[Microsoft] will publish a general summary of planned security bulletin releases three business days before each regularly scheduled monthly bulletin release… The advance notifications will include the number of bulletins that might be released, the anticipated severity ratings, and the products that might be affected. This has been available to select customers for a while.…Read More Microsoft pre-warning of patches
Ed Hasbrouck points out that Public comments are open through Monday, 25 October 2004, on the Secure Flight airline passenger identification, selection, and surveillance system proposed by the USA Transportation Security Administration (TSA) and its Office of National Risk Assessment (ONRA). My draft comments are here, and I’d love feedback before sending them. [Update: Fixed…Read More OMB, TSA asking for it.
Security patches should not have licenses. There’s no fair re-negotiation under threat. If I bought your software, and am using it, then you find a bug, you should not be allowed to put new terms on the software in order for me to be safe using it. Imagine a hotel which lost a master key…Read More Patches & EULAs
“Wherin links between a number of disparate ideas are put forth for the amusement of our readers” Orcinus talks about one of Bush’s answers to a question in last night’s debate.* (I thought Bush did surprisingly well, but think that Kerry still came out slightly ahead. Both, depressingly, still want to spend my money on…Read More Bush, Socrates, and Information Security