Controversy Surrounds Huge IE Hole

Suchetha wrote in with a Wired News bit talking about security hole in IE that allows malicious web pages to reformat a hard drive. The Wired talks more about bugtrack's handling of the whole thing, and how it essentially posted working code for the exploit. Was it irresponsible or not?

Re:Of course it was irresponsible

[LordNimon]

Why should they be impressed? If someone trusts an MS product and I reveal a security hole to the world that results in that person losing data, I'm certainly not going to give a damn if he's impressed with me or not. After all, he uses MS software. From my point of view, he got what he deserved. I have no desire to impress MS customers whatsoever.

Re:Irresponsible?

[Rooktoven]

Actually the point _is_ that MS deserves it. They were aware of this bug and have thus far chosen to ignore it. How long are people supposed to be silent about this? The point was made above that Apple respond to a similar issue within 9 hours. Apparently Microsoft doesn't value their customers (or rather arrogantly know that what their customers think doesn't matter) enough to fix this.

A similar comment was made saying "What if this happened to Linux?" Well due to the nature of open source/free software, someone would have a patch posted pretty quickly.

The fact is that Microsoft exploits their closed source software by only making fixes when they wish, rather than when their customers have a demonstrable need.

Personally I wouldn't mind seeing some folks get their hard drives wiped (preferably those at financial institutions and/or CEOs). This is the price of doing business with the devil. Sometimes people need to get poked or burned to see evil for what it is...

Re:Shooting the messenger ..

[Mac+Degger]

Jesus, bunch of wakers! Didn't you even RTFArticle!? It said this had been known for weeks, and had been put up on some sites already. So wtf are you idiots on about whith your 'since november, oh my god it could have just been posted today!'? Read the article, or even just the other posts, and you'd know what timespan we're talking about. Fsckin' idiots. Only slam someone when you know they're wrong.

BTW, if 'they' are modded down by the time you read this, check the replies to parent post.

Re:I can't feel bad for Windows users.

[Merk]

Ok, waitaminute. How much did you pay for Linux? Nothing? Ok, so your CD-RW diesn't work. Have you tried to write a driver for it? Have you offered to help pay for someone to develop a driver for it? Have you done anything other than whine that it still isn't supported?

As for your poor fiancee who can't use her favorite websites, poor girl, what sites does she use? Hotmail? MSN.com? AttackMeScriptKiddies.com?

Nearly every site I want to use works in Linux as well as it does in Windows using Mozilla.

As for configuring drivers and stuff, let me tell you about the fun I've had with Windows:

1. Install Windows (reboot)
2. Install Windows updates (reboot)
3. Install more Windows updates that for some reason weren't able to be downloaded with the first set (reboot)
4. Find and download video card drivers (reboot)
5. Find out my video card still isn't working properly, spend a few hours hunting down the fact I need to install some motherboard / chipset drivers that somehow aren't included (reboot)
6. Find and download sound card drivers (reboot)
7. Get annoyed because my system is crashing all the time when I'm using AGP-intensive software, try to figure out why, discover that I have to patch the registry to get my AGP card to work properly (reboot)
8. Keep trying to track down something that keeps making my machine keep hanging up completely (10 hours or so so far this week)...

Compare that to RedHat 8.0: most things worked from the start with the default kernel, and when I needed to change most settings I didn't have to reboot.

So your poor fiancee will have to choose "save as" from the office applications to get it in a format she can send to her friends. Boo Hoo.