mailing list archives
Re: What do you want your ISP to block today?
From: Valdis.Kletnieks () vt edu
Date: Sat, 30 Aug 2003 14:53:46 -0400
On Sat, 30 Aug 2003 14:09:40 EDT, Joe Abley said:
That won't save them when the time required to download the patch set
is an order of magnitude greater than the mean time to infection.
This, in fact, is the single biggest thorn in our side at the moment. It's hard
to adopt a pious "patch your broken box" attitude when the user can't get it
patched without getting 0wned first...
Seems to me that it would be far more effective to simply prohibit
connection of machines without acceptable operating systems to the
network. That would send a more appropriate message to the vendor, too
(better than "don't bother to test before you release, we'll pay to
clean up the resulting mess").
Given the Lion worm that hit Linux boxes, and the fact there's apparently a
known remote-root (since fixed) for Apple's OSX, what operating systems would
you consider "acceptable"?