Evgeny (m3chman) wrote,

google опять обделался..

TL;DR: Короче гугл как компания не имеет понятия что такое безопасность и поддержка софта.

История: 8 июля появился "exploit" использующий флеш:
“Weaponized” exploit can steal sensitive user data on eBay, Tumblr, et al.
adobe, microsoft и mozilla выкатили обновления как обычно.
у гугля же свой путь: они выкатили апдейт через "соmponents update service", но этот сервис не спешит обновлять свои программки :)

почитайте комменты они доставляют (eng):

"@Google: Your updates distribution really sucks donkey rears ... no matter if we talk Chrome on a desktop computer or your r-tarded "staged rollouts" on Android."

"Google's approach to updating is one of the worst in the industry. Staggering security updates is just a joke."

"Reportedly it was a Google Engineer who discovered the current "data stealing" flaw in Adobe Flash, yet that hive of morons is not able to come up with a working distribution mechanism to deploy security updates to each and every client world-wide at the very same time (ther "at the very same time" actually refers to the idiotic staged roll-outs through the Play Store in Android).

Microsoft, in comparison, has done a whole lot of things totally wrong in the past and recently, but their update distribtuion is a prime example of how to do things absolutely right. Hell... even Mozilla has a working update system for the browser.

And since Chrome failed to update Pepper Flash for MORE than 24h AFTER Adobe released the update packages... Google Chrome wiped off my computers for as long as they have no idea what "security" and "update distribution" means; jacking jaws about it in blog articles to vent hot air is not a working security and update deployment strategy.

Google's slowly worse than Microsoft and Oracle combined."

"I decided to just leave my PC with the Chrome opened and wait untill it updates.
Guys from Google - SHAME ON YOU!!!
You make dozens of people from all around the world vulnerable against threats from the web, because one of you decided to run Flash Update through components update on this Patch Tuesday, without updating version of the Chrome itself. And I bet you guys know about this problem, hours pass one by one, and people still have outdated plugins. And still no action. Google is one of the largest companies in the world with millions $ income, you say security is your number one priority and you can't update a plugin? How is that? This is a disrespect, stupid of you."
Tags: google

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded