 7 years later ever been acceptable? Jus' sayin' ... </RANT> Aras 'Russ' Memisyazici Systems Administrator Virginia Tech _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Microsoft takes 7 years to 'solve' a problem?! Memisyazici, Aras (Nov 24)
- Re: Microsoft takes 7 years to 'solve' a problem?! Randal T. Rioux (Nov 25)
- Re: Microsoft takes 7 years to 'solve' a problem?! Valdis . Kletnieks (Nov 25)
- Re: Microsoft takes 7 years to 'solve' a problem?! James Matthews (Nov 25)
- Re: Microsoft takes 7 years to 'solve' a problem?! Valdis . Kletnieks (Nov 25)
- Re: Microsoft takes 7 years to 'solve' a problem?! Paul Schmehl (Nov 25)
- Re: Microsoft takes 7 years to 'solve' a problem?! James Matthews (Nov 25)
- Re: Microsoft takes 7 years to 'solve' a problem?! Valdis . Kletnieks (Nov 25)
- Re: Microsoft takes 7 years to 'solve' a problem?! Paul Schmehl (Nov 26)
- Re: Microsoft takes 7 years to 'solve' a problem?! Randal T. Rioux (Nov 25)
- Re: Microsoft takes 7 years to 'solve' a problem?! Paul Schmehl (Nov 26)
- <Possible follow-ups>
- Re: Microsoft takes 7 years to 'solve' a problem?! Memisyazici, Aras (Nov 25)