Finally someone pushes for a standard way of reporting bugs and their corresponding fixes. This you have to read....
http://www.vnunet.com/News/1129464
So do you think this will help? :confused:
Printable View
Finally someone pushes for a standard way of reporting bugs and their corresponding fixes. This you have to read....
http://www.vnunet.com/News/1129464
So do you think this will help? :confused:
If they all play along it will.
It could work. And I dare say the Linux community would agree, for the most part.......but Microsoft? I don't think they will. They wouldn't go for something that would show the flaws in their products publicly.......it'd be bad for their image.
But if the IETF pushes it, do you think M$ will have a choice? I don't think they want to alienate themselves anymore than they already are....
Hopefully they can get msoft to play along. If bill really does change his ways, who are we going to have to blame everything on? I guess oracle.
Or Apple????
actually a standart is a great news... ms won't have much of a choice ...specially if the person discovering the bug/vul stands by that standard....
Well, this is a kind of old thread, but I just saw this, and it was related.
http://www.secadministrator.com/Arti...rticleID=24321
Microsoft was actually a part of this. Kind of scarry thought, isn't it. I assume they probably wanted a mandatory 30 day vendor report, but they did have their say in all this.Quote:
And I dare say the Linux community would agree, for the most part.......but Microsoft? I don't think they will.
thats more than "kind of scary" not only does the rvpd not want public diclosure for 30 days but gives extensions on that 30 days where the vendor is not skilled in
way scary
not skilled in security