The guy that found this bug should get an award. http://news.bbc.co.uk/2/hi/technology/8499859.stm last updated at 11:36 GMT, Friday, 5 February 2010
If you start giving awards for finding security vulnerabilities in Microsoft programs, you are going to run out of awards quickly.
If people keep finding bugs that make me safe and makes my OS run smoother, I'll buy the trophies myself.
How about they learn how to program and design so you don't have so many vulnerabilities in the first place ?
It's amusing how many people think they know better about Microsoft. My programs are better designed, less vulnerable, and better documented than Microsoft's. Why would they care ? It's so nice being a monopoly. (sarcasm)
I'll give you better documented without a doubt (having to root through some of their code for my own apps have made me want to drop kick them), but what in particular are you known for coding that is also on the same scale as microsoft (since my perspective of you is limited to these forums, i genuinely do not know if you are being sincere or talking out of your ass)? Not trying to attack you, just wondering so that I can put your comments into the proper perspective.
I am not trying to say I am a better than average programmer. What I am trying to convey is that anyone who has a modicum of pride in his or her work, or simply acts like a software professional, will take the necessary precautions when dealing with data reading or unexpected values. Didn't you use the safe versions for setting buffers, reading and using strings in C/C++ ? Doesn't your program check for unexpected errors occuring and if so exits gracefully ? What is annoying is how contrary to basic competency Microsoft writes (or should I say extends) their programs, including the lack of respect to their own programming guidelines or conventions. To the general public, they make us software programmers look like fools, and to take for granted that programs are riddled with bugs and vulnerabilities.
you know the reason is right? bc most ppl are dumb enuff to go out and buy other stuff to protect there computer. If they made the perfect item then there be no need for half the crap out there =P
No? Pretty sure Microsoft has got some average programmers at least. On that note, what OS have you written. I would like to start using that since it is better designed, less vulnerable, and better documented than Windows. I would also like to use whatever other productivity utilities you have written. I would like to start using those too for the same reasons.
The problem with Microsoft doesn't lie with their programmers. They do have talented people. And they actively recruit the best they can, if not only so that they don't work for someone else. (starts with G and ends with E). The problem lies with their management and leadership. Let's have a little comparison. Do you have an idea how many times Steve Jobs sent his engineers back to the drawing board until he was satisfied with the prototype for the iPhone ? Answer : a lot. Does that make his engineers incompetent ? Surely not. Same thing with Microsoft. Making a program resilient and secure takes time. When the manager orders to ship the product as is, you obey. Period. Management sets the quality bar. Not programmers.
but yet the iphone had to be redone how many times =P same for that new ipad crap.......i see its going to get remade many times since its doesnt have half the crap that should been done or added from the start. Apple isnt the best example lol well.......if you compare its computers OS then ya but the Iphone no. SOOOOOOOO saff any new news over that game?
Yes, but that won't prevent all possible vulnerabilities. Since any programmer, no matter how good, is still human, there will be things they don't see. But adhering to certain practices can help a lot. I'm not really able to say how well Microsoft used to do that, or necessarily how well they do these days. Security-consciousness has certainly improved since the pre/early Internet days in the 90s though. But, you may well be on to something here. Complaints about Microsoft's management are hardly new, and while they aren't terrible, I do sometimes ask myself if policies could be better (prevent things falling from the cracks, improve products faster, etc etc). MS is far from monolithic in terms of its operational practices though - different business groups operate in different ways, and the sheer size of some of them means that change can happen pretty slowly. You can probably tell the ones with the best practices by their products, I suppose.
Nope, the news front has been pretty calm for a while. I suppose they are hard at work preparing the next beta. Maybe I'll make a Lineage2 screens thread showing their previous graphic works to make up for the abscence of news. Indeed. If you take a Microsoft program that does have competitors, and compare their vulnerability track records, there is clearly a difference. For example, compare MSN with Trillian (commercial program) and Pidgin (open source). They all use the MSN protocol (and tons of other ones for Trillian and Pidgin). See how regularly you have vulnerabilities alerts for each. Make your own opinion.
Apple inherently has fewer issues to deal with since they have more restrictive hardware profiles in which they design. The old engineering joke "if isn't broke, it doesn't have enough features" comes to mind. I agree that some places have a higher standard of pride in workmanship than Microsoft, they don't have as many places running their software and their costs are higher. MS operates under the 80% solution today concept, and in a world where work is hard to come by for some, having bugs is good for the economy as other companies can sell protection and create jobs. Is it the right thing or good for the consumer? Not really, but it does have a positive side benefit.