Actually, I'm anything but pro-Microsoft. I'm just someone who's tired of all the anti-MS zealocy on Slashdot. People who run Linux and Firefox because it's the trendy thing to do but really have no idea why other than what they've heard from a friend.
I'm a Mac user and as much as I love Apple, I realize that they're making some terribly embarassing security related mistakes lately.
MS on the other hand has made an enormous move towards security mindedness. People who can't see that must be blind.
As for the URL, I just find it funny to see people like you react to it.
I'm speaking for 8 years of experience. The focus within the commercial security community has shifted a significant portion of it's attention to userland applications from OS level vulnerabilities.
While remote OS vuls are signifcantly much more profitable, they're increasingly difficult to find.
You people are completely missing the point. I'm not advocating MS, I'm merely saying public disclosure doesn't mean it's 0day. There's a lot of communication going on behind the scenes the general public is completely unaware of.
At any given time there are 5-10 0day remote Linux/MS/misc vuls floating around private vul sharing groups before they're disclosed publicly. There's a lot of money to be made in this...
Good point. Speaking as a researcher I can say that with the advent of Windows XP SP2, Windows 2003 SP1, finding vulnerabilities remotely exploitable vulnerabilities in the OS is significantly harder. Focus has shifted to the new low hanging fruit, common userland applications such as Firefox/IE.
Having seen a sneak peak at IE7, that could change too...
"Meanwhile, far in the future, Troi suggests that Riker use a Holodeck recreation of this moment in 'Star Trek' history to search for some command insights."
Uhm, no. These were disclosed publicly on Monday. Public and private disclosure are two very different things. I know for a fact that Mozilla was aware of these flaws at least 7 days before they went public.
Slashdot Mirror
Then why are you so upset? :)
Actually, I'm anything but pro-Microsoft. I'm just someone who's tired of all the anti-MS zealocy on Slashdot. People who run Linux and Firefox because it's the trendy thing to do but really have no idea why other than what they've heard from a friend.
I'm a Mac user and as much as I love Apple, I realize that they're making some terribly embarassing security related mistakes lately.
MS on the other hand has made an enormous move towards security mindedness. People who can't see that must be blind.
As for the URL, I just find it funny to see people like you react to it.
I'm speaking for 8 years of experience. The focus within the commercial security community has shifted a significant portion of it's attention to userland applications from OS level vulnerabilities.
While remote OS vuls are signifcantly much more profitable, they're increasingly difficult to find.
Mozilla is Mini Cooper, MS is an AirBus A380.
You people are completely missing the point. I'm not advocating MS, I'm merely saying public disclosure doesn't mean it's 0day. There's a lot of communication going on behind the scenes the general public is completely unaware of.
At any given time there are 5-10 0day remote Linux/MS/misc vuls floating around private vul sharing groups before they're disclosed publicly. There's a lot of money to be made in this...
My completely missed the point due to your blind hatred towards M$. Sad.
Good point. Speaking as a researcher I can say that with the advent of Windows XP SP2, Windows 2003 SP1, finding vulnerabilities remotely exploitable vulnerabilities in the OS is significantly harder. Focus has shifted to the new low hanging fruit, common userland applications such as Firefox/IE.
Having seen a sneak peak at IE7, that could change too...
You need to realize that there's a difference betwen public and private disclosure.
I happen to know for certain that Mozilla was aware of the vulnerabilities to which you speak at least 10 days before they were publicly disclosed.
Take your head out of the sand and realize that there's more going on around you than meets the eye.
Nope, you're confusing it with Firefox.
senation?
"Meanwhile, far in the future, Troi suggests that Riker use a Holodeck recreation of this moment in 'Star Trek' history to search for some command insights."
Who's the creative genium behind that one?
They already have an Out Sourcing license.
Uhm, no. These were disclosed publicly on Monday. Public and private disclosure are two very different things. I know for a fact that Mozilla was aware of these flaws at least 7 days before they went public.
Does anyone really believe MS is going anywhere? Sorry people, they're not.