Advertisement

Internet Explorer 11 Debacle

Started by July 29, 2014 12:00 AM
53 comments, last by 3Ddreamer 10 years, 3 months ago
I don't think you understand what 'anecdotal evidence' means...

Also you are trying to make points I'm not making or twisting/misunderstanding the ones I am.

As such I'm out.

I don't think you understand what 'anecdotal evidence' means...

Also you are trying to make points I'm not making or twisting/misunderstanding the ones I am.

As such I'm out.

This should help you understand.

I'm a game programmer and computer science ninja !

Here's my 2D RPG-Ish Platformer Programmed in Python + Pygame, with a Custom Level Editor and Rendering System!

Here's my Custom IDE / Debugger Programmed in Pure Python and Designed from the Ground Up for Programming Education!

Want to ask about Python, Flask, wxPython, Pygame, C++, HTML5, CSS3, Javascript, jQuery, C++, Vimscript, SFML 1.6 / 2.0, or anything else? Recruiting for a game development team and need a passionate programmer? Just want to talk about programming? Email me here:

hobohm.business@gmail.com

or Personal-Message me on here !

Advertisement
Ah, and now you are being condescending, nice nice...

And also; wrong.

IF I had said something along the lines of "I've heard of this one problems with open source software so all open source software must be bad" you would have a point.

I didn't.

I cited a time period "recent security problems" and gave specific examples as to what I was talking about.

I did not expand this to state 'all open source software is...' in relation to my claims, I restricted my point to a very specific subset of known problems which have been reported in the wild.

This is not an acecdote, this is a set of 3 cited examples of when open source software has caused large security problems.

The logic is easy to follow... or maybe I'm just that much smarter than you, I dunno... but the point is, nope, you are wrong and by trying to attack the message instead of the facts I pointed out you are showing that you have no point to be made, instead you are simply trying to discredit in order to make you own position felt safer.

So, as I said, I don't think you understand what anecdotal evidence is.

But thanks for playing.
Better luck next time.

This is not an acecdote, this is a set of 3 cited examples of when open source software has caused large security problems.

Here's the problem with your argument: Open source software didn't "cause" these security problems.

You cited three isolated examples of when there were bugs in open source software, and then implied that Open source software has more bugs and is worse than proprietary software. And you then went on to say that "Open source software ... caused large security problems", which is obviously untrue.

I'm a game programmer and computer science ninja !

Here's my 2D RPG-Ish Platformer Programmed in Python + Pygame, with a Custom Level Editor and Rendering System!

Here's my Custom IDE / Debugger Programmed in Pure Python and Designed from the Ground Up for Programming Education!

Want to ask about Python, Flask, wxPython, Pygame, C++, HTML5, CSS3, Javascript, jQuery, C++, Vimscript, SFML 1.6 / 2.0, or anything else? Recruiting for a game development team and need a passionate programmer? Just want to talk about programming? Email me here:

hobohm.business@gmail.com

or Personal-Message me on here !

This is not an acecdote, this is a set of 3 cited examples of when open source software has caused large security problems.

Here's the problem with your argument: Open source software didn't "cause" these security problems.

You cited three isolated examples of when there were bugs in open source software, and then implied that Open source software has more bugs and is worse than proprietary software. And you then went on to say that "Open source software ... caused large security problems", which is obviously untrue.


The only person arguing about number of bugs between OSS and proprietary software is you. Not a SINGLE time has Phantom said anything about differences in bug counts in this entire thread. He's been pointing out, rightly so, that OSS has had some serious problems. He has been arguing that you shouldn't just blindly trust OSS. You're attempting to put words into his mouth by reading his responses and seeing whatever you want to see.

The articles that you have linked to are not peer-testable. If you can find ANYWHERE on Coverity's site where they list which proprietary projects they analyzed for their report, please link it, otherwise I am calling bullshit; It is blatantly clear that Coverity has a vested interest in promoting OSS for its own financial gain. "Studies" can be written to say whatever you want them to say, but if nobody else bothers checking to make sure you did the study correctly, nobody's going to call bullshit either. People who already agree with what the study says are unlikely to challenge it. Ironically this is the exact same behavior seen in OSS: The vast majority of OSS users just want to use the software, and aren't going to bother investigating the code in detail unless they personally encounter a bug. If there's something intentionally malicious in the code, you don't know what to look for.

Security researchers actively looking for exploits (not typical source-code-level flaws like what Coverity appears to advertise) seem to be the only ones bothering with deep investigations of software, but these people are smart enough to do it regardless of OSS/proprietary-ness; as long as the researcher has code or executable, they can begin investigating.

Here's the problem with your argument: Open source software didn't "cause" these security problems.


Then how you would explain it then?
When 3 large security flaws are found in 3 pieces of open source software? (or 2 pieces of software if you want to bundle the two Android problems together).
Advertisement

Here's the problem with your argument: Open source software didn't "cause" these security problems.


