Click here to Skip to main content

The Insider News

   

The Insider News is for breaking IT and Software development news. Post your news, your alerts and your inside scoops. This is an IT news-only forum - all off-topic, non-news posts will be removed. If you wish to ask a programming question please post it here.

Get The Daily Insider direct to your mailbox every day. Subscribe now!

 
GeneralRe: Crappy Computers PinmemberGeekForChrist4-Nov-12 7:29 
GeneralRe: Crappy Computers PinmemberMehGerbil6-Nov-12 5:29 
NewsThe slow decline of PCs and the fast rise of Smartphones/Tablets was predicted in 1993 PinstaffTerrence Dorsey4-Nov-12 7:02 
NewsFor sale: A new Windows 8 zero-day vulnerability Pinmemberatbennett2-Nov-12 3:22 
RantRe: For sale: A new Windows 8 zero-day vulnerability PinmemberGeekForChrist2-Nov-12 10:46 
QuestionRe: For sale: A new Windows 8 zero-day vulnerability Pinmemberenhzflep5-Nov-12 19:42 
AnswerRe: For sale: A new Windows 8 zero-day vulnerability PinmemberMehGerbil6-Nov-12 2:32 
AnswerRe: For sale: A new Windows 8 zero-day vulnerability [modified] Pinmemberenhzflep6-Nov-12 3:22 
You forgot the third type - the guy that walked past afterwards or even watched the lil' old lady unpack her things and leave her purse there. For a sum of just $5, he offers to tell her something that would be very much to her advantage. (Personally, I'd pay the b@stard then follow them home, but that's another matter)
 
Look, I agree - if the world was filled with #2 type of people then it would be a truly awe-inspiring, wonderful place to live. I think it's entirely impossible to have too many of them.
It's the #2s that make CodeProject and other sites like it flourish. Each of us benefits from that.
 

 
However as far as I'm concerned, your analogy while quite good, falls short of accurately modelling the situation being discussed.
 
Neither person #1 nor person #2 could have _their_ privacy breached as a result of the lady's forgetfulness. Many millions of people stand to suffer as a result of these flaws Microsoft keeps asking us to beta test.
 
The little old lady is not only unlikely, but also not suspected to be building Molotov cocktails in her garden shed, ready to assault the neighbourhood. With that in mind, there is no perceivable benefit for the community at large by failing to reveal to her that she's left her purse out - and in so doing so, granted access to her home to anybody with her details.
 
Furthermore, do you think the little old lady would then stroll out to collect her purse at a time that was convenient to her, regardless of the harm that may be caused to her neighbours/people in her phone-book in the time that the purse is not in her hands?
 
Some companies have a history of being very slow to implement fixes, even after the exploits have been made public - I'm looking right at you Adobe..
 

Until such a time that Microsoft, Adobe et al try to buy the exploit details AND are refused, I think they're simply reaping what they've already sown. It's our data and our lives they're elephanting with - if they can't be bothered doing it in a secure manner, and are to bull-headed (stubborn) to pay for someone else to do their homework for them, elephant em.
 

I equally curious as to just why it is that wish them to die a horrible death.
Is it any of the following:
 
a) They search for exploits
b) They charge for their time and work
c) They do it in part as a way of beating the offending company.
 
How about releasing info on how to gain root-access to your Android or iPhone? Is that done by those deserving a death in brimstone too? What about those that are reported to be in possession for the master-decrypt key for PS3s? Is it disgusting that some people would love to have it in a heartbeat, so they could take advantage of the power inside, without being artificially retarded by the Hypervisor? I'm certain some governments around the world would prefer not to have to enter special arrangements with Sony to get such access - e.g the US Navy, that has a supercomputer built out of (I believe) series I PS3s, since they allowed "Other OS" as an option. New ones are more power efficient, but have had this feature removed.
 

Me thinks that this is an issues nuanced by at least 24 bits of greyscale. I think there's a minuscule portion of the entire issue that is either black or white, the majority of the remainder being a matter of point of view or personal preference. Some things while morally okay, are illegal in some parts of the world - while yet other things are legal, yet they're morally reprehensible.
 
But in closing, I'll rephrase what I wrote earlier - when the companies concerned attempt to purchase the exploit in their own product and are refused, THEN and ONLY then would I consider the exploit-finders a bunch of sunshines. If there isn't even an approach made by the software company, I think they're being cheap, callous and calculating with our privacy and security. If someone else buys the info and shames/embarrasses MS/Adobe, etc - then great! If that then leads to a higher level of security in the products we pay so dearly for - what's the problem?
Make it work. Then do it better - Andrei Straut


modified 6-Nov-12 9:30am.

GeneralRe: For sale: A new Windows 8 zero-day vulnerability PinmemberMehGerbil6-Nov-12 4:53 
GeneralRe: For sale: A new Windows 8 zero-day vulnerability Pinmemberenhzflep6-Nov-12 13:22 
GeneralRe: For sale: A new Windows 8 zero-day vulnerability Pinmembervaderjm6-Nov-12 4:53 
GeneralRe: For sale: A new Windows 8 zero-day vulnerability Pinmemberjschell6-Nov-12 9:09 
GeneralRe: For sale: A new Windows 8 zero-day vulnerability [modified] Pinmembervaderjm6-Nov-12 9:41 
GeneralRe: For sale: A new Windows 8 zero-day vulnerability Pinmemberenhzflep6-Nov-12 13:00 
GeneralRe: For sale: A new Windows 8 zero-day vulnerability Pinmembervaderjm6-Nov-12 13:23 
Joketl;dr Pinmemberjherch6-Nov-12 5:53 
GeneralRe: tl;dr Pinmemberenhzflep6-Nov-12 13:06 
GeneralRe: For sale: A new Windows 8 zero-day vulnerability PinmemberIdaho Edokpayi6-Nov-12 16:57 
GeneralRe: For sale: A new Windows 8 zero-day vulnerability Pinmemberenhzflep6-Nov-12 17:24 
GeneralRe: For sale: A new Windows 8 zero-day vulnerability Pinmemberjschell6-Nov-12 9:04 
GeneralRe: For sale: A new Windows 8 zero-day vulnerability Pinmemberenhzflep6-Nov-12 13:08 
AnswerRe: For sale: A new Windows 8 zero-day vulnerability PinmemberGeekForChrist6-Nov-12 10:43 
GeneralRe: For sale: A new Windows 8 zero-day vulnerability Pinmemberenhzflep6-Nov-12 12:49 
GeneralRe: For sale: A new Windows 8 zero-day vulnerability PinmemberGeekForChrist7-Nov-12 1:54 
GeneralRe: For sale: A new Windows 8 zero-day vulnerability Pinmember774655-Nov-12 20:05 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.


Advertise | Privacy | Mobile
Web04 | 2.8.140421.2 | Last Updated 25 Apr 2014
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Use
Layout: fixed | fluid