Microsoft: bad security or good practices?

— 12:00 AM on February 8, 2002

This question has been nagging at me for a while—especially tonight, as my inbox fills up with Microsoft security bulletins and reports have come in about MS's new project to get its programmers to write secure code.

This is the problem: Every time there's a bug in any sort of Microsoft software, we hear about it. A lot. Many of us hear it first from Microsoft via e-mail. Then maybe on CNN or a radio news report. Slashdot jumps on it with glee as yet another example of... something. And the rest of the web starts talking about it.

It happens all the time.

I can't think of another company whose software security problems get the constant, instant, deep, and wide exposure Microsoft's do. And every time it happens, Microsoft gets slammed for lousy security practices. Now, I know much of their software hasn't exactly been designed with security in mind from the ground up, but it seems odd to me that Microsoft is constantly getting beaten up for poor security practices right as it's in the midst of doing the right thing. Isn't that a little bit odd?

I dunno. I guess I should stop worrying about it and go patch some servers.

Like what we're doing? Pay what you want to support TR and get nifty extra features.
Top contributors
1. BIF - $340 2. Ryu Connor - $250 3. mbutrovich - $250
4. YetAnotherGeek2 - $200 5. End User - $150 6. Captain Ned - $100
7. Anonymous Gerbil - $100 8. Bill Door - $100 9. ericfulmer - $100
10. dkanter - $100
Tip: You can use the A/Z keys to walk threads.
View options

This discussion is now closed.