Then how you would explain it then?
When 3 large security flaws are found in 3 pieces of open source software? (or 2 pieces of software if you want to bundle the two Android problems together).

It just means there were bugs found in code. That happens with all software.

I'm a game programmer and computer science ninja !

Here's my 2D RPG-Ish Platformer Programmed in Python + Pygame, with a Custom Level Editor and Rendering System!

Here's my Custom IDE / Debugger Programmed in Pure Python and Designed from the Ground Up for Programming Education!

Want to ask about Python, Flask, wxPython, Pygame, C++, HTML5, CSS3, Javascript, jQuery, C++, Vimscript, SFML 1.6 / 2.0, or anything else? Recruiting for a game development team and need a passionate programmer? Just want to talk about programming? Email me here:

hobohm.business@gmail.com

or Personal-Message me on here !

As the topic is well and truly derailed at this point...

In my view, the difference is that the library is already potentially well debugged, potentially reviewed by others.

Given the option between "use an existing widely used, widely trusted, publicly reviewed library for secure networking " or "build your own library for secure networking and hope for the best", I'll take the first. When the new bugs are identified (they will continue forever) the fixes can be easily integrated into my code.

Sure, my system will suffer from the same homogeneous defects. But I'm okay with that because I won't be alone in the error. And because I know I saved a ton of time and effort and bugs by using the standard implementation. And because I know I can just drop in whatever fix the community creates with almost zero work.

When the first few systems came out saying "Our system is affected by heartbleed" a few people reacted negatively. When it was discovered the problem was universal, people really stopped caring. It is just a bug that affects everything before a certain date. There are a huge number of bugs like that.

Open source solutions mean we can simply download the patch and recompile if we choose, rather than having bugs discovered in closed-source projects that are impossible to ever update. You can patch and update your product in the open source world when defects are found. It may not always be easy, but it is possible. In the closed source world you are entirely at the mercy of the vendor. You may know full well that a product has heartbleed in it, but since you don't have the source and the company discontinued it or went bankrupt, you are stuck with the bug.

Open source solutions mean we can simply download the patch and recompile if we choose, rather than having bugs discovered in closed-source projects that are impossible to ever update. You can patch and update your product in the open source world when defects are found. It may not always be easy, but it is possible. In the closed source world you are entirely at the mercy of the vendor. You may know full well that a product has heartbleed in it, but since you don't have the source and the company discontinued it or went bankrupt, you are stuck with the bug.


I agree in that I wouldn't write something myself, though I see most of the same things happen regardless of OSS/Proprietary status.

Here's what happens in my experience:

- Closed source project stops being maintained. Users migrate to a different system or decide to "ride it into the ground". Insane users might reverse-engineer it (doubtful).

- Open source project stops being maintained. Hardcore users might fork the repo, but most users are not going to want to maintain something themselves. They're going to "ride it in" if bugs haven't yet been found, or migrate to a different system as well (or perhaps use the fork if they're lucky and someone wants to continue maintaining it). If a bug comes up, I sure wouldn't trust myself to go in and fix some open source code. Hell, I can't even read 99% of it. It would take less effort for me to migrate to another similar project than it would be to fix the bug myself.


It's nearly the same experience when each kind of project is being maintained: Both provide regular patches based on how critical the issue is and the skill/motivation level of the maintenance team.


You're always at the mercy of someone else, just at different levels of inconvenience.

I will answer some of the posts here. There are too many ideas which deserve a reply, but it's only practical to answer a few issues. If any of you don't get a direct response, then please understand that I barely have time to do any one thing with so much coming at me right now.

Windows installation is the software which ships with the Toshiba laptop from recovery, so it should be clean.

Two attempts at upgrading to IE 11 resulted in error 9C59. I reinstalled once with the same problem and yesterday I reinstalled Win 7 and IE 11 is now accepted and installed and the systems also accept other updates.

My internet connect is high speed broadband and is supposed to be a clean connection, so corrupt files from downloading shouldn't be from bad internet service connection. Which update was corrupted is anybody's guess because the solutions offered did not detect any corrupt files anywhere.

A new problem appeared after the IE 11 was installed: A window appeared which was sent by OS to Desktop about the 2010 C++ Runtime environment which stated that the application (the launching of IE 11 to desktop) "terminated the runtime for an unknown reason". ohmy.png Windows OS replied by checking for solutions but none was found.

After I uninstalled Bing Bar and Bing Desktop then that problem disappeared! huh.png

Now everything works fine with uninstalled Bing Bar and Bing Desktop! biggrin.png

....but the whole debacle is WEIRD! Guys, it is as if some tech smart ass in NSA or Anonymous was toying with me! What else could it be but some hacker in the network messing with me or something?

Personal life and your private thoughts always effect your career. Research is the intellectual backbone of game development and the first order. Version Control is crucial for full management of applications and software. The better the workflow pipeline, then the greater the potential output for a quality game. Completing projects is the last but finest order.

by Clinton, 3Ddreamer

This topic is closed to new replies.

Advertisement