
Full Disclosure mailing list archives
Re: Getting Off the Patch
From: "Thor (Hammer of God)" <thor () hammerofgod com>
Date: Tue, 18 Jan 2011 18:39:24 +0000
On Mon, 17 Jan 2011 22:29:13 GMT, "Cal Leeming [Simplicity Media Ltd]" said:Most people wouldn't rely solely on patch day to protect their systems/networkYou're in for a surprise.
One, as Cal pointed out, you cut out the context of what he said/meant. And two, so what if they do? At least they are patching. If security is the goal, then advocate for security in depth. From a security standpoint, patching is better than not patching. Period. If you have controls in place to mitigate exposure, then they should be combined with patching. Are you taking the position that the level of "being surprised" at the number of people who only patch dictates that they stop patching and try to successfully implement other controls so they don't have to patch? Playing "whack a mole" was entertaining, but in all seriousness, your responses to this thread have been confusing to me. Any security model that not only advocates non-patching, but that is designed with the intent of not patching is completely retarded. I defy anyone to provide verifiable evidence to the contrary that is not based on a server and a couple of workstations. Even the self-proclaimed "marketing" guy who admitted he didn't know how to patch couldn't come up with a single shred of substantiating research to support anything different. Comparing his "research" to Einstein and general relativity is a level of ass-hattery that rivals some of the worst on the list. So when I see you apparently supporting the idea, as someone who normally provides some sort of empirical backing to his statements, I become interested in what factors lead you to that conclusion. t _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Getting Off the Patch, (continued)
- Re: Getting Off the Patch Thor (Hammer of God) (Jan 14)
- Re: Getting Off the Patch Pete Herzog (Jan 17)
- Re: Getting Off the Patch Thor (Hammer of God) (Jan 17)
- Re: Getting Off the Patch Pete Herzog (Jan 17)
- Re: Getting Off the Patch Thor (Hammer of God) (Jan 17)
- Re: Getting Off the Patch Cal Leeming [Simplicity Media Ltd] (Jan 17)
- Message not available
- Re: Getting Off the Patch Cal Leeming [Simplicity Media Ltd] (Jan 17)
- Re: Getting Off the Patch Thor (Hammer of God) (Jan 17)
- Re: Getting Off the Patch Valdis . Kletnieks (Jan 18)
- Re: Getting Off the Patch Cal Leeming [Simplicity Media Ltd] (Jan 18)
- Re: Getting Off the Patch Thor (Hammer of God) (Jan 18)
- Re: Getting Off the Patch coderman (Jan 18)
- Re: Getting Off the Patch phocean (Jan 18)
- Re: Getting Off the Patch coderman (Jan 18)
- Re: Getting Off the Patch Christian Sciberras (Jan 18)
- Re: Getting Off the Patch Cal Leeming [Simplicity Media Ltd] (Jan 19)
- Re: Getting Off the Patch Christian Sciberras (Jan 19)
- Re: Getting Off the Patch Cal Leeming [Simplicity Media Ltd] (Jan 19)
- Re: Getting Off the Patch Valdis . Kletnieks (Jan 18)
- Re: Getting Off the Patch Thor (Hammer of God) (Jan 18)
- Re: Getting Off the Patch Cor Rosielle (Jan 19)