Is it sloppy programming, or do full computer security vulnerability disclosure make it too easy for hackers?
Microsoft has a personal interest
in minimizing the exploit of their code, but the evil you know
is better than the evil you don't. Others have weighed in
on this debate in the past, or provided a fair but vague blueprint
for the computer security community. Do you think that a middle ground exists?
Seeing weird things in your website logs today? This
will explain it...
Running IIS and haven't patched it in over a month? Go
13,000 servers have already been affected.
have had problems with their Apple
Airport wireless base stations
failing shortly after the one year warranty
ran out. Adventurous
figured out that there was a faulty capacitor in the power
supply, got out their soldering irons, and drilled some ventilation
holes. Apple is aware
of the issue
, and is quietly replacing ABSs that fall within a
specific serial number range, but only if they have failed. So other folks have to wait until the damn thing dies before it can be
replaced. This corporate behavior isn't just limited to Apple. What
other vendors are guilty of lack of disclosure for faulty products,
and only change their tune after public outcry?