[194616] in North American Network Operators' Group
Re: Please run windows update now
daemon@ATHENA.MIT.EDU (Brad Knowles)
Mon May 15 11:55:10 2017
X-Original-To: nanog@nanog.org
X-Barracuda-Envelope-From: brad@shub-internet.org
From: Brad Knowles <brad@shub-internet.org>
In-Reply-To: <20170515150819.GA31705@e-fensive.net>
Date: Mon, 15 May 2017 10:48:46 -0500
To: "J. Oquendo" <joquendo@e-fensive.net>
Cc: nanog@nanog.org, Rich Kulawiec <rsk@gsp.org>
Errors-To: nanog-bounces@nanog.org
On May 15, 2017, at 10:08 AM, J. Oquendo <joquendo@e-fensive.net> wrote:
> Spot on. Shame on Microsoft for releasing patches and not
> forcing the installation versus letting security managers
> open up ISC^, and other nonsensical frameworks to do things
> like "change/patch management" tasks. I mean, who cares if
> one little patch knocks a business out of existence.
If Microsoft didn't open the security hole in the first place, then =
there wouldn't be a need to patch it afterwards.
Of course, there will always be patches that need to be applied, and =
people do have to decide what is a sane patching process. But if a =
patch can be completely avoided because they were more careful and =
rigorous in their development to begin with, then as a whole the world =
would be better off.
> I do believe Microsoft is directly responsible for making
> people such daft "To patch or not to patch" admins. Force
> feed patches on everyone! Then your next message will be:
> "I believe Microsoft is responsible for trillions of
> dollars by pushing out patches forcefully and negatively
> impacting businesses worldwide."
An ounce of prevention on their part would prevent a pound of cure =
having to be applied by everyone else in the world.
But then Microsoft couldn't extract their value from selling that pound =
of cure, so that would be another problem.
> Pain and anguish? I'm smiling and drinking coffee. I adore
> when security shenanigas occur. That is the sound of a cash
> register to me.
Not everyone licks their chops and thinks "fresh meat" when they see =
worldwide panic that results from a massive security hole like this.
Some of us just want to get regular work done.
--=20
Brad Knowles <brad@shub-internet.org>
