Patching

[Microsoft] will publish a general summary of planned security bulletin releases three business days before each regularly scheduled monthly bulletin release… The advance notifications will include the number of bulletins that might be released, the anticipated severity ratings, and the products that might be affected. This has been available to select customers for a while.…

Read More Microsoft pre-warning of patches

Ed Hasbrouck points out that Public comments are open through Monday, 25 October 2004, on the Secure Flight airline passenger identification, selection, and surveillance system proposed by the USA Transportation Security Administration (TSA) and its Office of National Risk Assessment (ONRA). My draft comments are here, and I’d love feedback before sending them. [Update: Fixed…

Read More OMB, TSA asking for it.

Security patches should not have licenses. There’s no fair re-negotiation under threat. If I bought your software, and am using it, then you find a bug, you should not be allowed to put new terms on the software in order for me to be safe using it. Imagine a hotel which lost a master key…

Read More Patches & EULAs