full-disclosure-uk January 2010 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] Two MSIE 6.0/7.0 NULL

Re: [Full-disclosure] Two MSIE 6.0/7.0 NULL pointer crashes

From: Jeffrey Walton <noloader_at_nospam>
Date: Fri Jan 22 2010 - 03:14:20 GMT
To: Christian Sciberras <uuf6429@gmail.com>

On Thu, Jan 21, 2010 at 11:22 AM, Christian Sciberras <uuf6429@gmail.com> wrote:
> People are unreasonable, first they complain about
> lack of quick patches/fixes. Next they complain about
> fixes crashing their system.

You're right - Corporate America needs to find more folks willing to accept unpatched software that crashes their system. Its hard to justify big bonuses when a company is run into the ground (wait - no its not. Disregard.)

> On Thu, Jan 21, 2010 at 5:12 PM, Dan Kaminsky <dan@doxpara.com> wrote:
>> >> On Thu, Jan 21, 2010 at 1:53 AM, Michal Zalewski <lcamtuf@coredump.cx> >> wrote: >> >> Testing takes time. That's why both Microsoft and Mozilla test. >> > >> > Testing almost never legitimately takes months or years, unless the >> > process is severely broken; contrary to the popular claims, >> > personally, I have serious doubts that QA is a major bottleneck when >> > it comes to security response - certainly not as often as portrayed. >> >> There are a lot of factors that go into how long it takes to run QA. >> Here's a few (I'll leave out the joys of multivendor for now): >> >> [SNIP] _______________________________________________ Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/