Fog Creek Software
Discussion Board

4 Internet Explorer Flaws Run Arbitrary Programs

There is actually some interesting points that one can learn from this event:

* No matter how bad Security of open source “by design” appears, closed source security is always going to be worse.

In other words, the decisions and general coding practices that the developers make/choose during the coding processes are MORE secure then closed source.

Again, my point here is about DESIGN DECSIONS made during the process.

Further, if you have the new windows SP2, then the flaw does  run, and works perfectly.

This shows me that open source is getting security right on the money. Both office (outlook) and windows have had substantially upgrades in the security area, but are still entirely insecure AND has lost any right to be trusted.

MS is hammering away at security until hey get it right, but the end is nowhere in sight.

Likely in 1 years time, windows security will be FAR better then it is now. Soon, I predict that security issues will diminish to a small trickle. and actually become a distant memory in our minds.

ya right
Tuesday, July 13, 2004


I arrived at work today to find an email titled:

"FWD: Product Support Services - Critical Product Vulnerability - July 2004 Microsoft Security Bulletin Release"

Barely a day goes by without a critical security flaw being identified in MS software, requiring a patch installation and a reboot. The regularity of this cycle is really beginning to gall me.

Tuesday, July 13, 2004

You just don't understand.
It's that MS can not get their software to run for a long time without restart, so they fake security patches which would make you restart. Otherwise you'd notice it's simply unstable.
This is my conspiracy theory for Tuesday, 7/13/2004.
Tuesday, July 13, 2004

Ahh, I thought there was an ulterior motive for the requirement to perform a reboot.

P.S: It's a Wednesday where I am. ;-)

Tuesday, July 13, 2004

*  Recent Topics

*  Fog Creek Home