Full Disclosure mailing list archives

RE: Bill Gates blames the victim


From: "Schmehl, Paul L" <pauls () utdallas edu>
Date: Wed, 3 Sep 2003 14:10:57 -0500

-----Original Message-----
From: Robert Ahnemann [mailto:rahnemann () affinity-mortgage com] 
Sent: Wednesday, September 03, 2003 1:08 PM
To: Lim Swee Tat
Cc: full-disclosure () lists netsys com
Subject: RE: [Full-disclosure] Bill Gates blames the victim

Its not so much that I like to patch.  I personally have 
never had a problem with a patch messing up a system here at 
work.  I'm sure there are some cases where there might be 
conflicts, no doubt.  I think you might be inflating the 
severity of the 'problems' with any given patch. I don't 
think it's straight to compare a patch problem with something 
like Nachia or Blaster.  

You should try patching more often or more systems.  We had a Solaris
system just the other day that took eight hours to patch.  We had to
back some out and redo them.  Others we could only back out because they
failed utterly.  We've had Windows systems that completely croaked on
some patches.  Others are simply unpatchable, because if you patch them,
the application they run (which is their raison d'etre) is unusable once
the system is patched.

Patching is not nearly as trivial or as easy as some would like to make
it out to be.  But those with little or no real experience are always
eager to throw their two cents in anyway.

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/ 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Current thread: