Linked by Thom Holwerda on Fri 14th Jun 2013 17:32 UTC
Microsoft From Bloomberg: "Microsoft, the world's largest software company, provides intelligence agencies with information about bugs in its popular software before it publicly releases a fix, according to two people familiar with the process. That information can be used to protect government computers and to access the computers of terrorists or military foes." The lid has officially been blown off.
Thread beginning with comment 564758
To view parent comment, click here.
To read all comments associated with this story, please click here.
darknexus
Member since:
2008-07-15

Instead of focusing only on Microsoft I would like to know what the other commercial OS vendors do.

Agree! And I'd also like to know what major open source vendors do. In a situation like this, one is no less vulnerable than the other and, as no one reviews the code of a full distribution in its entirety (that's far too much code for one person), slipping a back door in would be child's play for agents especially if said distribution (as most do) uses many custom patches.

Reply Parent Score: 3

cdude Member since:
2008-09-21

no one reviews the code of a full distribution in its entirety (that's far too much code for one person)

That's why there is not only one person reviewing code in open source.

Reply Parent Score: 2

moondevil Member since:
2005-07-08

That very much depends on the project.

Reply Parent Score: 3

BallmerKnowsBest Member since:
2008-06-02

"no one reviews the code of a full distribution in its entirety (that's far too much code for one person)

That's why there is not only one person reviewing code in open source.
"

Remind me, how's that approach been working out lately?

http://www.osnews.com/story/27065/Large_number_of_security_issues_i...

http://arstechnica.com/security/2013/04/exclusive-ongoing-malware-a...

Reply Parent Score: 2