From: anonymous-remailer@shell.portal.com
To: cypherpunks@toad.com
Message Hash: 2a5923518e22b1c256966cc88ac3b58dae269d4355d5b445335250b6a68ae125
Message ID: <199510160413.VAA28410@jobe.shell.portal.com>
Reply To: N/A
UTC Datetime: 1995-10-16 04:14:44 UTC
Raw Date: Sun, 15 Oct 95 21:14:44 PDT
From: anonymous-remailer@shell.portal.com
Date: Sun, 15 Oct 95 21:14:44 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape question transformed
Message-ID: <199510160413.VAA28410@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain
On Fri, 13 Oct 1995, Derek Atkins wrote:
> > Why would a compony like Netscape jeapordise themselves by
> > even letting out a beta version so hackers have time to find bugs
> > before the full version is released. Don't take me wrong I have only
> > been on the net fer a little over a year and Love Netscape. And If I
> > knew what I was Doing I would love to help them.....
>
> I don't think that this can jeopardize a company...
I agree. I don't think it can jeopardize the company either. After all,
we're talking about a company that has a market capitalization of more
than TWO BILLION US DOLLARS. Two Billion Dollars can buy a lot of talent.
Even if Netscape has to spend $100 Million on this problem, that sum
represents only 5% of Netscape's total market capitalization.
I'm certain that Netscape has established a crisis control centre which is
manned and readied. That a proper spin control program has been
implemented, and that a reasonable firm like Skadden Arps has been
retained.
And I'm confident, that Netscape is drawing not only on its own resources
but that it's drawing on those who share Netscape's interests.
Even if Skadden doesn't let you past security without a seven figure
retainer, I'm sure that if one of those nice boys from Morgan Stanley, ...
someone with snazzy Princeton ties ... maybe one of the ones who
orchestrated the Netscape IPO calls over to Skadden, Arps, Slate, Meagher
& Flom, I'm sure that one of those fellows will have their call returned
by any partner at Skadden.
They're professional that way.
> What would you
> rather see? A company makes a beta release for people to attempt to
> break, fixes the bugs, and then releases a better product? Or would
> you rather see a company release a product, tell people it is secure,
> and then get bitten by numerous holes in it?
Well, I'm not sure that I'd want to make any representations or imply any
warranties whatsoever.
> From a PR perspective, it sounds much better to take the first tact.
> Similarly, you will get a better product using the first method.
> Using the second method, NOT beta-testing your product, has a greater
> chance of jeopardizing a company. At least if they put out a beta, if
> the press calls, they can say "this is nor our final product -- we
> wanted to let people give it a try and find problems, so that we can
> fix them before we start shipping".
We aren't just talking about a pre-alpha (Netscape beta) product.
We are speaking of something else here. We're talking not only about a
problem in their NEW code, we're talking about a very big problem in the
middle of their EXISTING code. A huge security hole in the code that
everyone is and has been running -- from 850,000 Deutsche Telecom
customers, throughout AT&T's internal organization and throughout their
worldwide customers, and god only knows how many individuals in the United
States and abroad.
This is an extremely serious software design issue. It is equivalent
to designing and then building a house and forgetting to include any
plumbing, and no one really noticing, and no one really saying anything
about it.
And when someone like Joan Rigdon calls from the Wall Street Journal, I
hope that Netscape doesn't try to snow her.
She's been up and down the street ... and probably knows all about snow.
Alice de 'nonymous ...
...just another one of those...
P.S. This post is in the public domain.
C. S. U. M. O. C. L. U. N. E.
Return to October 1995
Return to “anonymous-remailer@shell.portal.com”
1995-10-16 (Sun, 15 Oct 95 21:14:44 PDT) - Re: Netscape question transformed - anonymous-remailer@shell.portal.com