Amazon.com security request fraud
Blaster laster
Ironic, is it not?
Another buffer overrun vulnerability
What's New in Windows 2003!
« Python license!
» Professional programmers
Slashdot reports: "Microsoft announced Wednesday that there is a serious software flaw with its IIS web server. The vulnerability affects a function in the server software that allows Web administrators to change passwords for an Internet site... Microsoft’s time to patch a remote hole where the attacker can gain complete access to your computer: two months. Open Source’s time to patch a much less serious bug where the attacker can merely crash your computer: three days."
Last week I was in a meeting with a consulting group that provides "bottomline guidance for IT". Their "expert" strongly fealt that most open source is not valuable, because:
- You can post some bug to the "community" and wait till you retire to get an answer.
My feelings: "We were not sure whether they had tried any major vendor’s support line at all. Like the example explains above, community support far outshines vendor support."
- After 2 years, multiple delays, Mozilla 1.0 was released. What an under achievement!
My feelings: "As a matter of fact, who cares whether the version number is in low 1.x’s or in high 6.x’s? As long as it works, I’m happy."
I would have assumed that the bottomline if I am the manager would be - "How long does it / did it take to fix the problem?". I wouldn’t be interested in hearing stories about how many times machines were rebooted, how often vendor was called in, how often you got a chance to talk to the vendor, how many suggestions vendor had given etc. Bottom line really is "Is it solved?".
I’m not sure where the value is, if bottom line as suggested by experts goes like "it is not your responsibility, but the vendors!".
The following is from Microsoft’s solution page.
Disclaimer:
The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
Every software vendor has similar disclosures.
Question is, how does the bottom line improve, if I’ve to pay money for software for which the vendor expressly denies any responsibility? How does it even compare to things I can get for free, can get paid support if need be, has good community service and makes the source available which makes it possible for me to fix things if need be?
Ask a question on http://groups.google.com/groups?hl=en&lr=lang_en&safe=off&group=comp.lang.python and see how long you have to wait for an answer! This kind of responsiveness just isn't available commercially. If it was, you couldn't afford it. ;-)