Once again the Mac world has led the way in pioneering new technology – this time in an area that they are traditionally criticized for the lack of software options: security exploits. Close on the heals of the Safari URL exploits, Mozilla caught up with a shell: exploit and now at long last Microsoft catches up. (Okay it was a few days ago, but that was when I started writing this entry.) My favorite comment from the slashdot thread would have to be:

… what gets patched in the open source world gets exploited further in the proprietary world. MS should probably pay more attention to projects like Mozilla… it might save them a lot of time and effort in the long run. Such wisdom! Such good council! Such arrogance! Such blindness. Perhaps if Mozilla had been paying attention to projects like Mac OS X it might save them a lot of time and effort in the long run. This leads into why you should take time to correctly implement fixes for problems instead of rushing out a patch as fast as possible. When you find one security issue, there’s likely to be others that are similar to it, so you should review your code and design decisions to make sure that you fix them all at once instead of just the ones that have been discovered so far. It’s all very well to ship a patch quickly but it’s pointless if you have to continue running around putting out very similar spot fires instead of taking more time and putting out the source of the fire.