|Main Archive Page > Month Archives > full-disclosure-uk archives|
On Thu, Jan 21, 2010 at 11:22 AM, Christian Sciberras <firstname.lastname@example.org> wrote:
> People are unreasonable, first they complain about
> lack of quick patches/fixes. Next they complain about
> fixes crashing their system.
You're right - Corporate America needs to find more folks willing to accept unpatched software that crashes their system. Its hard to justify big bonuses when a company is run into the ground (wait - no its not. Disregard.)
> On Thu, Jan 21, 2010 at 5:12 PM, Dan Kaminsky <email@example.com> wrote:
>> >> On Thu, Jan 21, 2010 at 1:53 AM, Michal Zalewski <firstname.lastname@example.org> >> wrote: >> >> Testing takes time. That's why both Microsoft and Mozilla test. >> > >> > Testing almost never legitimately takes months or years, unless the >> > process is severely broken; contrary to the popular claims, >> > personally, I have serious doubts that QA is a major bottleneck when >> > it comes to security response - certainly not as often as portrayed. >> >> There are a lot of factors that go into how long it takes to run QA. >> Here's a few (I'll leave out the joys of multivendor for now): >> >> [SNIP] _______________________________________________ Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/