> Not sure exactly but this may be one of those things to
> charge a subscription
> for. If you want the download version go right ahead but if
> you want the
> security updates you still need to buy into the subcription service.
Simiar to what Red Hat is doing, although your wording
implies that updates are *ONLY* available to those who
pay, which I don't like.
> This is were mandrake comes in. They are basicly charging for
> access to thier
> servers and timely updates to any security issues. If the
> download users
> don't choose ot pay for this service then maybe the updates
> can be put in a
> public download area after say 2 or 3 weeks. Or maybe don't
> make the updates
> available at all to non subscribers. The real user's out ther
> could always
> get the source and compile there own.
Egads, this sounds horrible. Especially for security
updates, but also for bug fixes and such.
Imagine a really bad exploit is found in something. An
updated package is released the next day to subscribers,
they all apply it and are fine. The following day (and
for the next 2-3 weeks while non-subscribers wait for an
update), it spreads like wildfire across the Internet,
making use of all the non-updated (non-subscribing)
MandrakeFirewall systems. This just gave
MandrakeFirewall a *HORRIBLE* reputation as being
insecure, because they chose not to provide updates for
people that didn't pay them money. Sounds like a good
way to kill a productline/reputation/company, if you
ask me.
> I have to admit I like the 2 or 3 week plan the best. Maybe
> even a month.
> That way business and security consious useres get imediate
> access to the
> updates and the casual users still are able to get the same
> upadates later
> on. Seeing as casual useres are not as prone to attack this
> might be a good
> comprimise. And just think about this red hat charges
> everyone for thier
> updates.
Well, this isn't quite accurate. I haven't paid a dime
to Red Hat since I bought RH52 a couple years ago, and I
am able to mirror their 7.1 update tree without
difficulty. They're charging for an automated update
service, not the updates themselves. They can't charge
for the software, it's (mostly) all GPL'd, remember? =)
> One last option might also be to have an update cd released
> every 3 or 4
> months maybe sooner for big security issues. Kind of like
> mandrake freq. Make
> the cd imediatly available to those that subscribe to the
> service but the
> rest of the publick has to wait maybe for a quarterly release.
This almost sounds good. I'd like to see those that
subscribe get a CD delivered snail-mail to them on a
regular basis, and those who don't have to either grab
the ISO or not have access to a new CD it at all, leaving
them in the normal position of having to apply individual
updates by hand.
Don Head
SAIR LCA, CIW-P, Network+, A+
Systems Administrator [ [EMAIL PROTECTED] ]
Web Designer [ 1 314 997-7847 ]
[ AIM - Don Wave ] [ ICQ - 18804935 ] [ Yahoo - Don_Wave ]
