| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: rahnemann at affinity-mortgage.com (Robert Ahnemann) Subject: Bill Gates blames the victim On Thu, 2003-09-04 at 01:51, Robert Ahnemann wrote: > >Again, the message is M$ should fix their software. Trying to automate > >the patch cycle without the permission of the user is and still does > not > >solve the initial problem. > > Good point, but my emphasis was on people obtaining the patches in the > first place. While yes, they might be unreliable, they at least cover > the publicized exploit. When was the last time that a worm was > extensively spread via an undocumented hole, or even a hole that was > documented and never patched? MS is good about fixing what it finds. > Whether or not those fixes cause further issues which require patching > is a separate issue. As long as the patch is ahead of the virus, where > does the accountability really fall? >It's great that you think that way... So the last I heard, a patch >eventually caused machines all over the place to shut down >automatically. From the way you are gushing about the merits of >patching, I believe you'll rather that happens than that your machine >gets hacked, while I believe there is realistically no difference, and >would rather have the machine up for another day/month. Its not so much that I like to patch. I personally have never had a problem with a patch messing up a system here at work. I'm sure there are some cases where there might be conflicts, no doubt. I think you might be inflating the severity of the 'problems' with any given patch. I don't think it's straight to compare a patch problem with something like Nachia or Blaster.
Powered by blists - more mailing lists