Re: [Full-Disclosure] Re: Microsoft Security, baby steps ?

[Blue Boar <BlueBoar@xxxxxxxxxxx>]

Nick FitzGerald wrote:
> Perhaps, but I doubt it...  I can't see the bandwidth costs (at the 
> relatively high discount rate MS must get for all its bandwidth) of the 
> necessary downloads for all those unpatched users who order this CD 
> outweighing the P&P for fulfilling the CD orders.
>
> I think MS has finally realized that while dial-up users are not at all 
> likely to get the large security updates (IE version upgrades, OS 
> service packs), they can be significant combined part in the overall 
> problem of unpatched machines.  This is the easy way for such users to 
> "catch up" (it's just a pity that there is such a huge lag between MS 
> freezing the disk's contents and pressing and shipping it -- for moost 
> Xp users it will arrive about a wek before they face downloading SP2 
> and that is likely to be around 150MB I hear...).

It's a good start.  I've got the disk on order, it will be a nice 
jump-start for all the home users' machines with modems that I maintain 
for friends and family, new installs, etc...

Now, I just need an ISO image I can download once a month or so.  Yeah, 
right after the 2nd tuesday of the month would do it.

I imagine the security community would have created this long ago if MS 
would let other people distribute their patches.

						BB

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html