On Sat, 30 Aug 2003 14:09:40 EDT, Joe Abley said: > That won't save them when the time required to download the patch set > is an order of magnitude greater than the mean time to infection.
This, in fact, is the single biggest thorn in our side at the moment. It's hard to adopt a pious "patch your broken box" attitude when the user can't get it patched without getting 0wned first... > Seems to me that it would be far more effective to simply prohibit > connection of machines without acceptable operating systems to the > network. That would send a more appropriate message to the vendor, too > (better than "don't bother to test before you release, we'll pay to > clean up the resulting mess"). Given the Lion worm that hit Linux boxes, and the fact there's apparently a known remote-root (since fixed) for Apple's OSX, what operating systems would you consider "acceptable"?
pgp00000.pgp
Description: PGP signature
