mailing list archives
Re: Operating Systems Security, "Microsoft Security, baby steps"
From: Ben Laurie <ben () algroup co uk>
Date: Mon, 22 Mar 2004 17:04:43 +0000
Schmehl, Paul L wrote:
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of
Sent: Thursday, March 18, 2004 2:17 AM
To: full-disclosure () lists netsys com
Subject: [Full-disclosure] Operating Systems Security,
"Microsoft Security, baby steps"
Updating any OS is a pain in the ass, but all of them have
flaws and need to be updated. I find that at least with the
UNIX-like ones, you can go on the Net and do your updates
faster than you get rooted.
This is foolish thinking. Do you really think that, when a patch comes
out, *then* the hackers start working on exploits? The exploits were
being used *long* before the patch comes out. The only thing a patch
gets you is protection against *future* hack attempts against *that*
This is demonstrably not true - it depends who finds the problem.
Full-Disclosure - We believe in it.