[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Microsoft continues to mislead public about Windows security bugs (a bitlong, with references)



At 12:01 1/8/96, James A. Donald wrote:
>At 07:15 PM 1/8/96 -0800, Rich Graves wrote:
>>As Microsoft well knows, this is completely untrue. [...]
>>
>> [...]
>>
>>Microsoft has not even admitted that this bug in both Windows 95 and
>>Windows for Workgroups affects Windows for Workgroups, apparently because
>>they have decided not to fix it.
>>
>> [...]
>>
>> We believe that it would be highly irresponsible to release the full
>> version of this hack, but we will soon release a crippled
>> demonstration-only version
>>
>> Is anybody listening?
>
>They will listen if you start to release full uncrippled exploits, after
>a reasonable delay.

Very true. But why does it always seem to take an exploitable crack before
companies pay attention to security flaws? Is it because they are unable to
admit that they have made a mistake? Everybody makes mistakes. What's the
big deal? I really don't understand it. Any psychologists on this list?


-- Lucky Green <mailto:[email protected]>
   PGP encrypted mail preferred.