__/ [ Mark Kent ] on Wednesday 04 October 2006 06:43 \__
> begin oe_protect.scr
> Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> espoused:
>> Unofficial patches defend against further IE flaw
>>
>> ,----[ Quote ]
>>| Two groups of security researchers have released unofficial patches
>>| designed to protect surfers against an outstanding Internet Explorer
>>| vulnerability in the absence of available security updates from
>>| Microsoft.
>> `----
>>
>> http://www.theregister.co.uk/2006/10/03/zero-day_ie_fix_encore/
>
> It does seem so 1980s to see binary patches being issued... open-source
> is a much better route for this.
True. In WordPress, for example, a simple substitution of a ~3KB PHP file can
resolve a security issue. It doesn't take an expert to do this, but for
those who fear, there's an entirely new package with a nice GUI-like
upgrade/patch route. It's a matter of walking hand-in-hand with the user.
What's more scary is that even user data becomes a binary blob (DRM), so
sooner or later, slight changes may require large downloads.
|
|
