Sign in. It’s quick, free and it’s up to you.
An account is an optional way to support the work we do. Find out more.
MICROSOFT HAS CRITICISED Google’s decision to reveal a software vulnerability relating to Windows 8.1 two days before it had planned to fix it.
Google Project Zero is a service which tracks software flaws and reports them to the relevant parties before they are exploited. To ensure that all bugs are fixed, Project Zero gives them 90 days to patch it or else it publishes the details.
The senior director of Microsoft’s Security Response Centre Chris Betz described Google’s decision as “less like principles and more like a ‘gotcha’”.
In a post detailing Microsoft’s stance on the issue, Betz mentioned that the bug would be fixed as part of Patch Tuesday, a planned event which happens on the second Tuesday of every month. Microsoft had asked Google to keep the vulnerability under wraps until then, but Google published the details of said bug on 29 December as its 90-day deadline wasn’t met.
CVD (Coordinated Vulnerability Disclosure) philosophy and action is playing out today as one company – Google – has released information about a vulnerability in a Microsoft product, two days before our planned fix on our well known and coordinated Patch Tuesday cadence, despite our request that they avoid doing so.Specifically, we asked Google to work with us to protect customers by withholding details until Tuesday, January 13, when we will be releasing a fix. Although following through keeps to Google’s announced timeline for disclosure, the decision feels less like principles and more like a “gotcha”, with customers the ones who may suffer as a result. What’s right for Google is not always right for customers. We urge Google to make protection of customers our collective primary goal.
Betz said that the process of dealing with security vulnerabilities can be a “complex, extensive and time-consuming process” where issues like the real world impact in consumer environments, the number of platforms said bug exists in and the complexity of the fix must be considered.
Vulnerabilities are not all made equal nor according to a well-defined measure. And, an update to an online service can have different complexity and dependencies than a fix to a software product, decade old software platform on which tens of thousands have built applications, or hardware devices. Thoughtful collaboration takes these attributes into account.
Batz made a request to researchers to privately disclose vulnerabilities to software providers and work with them until a fix is made before making the details public, said it’s a “partnership that customers benefit the most.” Not doing this would result in a “zero sum game where all parties end up injured.”
After Project Zero released the details of the bug, one of its members defended its decision to publish it saying “on balance… disclosure deadlines are currently the optimal approach for user security,” and would monitor the effects of its policy “very closely.”
To embed this post, copy the code below on your site
Sounds crazy that they are not given access. Should they not inherit access? That said, can they not get access to read the FB pages from a friends account?
@Nick Allen: probably wants to read the private messages
@Nick Allen: it’s sounds tragic that her parents are in the situation but from an outside point of view the girls friends and contacts also have a right to privacy. It’s an unfortunate case but a ruling I would back. Definitely not a position I would every want to be in as a family member
@ChuckE: so u back tbe ruling but do not agree to it in your case. hmmm
@Nick Allen: An individuals personal information remains their property even after they die. It’s like medical records – family are not automatically entitled to access a loved one’s records just because that person died. Your private data belongs to you.
@Tom Tom: the order doesn’t recognise the dead daughter’s right to privacy. She doesn’t have one, as she doesn’t exist anymore and any rights to privacy died with her. The issue here is actually the privacy of others who are not deceased who may want to have their conversations with the dead daughter protected from the eyes of her parents or their own parents or whomever.
@Bernard Cantillon: ah, I see. That’s nuts. I would have thought the rights of the deceased should be paramount.
@Nick Allen: the existing legislation applies only to living individuals so it doesn’t apply to her but I don’t understand why they can’t redact her contacts and the recipients of any messages she sent personal data and give the family the closure they need.
I kind of favour it.
I think people should be able to tick an option granting access if they die.
@Paul: There is an option to nominate an “heir” to your account .
@Davin Ryan: Davin is correct, which is why this decision is unlikely to be overturned. It’s a tricky subject but when you compare it to the true context, that nothing is bringing that person back, then I think it might be proper that the balance rests on the privacy of those remaining.
You can sign a person up to your page as a back up, in case something ever happens to you. Just FAct of the day.
@Rosie Murray: Cool tip! Very good to know.
@Rosie Murray: I think the legacy contact feature is relatively new and this girl died 5 years ago I think
@Rosie Murray: you’re beautiful
@Mick Mulligan: smooth
Fffg ing Shame on FaceBook. This was their daughter Ff s. Beyond belief what corporate entities will go to in the face of normal humanity. Condolances to these parents who lost a little girl they raised for 15 years only to be faced with the Col Face of Corporate FaceBook.
@gregory: It is tragic. I don’t see why Facebook can’t give them a redacted copy of her account. I certainly do see why grieving parents should not be in a position to seek impossible answers from a group of 15-year olds who have lost a friend. I was around that age when a schoolfriend died. Our class went to the funeral. All we expected was to say “Sorry for your loss.” These parents could well go further, asking why, and dissecting every chat. Of course the online connections need to be shielded from that.
She is dead and gone and beyond caring . I don’t see why her parents can’t access her account. Protecting the privacy of a deceased individual is just pointless in this situation. It no longer affects them and it could mean a lot to her parents who are searching for answers.
@Catherine Sims: yes but they are also protecting the privacy of her friends who would have had private messages with her through Facebook. They are entitled to their privacy.
Facebook is a cult that drives families apart.
How can a person’s Facebook page be compared to a diary ?
@Suzie Sunshine: very easy. In this day n age a facebook account is very similar to a diary account before social media. Get with the times
@Suzie Sunshine: It reflects via a timeline and entries what a person has been doing. It’s not that hard to get your head around it.
@Tariq Ibn Ziyad: Her timeline would sure but PMs? would not be comparable to a diary. They could view her timeline without needing access to the account itself.
@Sue Sue: Hardly similar. I didn’t see any trout pouts or dinner pics in Anne Franks diary.
@Tariq Ibn Ziyad: I’m well aware of what it entails .. my point was that a diary is usually where you write your personal thoughts and its not what you’d usually post on Facebook ..
@Sue Sue: it’s nothing like a diary .
@Suzie Sunshine: well, having said that Susie. A Facebook page is quite public. Where diaries are mainly personal and private, so if diaries can be inherited then surely something more public should be.
@BatMon: I agree with that .. I think the family should be able to have access .
There are actually too few rights for parents in Germany. For example, parents are not allowed to home-school their children in Germany. They must send them to formal schools approve by the state. This is actually a still-enforced legacy of the National Socialist era (1933-1945), when the Nazis wanted every child to think in the way that the state wanted them to think, and not necessarily to receive the education that their own parents wanted them to receive.
@John Reid: So what? I think it’s way better than kids being home schooled and being taught god knows what!
Also, school is compulsory in most European countries, including Ireland!
Judge should know that the parents have a moral right to know!
@oliverjumelle: They have no right to read her private messages and invade her friends privacy!
Deutschland ist verrukt. Germany is crazy.
@gregory:
Aber wieso?? Warum denken Sie so? Stimmen Sie zu mit dem Gesetz oder nicht?? Und warum sprechen wir auf Deutsch? So viele Frage, zu wenig Zeit. Na ja, mindestens kann ich unsere neue Amtsprache üben….
Tut mir Leid, mir ist langweillig
@DonalC: halte den Mund
Legacy contact, it already is a feature on Facebook .selected can’t see chats but gets access to a version of your page . As a memory . Check settings , I set this a while back
They should be allowed access, the girl was a minor when she died.
The coroner would need access to determine the cause of death.
If anyone thinks that they have any privacy while using facebook they are delusional.
I had to close someone’s
I had to close a persons Facebook account recently , well get it memorialised actually. You have to supply a photo of the death cert. Whoever got this girls page memorialised had to have had access to it. Strange as you’d imagine that would be the parents. It should only be next of kin that get to close it. I only had to say my relationship to the person with Facebook. They never asked for proof of who I was
@Lucy Legacy: Eh Facebook themselves memorialised the page
have your say