Comments on: Does Nine’s cosy relationship with Microsoft prevent truth emerging? http://stilgherrian.com/media/does-nines-cosy-relationship-with-microsoft-prevent-truth-emerging/ All publication is a political act. All communication is propaganda. All art is pornography. All business is personal. All hail Eris. Vive les poissons rouges sauvages! Thu, 09 Feb 2012 21:24:41 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Nick Hodge http://stilgherrian.com/media/does-nines-cosy-relationship-with-microsoft-prevent-truth-emerging/#comment-15043 Nick Hodge Tue, 23 Dec 2008 04:35:45 +0000 http://stilgherrian.com/?p=3004#comment-15043 Just to complete the loop on this for posterity http://blogs.msdn.com/sdl/archive/2008/12/18/ms08-078-and-the-sdl.aspx This link contains a deep explanation of why this particular vulnerability was missed, where it was found. Good resource for internet facing software developers. Just to complete the loop on this for posterity

http://blogs.msdn.com/sdl/archive/2008/12/18/ms08-078-and-the-sdl.aspx

This link contains a deep explanation of why this particular vulnerability was missed, where it was found. Good resource for internet facing software developers.

]]> By: Stilgherrian http://stilgherrian.com/media/does-nines-cosy-relationship-with-microsoft-prevent-truth-emerging/#comment-14944 Stilgherrian Thu, 18 Dec 2008 04:44:06 +0000 http://stilgherrian.com/?p=3004#comment-14944 <strong>@Nick Hodge:</strong> Yes, this was suitably fast job by Microsoft in fixing such a zero-day exploit. With <em>Crikey</em>'s typical article length being just 400-ish words, it's very hard to give much context. I was going to explain more about <em>all</em> software being buggy and needed close attention, about the challenge of fixing zero-day exploits in (this case) 7 days when the bad guys can produce automated tools in 4. About everything else... but the public's background knowledge is so poor that maybe we need to have a long-term strategy for bringing them up to speed. It's not good enough for mainstream media to treat "computer stuff" as something only for the geeks when the vast majority of people <em>do</em> have a computer of their own. Another case of mainstream media disconnect. @Nick Hodge: Yes, this was suitably fast job by Microsoft in fixing such a zero-day exploit.

With Crikey‘s typical article length being just 400-ish words, it’s very hard to give much context. I was going to explain more about all software being buggy and needed close attention, about the challenge of fixing zero-day exploits in (this case) 7 days when the bad guys can produce automated tools in 4. About everything else… but the public’s background knowledge is so poor that maybe we need to have a long-term strategy for bringing them up to speed.

It’s not good enough for mainstream media to treat “computer stuff” as something only for the geeks when the vast majority of people do have a computer of their own. Another case of mainstream media disconnect.

]]> By: Nick Hodge http://stilgherrian.com/media/does-nines-cosy-relationship-with-microsoft-prevent-truth-emerging/#comment-14941 Nick Hodge Thu, 18 Dec 2008 04:19:49 +0000 http://stilgherrian.com/?p=3004#comment-14941 From the "software company" Microsoft perspective, the background on this vulnerability: http://www.microsoft.com/technet/security/advisory/961051.mspx And the Bulletin, and link: http://www.microsoft.com/technet/security/bulletin/ms08-078.mspx From the dates on the bottom of the advisory; from us being aware until shipping a fix for 8 browsers across x operating systems is 7 days. Competition from other browsers in the market makes Microsoft; and the other vendors for that matter, more responsive. This is a good thing. It is difficult to explain multiple pages of technical documents, background information and "zero pointers" to a non-tech public: let alone squeezing that into the sound-bytes required by TV and Radio. Yet another reason by traditional MSM fails in providing appropriate reportage for complex technology issues. The question of transparency and being seen to be transparent in regards to ownership of NineMSN etc is one that requires an answer; one that will come from beyond my paygrade. From the “software company” Microsoft perspective, the background on this vulnerability:

http://www.microsoft.com/technet/security/advisory/961051.mspx

And the Bulletin, and link:

http://www.microsoft.com/technet/security/bulletin/ms08-078.mspx

From the dates on the bottom of the advisory; from us being aware until shipping a fix for 8 browsers across x operating systems is 7 days.

Competition from other browsers in the market makes Microsoft; and the other vendors for that matter, more responsive. This is a good thing.

It is difficult to explain multiple pages of technical documents, background information and “zero pointers” to a non-tech public: let alone squeezing that into the sound-bytes required by TV and Radio.

Yet another reason by traditional MSM fails in providing appropriate reportage for complex technology issues.

The question of transparency and being seen to be transparent in regards to ownership of NineMSN etc is one that requires an answer; one that will come from beyond my paygrade.

]]>