In comp.os.linux.advocacy, da...punk...A!!!
<dapunka@xxxxxxxxxxxxxx>
wrote
on 11 May 2007 05:05:53 -0700
<1178885153.853824.244500@xxxxxxxxxxxxxxxxxxxxxxxxxxx>:
>
> Roy Schestowitz wrote:
>> Microsoft should scrap Patch Tuesday
>>
>> ,----[ Quote ]
>> | So where do we go from here? Back to the future. The value of
>> | the predictability of the monthly schedule simply doesn't
>> | outweigh the danger to customers posed by the flaws that go
>> | unpatched for three or four weeks between cycles.
>
> I was always baffled by the fact that MS's corporate customers wanted
> a monthly patch day. Ok, I understand that it was a lot of work for
> sysadmins to keep up with the constant flood of updates they had to
> deal with before. But we're talking about /corporate/ customers - with
> valuable data on their systems. They would prefer to have known
> vulnerabilities on their computers left unpatched for up to a month
> rather than hire more support staff? Crazy...
>
Presumably, corporate types like to plan a month in advance
for any unplanned downtime created by the patches. :-)
(Or anything else.)
Of course support staff costs upwards of $5000/month.
Depending on the value of their data, that may not justify
the additional expense. Then again, it's a risk/games
theory strategy -- and one hopes they know enough games
theory to calculate when it makes sense to hire that staff,
especially since a number of problems can be caused by
corrupt staff (embezzlement, holding data hostage, etc.)
But it does leave data at risk -- and some of that data
may not, strictly speaking, be theirs (e.g., credit card
numbers).
White House leaks are leaked by staff. Some of them might
be authorized leaks -- a term that might make sense in
Washington, D.C. -- and some of them are not.
Moles and double agents are also mentioned in the
context of CIA spy thrillers, as well as "bugs" -- and
one of their modern equivalents, keyloggers. A simple
"man-in-the-middle" adapter device -- about the size
of a common DIN5-to-PS2 adapter cable -- can capture
every keystroke and relay it by radio to a nearby
hidden receiver. It even has power, courtesy of the
user's computer. (Not much power, to be sure -- but one
doesn't need much.)
It would be naive to think that the conditions leading to
"leaks" and turncoats are limited to government-sponsored
espionage. There's not a lot Linux can do about moles
and turncoats, or keystroke-capturing adapters.
Welcome to the New World Order.
--
#191, ewill3@xxxxxxxxxxxxx
Windows Vista. Because a BSOD is just so 20th century; why not
try our new color changing variant?
--
Posted via a free Usenet account from http://www.teranews.com
|
|
