Archive | April 19, 2006

Microsoft keeping secrets from the good guys

From Microsoft Watch from Mary Jo Foley: Is Microsoft’s Silent Treatment Appropriate for Patches?. “Microsoft says it is withholding certain details on security vulnerabilities to protect customers from bad guys. But critics say Microsoft’s cone of security silence only increases the risk for everyone.”

An interesting article. It claims that Microsoft is keeping its bug count artificially low by silently slipstreaming multiple bug fixes into the patches and, worse, not disclosing the details even to their “trusted partners.” The bad guys know what’s patched. Why shouldn’t we? Shouldn’t “Trustworthy Computing” require more transparency than this?

Powered by WordPress. Designed by Woo Themes

This work by Ted Roche is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 United States.