Full Disclosure mailing list archives
Re: Microsoft Cries Wolf ( again )
From: gandalf94305 <gandalf94305 () yahoo com>
Date: Sun, 06 Jul 2003 21:31:05 +0200
Normally, if there is a bug with some commercial software, you report it to the vendor. If there is a bug in some community-supported software, you report it to the appropriate forum or mailing list. Hmm... if you have reason to suspect that the vendor will do nothing about your report and in fact even refrain from publishing its existence, going public is a plausible way of putting some extra pressure on that company.
Microsoft has never been known for either being innovative or being responsive to customer problems. In fact, with every new release of operating systems or office suites, major parts are rewritten, leading to a high probability of a whole range of new bugs. Buffer overflows are quite common problems and could be avoided (because you know exactly where they are likely to happen) by the software developers... The same holds for many security issues (e.g., default settings of Outlook, Internet Exploder and others). However, the past clearly indicated that no major attempt has been made to make Outlook more secure (pardon me, secure... "more" implies there is already security :-)), make the usage of IE as an Internet browser less problematic, and keep spyware out of the operating system (in fact, Microsoft itself includes such).
Therefore, while with most software I would recommend going the "standard" way as mentioned at the beginning of my posting, I do recommend going public with security flaws and bugs in Windows-related products because otherwise Microsoft won't respond in a reasonable fashion. I would claim that many bugs are known but do not get fixed until somebody complains. People just live with the deficiencies because it is easier than to keep sending messages to Microsoft support and get no replies.
Cheers, --gandalf. "In a world without walls and fences, who needs windows and gates?" _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Microsoft Cries Wolf ( again ), (continued)
- Re: Microsoft Cries Wolf ( again ) Peter van den Heuvel (Jul 01)
- Re: Microsoft Cries Wolf ( again ) mattmurphy () kc rr com (Jul 01)
- Re: Microsoft Cries Wolf ( again ) Ron DuFresne (Jul 01)
- Re: Microsoft Cries Wolf ( again ) KF (Jul 01)
- Re: Microsoft Cries Wolf ( again ) Ron DuFresne (Jul 01)
- Re: Microsoft Cries Wolf ( again ) dhtml (Jul 01)
- Re: Microsoft Cries Wolf ( again ) Kristian Hermansen (Jul 01)
- Re: Microsoft Cries Wolf ( again ) KF (Jul 01)
- RE: Microsoft Cries Wolf ( again ) Schmehl, Paul L (Jul 01)
- Re: Microsoft Cries Wolf ( again ) Shawn McMahon (Jul 02)
- Re: Microsoft Cries Wolf ( again ) Kristian Hermansen (Jul 06)
- Re: Microsoft Cries Wolf ( again ) gandalf94305 (Jul 06)
- Re: Microsoft Cries Wolf ( again ) mattmurphy () kc rr com (Jul 01)
- Re: Microsoft Cries Wolf ( again ) Karl DeBisschop (Jul 01)
- Re: Microsoft Cries Wolf ( again ) Geoincidents (Jul 02)
- Re: Microsoft Cries Wolf ( again ) Justin Shin (Jul 02)
- Vote with your dollars (Was: Re: Microsoft Cries Wolf ( again )) Peter Busser (Jul 02)
- Re: Microsoft Cries Wolf ( again ) andrewg (Jul 02)
- Re: Microsoft Cries Wolf ( again ) Karl DeBisschop (Jul 01)
- Re: Microsoft Cries Wolf ( again ) Karl DeBisschop (Jul 01)
- Re: Microsoft Cries Wolf ( again ) Ron DuFresne (Jul 03)
- Re: Microsoft Cries Wolf ( again ) Peter Busser (Jul 04)
- Re: Microsoft Cries Wolf ( again ) morning_wood (Jul 04)