Just read on http://blog.fefe.de/: \u003cbr /\u003e\u003cbr /\u003e The state of the IT industry has nearly always pitiful when it comes to security and other quality assurance, \u003cspan style=\recent years, aggravated menacing conceptually, because the Manufacturer handed over now to the of eh overburdened bug fix team budget and subtract it to build mitigation. Sandboxing is a trend that you can just see all kinds of browsers. On the basis of mobile phones are now synonymous already the regular operating systems increasingly sandbox environments for applications. \u003cbr /\u003e\u003cbr /\u003e I think this is all for Snake Oil, worse still, for reducing active safety. Because with the money, with the senseless techniques will be introduced here, we could've fixed bugs or wonderfully even improve the development process. \u003cbr /\u003e\u003cbr /\u003e The current high point in this puppet show is the security chief of the Adobe (;! The Loudmouth Adobe has actually a security boss!) \u003cbr /\u003e\u003cbr /\u003e Hasare actually placed (generally on a Kaspersky conference that fits synonymous again like ass on buckets) and explained to the surprised audience that not even Adobe comes to fix the bugs. Instead, the aim of exploiting the bug is more expensive. And for this he condemned the Gesicherpunkt researchers dare to publish papers about it, how to deal with the senseless mitigation. \u003cbr /\u003e\u003cbr /\u003e If these arguments sound familiar to someone? Just so the content mafia is then employed, that bypassing of (; synonymous and are still so ridiculously weak) to provide copy protection devices a criminal offense. \u003cbr /\u003e\u003cbr /\u003e We must as a customer to us to defend these people. Buys noProdukte of companies that prefer to mitigation than in ordinaryDeveloper training and quality assurance invest. \u003cbr /\u003e\u003cbr /\u003e If the statements of this grotesque clown Adobe SOON disappear from the Internet, and I quote it here in full time: \u003cbr /\u003e\u003cbr /\u003e "My goal is not to find and fix every security bug," Argued Arkin. "Id like to drive up the cost of writing exploits. But when researchers go public with techniques and tools to defeat mitigations, they lower that cost." \u003cbr /\u003e At Adobe, Arkins security teams have been working overtime to stem the flow of zero-day attacks against two of its most widely deployed products Adobe Reader and Adobe Flash player and he made the point that too much attention is being paid these Best way to responding to vulnerability reports instead of focusing on blocking exploits live. \u003cbr /\u003e\u003cbr /\u003e "We may fix one vulnerability that has a securitycharacteristic but when we change that code, we are creating a path to other vulnerabilities that may cause bigger problems in the future, "he said. \u003cbr /\u003e\u003cbr /\u003e Actually, you could quote the whole article. Un-believable-lich. The cries thereabouts seriously that Adobe gets soooo many bugs reported so that they break with their fixes more than they fix. Suddenly, and so is no longer printing. The self-accusation is of almost biblical dimensions. And the climax of the Unverstaendnisses: \u003cbr /\u003e "We have hundreds of CVEs patched dog [individual vulnerabilities] over the last year. But, very, very few exploits have been written against those vulnerabilities. Over the past 24 months, we've seen about two dozen actual exploits," Arkin said, making the argument that software vendors are not wisely using their security
Antwort von TomStg:
Nice quotes-and Spruechesammlung of Dir Reads like the world was going - created by Adobe. \u003cbr /\u003e\u003cbr /\u003e But how many bugs you know of even Adobe products? And how many users of Adobe software to work every day around the world so successful? Adobe's media standards - such as Photoshop, Illustrator, After Effects, with a uniquely effective workflow between them. You know yourself that the problems are sitting on 98% not in the software, but before the screen. \u003cbr /\u003e\u003cbr /\u003e So if you have a problem with Adobe, keep it for yourself and not the people on here Wiegel. \u003cbr /\u003e\u003cbr /\u003e Tom
Antwort von AlptraumM:
What does this stir up, he can express his mind freely and if you do not like it you have to live with it. Quite wrong, he has not so when you are about places that the customer is used today as a beta tester and a "finished" product is delivered infrequently. This is synonymous to Adobe
Antwort von WWJD:
It's obvious that you can earn money with no Bugfixies. \u003cbr /\u003e Better to once again brings Bugdate - aehm sorry - an update, and sugeriert the already-suffering beta users improve. \u003cbr /\u003e As Adobe Photoshop Elements and Premiere Elements. I have 4 versions of it, with each version, there lives a bug from somewhere, whether in the print preview, or import a.meisten etc. What bugs me is the fact that one can not defend themselves. There noObutsstelle sorry for troubled users - or does it? - Of which page should pressure Adobe to come? So, can do the Manufacturer what they want, maybe there sooner or later, once again a tempting sales campaign and the issue is off the table. For example, if Sony produced a video camera just after the ideas of the consumer would,
Antwort von mann:
My reference to blog.fefe.de link (or the long quote, quotes, unfortunately I had forgotten) should just be 'ne information sharing. The blog.fefe-maker is an IT expert, and his comments about the different things are often enlightening ... \u003cbr /\u003e If he reports. "The (Adobe) Manager crying thereabouts seriously that Adobe gets even reported soooo many bugs that they break with their fixes more than they fix Suddenly is not and so print", then that's a hammer, right?
Antwort von cantsin:
Felix of Leitner (aka "fefe") is one of the leading German IT security expert and by the way synonymous Spokesman of the Chaos Computer Club. What he says about because Adobe is, in fact, the extremely ugly. Only the company can probably be thankful that the security officer is not ashamed, before an audience so let their pants down. That would be about as if VW can occur in a motor-vehicle-conference would a manager, the saying that one's own design-related security gaps not fix the car, but as much as possible by trying to circumvent extensions. \u003cbr /\u003e\u003cbr /\u003e However, one must consider synonymous, that when off-line application software such as Photoshop, Premiere or a bug is just annoying for users, but not usually
