Stories
Slash Boxes
Comments

SoylentNews is people

posted by LaminatorX on Monday August 18 2014, @09:47PM   Printer-friendly
from the not-your-father's-Oldsmobile dept.

For the last few years, Microsoft has tried to separate the modern version of Internet Explorer from its legacy: a relatively slow, insecure browser saddled with proprietary features. Now Mark Hachman reports at PC World that as recently as a few weeks ago, members of the Internet Explorer development team debated renaming the browser, presumably in an effort to eliminate any distaste from the software's earliest days. According to one member of the Explorer Develop Group during an AMA on Reddit: "It's been suggested internally; I remember a particularly long email thread where numerous people were passionately debating it. Plenty of ideas get kicked around about how we can separate ourselves from negative perceptions that no longer reflect our product today," wrote Jonathon Sampson. "The discussion I recall seeing was a very recent one (just a few weeks ago). Who knows what the future holds :)"

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Interesting) by Subsentient on Tuesday August 19 2014, @03:15AM

    by Subsentient (1111) on Tuesday August 19 2014, @03:15AM (#82891) Homepage Journal

    Modern compilers draw warnings at stuff like the assignment/equality trick. They demand parenthesis. If anyone insists on including parenthesis for equality, be suspicious.

    --
    "It is no measure of health to be well adjusted to a profoundly sick society." -Jiddu Krishnamurti
    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 2) by geb on Tuesday August 19 2014, @10:11AM

    by geb (529) on Tuesday August 19 2014, @10:11AM (#82991)

    Previous winners of the Underhanded C contest have been far, far sneakier than that. It certainly doesn't stop at a single trick. Some of the contest entries have been so subtle that it takes several minutes just to see that there is a problem, even in a two line sample, having been told in advance that something is awry.

    Being suspicious isn't enough.

    • (Score: 3, Insightful) by jasassin on Tuesday August 19 2014, @11:30AM

      by jasassin (3566) <jasassin@gmail.com> on Tuesday August 19 2014, @11:30AM (#83005) Homepage Journal

      http://en.m.wikipedia.org/wiki/SE_Linux [wikipedia.org]

      In mainline kernel since 2003. Created by the US Department of Defense, from original concepts and code of guess who... the US National Security Agency. I checked my CyanogenMod and yes its cooked in. If what you say about hiding doors is that easy, Linux is fucked too. Yes? No?

      --
      jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A
      • (Score: 4, Insightful) by geb on Tuesday August 19 2014, @12:23PM

        by geb (529) on Tuesday August 19 2014, @12:23PM (#83024)

        It's difficult to say.

        The examples from the underhanded C contest were the work of individuals given a few months and a strictly defined single task to work on. They came up with backdoors that were well hidden, but not perfectly immune to discovery, and most of them would have been found if they were in active use. The winning entries tend to be ones where the author could say "Oh, whoops. Honest mistake." if they were blamed.

        I don't think you can take that experience and directly scale it up to the level of the linux kernel. More places to hide, but more people looking. Far more talent going into both backdooring and securing, at genius level on both sides. Very high stakes. If even a single flaw is found, an NSA contributor can't fall back on claiming to be a hobbyist making a n00b error.

        Heartbleed stands out as a better example for comparison. It might have been a genuine error. It might have just been plausibly deniable. We can't know.