Author: Dave December 3, 2007

I just read this

Apple QuickTime under siege by ZDNet‘s Ryan Naraine — Not counting silent (undocumented) fixes, Apple has patched at least 32 security flaws affecting QuickTime in 2007. Last year, the QuickTime patch count was 28. Five was documented in 2005. There’s no real end in sight…

It seems that Apple needs to spend less time watching movie trailers and start taking a page from Microsoft’s book on security. Wait no, I take that back. DON’T go with Microsoft’s tutorials if there’s such a thing!

Users clamoring again for an Internet Explorer 8 update by ZDNet‘s Mary Jo Foley — On the one-year anniversary of the launch Internet Explorer (IE) 7, the IE team posted yet another “stay tuned” message to the IE team blog, regarding an informational update on IE 8. And users are none too happy about the continued silence of the IE team.

Fortunately, I think I have a solution for this. I propose a tax on each security flaw exposed by Milw0rm.com. Every time a hole is exposed, there could be a million, no billion dollar fine to pay for disaster recovery should it be needed. Some of the money collected could go to train people in Flex and we could all build our own web browsers with Air.

This way, there would be so many different web browsers all over the world, it would be impossible to keep up with all the security holes. If you found your browser to be a risk, you could scrap it and rewrite a new one in 15 mins.

This isn’t cool though. I was used to IE and I thought Microsoft had coined the whole “find the flaw in the browser” thing. But I remember the days of old when you’d be hard put to hack a Mac, let alone a Mac and a PC through QuickTime.

Perhaps Apple and Microsoft could get together with Adobe and discuss how to create such a difficult installer, that it would be impossible to gain access to their applications at all, much less find a security hole.