The article says they have release an endless stream of patches; not me. I'm totally behind you on the benfits of proactively patching. My point is, everyone goes "Oh MS had to release 30 patches last month to fix security holes". Yes they should have written more secure code in the place, I think we all agree on that, but at the end of the day they patched 30 exploits. While that doesn't make up for God knows how many they didn't patch, and it certainly doesn't make up for them being there in the first place, at least they're doing something. As someone previously said, they've already got your cash, it'd be easy enough to turn around and say "not our problem anymore". I just find it worrisome that people focus on the number of patches released when they should be worried about stuff that doesn't get patched. Like you said, they don't patch it until someone reports an exploit. That is scarey to me.
Sure Windows has gots it's fair share (and mayb more) of security problems. What I don't get is why it's a big deal that they release lots of patches to fix stuff. At least if they're releasing lots of patches that means they're doing some work. It's the number of patches that don't get released that people should be worried about.
Ubuntu quite frequently tells me there are updates available for a large variety of packages I run, so what's the difference. This close-minded MS hating mantality gives me the shits. Everything is fallible to some degree, it's just a question of how much that degree affects you.
Slashdot Mirror
The article says they have release an endless stream of patches; not me. I'm totally behind you on the benfits of proactively patching. My point is, everyone goes "Oh MS had to release 30 patches last month to fix security holes". Yes they should have written more secure code in the place, I think we all agree on that, but at the end of the day they patched 30 exploits. While that doesn't make up for God knows how many they didn't patch, and it certainly doesn't make up for them being there in the first place, at least they're doing something. As someone previously said, they've already got your cash, it'd be easy enough to turn around and say "not our problem anymore". I just find it worrisome that people focus on the number of patches released when they should be worried about stuff that doesn't get patched. Like you said, they don't patch it until someone reports an exploit. That is scarey to me.
Ubuntu quite frequently tells me there are updates available for a large variety of packages I run, so what's the difference. This close-minded MS hating mantality gives me the shits. Everything is fallible to some degree, it's just a question of how much that degree affects you.