-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
long day. no patience left. hate slashdot. have no energy to temper my
thoughts with niceness. reader beware. ;-)
On Tuesday 04 February 2003 09:47, Trevor Lauder wrote:
> Keeping your systems patched in this particular situation would not have
> help anyone really.
<snip a bunch of stuff talking about MS servers>
1. I care about my systems being cracked because I rely on them.
2. I care about other's systems being cracked because 0wn3d systems are a
threat to my bandwidth. Otherwise, I couldn't care less about anyone else's
systems.
3. I don't care about servers running MS software, or any other non-Free
software because they are beyond hope.
4. Keeping your Free Software systems patched (this is a list about Linux and
other Free Softwares, remember? ;) will help.
> Patching is a flawed approach to security,
ergo we shouldn't apply updates? "the car shouldn't break down, so when it
does why bother fixing it."
if you don't want to patch your systems and are fine with taking my network
down due to laziness/fear/stupidity, allow me to visit your network with my
hatchet so that i can disconnect your network from the world. turn about is
fair play and such attitudes as "i'd rather pay the expense of taking the
network down" have no place on a shared resource. i don't want to pay the
expense for you taking the world's network down. nor should i have to.
> programming it the right way
> the first time is how programming needs to be done...
i can't remember: are you a software developer?
if so, what God or Goddess came down out of the heavens and blessed you with
this particular brand of perfection and/or delusion?
if you aren't a developer, i can understand your position. it's still wrong
though, due to not being based on anything resembling reality .
there are bad practices, better practices and best practices, but even best
practices rely on humans and humans do mess up once in a while. we are a
long, long, long ways off from having anything resembling "guarenteed to get
it right the first time"
> Sysadmins are afraid to patch there systems, and rightly so.
<tons more windows-related excuses for not patching systems removed>
these are not reasons why not to keep up with patches, these are reasons to
keep MS Windows systems off the Internet. i'm not afraid to patch my systems.
but then i don't run non-Free garbage, either. patching is automated, safe
(hello GPG!) and doesn't require reboots or other such annoyance.
so when i said "keep your systems patched" i was talking to the intended
audience of this list: people running Linux. virtually every worm i've seen
in the last several years exploits a known problem for which patches are
available (Linux or not). that means that if you kept up with your patches
your systems would've been safe. if you can't keep your system patched,
remove it from the Internet, switch to a system you can keep patched or pay
someone else to do it.
- --
Aaron J. Seigo
GPG Fingerprint: 8B8B 2209 0C6F 7C47 B1EA EE75 D6B7 2EB1 A7F1 DB43
"Everything should be made as simple as possible, but not simpler"
- Albert Einstein
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE+QL431rcusafx20MRAm4kAJ0UE0DriB18oMERJnR0c5UPr8rZmACZAbFi
rtqCUvfbDkgj/5eQSPXYzso=
=AFQ1
-----END PGP SIGNATURE-----
