[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [RRG] What does incremental deployment mean
On Fri, 28 Mar 2008, Marshall Eubanks wrote:
By the way, Wikipedia says about Windows 2000
"More than eight years after its release, it continues to receive patches for
security vulnerabilities on a near-monthly basis."
So, there may be hope there after all. Still, my experience is that people
who are running old versions of code are
likely to also not be regularly updating them.
Isn't this whole discussion irrelevant?
Even if all Windows 2000 or XP users were applying security patches
(which they aren't), making a fundamental change as this cannot be
deployed as a security fix. By definition it is going to break a lot
of applications or at least change their communication patterns in
such a way that in the deployed base of O(million) various kinds of
bizarre apps and O(100 million) hosts the result would be a chaos.
There is no way any vendor could unilaterally deploy significant host
changes in a channel meant only for critical software updates for a
product well beyond its end-of-life cycle.
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg