Re: Windows Update: A single point of failure for the world's economy?
From: Barry Fitzgerald (bkfsec_at_sdf.lonestar.org)
Date: Thu, 04 Sep 2003 10:57:37 -0400 To: Paul Schmehl <firstname.lastname@example.org>
Paul Schmehl wrote:
> --On Sunday, August 31, 2003 09:01:49 PM +0200 Stefano Zanero
> <email@example.com> wrote:
>> Enabling a world-wide auto-update feature does indeed seem much of a
>> security risk to me.
> More of a risk than up2date for RedHat or emerge -u system for
> Gentoo? Or cvsup for *BSD?
I don't think that it's the existance of the autoupdate feature in the
first place that is the problem, but the fact that they're thinking
about making it impossible to turn off. Mandating patches and removing
the control to stop them from being applied - either from the end user
or the administrator - is a seriously bad thing. Having methods of
easily updating your system, on the other hand, is a good thing.
And I'll be the first to say that any existing mature package management
system (by this I mean RPM's and DEB files) for *nix systems is far more
"fault tolerant" than MS Windows' patching methodology. That's not to
say that I haven't installed RPMs in the past that have caused me
trouble - I have. But, rather, that the issues have been fewer and
easier to resolve, in my experience. Try remotely diagnosing an issue
with RPM roll-out versus an issue with an MS patch roll-out and you'll
see the difference - it's as clear as day.
And I'm not just talking about patches which make a system
non-bootable. To limit "problems with patches" to mean "making a
system non-bootable" is to only consider one of the worst possible
results of patching. Patching can have other problematic results that
don't show up immediately. That's the problem with having mixed DLLs
and other files on the system. Diagnosing problems like this stemming
from Microsoft released patches can be really troublesome sometimes.
But, that's just the difference between the way that MS Windows is
engineered and the way that GNU/Linux is engineered.
So, yes, I do consider patching MS Windows systems to be more of a risk
than patching RedHat or Gentoo systems - and by extension an autoupdater
is also more of a risk. That's just my experience.
Having said that, I don't allow any of my systems to automatically
update. I prefer to have more control than that.