Re: Two MSIE 6.0/7.0 NULL pointer crashes

[Jeffrey Walton <noloader () gmail com>]

On Thu, Jan 21, 2010 at 11:22 AM, Christian Sciberras <uuf6429 () gmail com> wrote:
> People are unreasonable, first they complain about
> lack of quick patches/fixes. Next they complain about
> fixes crashing their system.
You're right - Corporate America needs to find more folks willing to
accept unpatched software that crashes their system. Its hard to
justify big bonuses when a company is run into the ground (wait - no
its not. Disregard.)

> On Thu, Jan 21, 2010 at 5:12 PM, Dan Kaminsky <dan () doxpara com> wrote:
> > On Thu, Jan 21, 2010 at 1:53 AM, Michal Zalewski <lcamtuf () coredump cx>
> > wrote:
> > > > Testing takes time.  That's why both Microsoft and Mozilla test.
> > >
> > > Testing almost never legitimately takes months or years, unless the
> > > process is severely broken; contrary to the popular claims,
> > > personally, I have serious doubts that QA is a major bottleneck when
> > > it comes to security response - certainly not as often as portrayed.
> >
> > There are a lot of factors that go into how long it takes to run QA.
> > Here's a few (I'll leave out the joys of multivendor for now):
> >
> > [SNIP]

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/