Google’s Project Zero seems to have created a problem for Microsoft, as the tech giant has accused Google of making its Window 8.1 flaws public prior to when the company got to fix issues.
Last year Google (NASDAQ:GOOG) came up with Project Zero, a development strategy that was started with the plan of pointing out and fixing security loop holes on websites that were previously not being seen to. These security issues were becoming a barrier between Google users and safe surfing on the website, which was why Google Inc. came up with this initiative. This project is being carried out by a group of engineers appointed by the company itself, who seek bugs that are on soft-wares and other services available on the internet. Upon finding such issues that are a threat to the security of the website, the Project Zero team then gives a 90-day period notice to the concerned company to fix the bug.
In case the issue is not fixed in the said time period, Google then makes the issue public which is a threat to the company whose flaws are being publicized as it puts a bad impression on the company’s name and effects the business.
Initially the dominating search giant thought that 90-days period were enough for a company to fix its bugs and issues, but as many companies hoped for extra time to fix their concerning issues, Google has considered extending the time period.
The California-based company has also considered extending the fixed time period for companies on weekends and public holidays.
Keeping all that in mind, when Google exposed Microsoft’s Windows 8.1 flaws to the public two days before the given time period, this infuriated the company and accused Google to have made a personal hit. Microsoft also said that this act of Google will have an adverse effect on the customers of the company and on the new windows that they have launched.
According to a report, however, it has been revealed that Microsoft was the one at fault which is why the revealing company exposed their flaws to the public. The internet company however, gave an argument about how their deadline for exposure of security flaws is perfect as compared to the others in the same industry. The Zero Day Initiative provides a time period of 190 days, to fix issues whereas Carnegie’s Mellon’s CERT only gives a short time period of 45 days before exposing the company’s security loop holes to the public.
No comments:
Post a Comment