Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: what we REALLY learned from WMF
From: Gadi Evron <ge () linuxbox org>
Date: Fri, 06 Jan 2006 02:28:40 +0200

Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] wrote:
It's easy for us on this side to Monday morning quarterback and say "oh make it so". There are times too that I go...okay ...come on ...how many days has it taken for that to get fixed? But then again, I don't write code, I don't track back dependencies, I don't ensure umpteem languages still work and all the other interconnectivity between programs and code still function.

It's easy to say this stuff on this side.... but understand that the mere release of a beta patch puts in jeopardy all of the consumer home machines and small businesses that have no admin to protect them and take mitigation measures.

What "I" really learned from this is to decide my "OWN" risk tolerance and stop listening to all the sites and blogs and news reports and what not that spread a lot of FUD and misinformation and used this many times as a PR vehicle. Only I know what risk I will tolerate. That's what I learned from this.

And only you can decide your own risk vs. gain.

Question is though, as I agree with you about BETA patches (although you don't have to use them), is if RELEASE patches can be released a lot faster?

This is what this case taught me.

        Gadi.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault