On Fri, 13 May 2005 10:31:37 BST, imipak said:
> management functions inside Windows. But it will add a more powerful
> firewall, ongoing antivirus protection, and the right to get a live
> support person on the phone without paying extra, the company said.

So they sell you a firewall that arguably should have been bundled, A/V
software to plug the design holes in their product, and the ability to
get support without paying *again* over and above your support contract.

In other words, the market for products and services to fix the problems
in their base product has gotten so large that they can't resist the
temptation to cash in.

If Microsoft didn't fix the basic design issues when *other* companies were
making a $10B/yr market in A/V software, why should they fix the issues *now*,
when they stand to make another few $B/year in the add-on market?

On Fri, May 13, 2005 at 10:31:37AM +0100, imipak wrote:
> Security gripes? Microsoft feels your pain
> Published: May 12, 2005, 9:00 PM PDT
> By John Borland
> Staff Writer, CNET News.com
>
>

there is another interesting story at the register:

according to:
http://www.theregister.co.uk/2005/05/09/microsoft_on_sp2_security_process/

a female with the romantic name "*Window* Snyder" (security strategist for
Microsoft) claims:

-------------------------------
Moreover, the company found and fixed two classes of vulnerabilities that
have not been discovered elsewhere, she said.

"These are entire classes of vulnerabilities that I haven't seen externally,"
Snyder said. "When they found these, (the developers) went on a mission,
found them in all parts of the system, and got rid of them."

Snyder *remained mum on the details*, however, even giving the families of
vulnerabilities fake code names: "Ginger" and "Photon."
---------------------------------

for those who missed it, m$ are keeping classes of bugs for themselves, but
they want everyone to cooperate with them and handle m$ their 0days, so
they have more bugs and billg have more $$$.

nice, clever and ethical plan.

--
where do you want bill gates to go today?







** junk below




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Georgi Guninski wrote:

<<snip>>
> for those who missed it, m$ are keeping classes of bugs for themselves, but

They're probably waiting for the software patents to be awarded...

> they want everyone to cooperate with them and handle m$ their 0days, so
> they have more bugs and billg have more $$$.

...that way they could get even more $$$ for Billy Boy by sicking their
lawyers onto other vendors with such vulns in their code for licensing
fees and such.

> nice, clever and ethical plan.

What makes you think a corporation wants to, or should, be ethical?

I suggest you rent the doco/movie "The Corporation".


Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/