Re: Administrivia: No More Microsoft Bulletins

[Elias Levy <aleph1 () SECURITYFOCUS COM>]

A quick follow up on my earlier message. It seems a few people
believe I said Microsoft is claiming copyright on the vulnerability
information in their bulletins. That is not the case. Please reread
my earlier message. Microsoft is enforcing their copyright on the
bulletin itself, in its web form in particular. They are perfectly
in their right to ask me to stop redistributing them even if it
seems counter to basic idea of a security bulletin. Still anyone,
myself included, can read the bulletins and reword the information
for our own uses.

Some people suggested that I might have the right to post the
bulletins under the copyright fair use doctrine. I doubt this
as is the copying of a work as a whole. In any case if they don't
wish me to redistribute the bulletins I will abide by their wishes
the same way if I asked someone to stop redistributing my work
I hope they would agree to do so.

Microsoft has a sound reason for wishing to centralize the
repository of their bulletins - so that their customers will
always obtains the latest up to date information. But I believe
the negative factors of such change far outweigh their positive
ones. This is were we disagree.

So please lets keep the conspiracy theories to the minimum. They
are trying to do the right thing - but in the wrong way. I actually
wrote that message while sitting at the Microsoft campus during the
SafeNet summit they put together this week. It was an invitation only
event and Microsoft did not have to invite me. At the very least they
are trying which is more that can be said of many other vendors.


--
Elias Levy
SecurityFocus.com
http://www.securityfocus.com/
Si vis pacem, para bellum