Mr. Lasser, you've drawn your last straw. In your past article I found it amusing how your tunnel-vision has blinded the obvious, but now I know you're just a plain dolt. Fair?! Life is not fair, and neither is security. If life were fair you'd be out of a job, along with the rest of SecFoc because no one would need security. When people choose to use any tool, they are accepting the risks the second they put it to use, and that includes software. It's my understanding that your view of the OpenSource community is completely skewed. You don't grasp the beauty of thousands, if not millions of people working all at once for the greater good of the scope of their work. You see it as a weak melting pot that can only survive on the meager donations of big business companies. Maybe it's time for a new Unix section editor...

As for your remark about the release being irresponsible. They included the patch with the report, and therefore were not causing a danger. The bug has been there for as long as it's been written to the source file! It's not a new thing that it's been there, it's just now at the attention of everyone else in the world. This goes back to that risk I was talking about. If you can't take the risk of running someone else's server, or operating system, or any other 'tool' you may use, _DON'T_

Maybe it's about time for Jonny boy to pick up the job ads in the newspaper...

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/91/13296#13296