Re: Is Microsoft serious?



phil paxton wrote:

> Todd H. wrote:
>> "Lars" <powder.monger@xxxxxxxxx> writes:
>>
>> > I read that Microsoft was scouring its own code and file formats that
>> > have lain dormant since the stone age to look for potential WMF style
>> > vulenrabilities. So my question is, are they really serious about this
>> > and do you think they will catch some, all, or none before new exploits
>> > are found by hackers?
>>
>> Based on some security wizards who I know personally and respect a
>> great deal that they've hired in the last year, I can say that
>> Microsoft appears to be more serious about security than they've ever
>> been.
>
>
> So you're saying "Month of Code" (which WHG III was very vocal about,
> claiming all coding was shutting down and focusing upon security
> coding) was successful?
>
> "Patch Tuesday" isn't what it should be (in the number of reported
> errors) and the errors still focus upon buffer overruns
>
> My ongoing joke has bee during the "Microsoft Interview Quiz" (let's
> not start a thread of the questions and|or answers). Anyway, I've added
> a new one: "Present code (you can bring it with you, if you choose e
> deals with buffer overflow [because we don't know how to do it and need
> to see how to it's done]."
>
> p
>
> Oh, I almost forgot. Pop quiz, hotshot - name the author:
>
> "People don't want bug fixes, they want new features."
>
>
>
> If you said, "William Heny Gates, 3rd, you were right.


....nice I am going to add that to my signature...sweet...

Imhotep
.