Re: Hack / take down new Windows XP beta

From: Joe Klemencic (JKlemencat_private)
Date: Fri Apr 13 2001 - 14:35:36 PDT

Next message: Thomas Ryan: "Re: Hack / take down new WindowsXP beta server"

Previous message: FatFinger: "Re: Security Issues ... NT vuln ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hopefully, the latter is the case. In fact, I am encouraged to see vendors
starting to subject their products to public hacking attempts before it
enters the marketplace PROVIDING the vendor either:
     a) Fixes the discovered vulnerabilities
          -OR-
     b) Publishes the vulnerabilities and work-arounds
all prior to being released. I am sick of purchasing XYZ product, only to
find out a week later that there is a service pack that needs to be applied
to fix something, be it a vulnerability or simply a bug (case in point -
every PC game introduced). I am tired of marketing running the show, and
committing developers to meet sometimes unrealistic release dates, and
releasing a product with known major problems. I would much rather have a
product delayed to market by a few months and have it work, than have it be
buggy and spend the next few months testing and applying products (I would
like to point to the release of Win2K, for it was delayed due to
enhancements and bug fixes, but can't since it was still released with a
ton of known problems, some of what severe - all because of the media
slamming them for missing their target). If a feature cannot easily be
resolved, remove it from the released version, and offer it as a 'free'
enhancement package later (like some of the Microsoft PLUS! enhancements
years ago, but it was not free, and still had its share of problems). It
seems that nowadays, no product is ever in final state. Everything seems to
be in 'beta', with users having to pay to test the product. Once the
product becomes somewhat stable and usable, it is end-of-lifed.

Just my 1.5 cents,
Joe






"Robert G. Ferrell" <rootat_private>@SECURITYFOCUS.COM> on
04/12/2001 11:54:08 AM

Please respond to "Robert G. Ferrell" <rootat_private>

Sent by:  VULN-DEV List <VULN-DEVat_private>


To:   VULN-DEVat_private
cc:

Subject:  Re: Hack / take down new Windows XP beta


>(Yet Another Publicity Ploy Designed To Lull Users Into A False Sense Of
>Security? (hmm doesn't have the same ring to it :))

Or, could just be an attempt to get free security testing done before
they go into fullscale production...

Cheers,

RGF

Robert G. Ferrell, CISSP
========================================
 Who goeth without humor goeth unarmed.
========================================

Next message: Thomas Ryan: "Re: Hack / take down new WindowsXP beta server"
Previous message: FatFinger: "Re: Security Issues ... NT vuln ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 23:48:05 PDT