# Tuesday, May 23, 2006
« OK, this the last one... | Main | Best of both worlds, vertical and horizo... »
How to make a security update message
I just got this message from Skype about a security update:



Apart from the stray non-printable control char after the question mark, this is pretty much the way security update notices should go out for consumer applications.

The security fix only works if people download and run the update, and if the message can't be read by the intended audience because it is deep in techno-babble your patch is all for zip.

It reminds me of way-back-when comparing iptables on Linux 2.4 vs. IPF in OpenBSD 2.x.  The one factor that made OpenBSD more secure for me in this case was the rules were written in words the config file rather than as parameters to iptables making them less error prone and hence more secure.  I believe both those tools are now left to history now anyway...

Anyway, well done Skype :-)

(NB:  They also blog :-)

Geeking Out! | Secutity
Tuesday, May 23, 2006 6:19:12 PM (AUS Eastern Standard Time, UTC+10:00)  #    Disclaimer  |  Comments [0]  |  Related posts:
Visual Studio 2008 Professional vs. Standard edition. Just what are the differences? Is it Features?
The var keyword (C# 3.0) - Nothing at all like VB6 Variant - It's not even a Type!
Bringing Grep back using PowerShell
iTunes messages not getting any better despite constant updates!
First DR scare at the new office
Sign your way to better quality with a x509 Certificate