Re: Microsoft criticized for silent patches

Again, it seems to me that he isn't saying that every aspect of the software
patch should be understood beforehand (though that is more a question of how
much one is willing to invest in testing) but that he wants to know what is
being patched, so he can decide if he wants to go through with it. To say
that to make such information available would be a problem of protecting
proprietary interests, or one of avoiding providing helpful information to
malware engineers (and most of the worst ones do come from such) is really
splitting hairs and not directed at the complaint.

J
"Paul Baker [MVP, Windows - Networking]" <paulb@xxxxxxxxxxxxxxxxxxxxxxx>
wrote in message news:OGL6dyGaGHA.3972@xxxxxxxxxxxxxxxxxxxxxxx
Imhotep,

Alun is right. You clearly do not have experience in maintaining a complex
product that is subject to security issues on a regular basis.

Paul

"Imhotep" <imhotep@xxxxxxxxxx> wrote in message
news:ceudne8FaffsBNDZnZ2dnUVZ_umdnZ2d@xxxxxxxxxxxxxxx
Alun Jones wrote:

Imhotep wrote:
Alun Jones wrote:

jt3 wrote:
Seems to me he's saying that you have a right to know what changes
are actually being made to your machine when you apply a patch . .
. :-)

If all the effects of a change were 100% known before applying the
change, we wouldn't have bugs, now, would we?

You're missing his point. He, jt3, is saying you have a right to know
what software is being patched...please re-read his statement.

You are assuming that every change is known beforehand.

Are you crazy? If you are installing software, you are altering the
config
and as such have the RIGHT to know what is being installed ON YOUR
SYSTEM!
Again, re-read the original. Can you not read or comprehend well?


How many bugs do you think are marked as "fixed in passing", or "not
reproducible with current software"?

It's not always possible to know, let alone list, every bug that is
fixed.

BS!!!!!!!!!!!

Alun.
~~~~
[Please don't email posters, if a Usenet response is appropriate.]





.

Relevant Pages

  • Re: Microsoft criticized for silent patches
    ... I said that if you are pushing patches I have a right to ... security patch involves. ... You are assuming that every change is known beforehand. ... How many bugs do you think are marked as "fixed in passing", ...
    (microsoft.public.security)
  • Re: Microsoft criticized for silent patches
    ... security patch involves. ... You are assuming that every change is known beforehand. ... How many bugs do you think are marked as "fixed in passing", ...
    (microsoft.public.security)
  • Re: /bin/ls sorting bug?
    ... Are you saying that you've never been ... Either commit the patch, ... it might now be time to stop bikeshedding. ...
    (freebsd-hackers)
  • Re: [PATCH] Newbus locking
    ... I'm not saying that your approach will not work or that it is wrong. ... I tested a patch for a while. ... Different motherboards have different number of ports. ... And I think you will have a prompt panic, because the newbus lock is not ...
    (freebsd-current)
  • Re: Code Review - is this code shit
    ... Linus isn't saying this guy's code is shit, nor is he saying this guy's ... He's saying that the problem this patch is trying to fix ... Assuming you mean int main, no, argc and argv won't be provided. ...
    (comp.lang.c)
Quantcast