Slashdot Mirror
KDE 3.1 Delayed - For A Very Good Reason
woobieman29 writes "KDE.news reported on Saturday that the KDE 3.1 release that was scheduled for this week has been delayed until early January. This is happening due to some security concerns that have arisen during a security audit of the 3.1 CVS tree. Kudos to the KDE team for making sure that the product is fully baked before release.!"
Oh, and I forgot. First post.
Imagine the mess we'd be in if Microsoft could do this? Half of my gripes with M$ software stem from bugs and security holes. Now that they've become a monopoly by killing the competion, as opposed to outselling them via a offering a better product, they could take the time to squash bugs and plug holes. If all my practical reasons for disliking M$ go away, I'm left with nothing but dislike for their business practices...which are subjective decisions. That would certainly be a major blow to the anti-M$ crowd.
There are lies, damned lies, and statistics.
Obviously delaying the release until the security holes are fixed is the only course of action.
Since the betas and RC are now going to be exposed to the world for longer, are the security holes going to be disclosed so that we can take some action to secure our systems that are running these pre-release builds?
In other news, uppon reading this, Microsoft declared a company wide day of laughing, stating "...this is the most rediculus strategy we've ever seen! Why if we did this, we'd still be working on DOS 4 or 5." Later in the conversation, the spokesperson asked to take back that statement and said if we printed it the BSA would come after us for liscenses.
Gotta go, there is a knock on the door...
Comment forecast: Bits of genius surrounded by a sea of mediocrity.
How about some links to what was so suspcious?
You know... Microsoft gets a big bum rap for a lot of its security holes. I will admit they tend, like every other major software company out there to release programs that need a patch or two, but (aside from those dreaded buffer overflows, which they still can't seem to get around) most of the stuff that is considered a "security hole" by the fine *nix crowd is really what they claim it is; a feature.
You can blame market research for finding the desire for those "features", to be sure, but a lot of this stuff was put there because people wanted it there.
"Times have not become more violent. They have just become more televised."
-Marilyn Manson
You still wouldn't be able to reconstruct the system to do anything else than what you've been given dialog settings for. Unless the Windows Registry is considered as efficient a way to configure things as configurations files + man pages + source. Or rebuilding that is considered part of the bugsquashing campaign. Which it should be, given the design.
And then there's the price. And spirit. Like, what fun would it be running around rebooting machines instead of chatting in irc about configuration details?-)
I think, therefore thoughts exist. Ego is just an impression.
Please direct me to the user(s) that claimed that being able to format your hard disk by visiting a website is a feature, and not a bug. I'd like to introduce them to my friend, Mr. Aluminum Bat.
If adding features to your product introduces potential for known exploits that didn't previously exist (the potential, not the exploits), then you don't add the features. Doing so is brain-dead. And *that* we can scream at Microsoft for.
If I know that language X was designed to be sandboxed by a bytecode interpreter, and I remove that sandbox, then I'm perfectly responsible for any behavior that didn't get contained by that code.
"Mod, mod, mod...and another troll bites the dust."
Regardless of what users ask for, if they do not have the bugs worked out of a "feature" or they aren't able to provide a convience without introducing a security hole, then they aren't technically equipted to provide that feature yet and should not. It's part of the trust buisnesses provide microsoft millions for, security, security and stablity is first, next comes user interface. If you keep up the security and stablility, then there is plenty of time to work on the user interface. If you develope thinking about features first and fixing bugs and closing the holes you've already got second then your always going to sit where microsoft is (quality, stability, and security-wise, not profit wise, their code has nothing to do with their place in the market).
Microsoft actually spends more time developing new features than fixing bugs... as a programmer I can tell you, working out the kinks in a program takes longer than writing a first draft (ie microsoft final release).
For starters it gives people a false idea of where technology is... Microsoft releases "features" and "conviences" before they are safe and bug free... this is technology that doesn't really exist yet in a stable and/or secure state (although there are other alternatives of the same "features" that are usually put out not long thereafter by those who were working on the same thing but bothered to run a debugger.).
I'm not saying every other developer is more responsible than microsoft, I'm saying microsoft is irresponsible.
They aren't the only ones, they are just the only ones with a 90+% desktop market monopoly that shapes the minds of those first getting into computers.
People complain about those who single out microsoft. i can't speak for anyone else, but for the most part when i complain about microsoft it is due to something bad they are doing, that is bad because of, or a largely impacting issue because of their blatant monopoly.
Could be... since until the longhorn statement microsoft has had a really bad history of early releases their gonna need time to figure out how to look for bugs. First they have to get tutorials and figure out how to use debuggers and such. It might also confuse their programmers when they see a piece of code after the initial draft, they might scratch their heads and twitch in their cubicle not really understanding why someone would want them to look at code they already wrote.
Or maybe they are waiting for the monopoly lawsuits to have time to blow over so nobody will be looking very close. They could also be giving people time to swallow the XP license, I mean, if they delay the next release the subscribers might think "that wasn't so bad" and then they will start churning them out at their usual release cycle, what is that, 200mb of first draft code (that never goes past first draft) a week?
MSIE doesn't render a page right: A perpetual bug that will never get fixed, probably doesn't render standards based code right due to some microsoft "proprietary" adaptation they call a "feature" and implemented intentionally to insure that since they have a monopoly web developers will code to match their "feature" and thus only MSIE will render the page right from there on. Linux gaping security hole: A MCSE who doesn't know how to properly configure a server and thinks he's hot for setting up a linux system. Or if it is an actual hole, something that will be usually be squashed within a couple hours of being discovered, most likely by the hacker who discovered it since he has a sense of community and is confident there are enough of the former to keep him in buisness for eternity.