Re: IE vulnerabilities...
From: andy smart (anonymus_at_discussions.microsoft.com)
Date: 05/18/05
- Next message: Roger Abell: "Re: IE vulnerabilities..."
- Previous message: Imhotep: "Re: IE vulnerabilities..."
- In reply to: Imhotep: "Re: IE vulnerabilities..."
- Next in thread: Karl Levinson, mvp: "Re: IE vulnerabilities..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 18 May 2005 08:07:26 +0100
Imhotep wrote:
> Mark Randall wrote:
>
>
>>I think the 40 day testing is simply this... unlike open source, if you
>>distribute a patch to a billion computers and then find out there is a
>>bug, you have 1 billion very unhappy customers.
>>
>
>
>
> ..and if you do not patch two critical security holes in a timely manner and
> a million customers get "infected" you get what?
>
> -Im
They are less likely to go to court.
My guess is that if you don't patch your security holes and people get
infected then you have the 'defence' of saying that you were working on
the patch and because the data loss was caused by the malware which
exploited your security weakness then it's not your fault - if you
release a patch which is somehow flawed and results in data loss then
you are liable for that data loss because it is your fault. Open source
need not care about this because the level of individual responsibilty
is low and there is no level of collective responsibility as there is no
"company".
The other point is that the only duty any company really has is to its
shareholders to make a profit; that's how capitalism works. As long as
the product sells and makes a profit the company is doing that for which
it exists.
- Next message: Roger Abell: "Re: IE vulnerabilities..."
- Previous message: Imhotep: "Re: IE vulnerabilities..."
- In reply to: Imhotep: "Re: IE vulnerabilities..."
- Next in thread: Karl Levinson, mvp: "Re: IE vulnerabilities..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
