"1. What's the probability that the buggy patch will kick 1% of the population out of their beloved cute desktopo?"

That would happen anyway, no? Any sizeable IT department would at least take the same precautions and run it on test machines first, one would hope...

Home users wouldn't face the same problem for the most part, becuase most actually either go through and "activate" the OS, or the OEM who sold 'em the computer does it for them. In both cases those numbers aren't as easily shiftable, and are much easier to track in number and distribution than corporate edition and beige-box installs, so the incidence would be far smaller.

"2. What's the probability that big grey-market, resold OEM etc. numbers will be miscalculated as pirated?"

This is a valid concern, though I suspect that those same conditions would generate just as much pandemonium and as many unemployed MCSE's as you would have after a BSA license audit. I guess it would be sixes (machts nichts?) between the two. Home users would get screwed, but that would be the fault of the local computer shop who screwed them, and that shop would be wide open to lawsuits.

"3. And, for the pinguin or apples affictionados: OS as secure as its user caught in most supid state."

Agreed - someone running as root user all the time flirts with compromise almost as easily as a Windows users running as Administrator would, and it may leave the user even more vulnerable, depending on circumstance.


"Nope, it's not possible to make 1000% fool-proof, iron-clad-secure OS or application."

Indeed - there wouldn't be a need for patches in the first place if there was one :)

/P

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/243/26588#26588