Verily I say unto thee, that Doug Mentohl spake thusly:
> The best protection against vulnerabilities is to keep software
> updated, but most open source lacks update services ..
Blankenhorn must still be drunk from New Year, to post this garbage,
especially given that he is supposedly a Linux /user/, and should
therefore know that every major distro provides a single-point update
service, not only for the OS, but also for the entire base of
applications that come with that distro.
After one commenter pointed out this obvious flaw in his assertion, he
then replied "in the enterprise arena these are routinely turned
off", whilst again rather disingenuously ignoring the fact that
/sysadmins/ apply said updates instead (using the same service).
The situation under Windows (regardless of the license for any given
software) is somewhat more dire, since the only component which is
usually updated automatically (whether one wishes this to happen or not
[*]) is the OS itself.
Nearly every /application/ under Windows needs to be either updated by
manually downloading the update from that application vendor's Website;
semi-automatically updated by running a separate update program for each
and every application (if such a program is provided); or automatically
updated using a separate background daemon for each and every
application (again, if such a daemon is provided) - thus slowing the
Windows startup to a crawl, as dozens of "updaters" all compete for disk
and network IO to perform their separate updates.
The level of manual intervention required, and the diverse variability
of the update method, means that in reality few Windows systems run
current versions of any third-party software. Of course, an even bigger
stumbling block is the fact that performing this update often requires
more than just manual intervention, it also requires a credit card,
since in order to remain current it is often necessary to /buy/ these
upgrades from third-party software vendors (depending upon circumstances).
I can only assume that Blankenhorn somehow expects all FOSS to contain a
Windows-esque "update me now" button on each and every application,
since any other update method doesn't really count (in his estimation).
I'm usually supportive of Blankenhorn scribblings, but this article is
uninformed FUD at best, and a blatant lie at worst.
[*] http://slated.org/windows_by_stealth_the_updates_you_dont_want
--
K.
http://slated.org
.----
| "At the time, I thought C was the most elegant language and Java
| the most practical one. That point of view lasted for maybe two
| weeks after initial exposure to Lisp." ~ Constantine Vetoshev
`----
Fedora release 8 (Werewolf) on sky, running kernel 2.6.25.11-60.fc8
00:47:07 up 59 days, 8:29, 4 users, load average: 0.00, 0.02, 0.09
|
|