[55417] in North American Network Operators' Group
Re: What could have been done differently?
daemon@ATHENA.MIT.EDU (Scott Francis)
Tue Jan 28 20:53:28 2003
Date: Tue, 28 Jan 2003 17:46:51 -0800
From: Scott Francis <darkuncle@darkuncle.net>
To: Eric Germann <ekgermann@cctec.com>
Cc: nanog@merit.edu
Mail-Followup-To: Scott Francis <darkuncle@darkuncle.net>,
Eric Germann <ekgermann@cctec.com>, nanog@merit.edu
In-Reply-To: <NDBBJJPLIGJGLBKILFIHMEBKJCAA.ekgermann@cctec.com>
Errors-To: owner-nanog-outgoing@merit.edu
--bCsyhTFzCvuiizWE
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Jan 28, 2003 at 07:10:52PM -0500, ekgermann@cctec.com said:
[snip]
> As has been said, no one writes perfect software. And again, sometime, t=
he
> user has to share some responsibility. Maybe if the users get burned
> enough, the problem will get solved. Either they will get fired, the
> software will change to another platform, or they'll install the patches.
> People only change behaviors through pain, either mental or physical.
There's a difference between having the occasional bug in one's software
(Apache, OpenSSH) and having a track record of remotely exploitable
vulnerabilities in virtually EVERY revision of EVERY product one ships, on
the client-side, the server side and in the OS itself. Microsoft does not
care about security, regardless of what their latest marketing ploy may be.
If they did, they would not be releasing the same exact bugs in their
software year after year after year.
</rant>
--=20
-=3D Scott Francis || darkuncle (at) darkuncle (dot) net =3D-
GPG key CB33CCA7 has been revoked; I am now 5537F527
illum oportet crescere me autem minui
--bCsyhTFzCvuiizWE
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)
iD8DBQE+NzKLWaB7jFU39ScRAuJtAJ9m+2M40nIzsg4zwoX3ucDK05tlYgCeLIWc
gfLpNZD7quDn1u4r0thkrfA=
=loMj
-----END PGP SIGNATURE-----
--bCsyhTFzCvuiizWE--
