>> About a year ago, I tripped over this issue. (I have since found out >> it is a known bug - see http://www.sitepoint.com/print/1029). In an >> effort to help MS, I spent hours of company time registering to >> various bug reporting services on MS sites - and never found one that >> would accept my bug report because IE is not a paid product. Not that >> I wanted any support - I only wanted to help them out. > > How many semi serious issues exist where people just never bother to > disclose them to the public and where the vendor decides to ignore the > notification? > [snip] > I told MS about this back on 0ct 10 2002 and even sent them exploit > code, never even got a response, not even a "sorry we don't consider it > a threat" note. [snip
In some cases, people are threatened with lawsuits by companies, which is a great way of getting people on your side, and making friends. (sarcasm, by the way.) Vendors/Companies bring it upon themselves 99.9% of the time the way people act towards them. There are several companies I have no intention of ever talking to again. - andrewg _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
