[Dshield] Microsoft patches
ed.truitt at etee2k.net
Tue Oct 21 12:17:03 GMT 2003
On Mon, Oct 20, 2003 at 11:09:34PM -0500, Doug White wrote:
> Just for the sake of discussion, exactly what is Microsoft's obligation to patch
> anything at all?
I think it's called "the fiduciary responsibility to the shareholders." If MSFT made the decision NOT to provide patches (especially security-related patches), I think 2 things would happen:
1) Their customers would migrate to an OS that DID provide such patches (Unix, Linux, FreeBSD, NetWare, etc...)
2) Their cash reserves would be bled dry in a wave of product liability lawsuits (all it would take is one to shred the shrink-wrap license agreement, then the flood would hit.) And, even if the license agreement held, it protects MSFT from the person running the software - not those of us who aren't.
Edward D. (Ed) Truitt
email: ed.truitt at etee2k.net
"Note to spammers: my 'delete' key is connected to YOUR ISP.
Also, if you send me UCE, I reserve the right to post your spew
on my Web site, with the appropriate color commentary, so that
others may have a good laugh at your expense."
More information about the list