Trust and Microsoft security

Which would you rather trust: A coallition of volunteers and companies who work their asses off to fix security issues and bugs as they become available, or a single company that admits to hiding vulnerability details so they have more time to fix them. I know the crackers and script kiddies don't wait to exploit these holes, so the logic to justify this tactic is lost on me. I think a major shift in corporate policy at Microsoft is needed, and an admission that they can't keep up is in order. But, rather than damning them for not being able to keep up, I'd like to suggest they ask for help from the Windows programmers out there. Microsoft has a great community of developers out there (yes, this may come as a shock to some of you that I'm admitting that Microsoft has something good), but they don't take advantage of them at the OS level as much as they should. There's no shame in asking for help, and there's no reason they couldn't ask for it outside of hubris and an unwarranted need for secrecy. It's time to grow out of these outmoded ideas, and realise that there's an untapped resource in the Microsoft community. Solaris realized it. Apple realized it. Now it's Microsoft's turn.


links

social